CN101833504A - Timing sequence software quality defect detection method and system based on model detection - Google Patents
Timing sequence software quality defect detection method and system based on model detection Download PDFInfo
- Publication number
- CN101833504A CN101833504A CN201010150917A CN201010150917A CN101833504A CN 101833504 A CN101833504 A CN 101833504A CN 201010150917 A CN201010150917 A CN 201010150917A CN 201010150917 A CN201010150917 A CN 201010150917A CN 101833504 A CN101833504 A CN 101833504A
- Authority
- CN
- China
- Prior art keywords
- model
- source code
- sequential
- detected
- defect
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention relates to software quality defect detection method and system based on static analysis, belonging to the technical field of computer information safety. The detection method comprises the concrete steps as follows: firstly, inputting detected source codes, and selecting a defect mode according to the detected source codes; secondly, pre-processing the detected source codes; thirdly, carrying out control flow graph compression on merged source codes; fourthly, determining whether defects exist in the mode of an original detected program; fifthly, treating results, i.e., converting the position information of a termination status of detected source program codes to the position information of the original source codes; and sixthly, outputting, i.e., showing final determined result to users. The detection method and system can find software defects in advance, shorten software development cycle, save development cost and improve software quality, directly positions the detected program source codes, accurately positions the defects, and can improve the test efficiency and reduce false alarm rate.
Description
Technical field:
The present invention relates to a kind of technology that in software source code, detects defective, specifically relate to a kind of software quality defect detection method, belong to the computer information safety technique field based on static analysis.
Background technology:
High speed development along with infotech, software product (application program from the operating system of bottom to high level) size of code is increasing, program design becomes increasingly complex, itself exist a large amount of mass defect, endangering availability, reliability and the security of infosystem, therefore how detecting the defective that may exist in the software program becomes the focus that present areas of information technology are shown great attention to.
The detection method of quality defect of software is a lot, and the angle whether needs are carried out tested software according to can be divided into two kinds: a kind of is dynamic analysis technology, finds the defective that it may exist by the actual operation procedure code; A kind of is the static analysis technology, its unactual operation code and just by checking that statically code is to find out potential defective.
Static analysis is to come method that source code or dis-assembling code inventory are examined manually or by automated detection system.Static analysis automated software defect detecting system commonly used is for example: RATS, ITS4 and the PMD that checks the java code.Above-mentioned robotization code defect detecting system principle of work is as follows: use Hook Function, during trigger condition in running into the User Defined attribute, utilize one " hook " to call corresponding analytic function and judge whether to have run counter to the attribute of giving.Though this method can be found defective in software quality detects, still exist significant disadvantages: the completeness that, can not guarantee disfigurement discovery; Two, false wrong defect report occupies the majority, and expends a lot of extra human and material resources and goes further to analyze examination; Three, for the descriptive power deficiency of defective, the defective of some type can not be described well; Four, do not have the ability that the journey of striding across is analyzed, for of overall importance, more delicate defective, then powerless.
Summary of the invention
It is a kind of based on model testing that the object of the invention is to provide, analysis ability is strong, defect location is accurate, rate of false alarm is low, readable high software quality defect detection method and system, thereby satisfy the requirement of analyzing various code defectives, reach the defective of quick discovery software, shorten software development cycle, improve software quality, the saving software development cost.
For achieving the above object, the invention provides a kind of sequential software quality defect detection method based on model testing, its improvement is: the concrete steps of described method are as follows:
Steps A, import detected source code, and select defect mode according to described detected source code;
Step B, described detected source code is carried out pre-service;
Step C, the source code model that has been combined are controlled the flow graph compression;
Step D, judge that whether the final state in the automat of said defect mode can reach in the corresponding security model, if described final state can reach, judges that there is defective in described detected source code program in the modeling of described detected original program; If described final state is unreachable, judge that then there is not defective in described detected source code program;
Step e, result treatment: the positional information of the source program code final state that detected among the step D is converted to positional information in original source code;
Step F, output: final judged result output is shown the reading for the user.
Another optimal technical scheme of a kind of sequential software quality defect detection method based on model testing of the present invention is: described step B comprises:
B1, the described detected source code file of analysis, and generate the control flow graph;
If the described detected source code program of B2 is made up of a plurality of code files, then generate control flow graph separately earlier, will control the flow graph file again and be merged into an overall situation control flow graph file;
B3, according to the control flow chart modeling that generates.
