软件测试质量的度量

该文在详细分析了软件测试充分性和揭错能力度量理论后,根据软件质量的本质特性,提出一种更全面的软件测试质量度量方法———通过度量软件测试方法减低软件残留风险程度的能力来度量测试质量的新方法。     

软件测试过程的度量

过程中的跟踪和度量在软件开发中扮演着重要的角色，尤其是对软件测试。本文讨论了若干测试过程中度量方法，对每种度量法进行了介绍，并结合实测图示数据加以说明。最后对在质量管理中怎样使用过程度量方法给出了一些建议。     

软件测试过程的度量

过程中的跟踪和度量在软件开发中扮演着重要的角色,尤其是对软件测试。本文讨论了若干测试过程中度量方法,对每种度量法进行了介绍,并结合实测图示数据加以说明。最后对在质量管理中怎样使用过程度量方法给出了一些建议。     

目标驱动的软件测试度量方法研究

文中根据GSQM软件度量思想和相关软件度量理论结合软件测试过程的特殊性要求,提出基于目标驱动的软件测试度量方法(GSTM)。在度量信息需求的基础上主要研究了适合于软件测试度量的基本度量方法、派生度量方法和设计指示器的方法。文中是专门针对软件测试度量进行的研究,与传统的软件度量理论相比较,具有很强的针对性、实用性和可操作性。     

目标驱动的软件测试度量方法研究

文中根据GSQM软件度量思想和相关软件度量理论结合软件测试过程的特殊性要求，提出基于目标驱动的软件测试度量方法（GSTM）。在度量信息需求的基础上主要研究了适合于软件测试度量的基本度量方法、派生度量方法和设计指示器的方法。文中是专门针对软件测试度量进行的研究，与传统的软件度量理论相比较，具有很强的针对性、实用性和可操作性。     

软件测试性度量框架研究

针对当前软件测试性度量框架适用范围有限、无法扩展的问题,提出一个新的度量框架。分析软件测试性概念,使用层次分析法得到新的框架结构。总结框架扩展方法,将测试性特性和影响因素加入到框架以进行软件测试性度量。其稳定性保证了框架对任何软件都具有相同的测试性度量过程和计算方法,可扩展性使得框架能随着软件技术的发展不断完善,两者为框架的通用性提供了保证。     

基于正规三角模糊集相似度量的模糊推理

文章首先定义了正规模糊集相似度量的一般公式,然后给出了正规三角模糊集相似度量计算的简化公式,在正规三角模糊集相似度量的基础上,提出了一种新的模糊推理的方法——基于正规三角模糊集相似度量的模糊推理,并与Mamdani模糊推理方法做了比较。最后给出了模糊推理的仿真实现。     

软件测试的度量模型的研究应用

度量是软件过程及产品跟踪和监控的必要手段。好的度量方法可以对项目跟踪监控,节省资源,保证进度,提高客户的满意度。所以,提出软件测试的度量模型,并应用于项目中。该度量模型实现了从度量目标到度量结果的量化,使测试过程有目的、有计划地改进和实施,保证了软件质量和进度。     

基于过程度量的软件测试质量管理

软件测试验证软件是否符合用户需求,软件测试过程的科学管理是软件测试成功的重要保证,运用软件度量的方法量化软件测试过程,构造度量并分析过程度量数据的有效性;论述测试效率/软件缺陷作为软件测试工作量/成果指标的必要性,运用工作量/成果模型分析测试过程;通过量化软件相关属性实现过程度量的构造,实施度量后利用工作量/成果模型对度量结果进行分析,并对项目做出评估,并采取相应措施;在现有资源的情况下,实施质量管理,监控软件测试过程,实现软件测试过程的有效管理。     

基于块的测试充分性度量准则及其测试复杂性度量

1 引言近年来,计算机已广泛应用于银行、证券、工业控制、医疗、交通、航空、航天等领域。在这样的应用领域中,软件的正确性往往关系到人民生命财产和生态环境的安危。一旦软件发生故障,就可能造成生命财产的巨大损失和生态环境的极大破坏。所以,设计人员和使用人员都希望在将软件系统投入运行之前,能得到系统正确性的保证,或能将系统正确性提高到比较高的程度。以软件测试为中心的软件质量保障技术在软件生产实践中得到了迅速的发展,软件测试已成为软件生产中必不可少的质量保障手段。     

基于模糊评价方法的网络安全评价研究

针对网络安全性评价研究中的度量问题建立了基于ISO/IEC9126标准的网络安全指标体系模型.结合网络安全评价方法研究中的模糊性和不确定性等常见问题,首先以度量数据和各项指标计算公式为基础计算其指标值.其次,运用指标体系模型和模糊评价方法对评价指标进行模糊化处理.最后,结合各指标评价质量和模糊综合评价方法评价网络安全性.通过建立网络安全性评价模型,有效地解决了网络安全性的多指标评价问题,可用于指导相关人员进行网络安全方面改进.     

基于模糊集对分析的软件质量综合评价

模糊集对分析将待评价软件和理想软件组成一对集对,对这一集对作同异反决策分析,寻找与理想软件最接近的待评价软件,从而给出可行性待评价软件的优劣排序.基于ISO/EC9126软件质量度量模型,将模糊集对分析软件评价模型应用于软件质量的评价,实例表明,该评价模型具有客观性、实用性.     

基于IS027000网络信息安全风险评估系统的设计与实现

构建了一个基于IS027000的网络信息安全风险评估系统,该系统将“漏洞扫描型”与“政策对照型”评估相结合,实现了对内部网信息资产风险的自动化评估。文章介绍了系统的体系结构、开发模式与实现平台,分模块详述了系统的功能,并且对其采用的风险计算方法予以了说明。最后,提出了该软件的改进建议并分析了应用前景。     

软件过程评估与改进模型的比较

介绍了当今主要的软件过程评估与改进模型,比较了它们之间的异同和各自的优缺点.     

