A. А. Legkodumov, B. N. Kozeyev, V. V. Belikov, A. V. Korolkov
{"title":"分析软件更改对目标函数和安全函数影响的方法","authors":"A. А. Legkodumov, B. N. Kozeyev, V. V. Belikov, A. V. Korolkov","doi":"10.32362/2500-316x-2024-12-2-7-15","DOIUrl":null,"url":null,"abstract":"Objectives. This paper examines the various approaches to analyzing the impact of software changes, and suggests a new method using function control flows. Impact analysis of software change can require the investment of a lot of time and competence on the part of the expert conducting it. There is no detailed description of methodology for analyzing the impact of changes and it is not established at a legislative level. The proposed method has three aims: reducing the level of requirements for an expert when conducting software research; localizing code areas to establish defects in information protection functions; and reducing the time spent on analyzing the impact of changes.Methods. The study analyzes the common methods for analyzing software changes with a description of their positive and negative sides. The possibility of analyzing changes in the control flow of software functions is considered as an alternative to line-by-line comparison of the full volume of source codes. Represented as tree-shaped graphs, the control flows of different versions of the same software are subject to a merging procedure. The final result is analyzed by an expert from the research organization.Results. The research results of the software change analysis methods are presented with a description of their disadvantages. A description is given of the method for change analysis using function control. This complements existing methods, while eliminating their disadvantages. The study also analyzes the possibility of using this method beyond the tasks defined in the introduction.Conclusions. The use of methods to localize the most vulnerable code sections is considered one of the most promising areas for analyzing change impact. In addition to searching for vulnerable code sections, it is important to evaluate the effectiveness of the control flow comparison method in the analysis of source code when transferred to another code base.","PeriodicalId":282368,"journal":{"name":"Russian Technological Journal","volume":"33 2","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Methods for analyzing the impact of software changes on objective functions and safety functions\",\"authors\":\"A. А. Legkodumov, B. N. Kozeyev, V. V. Belikov, A. V. Korolkov\",\"doi\":\"10.32362/2500-316x-2024-12-2-7-15\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objectives. This paper examines the various approaches to analyzing the impact of software changes, and suggests a new method using function control flows. Impact analysis of software change can require the investment of a lot of time and competence on the part of the expert conducting it. There is no detailed description of methodology for analyzing the impact of changes and it is not established at a legislative level. The proposed method has three aims: reducing the level of requirements for an expert when conducting software research; localizing code areas to establish defects in information protection functions; and reducing the time spent on analyzing the impact of changes.Methods. The study analyzes the common methods for analyzing software changes with a description of their positive and negative sides. The possibility of analyzing changes in the control flow of software functions is considered as an alternative to line-by-line comparison of the full volume of source codes. Represented as tree-shaped graphs, the control flows of different versions of the same software are subject to a merging procedure. The final result is analyzed by an expert from the research organization.Results. The research results of the software change analysis methods are presented with a description of their disadvantages. A description is given of the method for change analysis using function control. This complements existing methods, while eliminating their disadvantages. The study also analyzes the possibility of using this method beyond the tasks defined in the introduction.Conclusions. The use of methods to localize the most vulnerable code sections is considered one of the most promising areas for analyzing change impact. In addition to searching for vulnerable code sections, it is important to evaluate the effectiveness of the control flow comparison method in the analysis of source code when transferred to another code base.\",\"PeriodicalId\":282368,\"journal\":{\"name\":\"Russian Technological Journal\",\"volume\":\"33 2\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-04-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Russian Technological Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32362/2500-316x-2024-12-2-7-15\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Russian Technological Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32362/2500-316x-2024-12-2-7-15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Methods for analyzing the impact of software changes on objective functions and safety functions
Objectives. This paper examines the various approaches to analyzing the impact of software changes, and suggests a new method using function control flows. Impact analysis of software change can require the investment of a lot of time and competence on the part of the expert conducting it. There is no detailed description of methodology for analyzing the impact of changes and it is not established at a legislative level. The proposed method has three aims: reducing the level of requirements for an expert when conducting software research; localizing code areas to establish defects in information protection functions; and reducing the time spent on analyzing the impact of changes.Methods. The study analyzes the common methods for analyzing software changes with a description of their positive and negative sides. The possibility of analyzing changes in the control flow of software functions is considered as an alternative to line-by-line comparison of the full volume of source codes. Represented as tree-shaped graphs, the control flows of different versions of the same software are subject to a merging procedure. The final result is analyzed by an expert from the research organization.Results. The research results of the software change analysis methods are presented with a description of their disadvantages. A description is given of the method for change analysis using function control. This complements existing methods, while eliminating their disadvantages. The study also analyzes the possibility of using this method beyond the tasks defined in the introduction.Conclusions. The use of methods to localize the most vulnerable code sections is considered one of the most promising areas for analyzing change impact. In addition to searching for vulnerable code sections, it is important to evaluate the effectiveness of the control flow comparison method in the analysis of source code when transferred to another code base.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