An optimal technical scheme again of a kind of sequential software quality defect detection method based on model testing of the present invention is: compression comprises among the described step C:
C1, will delete with the described defect mode content that it doesn't matter in the described detected source code model;
C2, the described source code model of state equivalent is merged.
The 4th optimal technical scheme of a kind of sequential software quality defect detection method based on model testing of the present invention is: detected source code described in the described step C carries out the source code model compression according to selected defect mode in described steps A.
The invention provides a kind of sequential quality defect of software detection system based on model testing, its improvement is: described system comprises source code model maker, sequential defect mode storehouse, source code model compressor reducer, temporal model verifier and result-generation module, described sequential defect mode storehouse connects source code model maker and temporal model verifier, described source code model maker connects the temporal model verifier through described source code model compressor reducer, and described temporal model verifier leads to result-generation module.
Another optimal technical scheme of a kind of sequential quality defect of software detection system based on model testing of the present invention is: described source code model maker is with a kind of formal state automata model of being converted into of detected source code.
An optimal technical scheme again of a kind of sequential quality defect of software detection system based on model testing of the present invention is: described sequential defect mode storehouse be used to store the sequential defective and with the formalization language to the modeling of described sequential Symptom, thereby the sequential defect mode that is formed for detecting.
The 4th optimal technical scheme of a kind of sequential quality defect of software detection system based on model testing of the present invention is: described source code model compressor reducer uses the sequential defect mode that detected programming system model is compressed.
The 5th optimal technical scheme of a kind of sequential quality defect of software detection system based on model testing of the present invention is: source code model and described defect mode after described temporal model verifier will compress compare check, judge whether described detected program has run counter to defect mode.
The 6th optimal technical scheme of a kind of sequential quality defect of software detection system based on model testing of the present invention is: described result-generation module is converted into the form that the testing staff can be understandable with the output of temporal model verifier
Beneficial effect of the present invention: method and system of the present invention advance to exploitation coding stage with the discovery of software defect from the stage of finishing, and save cost of development, improve software quality; Directly navigate in the detected program source code, be user-friendly to and analyze; Tested program is compressed, improved the software quality checkability; The control flow model of abstract program is shown the understanding on the increase user is directly perceived by graphical; Rate of false alarm is low, and readable strong, easy to operate, defect location is accurate.
Technical term:
(1) software quality guarantee: a kind of planned, systematized action model provides abundant trust necessary for project or product meet the prior art demand; Design is used for estimating one group of activity of the process of developing or manufacturing a product.
(2) software defect: software does not reach the function that product description is indicated; Software product description occurred and has indicated the mistake that can not occur; Software function exceeds product description and indicates scope; Though software do not reach product description is not pointed out but should reach target or software test person think the software indigestion, be difficult for using, travelling speed is slow, perhaps the final user thinks bad.The software issue that satisfies one of above-mentioned five kinds of situations then is called software defect.
(3) model testing: model testing is the formalization method whether a kind of checking system satisfies given attribute.So-called formalization method is exactly to describe and verification system with the method for mathematics and logic in principle.From describing, be divided into to the description of system with to the description of the property of system, can describe with one or more language.Descriptive language comprises automat, calculates the tree logic, linear time temporal logic, and process algebra, π-calculation, μ-calculation, special program language, and the subclass of program language etc.From checking, mainly contain two class methods, a class is based on reasoning from logic, and is another kind of then based on exhaustive search.The exhaustive search method is referred to as model testing.
(4) control flow graph: this control flow chart is the diagrammatic representation of program control structure, its fundamental element is procedure block, node, judgement, difference between control flow chart and the program flow diagram is in control flow chart, the details of procedure for displaying piece not, and in program flow diagram, focus on the description of procedure attribute.
(5) sequential logic: sequential logic is used for the reasoning to concurrent program, is included in the attribute of prover under the situation of considering the axiomatics of the behavior of independent statement in the description program.They can describe incident order in time, introduce the time without explicitly.
(6) Kripke model: if the implication of a sequential logic expression formula always can determine that so such structure just is called as the Kripke model by the state transition graph of the tape label of a finite state system.The Kripke structure is a tlv triple M=<S, R, L 〉, S represents state set here, and RSS represents whole transformational relations, and L:SP (AP) is that each state among the sign S is genuine atomic proposition set in next group of this state.Here AP is one group of atomic proposition name.
