CN107133521A - Demand for security template construction method based on demand for security meta-model - Google Patents

Demand for security template construction method based on demand for security meta-model Download PDF

Info

Publication number
CN107133521A
CN107133521A CN201710333738.3A CN201710333738A CN107133521A CN 107133521 A CN107133521 A CN 107133521A CN 201710333738 A CN201710333738 A CN 201710333738A CN 107133521 A CN107133521 A CN 107133521A
Authority
CN
China
Prior art keywords
security
functional component
demand
relation
security functional
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710333738.3A
Other languages
Chinese (zh)
Inventor
李晓红
何慧娟
韩卓兵
胡静
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin University
Original Assignee
Tianjin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin University filed Critical Tianjin University
Priority to CN201710333738.3A priority Critical patent/CN107133521A/en
Publication of CN107133521A publication Critical patent/CN107133521A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/10Requirements analysis; Specification techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Abstract

The invention discloses a kind of demand for security template construction method based on demand for security meta-model;Step 1, construction hypergraph model and progress Security functional component reclassification;Step 2, extracted by carrying out Security functional component problem and Software security protection scope, set up the multi-to-multi incidence relation of Security functional component reclassification and Software security protection scope PR, and Software security protection scope is also associated with demand entry;Step 3, obtain mapping relations between Security functional component reclassification and demand entry;Step 4, structure demand for security template;The multi-to-multi incidence relation of entry and Security functional component problem, is that every demand entry builds a demand for security entry template according to demand.Compared with prior art, the present invention can remove interference Security functional component and eliminate " referring to altogether " problem caused of natural language, it is easy to select Security functional component according to Software functional requirements, demand for security template-directed user obtains more comprehensively and accurately security function demand.

Description

Demand for security template construction method based on demand for security meta-model
Technical field
The invention belongs to software security problem domain;
Background technology
With software industry develop rapidly and by the fast propagation of network, the safety problem of software product is by more next More concerns.So, how it is cost-effective develop safe software, examined in the demand analysis stage of software life-cycle It is the exploitation most economical effective method of fail-safe software to consider software security.However, this method does not obtain the enough of industry also Pay attention to.The survey showed that, and most people just consider the demand for security of software in implementation phase, and only seldom people is early in software Stage phase considers demand for security, or even has quite a few people to have ignored software security demand completely.From the another of industrial quarters One investigation result also indicates that the defect that demand stage is present is in demand rank in the cost that design or implementation phase are repaired Section is repaired 10-200 times of cost, and the safety defect not being found in demand stage at least 50%, and these defects are made Into harm occupy the 25%-40% of the whole project budget.It can be seen that, the security development cost of the acquisition of demand for security to software There is vital effect with credibility.
The international standard ISO/IEC15408 promulgated at present by International Organization for standardization in 1999《The safe skill of information technology Art information technology safety evaluation criterion》(abbreviation CC, Common Criteria) is defined needed for IT product security Basic criterion, be the benchmark of metric technical security.The standard pin is to the IT product during security evaluation Safety problem, one group of General Requirement is proposed in terms of security function.
It is typically all to be formulated by specialty safety technical staff that existing software security demand, which is obtained, and most of developers incline Design solution is described in foundation protection mechanism, rather than makes the requirement statement on protection level, to the peace of system Full demand, which is extracted, lacks systematicness and completeness.The present invention do not break CC standards offer inter-module association contact under, with CC standards is instruct, the demand for security element according to defined in demand for security meta-model, build the demand for security with universality Template, wherein demand for security meta-model are with GA/T18336.1《Information technology safe practice information technology safety evaluation is accurate Then》The Security functional component and IEEE STD 830-1998 of offer《Software Requirements Specification (also called requirements analysis) standard》In the software that provides Based on demand entry, analyze the concept being related in demand for security template building process and its relation and construct.
The content of the invention
In view of the safety problem that above-mentioned prior art software is present increasingly is highlighted, and the software security diversification of demand is difficult to receive The problem of collection, the present invention proposes a kind of demand for security template construction method based on demand for security meta-model, with world security Standard ISO/IEC 15408 (CC standards) is instructs, by this demand for security template construction method, is mainly used in giving birth in software The software requirement analysis stage in life cycle formulates rational demand for security, constructs demand for security template.
