CN102360464A - Software risk test and control method and system thereof - Google Patents
Software risk test and control method and system thereof Download PDFInfo
- Publication number
- CN102360464A CN102360464A CN2011103015024A CN201110301502A CN102360464A CN 102360464 A CN102360464 A CN 102360464A CN 2011103015024 A CN2011103015024 A CN 2011103015024A CN 201110301502 A CN201110301502 A CN 201110301502A CN 102360464 A CN102360464 A CN 102360464A
- Authority
- CN
- China
- Prior art keywords
- project
- risk
- information
- management object
- risk management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a software risk test and control method and a system thereof. The software risk test and control method comprises the following steps of: establishing a risk database; newly building a project and guiding the newly-built project into a WBS (Work Breakdown Structure) table; establishing risk management targets of the project; prompting a testing personnel to pre-process upcoming risks as early as possible because that risk is possible to generate when different roles are output at different stages according to the different roles and work tasks; changing project information; when the testing personnel meets risks which do not be prompted early in the project, directly searching countermeasures corresponding to the risks through a search engine by the testing personnel, so that a process solution suitable for the project is obtained according to a reasonable reference. The system comprises a risk database, a project information input module, a risk management target generating module, an authority identification and risk output module, an information changing and coping module and a risk search engine. The software risk test and control method is used for monitoring in real time and providing a risk control strategy; and the system can be used for reducing a period of the project and reducing the cost of the project.
Description
Technical field
The present invention relates to a kind of computer software testing method and system, the method and system of particularly a kind of software hazard test and control.
Background technology
Software test develops more than ten years in the software industry of China, but domestic test and management personnel in great shortage or perhaps experience is arranged, competent managerial personnel are in great shortage is a big problem of present software test circle.Help the method and system of test of tester's software hazard and control also not have at present; Therefore cause the tester in actual items because consider not in place or not comprehensive to various risks; Prediction to risk is untimely, and is to the processing of risk science not, not in place to risk management; Cause at last project extension, a large amount of do over again, midtrimester abortion, the user is dissatisfied even phenomenon such as complaint, makes the user descend to the degree of belief of software product.At present, to not being very clear and definite on the understanding of software test risk, or even ignore in a lot of middle-size and small-size test events, thereby it is interim to make risk, just urgent taking measures, but this kind situation risk is difficult to controlled already and solves.
Summary of the invention
Goal of the invention: the objective of the invention is to problem and shortage to above-mentioned existing existence provides and monitors and provide a kind of software hazard test of risk reply way and the method and system of control in real time to software hazard.
Technical scheme: the method for a kind of software hazard test and control comprises the steps:
1), make up vulnerability database, software hazard information and control strategy are prestored in the vulnerability database;
2), new project, and in new project the details of input test project, import in the WBS table (that is work breakdown structure (WBS) table) of test event;
3), newly-built risk management object: the project information of input is carried out standardization processing; Remove unnecessary character; Generate a risk management object to said new project; When said risk management object conflicts with the risk management object of other project, point out newly-built risk management object mistake, need rebulid the risk management object; When building risk management object does not have when conflict with the risk management object of sundry item, preserve the risk management object;
4), the user profile of importing based on the tester; The role of identification tester in test team; Produce corresponding role's preset browsing authority; And based on role's difference, the difference of task; Corresponding software hazard information and control strategy in the search vulnerability database; To search the output of software hazard information and control strategy; And feed back to the tester; The prompting different role possibly produce risk information in the disparity items stage, and these personnel of Zao prompting do preliminary treatment to upcoming risk as far as possible;
5), in the project implementation process, when the change of the informational needs of project, on the basis of original risk management object, carry out the input of fresh information; And whether the risk management object conflicts with the risk management object of sundry item after judging information-change, if conflict proposes mistake; Again changed information; If there is not conflict, again before produce a new risk management object on the basis of object, and the risk management object before preserving;
6), when running into some risks of not pointing out in advance in the project; Directly corresponding risk information of search and control strategy be (promptly in the vulnerability database through the risk search engine; Counter-measure); To search the output of risk information and control strategy, reasonable reference will be provided, thereby make the tester draw the processing scheme that is fit to this project risk to the tester.