(7) LTL, linear time temporal logic: sequential logic a kind of is CTL
*Subclass.State Tree is regarded as finite strip or the infinitely set of paths, and a paths is being represented the once possible ruuning situation of system.
Description of drawings
Fig. 1 is the structural representation of system of the present invention;
Fig. 2 is the workflow diagram of system of the present invention.
Embodiment
The concrete steps of a kind of sequential software quality defect detection method based on model testing that provides of the present invention are as follows:
Steps A, import detected source code, and select defect mode according to described detected source code.
Step B, described detected source code is carried out pre-service, step B specifically comprises:
B1, the described detected source code file of analysis, and generate the control flow graph;
If the described detected source code program of B2 is made up of a plurality of code files, then generate control flow graph separately earlier, will control the flow graph file again and be merged into an overall situation control flow graph file;
B3, according to the control flow chart modeling that generates.
Step C, the certificate source code model that selected defect mode has been combined in described steps A are controlled the flow graph compression, and this compression specifically comprises:
C1, will delete with the described defect mode content that it doesn't matter in the described detected source code model;
C2, the described source code model of state equivalent is merged.
Step D, judge that whether the final state in the automat of said defect mode can reach in the corresponding security model, if described final state can reach, judges that there is defective in described detected source code program in the modeling of described detected original program; If described final state is unreachable, judge that then there is not defective in described detected source code program;
Step e, result treatment: the positional information of the source program code final state that detected among the step D is converted to positional information in original source code;
Step F, output: final judged result output is shown the reading for the user.
As shown in Figure 1, a kind of sequential quality defect of software detection system based on model testing provided by the invention comprises: source code model maker, sequential defect mode storehouse, source code model compressor reducer, temporal model verifier and result-generation module, sequential defect mode storehouse connects source code model maker and temporal model verifier, the source code model maker connects the temporal model verifier through the source code model compressor reducer, and the temporal model verifier leads to result-generation module.
The source code model maker: this module major function is to detected source code system modelling, with a kind of formal state automata model of being converted into of detected source code, so that the back checks it whether to satisfy given defect mode.Generally speaking, use one the expression various systems common framework---converting system (Transition System) comes system is carried out modeling, and this converting system also can be regarded as a kind of Kripke structure.It is five-tuple M=(S, ∑, a S
0, Δ, L), wherein:
S system state (system variable, channel, state of a control etc.);
The action of ∑ system or input character;
The transformational relation of system to each state s ∈ S in the system, exists ε ∈ ∑ and t ∈
S has (s, ε, t) ∈ Δ;
The portrayal of state characteristic in the L system, S → P (AP) is that next group of each state place state of sign is the set of genuine atomic proposition.Here AP is one group of atomic proposition set to system's particular community portrayal.
The operation of M can be expressed as a unlimited status switch ρ=s
0s
1s
2, s wherein
i∈ S, s
0∈ S
0And, (s is arranged to all i ∈ N
i, ε
i, s
I+1) the ∈ Δ.
The control flow graph model of native system service routine, being about to detected program source code control flow graph model conversation is state automata.Be expressed as P=(Q, ∑, Γ, Δ, Q
0, γ
0, F), Q here, Q
0Represent state set respectively with F, original state and end-state, they all only comprise a state s}, promptly the not conversion of existence here only is to use the symbol stack to come the representation program execution route; ∑ is an input character, and it is the set of controlling limits all in the flow graph, just all expression formulas in the program here; Γ is a stack symbol, is the set of points all in the control flow graph, the just point of the program in the program; γ
0Being initial stack symbol, is the entrance of program generally speaking.Δ is the transformational relation of PDA for this reason, obtains by following algorithm: to the limit in all control flow graphs
IF expression e adds conversion neither function call neither be returned return by function
IF expression e call function f then adds conversion
IF expression e is that function returns return, then adds conversion
Interpolation rule through above-mentioned transformational relation has just realized the conversion of programmed control flow graph to state automata.
