Language of the Program Code Uniform Presentation for Searching Medium and High-Level Vulnerabilities: the Basic Provisions of Paradigm

Abstract

Purpose of the study: increasing the efficiency of an expert in searching for medium-level (in algorithms) and high-level (in architecture) vulnerabilities in the program code due to the innovative paradigm of the language for its presentation. Method: consists in the analysis of relevant works on the subject of approaches, methods and notations for representing algorithms and software architecture with highlighting the strengths and weaknesses of solutions, synthesizing the paradigm for the presentation of the program code and qualitatively assessing the effectiveness of each of the provisions of the paradigm (by contradiction method); efficiency is understood as a combination of its three indicators: the number of type I and II errors, the search time and the cognitive stress of the expert. The results obtained: description of the idea and 7 main provisions of the paradigm of the pseudocode language for a unified description of algorithms and architecture with the maximum necessary and minimum sufficient degree of formalization; the main practical significance of the representations of the program code obtained in this way is their intended use for analysis by an information security expert for the presence of medium and high-level vulnerabilities; also, for each position, their qualitative influence on the performance indicators of vulnerability search by an expert was established.