A kind of system that realizes above-mentioned software hazard test and control method comprises vulnerability database, project information load module, risk management object generation module, authority recognition and risk output module, information-change reply module and risk search engine;
Said project information load module is used for the foundation of project, and newly-established project information is imported in the WBS table;
Said risk management object generation module is set up on the new projects basis at the project information load module; Generate the risk management object; Judgement conflicts; And preservation and the conflict free newly-generated risk management object of sundry item risk management object, avoid the risk management object of newly-generated risk management object and sundry item to repeat;
Said authority recognition and risk output module are through the role of user profile identification tester in test team of tester's input; Produce corresponding role's preset browsing authority; And based on role's difference, the difference of task; Trigger said risk search engine and in vulnerability database, search for corresponding software hazard information and control strategy, and will search software hazard information and control strategy output; Authority recognition and risk output module realize that the prompting different role possibly produce risk information in the disparity items stage, and these personnel of Zao prompting do preliminary treatment to upcoming risk as far as possible;
Said risk search engine is used for searching for the software hazard information and the control strategy of vulnerability database; Risk search engine feasible system is controlled project risk in advance with in real time, helps the tester to understand risk information and control strategy thereof in advance, and timely process software risk;
Said information-change reply module is used to change project information, carry out the conflict of project after changing and judge, and preserve former project and with the project after changing that sundry item does not conflict, prevent project and off-the-shelf item repetition after changing.
Beneficial effect: the method for software hazard test provided by the present invention and control monitors and provides the risk control strategy in real time to software hazard; Make the software test personnel carry out the preparation of reply software hazard ahead of time; Intervene risk profile, processing and the management of software as early as possible; The excessive loss of avoiding risk to cause as much as possible, thereby the cycle of shortening project, the cost of reduction project; The system of software hazard test provided by the present invention and control is easy to install and use; The helper applications tester is according to its role in team; Understand risk information and the control strategy thereof that to face in advance; And timely process software risk, thereby the cycle of shortening project, the cost of reduction project.
Description of drawings
Fig. 1 is the process flow diagram of the embodiment of the invention;
Fig. 2 is an embodiment of the invention fundamental diagram.
Embodiment
Below in conjunction with accompanying drawing and specific embodiment; Further illustrate the present invention; Should understand these embodiment only be used to the present invention is described and be not used in the restriction scope of the present invention; After having read the present invention, those skilled in the art all fall within the application's accompanying claims institute restricted portion to the modification of the various equivalent form of values of the present invention.
As shown in Figure 1, the step of the method for software hazard test and control is following:
1), make up vulnerability database, the risk information of software (like information such as the title of risk, type, attribute, stage of development) and the control strategy measure of process software risk (that is, how) are prestored in the vulnerability database;
2), a newly-built project; And in new project the details of input test project; Like item types, the project cycle, structure of personnel, software and hardware facilities, project budget information, new project is imported in the WBS table (that is work breakdown structure (WBS) table) of test event;
3), new project risk management object: the project information of input is carried out standardization processing; Promptly the form of unified project information makes it satisfy the output requirement, removes unnecessary character then; Generate one to the above-mentioned risk management object of building new projects; When building risk management object conflicts with the risk management object of other project, point out newly-built risk management object mistake, need rebulid the risk management object; When building risk management object does not have when conflict with the risk management object of sundry item, preserve the risk management object;
4), the user profile of importing based on the tester; The role of identification tester in test team; Tax is to its role's browse right that presets; And based on tester's role and task; Remove corresponding software hazard information of search and control strategy thereof in the vulnerability database; To search the output of software hazard information and control strategy; And feed back to the tester; Its said role of prompting tester possibly produce risk information in the disparity items stage, and these personnel of Zao prompting do preliminary treatment to upcoming risk as far as possible;
5), in the project implementation process, when the change of the informational needs of project, on the basis of original risk management object, carry out the input of fresh information; And whether the risk management object conflicts with the risk management object of sundry item after judging information-change, if conflict proposes mistake; Again changed information, if there is not conflict, again before produce a new risk management object on the basis of object; And the risk management object before preserving, also preserve new risk management object simultaneously;
6), when running into some risks of not pointing out in advance in the project; Directly corresponding risk information of search and control strategy thereof be (promptly in the vulnerability database through the risk search engine; Counter-measure); And will search risk information and control strategy output, to the tester reasonable reference is provided, thereby makes the tester draw the processing scheme that is fit to this project risk.