Sequential defect mode storehouse: this storehouse is used to store a large amount of sequential defectives, promptly mass defect codes such as the bad programming custom of in actual program exploitation, finding, programmed logic error code summarize abstract, the formalization language sequential defect mode that modeling is formed for detecting to the sequential Symptom then.The specific descriptions method is: wishing that the attribute that system will satisfy uses specific forms to express, use sequential logic to come representation attribute usually, this method can expression system state dynamic variation characteristic.Below sequential logic and classification thereof are inquired into.Sequential logic is a branch of the logic of modality, and it can describe incident order in time, and introduces the time without explicitly.Sequential logic can be divided into linear time temporal logic LTL and calculate tree logic CTL according to the different modes of their branches in handling potential calculating tree.CTL
*It is a sequential logic that has made up branching time and linear session operator.For above two kinds of sequential logics, their difference at first is to understand different to the essence of time.Linear time temporal logic is regarded the time as a series of moment, and each possibility calculating path of a system is considered to separate; On the contrary, branch's sequential logic has proposed on the point several selectable future worlds are arranged preset time, and all these these future worlds are considered to concurrent, and all calculating paths of such system are considered to simultaneously.Secondly system property of paying close attention to is also different, and LTL pays close attention to is attribute on system's execution route, and it is described as path expression, and CTL then pays close attention to the attribute under system's given state, and it is described as the state expression formula.Their ability to express is also different at last, though all be CTL
*Subclass, but CTL expresses " fairness " attribute aspect scarce capacity, and the LTL logic is at the attribute of expressing E " existence " type, such as expression
The time also powerless.Native system adopts LTL to describe defect mode.
The source code model compressor reducer: this module major function is to use defect mode that detected programming system model is compressed, and the procedural model that promptly offers verifier is the state automata that generates on the programmed control flow graph that compressed.The method of taking to compress mainly is the consideration of checkability, if detected software program code file is bigger, then Dui Ying control flow graph will increase sharply, and be easy to exceed the time and the space constraint of model detector.Compression process mainly is at defect mode, if it doesn't matter for content in the discovery system model and defect mode, then deletes, and reaches the purpose of pressure source code model size.Compression process main according to being if state equivalent then merge into same state.With the privilege mode in the LINUX system is example: state (ruid, euid, suid, fsuid, rgid, egid, sgid, fsgid) with state (ruid, euid, suid, rgid, egid sgid) is relation of equivalence, can merge into a state.Reason is as follows: component fsuid, euid, fsgid, egid to state set analyze: except process self was called the value that setfsuid changes fsuid, the value of fsuid equated with the value of euid usually in the LINUX system; Similar with fsuid, except process self was called the value that setfsgid changes fsgid, the value of fsgid equated with the value of egid usually.Therefore when process discharges privilege, think state (ruid, euid, suid, fsuid, rgid, egid, sgid, fsgid) be equivalent to (ruid, euid, suid, rgid, egid, sgid).
The temporal model verifier: this module major function is that source code model and described defect mode after the compression are compared check, judges whether whether described detected program has run counter to defect mode, promptly exist mass defect.Native system adopts LTL model testing method, and the Kripke structure of expression system directly correspondence becomes a canonical ω automat, represents that with A then L (A) has represented all possible behavior of system; Then the sequential logic expression formula is converted into B ü chi automat, represents with S, L (S) has represented the system action that this attribute allows down; The process that model detects judges whether exactly
Judge promptly whether all behaviors of system all belong to the scope that attribute allows.Yet find the solution
Too difficulty is just got benefit with L (S), i.e. the behavior that attribute is run counter in expression, and checkout procedure changes to judges whether L (A) ∩ L (S) is empty.For then expression system of sky satisfies attribute, for the empty language representation who then accepts system to possible the running counter to of attribute.
Result-generation module: this module major function is that the output with the temporal model verifier transforms, and is expressed as the form that the testing staff can understand.The model testing device is output as formal model, and promptly the representation of state automata uses the user of this system to be difficult to understand the meaning of expression, can't determine that also there is the particular location of defective in detected program.Work by this module can directly navigate to the output result of model testing device in the detected program source code, is user-friendly to and analyzes.
