| 基于复杂网络分析的软件高危缺陷评估方法 |
| |
| 引用本文: | 马皖王莹,;陈林,;陈芝菲,;王子元. 基于复杂网络分析的软件高危缺陷评估方法[J]. 计算机科学与探索, 2014, 0(8): 956-965 |
| |
| 作者姓名: | 马皖王莹, 陈林, 陈芝菲, 王子元 |
| |
| 作者单位: | [1]南京大学软件新技术国家重点实验室,南京210093; [2]南京大学计算机科学与技术系,南京210093; [3]南京邮电大学计算机学院,南京210023 |
| |
| 基金项目: | The National Natural Science Foundation of China under Grant Nos.61170071,61300054(国家自然科学基金);the Natural Science Foundation of Jiangsu Province of China under Grant Nos. BK2011190, BK20130879(江苏省自然科学基金);the Natural Science Foundation for Colleges and Universities in Jiangsu Province under Grant No.13KJB520018(江苏省高校自然科学基金项目). |
| |
| 摘 要: | 为了评估软件缺陷的风险,提出了一种基于复杂网络分析的软件缺陷评估方法。该方法首先用一个网络模型表达程序实体之间的关系,将源代码中的方法抽象为节点,方法间的调用关系抽象为有向边,以此构造程序源代码网络;然后分别用介数算法和PageRank算法计算造成软件缺陷的方法节点在源代码全局网络中的地位,由此评估缺陷的风险高低。实验结果表明,该方法在评估内部高危缺陷时有较好的效果,有助于提高软件开发维护人员对一些隐蔽高危缺陷的关注度,进而为后续修复缺陷与软件演化提供有益的线索。
|
| 关 键 词: | 复杂网络 高危缺陷 缺陷评估 介数 PageRank |
Software Severe Defects Evaluation Based on Complex Network Analysis |
| |
| Affiliation: | MA Wanwangying, CHEN Lin, CHEN Zhifei, WANG Ziyuan( 1. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093, China ;2. Department of Computer Science and Technology, Nanjing University, Nanjing 210093, China ;3. School of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210023, China) |
| |
| Abstract: | In order to evaluate the risk of software defects, this paper proposes an approach for defects evaluation based on complex network analysis. In this approach, a network model is used to express the relationship between entities, and the methods in source code and the call relations between them are extracted as nodes and directed edges respectively to construct the source code network. Then the importance of root cause nodes with respect to the whole network is computed by the betweenness centrality and PageRank, which is used to assess the severity of defects. The experimental results show that the approach has a good performance in evaluating inside software severe defects, which can help maintainers pay more attention to implicit severe defects and provide helpful reference to the program repair, thus supporting software evolution. |
| |
| Keywords: | complex network severe defects defects evaluation betweenness centrality PageRank |
| 本文献已被 维普 等数据库收录! |
|