As shown in Figure 2, realize that above-mentioned software hazard is tested and the system of control method:
The project information load module is used for the foundation of project, and newly-established project information is imported in the WBS table.
Risk management object generation module is set up on the new projects basis at the project information load module, the risk management object of the generation and the project of preservation, and newly-built risk management object does not conflict with the risk management object of sundry item.
Authority recognition and risk output module are through the role of user profile identification tester in test team of tester's input; Produce corresponding role's preset browsing authority; And based on role's difference, the difference of task; Trigger said risk search engine and in vulnerability database, search for corresponding software hazard information and control strategy, and will search software hazard information and control strategy output; Authority recognition and risk output module realize that the prompting different role possibly produce risk information in the disparity items stage, and these personnel of Zao prompting do preliminary treatment to upcoming risk as far as possible.
The risk search engine is used for searching for the software hazard information and the control strategy of vulnerability database; Risk search engine feasible system is controlled project risk in advance with in real time, helps the tester to understand risk information and control strategy thereof in advance, and timely process software risk.
Said information-change reply module is used to change project information, and preserves after changing project and former project; Not said not conflicting after changing with sundry item.
Introduce the working method of the system (hereinafter to be referred as system) of software hazard test and control method according to Fig. 2: after the installation system; The tester at first sets up one or more new projects, and information such as cuit type, the project cycle, structure of personnel, software and hardware facilities, the project budget, system import above-mentioned project information in the WBS table of test event; System handles project information; Generate the risk management object of new project, and prevent not have and conflict, preserve conflict free risk management object with the risk management object of sundry item; System is according to tester's user profile; Judge its role and task in team, according to role's difference, the difference of task; The output different role possibly produce risk in the disparity items stage, and this tester of prompting as far as possible early does pre-service to upcoming software hazard through the risk search engine.
When the change of the informational needs of project, system again before produce a new risk management object on the basis of object, and the risk management object before preserving is also preserved new risk management object simultaneously.
When running into some risks of not pointing out in advance in the project, the risk search engine can call in system, to the tester reasonable reference is provided then.
Claims (2)
1. the method that software hazard is tested and controlled is characterized in that, comprises the steps:
1), make up vulnerability database, software hazard information and control strategy are prestored in the vulnerability database;
2), new project, and in new project the details of input test project, import in the WBS table of test event;
3), newly-built risk management object: the project information of input is carried out standardization processing; Remove unnecessary character; Generate a risk management object to said new project; When said risk management object conflicts with the risk management object of other project, point out newly-built risk management object mistake, need rebulid the risk management object; When building risk management object does not have when conflict with the risk management object of sundry item, preserve the risk management object;
4), the user profile of importing based on the tester; The role of identification tester in test team; Produce corresponding role's preset browsing authority; And based on role's difference, the difference of task; Corresponding software hazard information and control strategy in the search vulnerability database; To search the output of software hazard information and control strategy, the prompting different role possibly produce risk information in the disparity items stage;
5), in the project implementation process, when the change of the informational needs of project, on the basis of original risk management object, carry out the input of fresh information; And whether the risk management object conflicts with the risk management object of sundry item after judging information-change, if conflict proposes mistake; Again changed information; If there is not conflict, again before produce a new risk management object on the basis of object, and the risk management object before preserving;
6), when running into some in the project not in advance during risks of prompting, through risk search engine directly corresponding risk information of search and control strategy in the vulnerability database, will search the output of risk information and control strategy.
