使用结构化保证案例模型的软件保证。

IF 1.5 4区工程技术 Journal of Research of the National Institute of Standards and Technology Pub Date : 2010-06-01 Print Date: 2010-05-01 DOI:10.6028/jres.115.013

Thomas Rhodes, Frederick Boland, Elizabeth Fong, Michael Kass

{"title":"使用结构化保证案例模型的软件保证。","authors":"Thomas Rhodes, Frederick Boland, Elizabeth Fong, Michael Kass","doi":"10.6028/jres.115.013","DOIUrl":null,"url":null,"abstract":"Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.","PeriodicalId":17039,"journal":{"name":"Journal of Research of the National Institute of Standards and Technology","volume":null,"pages":null},"PeriodicalIF":1.5000,"publicationDate":"2010-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.6028/jres.115.013","citationCount":"32","resultStr":"{\"title\":\"Software Assurance Using Structured Assurance Case Models.\",\"authors\":\"Thomas Rhodes, Frederick Boland, Elizabeth Fong, Michael Kass\",\"doi\":\"10.6028/jres.115.013\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.\",\"PeriodicalId\":17039,\"journal\":{\"name\":\"Journal of Research of the National Institute of Standards and Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2010-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.6028/jres.115.013\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Research of the National Institute of Standards and Technology\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://doi.org/10.6028/jres.115.013\",\"RegionNum\":4,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2010/5/1 0:00:00\",\"PubModel\":\"Print\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Research of the National Institute of Standards and Technology","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.6028/jres.115.013","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2010/5/1 0:00:00","PubModel":"Print","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

摘要

软件保障是软件开发过程中降低风险、确保软件可靠和值得信赖的重要组成部分。软件缺陷和弱点通常会导致软件错误和失败，并被恶意用户利用。测试、认证和鉴定传统上用于软件保证过程，试图提高软件的可信度。在本文中，我们研究了一种被称为结构化保证模型的方法，它被广泛用于保证系统安全，因为它可能应用于软件保证。我们描述了结构化保证模型，并研究了它在软件保证中的应用和使用。我们确定了这种方法的优点和缺点，并提出了进一步调查和测试的领域。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

摘要图片

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Software Assurance Using Structured Assurance Case Models.

Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Research of the National Institute of Standards and Technology Engineering-General Engineering

自引率

33.30%

发文量

期刊介绍： The Journal of Research of the National Institute of Standards and Technology is the flagship publication of the National Institute of Standards and Technology. It has been published under various titles and forms since 1904, with its roots as Scientific Papers issued as the Bulletin of the Bureau of Standards. In 1928, the Scientific Papers were combined with Technologic Papers, which reported results of investigations of material and methods of testing. This new publication was titled the Bureau of Standards Journal of Research. The Journal of Research of NIST reports NIST research and development in metrology and related fields of physical science, engineering, applied mathematics, statistics, biotechnology, information technology.