The development environment of the inventive method and system can be selected: RedHat LINUX9 operating system; The integrated developing instrument eclipse of JAVA; The operation of RedHat LINUX9, jdk1.4, gcc3.2 and debugging enironment;
Suppose that source code file to be detected is b.c, defect mode is m.fsa, just provides the idiographic flow of this file of check below, as shown in Figure 2:
The steps A input: detected source code file is b.c, and the defect mode of selection is m.fsa;
Step B pre-service: source code file f.c to be detected is analyzed and generates the control flow graph, if program to be detected is made up of a plurality of code files, then behind each self-generating control flow graph, their control flow graph file then is merged into an overall situation control flow graph file, and modeling;
Step C compression: be that the control flow graph that has been combined compresses then.Use defect mode m.fsa that the source code model that generates is compressed;
Step D detects: judge in the automat of describing defect mode final state with the corresponding security model of original program in whether can reach, if final state can reach, then program may have been run counter to defect mode, promptly has defective;
Step e result treatment: because defective and the positional information in code thereof are to be produced from the source code model of compression by model detector,, therefore need convert them to original source code positional information, make things convenient for customer analysis for understanding these information;
Step F output: the user reads the result of output and analyzes, and determines whether defective exists and the location.
Claims (10)
1. sequential software quality defect detection method based on model testing, it is characterized in that: the concrete steps of described method are as follows:
Steps A, import detected source code, and select defect mode according to described detected source code;
Step B, described detected source code is carried out pre-service;
Step C, the source code model that has been combined are controlled the flow graph compression;
Step D, judge that whether the final state in the automat of said defect mode can reach in the corresponding security model, if described final state can reach, judges that there is defective in described detected source code program in the modeling of described detected original program; If described final state is unreachable, judge that then there is not defective in described detected source code program;
Step e, result treatment: the positional information of the source program code final state that detected among the step D is converted to positional information in original source code;
Step F, output: final judged result output is shown the reading for the user.
2. a kind of sequential software quality defect detection method according to claim 1 based on model testing,
It is characterized in that: described step B comprises:
B1, the described detected source code file of analysis, and generate the control flow graph;
If the described detected source code program of B2 is made up of a plurality of code files, then generate control flow graph separately earlier, will control the flow graph file again and be merged into an overall situation control flow graph file;
B3, according to the control flow chart modeling that generates.
3. a kind of sequential software quality defect detection method based on model testing according to claim 1 is characterized in that: compression comprises among the described step C:
C1, will delete with the described defect mode content that it doesn't matter in the described detected source code model;
C2, the described source code model of state equivalent is merged.
4. a kind of sequential software quality defect detection method based on model testing according to claim 1 is characterized in that: detected source code described in the described step C carries out the source code model compression according to selected defect mode in described steps A.
5. sequential quality defect of software detection system based on model testing, it is characterized in that: described system comprises source code model maker, sequential defect mode storehouse, source code model compressor reducer, temporal model verifier and result-generation module, described sequential defect mode storehouse connects source code model maker and temporal model verifier, described source code model maker connects the temporal model verifier through described source code model compressor reducer, and described temporal model verifier leads to result-generation module.
6. a kind of sequential quality defect of software detection system based on model testing according to claim 5 is characterized in that: described source code model maker is with a kind of formal state automata model of being converted into of detected source code.
7. a kind of sequential quality defect of software detection system according to claim 5 based on model testing, it is characterized in that: described sequential defect mode storehouse is used to store the sequential defective and uses the formalization language to the modeling of described sequential Symptom, thus the sequential defect mode that is formed for detecting.
8. a kind of sequential quality defect of software detection system based on model testing according to claim 7 is characterized in that: described source code model compressor reducer uses the sequential defect mode that detected programming system model is compressed.
9. a kind of sequential quality defect of software detection system according to claim 5 based on model testing, it is characterized in that: source code model and described defect mode after described temporal model verifier will compress compare check, judge whether described detected program has run counter to defect mode.