A kind of demand for security template construction method based on demand for security meta-model of the present invention, this method includes following step Suddenly:
Step 1, construction hypergraph model, and the Security functional component reclassification realized based on hypergraph model;Wherein, the step The hypergraph model structure principle and Security functional component reclassification principle followed be respectively:
Hypergraph model structure principle one, represent that with different initial weights the power of four kinds of incidence relations is different, utilize The polynary array shape of { the first Security functional component of incidence relation, the posterior Security functional component of incidence relation, initial weight } Formula represents the Security functional component of input;Four kinds of incidence relations and its strong or weak relation between input Security functional component are:From Category relation>Directly rely on relation>Indirectly rely on relation>Select dependence;
Hypergraph model structure principle two, by Security functional component using in the form of multi-component system as construction hypergraph model when just Begin to input;
Hypergraph model structure principle three, by the subordinate relation with shared Security functional component and directly rely on the peace of relation Complete functional set merges, and constructs super side;
After hypergraph model structure principle four, merging, the average value of a plurality of super side right weight is calculated;
Security functional component reclassification principle one, all super sides for characterizing the relation that indirectly relies on of disconnection, that is, disconnect in super side Incidence relation between all Security functional components;
The low Security functional component of the degree of association in Security functional component reclassification principle two, the super side of disconnection selection dependence Between incidence relation;
Step 2, extracted by carrying out Security functional component problem and Software security protection scope, set up Security functional component The multi-to-multi incidence relation of reclassification and Software security protection scope, and also it is associated with Software security protection model in demand entry Enclose;The extraction condition that need to be met is while including assessing whether object security function is able to detect that potential security violationAssess Object security Function detection is acted to whether taking corresponding protection after potential security violationAs the method previously described, it is complete The extraction of the Security functional component problem of Security functional component into all Security functional component reclassifications;
Step 3, obtain mapping relations between Security functional component reclassification and demand entry;
Step 4, structure demand for security template;Entry is associated with the multi-to-multi of Security functional component problem according to demand System, is that every demand entry builds a demand for security entry template;Demand for security entry template is by a series of security function groups Part problem and functional requirement description composition.
Compared with prior art, the present invention reaches following beneficial effect:
1), based on the Security functional component and the incidence relation of inter-module that are provided in CC standards, hypergraph model is built Interference Security functional component can be removed and " referring to altogether " problem caused of natural language is eliminated.
2), Security functional component is divided again to realize by the incidence relation between deep excavation Security functional component Class, can fully reflect the inner link of inter-module, be easy to user to select Security functional component according to Software functional requirements.
3), the demand for security template construction method based on demand for security meta-model, demand for security template can guide user Obtain more comprehensively and accurately security function demand.
Brief description of the drawings
Fig. 1 is demand for security meta-model schematic diagram;
Fig. 2 is the overall flow embodiment of the demand for security template construction method based on demand for security meta-model of the present invention Schematic diagram;
Fig. 3 is that hypergraph model describes figure
Fig. 4 is hypergraph model design sketch;
Fig. 5 is that hypergraph model disconnects exemplary plot;
Fig. 6 is the demand for security template construction method overall flow figure based on demand for security meta-model of the invention.
Embodiment
The Security functional component provided in CC standards is drawn according to security standpoints such as security audit, data transfer, password supports It is divided into 11 Security functional component classes.The present invention is according to the subordinate dependence between Security functional component, to 136 security functions Component has been carried out having obtained 43 Security functional component classes after reclassification, reclassification, and Hypergraph Theory is incorporated into security function In component reclassification problem, build hypergraph model and asked to solve the common finger that the Security functional component relation of natural language description is brought Topic, while providing some rules to instruct super side Automated generalization, and then reaches the reclassification to Security functional component.
The present invention is described in further detail below in conjunction with the accompanying drawings.