From the Guest Editor

Abstract

After Section 404 of the Sarbanes-Oxley Act (SOX 404) was released, developing a computer auditing system became more important for management and auditors. In this study, the researchers aim to: (1) explore the crucial control items of the purchasing and expenditure cycle in meeting the conditions of SOX 404; (2) develop a computer auditing system based on the recognized control items and requirements of SOX 404; and (3) validate the applicability of the system by using an ISO/IEC 9126 model in meeting organizational needs (ISO, 2001 International Organization for Standardization (ISO) (2001). ISO/IEC 9126-1:2001. http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=22749 (Accessed: 15 January 2006).  [Google Scholar]). The Gowin's Vee research strategy developed by Novak &; Gowin (1984) Novak, J. D. and Gowin, D. B. 1984. Learning How to Learn, Cambridge: Cambridge University. [Crossref] , [Google Scholar] was used in the study. In theory, researchers have identified eight operational procedures and 34 critical control items for the purchasing and expenditure cycle. The prototype computer auditing system of this study was then developed. On the experimental side, the researchers conducted two case studies based on the ISO/IEC 9126 software assessment criteria, the result of which showed that the system can provide company internal auditing personnel and their external auditors with a simple, continuous, timely, and analytical tool, which may promptly and effectively help in detecting problem control issues. We believe this study can contribute to the development of a sufficient and manageable computer auditing system, and provide prospective researchers and businesses with future directions in this subject area.     

中国在ISO/ IEC JTC1/ SC2 的活动与中文编码的国际标准化

标准化是实现技术产业化的基础。中文信息处理技术是我国特有的、具有国际领先水平的技术。我国自 20 世纪80 年代参与ISO/ IEC J TC1/ SC2 的活动以来,在中文编码技术的国际标准化工作中取得了显著成绩。本文介绍了ISO/ IEC J TC1/ SC2 的工作领域、工作方式和组织结构;我国参与ISO/ IEC J TC1/ SC2 及其下属该组织活动的方式;国际标准ISO/ IEC 10646 的大致情况和我国在参与此国际标准研制工作中取得的成绩、当前的工作和未来工作的计划。本文论述了我国参与本文ISO/ IEC J TC1/ SC2 活动的意义,以及我国在ISO/ IEC J TC1/ SC2 活动中的作用、地位和影响。作者还提出了对未来工作的建议。     

一个实用的软件质量评估模型

定义了一个实用软件质量评估模型,该模型包括两维：软件产品类型维和软件开发阶段维。该模型用于软件产品需求的定义、软件产品测试目标和计划的定义以及软件产品质量的评估。     

Benchmarking Kappa: Interrater Agreement in Software Process Assessments

Software process assessments are by now a prevalent tool for process improvement and contract risk assessment in the software industry. Given that scores are assigned to processes during an assessment, a process assessment can be considered a subjective measurement procedure. As with any subjective measurement procedure, the reliability of process assessments has important implications on the utility of assessment scores, and therefore the reliability of assessments can be taken as a criterion for evaluating an assessment's quality. The particular type of reliability of interest in this paper is interrater agreement. Thus far, empirical evaluations of the interrater agreement of assessments have used Cohen's Kappa coefficient. Once a Kappa value has been derived, the next question is “how good is it?” Benchmarks for interpreting the obtained values of Kappa are available from the social sciences and medical literature. However, the applicability of these benchmarks to the software process assessment context is not obvious. In this paper we develop a benchmark for interpreting Kappa values using data from ratings of 70 process instances collected from assessments of 19 different projects in 7 different organizations in Europe during the SPICE Trials (this is an international effort to empirically evaluate the emerging ISO/IEC 15504 International Standard for Software Process Assessment). The benchmark indicates that Kappa values below 0.45 are poor, and values above 0.62 constitute substantial agreement and should be the minimum aimed for. This benchmark can be used to decide how good an assessment's reliability is.     

Validating the external quality subcharacteristics of software products according to ISO/IEC 9126

The study statistically tests the proposition of the ISO/IEC 9126 standard that higher external quality (quality when software is executed) implies higher ‘quality in use’. For this purpose, the study based on 75 user survey data shows that individual external quality subcharacteristics are positively associated with user satisfaction as defined in ‘quality in use’. This study also investigates the external quality subcharacteristics that strongly influence user satisfaction. Our results provide guidance for the revision of the Standard as well as supporting management decisions (i.e., resource allocation) aimed at improving software product quality.     

The diffusion of anticipatory standards with particular reference to the ISO/IEC information resource dictionary system framework standard

In the late 1980s, traditional standards development organisations (SDOs) were moving toward creating anticipatory standards as a way of coping with the fast growth in new technology in the computing industry. The development of anticipatory standards (standards developed ahead of the technology) was seen as a possible way for the formal standards bodies to keep abreast of these rapid changes. By creating standards ahead of the technology, the standards would act as “change agents” and guide the market. Anticipatory standards were seen as one way of addressing the problem of arriving at suboptimal de facto standards. If the industry can be guided before the technology develops, this will encourage the use of optimal products. This paper considers the diffusion pattern of the ISO/IEC Information Resource Dictionary System (IRDS) Framework standard that fits into the category of an anticipatory standard. Comparisons are made between the diffusion patterns of the ISO/IEC IRDS standard and the ISO/IEC Open Standards Interconnection (OSI) Reference Model as they were both anticipatory in nature, both framework/reference standards, both originated at approximately the same time and were both developed in traditional standards development organisations.