10. a kind of sequential quality defect of software detection system based on model testing according to claim 5 is characterized in that: described result-generation module is converted into the form that the testing staff can be understandable with the output of temporal model verifier.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010150917.1A CN101833504B (en) | 2010-04-19 | 2010-04-19 | Timing sequence software quality defect detection method and system based on model detection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010150917.1A CN101833504B (en) | 2010-04-19 | 2010-04-19 | Timing sequence software quality defect detection method and system based on model detection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101833504A true CN101833504A (en) | 2010-09-15 |
| CN101833504B CN101833504B (en) | 2015-04-15 |
Family
ID=42717580
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010150917.1A Expired - Fee Related CN101833504B (en) | 2010-04-19 | 2010-04-19 | Timing sequence software quality defect detection method and system based on model detection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101833504B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102012991A (en) * | 2010-11-09 | 2011-04-13 | 北京神舟航天软件技术有限公司 | Static analysis-based checking method of safety rules of C language |
| CN102508766A (en) * | 2011-09-29 | 2012-06-20 | 中国航天科技集团公司第七一〇研究所 | Static analysis method of errors during operation of aerospace embedded C language software |
| CN103914374A (en) * | 2012-12-31 | 2014-07-09 | 梁彬 | Program slicing and frequent pattern extraction based code defect detection method and device |
| CN105022692A (en) * | 2015-08-06 | 2015-11-04 | 四川大学 | Deadlock detection verification method |
| CN105204997A (en) * | 2015-09-30 | 2015-12-30 | 首都师范大学 | Software defect detection method and device |
| CN108038056A (en) * | 2017-12-07 | 2018-05-15 | 厦门理工学院 | A kind of software defect detecting system based on asymmetric classification assessment |
| CN109508412A (en) * | 2018-11-20 | 2019-03-22 | 中科驭数(北京)科技有限公司 | A kind of the calculating flow graph construction method and device of time Series Processing |
| CN109582567A (en) * | 2018-11-07 | 2019-04-05 | 深圳竹云科技有限公司 | A kind of software defect mode research method based on static analysis |
| CN111124901A (en) * | 2019-12-12 | 2020-05-08 | 常州大学 | Resource leakage detection method based on Android resource table |
| CN111488276A (en) * | 2020-04-07 | 2020-08-04 | 北京航空航天大学 | Software reliability testing method and device based on code tracking |
| CN112464174A (en) * | 2020-10-27 | 2021-03-09 | 华控清交信息科技(北京)有限公司 | Method and device for verifying multi-party secure computing software and device for verifying |
| CN114417332A (en) * | 2022-01-07 | 2022-04-29 | 西南交通大学 | Program credibility verification method and device for C program source code |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
| US20090106182A1 (en) * | 2007-10-22 | 2009-04-23 | Fujitsu Limited | Data flow analzying apparatus, data flow analyzing method and data flow analyzing program |
| JP2009230420A (en) * | 2008-03-21 | 2009-10-08 | Mitsubishi Electric Corp | Source code quality management device |
-
2010
- 2010-04-19 CN CN201010150917.1A patent/CN101833504B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090106182A1 (en) * | 2007-10-22 | 2009-04-23 | Fujitsu Limited | Data flow analzying apparatus, data flow analyzing method and data flow analyzing program |
| JP2009230420A (en) * | 2008-03-21 | 2009-10-08 | Mitsubishi Electric Corp | Source code quality management device |
| CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
Non-Patent Citations (1)
| Title |
|---|
| 张翀斌: "《基于模型检测技术的软件漏洞挖掘方法研究》", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102012991A (en) * | 2010-11-09 | 2011-04-13 | 北京神舟航天软件技术有限公司 | Static analysis-based checking method of safety rules of C language |
| CN102508766A (en) * | 2011-09-29 | 2012-06-20 | 中国航天科技集团公司第七一〇研究所 | Static analysis method of errors during operation of aerospace embedded C language software |
| CN102508766B (en) * | 2011-09-29 | 2014-12-17 | 中国航天科技集团公司第七一〇研究所 | Static analysis method of errors during operation of aerospace embedded C language software |
| CN103914374A (en) * | 2012-12-31 | 2014-07-09 | 梁彬 | Program slicing and frequent pattern extraction based code defect detection method and device |
| CN103914374B (en) * | 2012-12-31 | 2017-09-22 | 梁彬 | The aacode defect detection method and device extracted based on program slice and frequent mode |
| CN105022692A (en) * | 2015-08-06 | 2015-11-04 | 四川大学 | Deadlock detection verification method |
| CN105022692B (en) * | 2015-08-06 | 2017-12-01 | 四川大学 | A kind of Deadlock Detection verification method |
| CN105204997A (en) * | 2015-09-30 | 2015-12-30 | 首都师范大学 | Software defect detection method and device |