2. a system that realizes said software hazard test of claim 1 and control method is characterized in that: comprise vulnerability database, project information load module, risk management object generation module, authority recognition and risk output module, information-change reply module and risk search engine;
Said project information load module is used for the foundation of project, and newly-established project information is imported in the WBS table;
Said risk management object generation module is set up on the new projects basis at the project information load module, generates the risk management object, the judgement that conflicts, and preservation and the conflict free newly-generated risk management object of sundry item risk management object;
Said authority recognition and risk output module are through the role of user profile identification tester in test team of tester's input; Produce corresponding role's preset browsing authority; And based on role's difference, the difference of task; Trigger said risk search engine and in vulnerability database, search for corresponding software hazard information and control strategy, and will search software hazard information and control strategy output;
Said risk search engine is used for searching for the software hazard information and the control strategy of vulnerability database;
Said information-change reply module is used to change project information, and carry out the conflict of project after changing and judge, and the project after changing of preserving former project and not conflicting with sundry item.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103015024A CN102360464A (en) | 2011-09-30 | 2011-09-30 | Software risk test and control method and system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103015024A CN102360464A (en) | 2011-09-30 | 2011-09-30 | Software risk test and control method and system thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102360464A true CN102360464A (en) | 2012-02-22 |
Family
ID=45585789
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011103015024A Pending CN102360464A (en) | 2011-09-30 | 2011-09-30 | Software risk test and control method and system thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102360464A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110750237A (en) * | 2019-08-31 | 2020-02-04 | 苏州浪潮智能科技有限公司 | Project risk assessment reminding system and method based on cloud computing technology |
| CN110888809A (en) * | 2019-11-18 | 2020-03-17 | 中国银行股份有限公司 | Test task risk prediction method and device |
| CN112184235A (en) * | 2020-09-04 | 2021-01-05 | 支付宝(杭州)信息技术有限公司 | Wind control data changing method and device |
-
2011
- 2011-09-30 CN CN2011103015024A patent/CN102360464A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110750237A (en) * | 2019-08-31 | 2020-02-04 | 苏州浪潮智能科技有限公司 | Project risk assessment reminding system and method based on cloud computing technology |
| CN110888809A (en) * | 2019-11-18 | 2020-03-17 | 中国银行股份有限公司 | Test task risk prediction method and device |
| CN110888809B (en) * | 2019-11-18 | 2023-09-22 | 中国银行股份有限公司 | Risk prediction method and device for test task |
| CN112184235A (en) * | 2020-09-04 | 2021-01-05 | 支付宝(杭州)信息技术有限公司 | Wind control data changing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104484419B (en) | A kind of converting system and method for test case document | |
| WO2012161945A3 (en) | Large-scale comprehensive real-time monitoring framework for industrial facilities | |
| WO2012099801A3 (en) | Ordering document content | |
| MX2013003003A (en) | Generating reports based on materialized view. | |
| CN102122252A (en) | Method for designing thread pool capable of ensuring temporal succession | |
| CN103310315A (en) | Automatic process approval tool based on workflows | |
| CN102360464A (en) | Software risk test and control method and system thereof | |
| CN103294599A (en) | Cloud-based method for cross test of embedded software | |
| CN102955888B (en) | The analytical approach of equipment deficiency and device | |
| CN105824687B (en) | A kind of method and device of Java Virtual Machine performance automated tuning | |
| WO2019126797A3 (en) | System and method for executing instructions | |
| CN205281225U (en) | Digit control machine tool real -time monitoring system | |
| CN108121652A (en) | A kind of software hazard test and the method and system of control | |
| CN104091225A (en) | Object-oriented electric power system scheduling operation ticket system | |
| CN201732392U (en) | Material and equipment corresponding relationship information processing device applicable to electric power system | |
| CN101702217A (en) | Flow definition management method of workflow middleware following XPDL standard | |
| EA202091268A1 (en) | METHOD FOR DETERMINING BY LESS THEN ONE THRESHOLD VALUE BY LESS THAN ONE OPERATING PARAMETER OF A NUCLEAR REACTOR AND CORRESPONDING COMPUTER PROGRAM AND ELECTRONIC SYSTEM | |
| CN102184320A (en) | Automatic calculation engine for IT (information technology) system application evaluation and extension platform | |
| Fonotov | Role of state scientific and technological policy in the improvement of the innovation activity of Russian enterprises | |
| RU2013132608A (en) | METHOD FOR SCENARIOUS DYNAMIC MODELING OF TECHNICAL AND ECONOMIC INDICATORS OF A LIFE CYCLE OF A POWER OBJECT AND A SOFTWARE AND HARDWARE COMPLEX FOR ITS IMPLEMENTATION | |
| CN103200023A (en) | Method and device of sending hardware information, and method and system of processing hardware information | |
| MY159445A (en) | Information terminal linking system and method | |
| Xia et al. | Property preservation of time Petri net reduction | |
| Mannuss et al. | Shaping the Future of Quality Management–on the way to Quality 4. n | |
| CN103896118A (en) | Elevator debugging method and elevator debugging system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120222 |