As shown in Fig. 2 being the demand for security template construction method flow chart based on demand for security meta-model of the present invention.This The key step of invention is as follows:
Step 1, the Security functional component reclassification based on hypergraph model, with the Security functional component that is provided in CC standards and Based on the incidence relation of inter-module, the internal relation Security functional component is deeply dug using hypergraph model theory Pick, the Security functional component reclassification after being repartitioned;The specific configuration method and peace of hypergraph model are provided separately below The idiographic flow of complete functional set reclassification:
Based on (1-1), four kinds of subordinate dependences between Security functional component, hypergraph mould is constructed in accordance with following principle Type:
Hypergraph model structure principle one, represent that with different initial weights the power of four kinds of incidence relations is different, utilize The polynary array shape of { the first Security functional component of incidence relation, the posterior Security functional component of incidence relation, initial weight } Formula represents the Security functional component of input;Wherein, the power of four kinds of incidence relations between input Security functional component is:Subordinate Relation>Directly rely on relation>Indirectly rely on relation>Select dependence.Subordinate relation reflects two Security functional components Safety requirements is inclusion relation, and directly relies on relation and reflect a Security functional component preferably to complete the peace of itself It is complete to require to be necessarily dependent upon another Security functional component, because the strength of association of inclusion relation is better than dependence, The strength of association of subordinate relation is more than the strength of association for the relation that directly relies on.Again because selecting dependence and indirectly relying on relation It is due to what the relation that directly relies on was produced, so the strength of association of the two, which is less than, directly relies on relation.Table 1 gives subordinate dependence Relation initial weight relation and initial input form.
Table 1, subordinate dependence initial weight table
When hypergraph model structure principle two, construction hypergraph model, the Security functional component of initial input is with the shape of multi-component system Formula is inputted, for example:{ A B C D 0.1 }, wherein A, B, C, D are the element of multi-component system, and 0.1 is the weight of the multi-component system.0.1 It is selection dependence to characterize the Security functional component in the multi-component system, and wherein Security functional component A turns into selection security function Component, component B, C and D are referred to as being chosen Security functional component.For tuple { A0 }, 0 characterize Security functional component A without subordinate according to The relation of relying;
Hypergraph model structure principle three, by the subordinate relation with shared Security functional component and directly rely on the peace of relation Complete functional set merges, and constructs super side;The main target of construction hypergraph model is to remove " referring to altogether " while will associate more close Security functional component merges, because the final purpose of Security functional component reclassification is exactly that incidence relation is closely safe Functional unit is classified as a class, and the untight Security functional component of incidence relation is separated.And in four kinds of incidence relations, subordinate relation To associate more close two kinds of incidence relations with the relation of directly relying on, thus need construct hypergraph model when just will have from The Security functional component of category relation and the Security functional component merging for directly relying on relation.For incidence relation it is weaker and exist choosing Selecting the Security functional component of problem will be solved by incidence relation mining algorithm;
After hypergraph model structure principle four, merging, the average value of a plurality of super side right weight is calculated;The super side of every of hypergraph model There is the weight of itself, this weight reflects weight of the super side in whole hypergraph model;The average value of a plurality of super side right weight The weight on super side after merging is represented, for example:Multi-component system a weight is 4, and multi-component system b weight is 5, then multi-component system c after merging Weight be (4+5)/2=4.5.
Construct super side when, the Security functional component with the relation that indirectly relies on is classified as a super side, will with subordinate according to The Security functional component for the relation of relying is classified as a super side, and rejects the Security functional component of onrelevant relation.Because, four kinds of passes In connection relation, it is the weaker incidence relation of two kinds of degrees of association to indirectly rely on relation and selection dependence, therefore it is individually returned For a super side, so as to followed by Combinatorial Optimization.Here the Security functional component without incidence relation is considered " noise Point " and reject, be because searching for following incidence relation mining algorithm can be reduced without the Security functional component of incidence relation Rope efficiency.But these Security functional components are actually individually to be divided into a Security functional component reclassification, are intended merely to The search efficiency for improving algorithm is removed when constructing hypergraph model.
In the hypergraph model of Security functional component, by a Security functional component sfciSee a knot in figure as Point.Usually, if SFC={ sfc1,sfc2,…,sfcNBe N number of node finite aggregate.SFC a certain subset is referred to as EiIf,Then P={ E1,E2,…,EmIt is super side collection, H=(SFC, P) is hypergraph.Security function is then characterized by weight The multi-component system of inter-module incidence relation be considered as one carry weight super side E 'i={ Ei, weight }, E 'i.weight super side E ' is representediWeight.HEi={ Ei, weight }, HEiThe posttectonic super side of hypergraph model is represented, HEi.weight it is super side HE after hypergraph model constructioniWeight.
As shown in figure 3, describing figure for hypergraph model.The row of the 1st, 2 and 3 in figure respectively define super side, Weight it is super While with surpassing after merging.4th row describes the principle two and principle three that hypergraph constructs hypergraph model, fifth line and the description of the 6th row The principle four of construction hypergraph model.
Hypergraph model construction process not only solves " referring to altogether " problem between Security functional component, while also to security function Component has carried out simply initial merging, after merging terminates, and constructs super side model and terminates.The effect of super side Construction of A Model is:Tool There are the Security functional component of subordinate relation and the Security functional component with the relation that directly relies on to be incorporated in same super side, Security functional component with the relation that indirectly relies on belongs to a super side, and the Security functional component with selection dependence belongs to One super side.After hypergraph model construction terminates, there is the super side of three types in model:Characterize indirectly rely on relation super side, Select dependence it is super while and during super after merging, and have common Security functional component between some super sides.This shared peace The selection that complete functional set is reflected between two super sides relies on incidence relation or indirectly relies on relation.Fig. 4 gives hypergraph mould Type design sketch.
Step 2: carrying out Security functional component reclassification;Based on hypergraph model, in accordance with following two principle to safety Functional unit carries out reclassification:
Security functional component reclassification principle one, all super sides for characterizing the relation that indirectly relies on of disconnection;Due to indirectly relying on Relation is produced by directly relying on relation, then can characterize the relation of indirectly relying on by directly relying on the transmission of relation, And directly rely on relation and be retained in as strong incidence relation in super side, then the relation of indirectly relying on is already contained in other and surpassed Bian Zhong, so here disconnecting the super side for characterizing the relation that indirectly relies on.That is, if HEi.weight=0.5, then super side HE is disconnectedi。 Here disconnection it is super when referring to disconnect super in incidence relation between all Security functional components, for example:E1={ sfc1,sfc2,sfc3,sfc4,sfc5, and HE1.weight=0.5, then disconnect super side HE1Refer to disconnect Security functional component sfc1,sfc2,sfc3,sfc4And sfc5Between institute it is relevant, as shown in Figure 5.
The low Security functional component of the degree of association in Security functional component reclassification principle two, the super side of disconnection selection dependence Between incidence relation;Disconnect all signs to indirectly rely on behind the super side of relation, two kinds of super side is only existed in hypergraph model, i.e., (HE when characterizing super super after merging of two kinds strong incidence relationi.weight > 1) and characterize the super side of selection dependence (HEi.weight=0.1).Because the essence of Security functional component reclassification is to disconnect the weaker super side of the degree of association, it is therefore desirable to protect Stay selection dependence it is super in surpassing where selection Security functional component while incidence relation most strong selected component, disconnect it He is chosen component.For example, in Fig. 4, it is necessary to judge sfc2,sfc3,sfc4And sfc5This four selected components and selection group Part sfc1The degree of association size on the super side at place, to determine to disconnect the incidence relation where write between Security functional component.Use the degree of association It is strong and weak to weigh the incidence relation between Security functional component.The degree of association is reflected between a Security functional component and a super side Relevance, the relevance of the degree of association by force then between Security functional component and super side is just very strong, otherwise just very weak.Security functional component sfcmWith super side HEiBetween the degree of association can use super side HEiIn with sfcmRelevant Security functional component number is weighed. For example:In Fig. 4, Security functional component sfc3With super side HE2In a Security functional component it is relevant, so safety Functional unit sfc3With super side HE2Between the degree of association be 1.
Security functional component reclassification obtains 42 Security functional component reclassifications, this 12 of offer peace than CC standard The classification results of complete functional set class are more detailed, and the Security functional component in reclassification better assures that the association of component is closed System, can select Security functional component reclassification by the functional requirement of software systems.This 42 Security functional component reclassifications It is divided into three types:Characterize Security functional component reclassification, the safe work(of simple strong association incidence relation of onrelevant relation Energy component reclassification and the Security functional component reclassification for including more than three kinds incidence relations.The peace of wherein 9 onrelevant relations Complete functional set reclassification, 19 only subordinate relation and directly rely on the Security functional component reclassification of relation and 21 include The Security functional component reclassification of more than three kinds incidence relations.