| CN105204997B (en) * | 2015-09-30 | 2018-10-19 | 首都师范大学 | software defect detection method and device |
| CN108038056B (en) * | 2017-12-07 | 2020-07-03 | 厦门理工学院 | Software defect detection system based on asymmetric classification evaluation |
| CN108038056A (en) * | 2017-12-07 | 2018-05-15 | 厦门理工学院 | A kind of software defect detecting system based on asymmetric classification assessment |
| CN109582567A (en) * | 2018-11-07 | 2019-04-05 | 深圳竹云科技有限公司 | A kind of software defect mode research method based on static analysis |
| CN109508412A (en) * | 2018-11-20 | 2019-03-22 | 中科驭数(北京)科技有限公司 | A kind of the calculating flow graph construction method and device of time Series Processing |
| CN109508412B (en) * | 2018-11-20 | 2019-12-20 | 中科驭数(北京)科技有限公司 | Method and device for constructing computation flow graph processed by time series |
| CN111124901A (en) * | 2019-12-12 | 2020-05-08 | 常州大学 | Resource leakage detection method based on Android resource table |
| CN111124901B (en) * | 2019-12-12 | 2024-03-15 | 常州大学 | Resource leakage detection method based on Android resource table |
| CN111488276A (en) * | 2020-04-07 | 2020-08-04 | 北京航空航天大学 | Software reliability testing method and device based on code tracking |
| CN111488276B (en) * | 2020-04-07 | 2021-07-27 | 北京航空航天大学 | Software reliability testing method and device based on code tracking |
| CN112464174A (en) * | 2020-10-27 | 2021-03-09 | 华控清交信息科技(北京)有限公司 | Method and device for verifying multi-party secure computing software and device for verifying |
| CN112464174B (en) * | 2020-10-27 | 2023-09-29 | 华控清交信息科技(北京)有限公司 | Method and device for verifying multi-party security computing software and device for verification |
| CN114417332A (en) * | 2022-01-07 | 2022-04-29 | 西南交通大学 | Program credibility verification method and device for C program source code |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101833504B (en) | 2015-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101833504B (en) | Timing sequence software quality defect detection method and system based on model detection | |
| Desharnais et al. | Metrics for labelled Markov processes | |
| US7971193B2 (en) | Methods for performining cross module context-sensitive security analysis | |
| Ferenc et al. | Extracting facts from open source software | |
| Almagor et al. | Formalizing and reasoning about quality | |
| CN112784501A (en) | Modeling system and method for residual life prediction model of equipment and prediction system | |
| Iqbal et al. | An Approach for Analyzing ISO/IEC 25010 Product Quality Requirements based on Fuzzy Logic and Likert Scale for Decision Support Systems | |
| CN116882978B (en) | Deep sea submersible operation and maintenance support system based on product information frame | |
| Cook et al. | Toward metrics for process validation | |
| Bhatti | Automatic measurement of source code complexity | |
| Gupta et al. | Dependency based process model for impact analysis: a requirement engineering perspective | |
| Bauer et al. | LTL goal specifications revisited | |
| Garro et al. | Modeling of system properties: Research challenges and promising solutions | |
| Ngo et al. | Ranking warnings of static analysis tools using representation learning | |
| Wu et al. | Verified decision procedures for modal logics | |
| Bucci et al. | Metrics and tool for system assessment | |
| CN113688403A (en) | Intelligent contract vulnerability detection method and device based on symbolic execution verification | |
| Li et al. | Automatically generating functional scenarios from SOFL CDFD for specification inspection | |
| Chardigny et al. | Quality-driven extraction of a component-based architecture from an object-oriented system | |
| Griffith | Design pattern decay: a study of design pattern grime and its impact on quality and technical debt | |
| Jarraya et al. | Formal specification and probabilistic verification of SysML activity diagrams | |
| El Qortobi et al. | Test generation tool for modified condition/decision coverage: model based Testing | |
| Kerboeuf et al. | Specification and verification of a steam-boiler with Signal-Coq | |
| Yang et al. | A multi-components approach to monitoring process structure and customer behaviour concept drift | |
| Szwed | Efficiency of formal verification of ArchiMate business processes with NuSMV model checker |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180228 Address after: 430000 Hubei city of Wuhan Province, East Lake New Technology Development Zone, Road No. 1 Optics Valley Software Park 41 A1 11 storey building No. 02 Patentee after: Wuhan Hua Yaxingtong Information Technology Co., Ltd Address before: 100085 Building No. 8, No. 1 West Road, Beijing, Haidian District Patentee before: Zhang Libin |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150415 Termination date: 20180419 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |