可信软件分析与测试研究进展*

以软件可信性问题为主攻目标,首先阐述了可信软件的五大主要特征,给出了可信软件分析方法、测试方法和步骤,并总结了各个方法的缺点,重点对可信软件测试方法进行了分类总结和对比分析,同时给出了相应方法的测试工具;其次论述了可信软件的验证方法;最后进行了总结,并对今后可信软件分析和测试研究作出了展望。     

软件可信评估综述

软件可信评估是近年来计算机科学的一个新的研究热点和难点,对软件可信评估的研究有助于促进软件产业的振兴与发展。首先分析了软件可信评估的必要性;然后对可信评估的研究现状进行综述,主要包括体现可信的属性特征和软件可信等级的定义、软件可信评估模型、软件可信评估实现方案四个方面;同时分析了目前可信评估中存在的不足以及造成这些不足的根本原因;最后指出了可信评估的未来发展趋势。     

可信软件非功能需求形式化表示与可满足分析

可信软件的可信性由其功能需求和非功能需求共同来体现,其中,非功能需求的实现是可信软件获得用户对其行为实现预期目标能力的信任程度的客观依据.针对可信软件的重要性以及对可信软件的迫切需求,在可信软件的早期需求工程阶段,提出可信软件非功能需求驱动的过程策略选取方法.首先,对可信软件需求进行定义,提出由功能需求和非功能需求中的可信关注点构成可信需求,非可信关注点的非功能需求则定义为软目标,用于表达质量需求,基于模糊集合论和信息熵对可信软件非功能需求进行排序并获取可信关注点和软目标.在此基础上,提出可信软件非功能需求驱动的过程策略选取方法.传统的软件早期需求工程阶段的目标是为了获取满足需求的技术及设计决策,与此不同,本文对可信软件非功能需求进行分析的目标是获取过程策略,从过程角度解决可信软件生产问题.由于非功能需求间复杂的相关关系,尤其是因为存在冲突关系,故提出了基于可满足性问题求解方法推理过程策略的方法,选取满足可信软件非功能需求的过程策略.最后,通过第三方可信认证中心软件的案例,说明所提出方法的可行性.     

面向软件可信性的可信指针分析技术综述*

对可信指针分析技术的定义和描述、指针分析对软件可信性的保障、可信指针分析属性以及该领域主要研究成果等方面进行了综述。通过对现有可信指针分析技术的分析和比较,详细讨论了面向软件可信性的可信指针分析的关键技术;此外,重点介绍了流敏感指针分析及上下文敏感指针分析的方法和理论;最后对进一步研究工作的方向进行了展望。     

软件性能测试需求的获取方法综述

性能测试需求的质量直接影响性能测试的效果,在分析Web应用系统性能测试目的的基础上,提出性能测试需求描述要达到准确、一致和特定的要求,进一步明确性能测试需求必须要确定4W1H,即性能测试的需求必须包含where,what,when,who和how,并综述了几种有效的获取性能测试需求的方法。     

浅谈软件需求工程

软件需求工程是包括创建和维护软件需求文档所必需的一切活动的过程,可分为需求开发和需求管理两大工作。需求开发包括需求获取、需求分析、需求定义和需求验证四个阶段,本文将本别对这几个阶段的活动进行阐述。     

知识引导的软件可信性需求的提取

软件系统的可信性已经成为一个受到广泛关注的焦点问题.开发可信的软件系统的前提是在需求阶段提取恰当的可信性需求.能否提取出足够好的软件可信性需求,不仅依赖于需求工程师对未来软件系统可能面临的威胁的认识,还依赖于其对各种威胁有效的应对措施的了解和掌握.目前缺少系统化的方法指导软件可信性需求的提取.文中提出一个软件可信性需求...     

情景感知的软件需求获取与建模技术综述

情境感知的移动应用能够适应用户当前状态,因此这类应用越来越受到青睐。但由于上下文情景的维度是无数的,这使得获取和建模情境感知系统的情景需求成为一大挑战。本文通过文献综述的方法,旨在:(1)发现有哪些情境感知的需求获取与建模方法;(2)评估这些方法的技术转移成熟度。通过对所选择的61篇相关文献,进行数据抽取和分析综合,本文总结并识别出11种需求获取的方法、10种需求建模的方法以及它们的技术转移现状。结果显示:(1)最受欢迎的情景感知需求获取方法是用例和场景,而最常用的情境感知需求建模方法则是面向目标的方法;(2)在大多数相关文献中的需求获取与建模技术的技术成熟度都不高,不利于其面向工业界进行技术转移。     

