It is difficult to formalize the causes of vulnerability, and there is no effective model to reveal the causes and characteristics of vulnerability. In this paper, a vulnerability model construction method is proposed...It is difficult to formalize the causes of vulnerability, and there is no effective model to reveal the causes and characteristics of vulnerability. In this paper, a vulnerability model construction method is proposed to realize the description of vulnerability attribute and the construction of a vulnerability model. A vulnerability model based on chemical abstract machine(CHAM) is constructed to realize the CHAM description of vulnerability model, and the framework of vulnerability model is also discussed. Case study is carried out to verify the feasibility and effectiveness of the proposed model. In addition, a prototype system is also designed and implemented based on the proposed vulnerability model. Experimental results show that the proposed model is more effective than other methods in the detection of software vulnerabilities.展开更多
This paper analyzes and studies the form and the ability of the Chemical Abstract Machine, or CHAM, ondescribing the system software architecture. After some expanding, the CHAM is applied to describe formally thesoft...This paper analyzes and studies the form and the ability of the Chemical Abstract Machine, or CHAM, ondescribing the system software architecture. After some expanding, the CHAM is applied to describe formally thesoftware architecture of command and control system. It is expected that the specification of the system requirementsand the software test plan would be automatically generated from the formal software architecture description in thelevel of software architecture.展开更多
基金Supported by the National Natural Science Foundation of China(61202110 and 61502205)the Project of Jiangsu Provincial Six Talent Peaks(XYDXXJS-016)
文摘It is difficult to formalize the causes of vulnerability, and there is no effective model to reveal the causes and characteristics of vulnerability. In this paper, a vulnerability model construction method is proposed to realize the description of vulnerability attribute and the construction of a vulnerability model. A vulnerability model based on chemical abstract machine(CHAM) is constructed to realize the CHAM description of vulnerability model, and the framework of vulnerability model is also discussed. Case study is carried out to verify the feasibility and effectiveness of the proposed model. In addition, a prototype system is also designed and implemented based on the proposed vulnerability model. Experimental results show that the proposed model is more effective than other methods in the detection of software vulnerabilities.
文摘This paper analyzes and studies the form and the ability of the Chemical Abstract Machine, or CHAM, ondescribing the system software architecture. After some expanding, the CHAM is applied to describe formally thesoftware architecture of command and control system. It is expected that the specification of the system requirementsand the software test plan would be automatically generated from the formal software architecture description in thelevel of software architecture.