摘要
传统的软件成熟度评估侧重于对软件开发组织能力的评价,缺乏从软件成分方面对软件整体进行的评价,无法为软件开发者和使用者提供软件成分安全方面的参考。主要介绍了软件成分成熟度评估方法的模型和评估指标体系。从自研成分、商业授权成分和开源成分3个方面进行评估,通过计算3个成分的成熟度平均值得出综合等级,形成了一套完整的软件成分成熟度评估方法。该方法可以客观地反映软件成分成熟度的水平,同时为后续实施具体品类软件成分成熟度评估奠定了基础。
Traditional software maturity assessment focuses on evaluating the organizational capabilities of software development,and lacks overall evaluation of software from the aspect of software components,and cannot provide reference for software developers and users in terms of software component security.The software component maturity evaluation model and evaluation indicator system are mainly introduced.The evaluation is made from the three aspects of self-developed component,commercial license component and open source component.By calculating the maturity average of the three components,the comprehensive grade is obtained,and a complete software component maturity evaluation method is formed.This method can objectively reflect the level of software component maturity and lay the foundation for subsequent implementation of specific category software component maturity assessment.
作者
刘建
尚旭东
李晓静
张明娟
吴宸
LIU Jian;SHANG Xudong;LI Xiaojing;ZHANG Mingjuan;WU Chen(CEPREI,Guangzhou 511370,China)
出处
《电子质量》
2024年第6期1-4,共4页
Electronics Quality
关键词
软件成分
成熟度
自研成分
商业授权成分
开源成分
software component
maturity
self-developed component
commercially licensed component
open source component