首页    期刊浏览 2024年12月12日 星期四
登录注册

文章基本信息

  • 标题:Development a mathematical model for the software security testing first stage
  • 本地全文:下载
  • 作者:Serhii Semenov ; Zhang Liqiang ; Cao Weiling
  • 期刊名称:Eastern-European Journal of Enterprise Technologies
  • 印刷版ISSN:1729-3774
  • 电子版ISSN:1729-4061
  • 出版年度:2021
  • 卷号:3
  • 期号:2
  • 页码:24-34
  • DOI:10.15587/1729-4061.2021.233417
  • 语种:English
  • 出版社:PC Technology Center
  • 摘要:This paper reports an analysis of the software (SW) safety testing techniques, as well as the models and methods for identifying vulnerabilities. An issue has been revealed related to the reasoned selection of modeling approaches at different stages of the software safety testing process and the identification of its vulnerabilities, which reduces the accuracy of the modeling results obtained. Two steps in the process of identifying software vulnerabilities have been identified. A mathematical model has been built for the process of preparing security testing, which differs from the known ones by a theoretically sound choice of the moment-generating functions when describing transitions from state to state. In addition, the mathematical model takes into consideration the capabilities and risks of the source code verification phase for cryptographic and other ways to protect data. These features generally improve the accuracy of modeling results and reduce input uncertainty in the second phase of software safety testing. An advanced security compliance algorithm has been developed, with a distinctive feature of the selection of laws and distribution parameters that describe individual state-to-state transitions for individual branches of Graphical Evaluation and Review Technique networks (GERT-networks). A GERT-network has been developed to prepare for security testing. A GERT-network for the process of checking the source code for cryptographic and other data protection methods has been developed. A graphic-analytical GERT model for the first phase of software safety testing has been developed. The expressions reported in this paper could be used to devise preliminary recommendations and possible ways to improve the effectiveness of software safety testing algorithms.
  • 关键词:software;security testing;graphic-analytical model;cyber threats;software safety;data protection
国家哲学社会科学文献中心版权所有