一种从组织业务数据中获取软件需求的方法

针对隐藏于组织业务海量数据中的隐性软件需求获取提出一种方法。该方法的基本思想是：组织业务海量数据中隐含软件需求,它是以隐性知识形式存在于海量数据中的,隐性知识利用的解决方案就是组织及利益相关者对待开发软件系统的要求（软件需求）。首先,构建一个完整的、无冲突的、正确的待开发软件系统目标及其关系模型,并在待开发系统目标指导下,利用数据挖掘技术对数据进行挖掘,从中发现隐性知识;然后,识别知识的有用性和可用性;最后为可用性知识的利用提供解决方案。进而获取隐藏于大量数据中的隐性软件需求．     

Special issue on trustworthy systems and software

Software Quality Journal -     

Toward trustworthy software systems

Organizations such as Microsoft's Trusted Computing Group and Sun Microsystems' Liberty Alliance are currently leading the debate on "trustworthy computing." However, these and other initiatives primarily focus on security, and trustworthiness depends on many other attributes. To address this problem, the University of Oldenburg's TrustSoft Graduate School aims to provide a holistic view of trustworthiness in software - one that considers system construction, evaluation/analysis, and certification - in an interdisciplinary setting. Component technology is the foundation of our research program. The choice of a component architecture greatly influences the resulting software systems' nonfunctional properties. We are developing new methods for the rigorous design of trustworthy software systems with predictable, provable, and ultimately legally certifiable system properties. We are well aware that it is impossible to build completely error-free complex software systems. We therefore complement fault-prevention and fault-removal techniques with fault-tolerance methods that introduce redundancy and diversity into software systems. Quantifiable attributes such as availability, reliability, and performance call for analytical prediction models, which require empirical studies for calibration and validation. To consider the legal aspects of software certification and liability, TrustSoft integrates the disciplines of computer science and computer law.     

Building trustworthy software agents

As agents become more active and sophisticated, the implications of their actions become more serious. With today's GUIs, user and software errors can often be easily fixed or undone. An agent performing actions on behalf of a user could make errors that are very difficult to "undo", and, depending on the agent's complexity, it might not be clear what went wrong. Moreover, for agents to operate effectively and truly act on their users' behalf, they might need confidential or sensitive information. This includes financial details and personal contact information. Thus, along with the excitement about agents and what they can do, there is concern about the resulting security and privacy issues. It is not enough to assume that well-designed software agents will provide the security and privacy users need; assurances and assumptions about security and privacy need to be made explicit. This article proposes a model of the factors that determine agent acceptance, based on earlier work on user attitudes toward e-commerce transactions, in which feelings of trust and perceptions of risk combine in opposite directions to determine a user's final acceptance of an agent technology.     

基于本体的可信软件演化框架模型*

为系统化地考虑开放环境对软件可信性的影响和驱动作用,提出了一种基于本体空间并支持动态演化的框架模型。该模型采用本体空间的方法解决用户、系统和环境三者之间交互的语义问题,在此基础上,通过预定义的规则对软件行为的可信性和自主调整的必要性进行评估,依据评估结果从微观层次的规约制导和宏观层次的人机协同在软件生命周期内对其调整、配置与修正。应用实例及测试结果验证了该框架模型的有效性与可行性。     

An adaptive and trustworthy software testing framework on the grid

Grid computing, which is characterized by large-scale sharing and collaboration of dynamic distributed resources has quickly become a mainstream technology in distributed computing and is changing the traditional way of software development. In this article, we present a grid-based software testing framework for unit and integration test, which takes advantage of the large-scale and cost-efficient computational grid resources to establish a testbed for supporting automated software test in complex software applications. Within this software testing framework, a dynamic bag-of-tasks model using swarm intelligence is developed to adaptively schedule unit test cases. Various high-confidence computing mechanisms, such as redundancy, intermediate value checks, verification code injection, and consistency checks are employed to verify the correctness of each test case execution on the grid. Grid workflow is used to coordinate various test units for integration test. Overall, we expect that the grid-based software testing framework can provide efficient and trustworthy services to significantly accelerate the testing process with large-scale software testing.

Modeling and analyzing mixed communications in service-oriented trustworthy software

Communication is an essential part of service-oriented trustworthy software.The actual communication mechanism among services adopts asynchronous communications and supports broadcast communications.However,in order to achieve a better performance in analysis and verification,most existing formal languages rely on the strong hypothesis:the communication between services is synchronous.In this paper,we propose a novel model,which can model synchronous communications,asynchronous communications and broadcast communications in a uniform way.Moreover,we investigate the preservation problem of the weak termination and deadlocks of a composite service under the hierarchical communication models.     

面向可信软件的风险评估方法

风险管理逐渐成为开发高质量软件过程中的重要的组成部分。风险评估作为风险管理的重要活动之一,是风险控制的前提。贝叶斯网络作为风险管理的有力工具之一,是处理不确定性的有效方法。结合贝叶斯网络与模糊理论,提出一种风险评估方法,首先使用贝叶斯网络对影响可信软件的风险因素进行风险概率评估,然后利用模糊综合评价法进行风险综合影响评估。该方法用于软件项目的风险评估,为开发高质量的可信软件提供新策略。