Table 2 list Partial security functional unit reclassification and its comprising Security functional component.Wherein, first safety There is subordinate relation between the Security functional component included in functional unit reclassification URDNRR, directly rely on relation and indirectly rely on Relation, so it is the Security functional component reclassification for including more than three kinds incidence relations.Second reclassification USIFPR is only There is subordinate relation and directly rely on the Security functional component reclassification of relation.3rd reclassification DATFAU and the 4th reclassification VCOFIA is the Security functional component reclassification without subordinate dependence.
Table 2, Security functional component reclassification result table
Step 2, Security functional component problem and Software security protection scope are extracted;Each Security functional component problem Sfcpk setting is that, in order to guide user to determine whether system meets the safety requirements of Security functional component, therefore analysis is each The safety requirements of Security functional component is that can obtain one group of Security functional component problem SFCP for this safety requirements.Below The analysis process of Security functional component problem extraction is provided by taking FAU_ARP.1 (security alarm) as an example.
Security functional component FAU_ARP.1 (security alarm) safety requirements is:When detecting potential security violation, Action should be taken by assessing object security function TSF.It was found from FAU_ARP.1 safety requirements, TSF needs to do two pieces thing, first Potential security violation is detected, is then taken appropriate measures for this security violation.So, associated with FAU_ARP.1 Security functional component problem be two.I.e.:Whether TSF is able to detect that potential security violationTSF detects potential peace After full infringement corresponding protection whether can be taken to actAccording to above-mentioned method, 42 Security functional component reclassifications are completed The extraction of the Security functional component problem of middle Security functional component.
Each Security functional component sfcmn safety requirements is related to many softwares in Security functional component reclassification rsfcn Safety protection range PR, the safety requirements for analyzing each Security functional component obtains Software security protection scope, these softwares peace The union of full guard scope is exactly the Software security protection scope PR of this Security functional component reclassification.Table 3 gives safety The safety of Security functional component that functional unit reclassification URDNRR (user identity anonymity protection) is included and each component will Ask.
From table 3 it can be seen that Security functional component reclassification URDNRR Software security protection scope is each safe work( The union of the Software security protection scope of energy component, i.e. PR={ user, TSF, action lists, originator, reception evidence }.
According to above-mentioned method, the software full guard scope for completing 42 Security functional component reclassifications is extracted.
Table 3, URDNRR and its included Security functional component table
Step 3, obtain mapping relations between Security functional component reclassification and demand entry;Safe work(in step 2 Energy component reclassification RSFC has been set up the multi-to-multi incidence relation with Software security protection scope PR, and in demand entry RI Also Software security protection scope PR is associated with, so being transmitted by Software security protection scope PR incidence relation, security function Multi-to-multi incidence relation is established between component reclassification RSFC and demand entry RI.Again due to Security functional component reclassification RSFC Comprising many Security functional component SFC, these Security functional components correspond to many Security functional component problem SFCP, so, Demand entry RI and Security functional component problem SFCP just establishes the incidence relation of multi-to-multi;
Step 4, demand for security template are built;Entry RI and Security functional component problem SFCP multi-to-multi is closed according to demand Connection relation, is that every demand entry RI builds a demand for security entry template RIM.Demand for security entry template RIM is by one Row Security functional component problem and functional requirement description composition.Security functional component problem SFCP can guide user to determine system Whether some Security functional component is needed, and requirement description is the unconcerned concrete function description of security of system.Requirement description portion Divide is in order to aid in understanding Security functional component problem and design, and also to make the demand for security of generation illustrate document It is more perfect.Fig. 6 gives the sample of demand for security template.
Table 4, demand for security template sample

Claims (1)

1. a kind of demand for security template construction method based on demand for security meta-model, it is characterised in that this method includes following Step:
Step 1, construction hypergraph model, and the Security functional component reclassification realized based on hypergraph model;Wherein, the step is abided by The hypergraph model structure principle and Security functional component reclassification principle followed be respectively:
Hypergraph model structure principle one, represent that with different initial weights the power of four kinds of incidence relations is different, utilize { association The first Security functional component of relation, the posterior Security functional component of incidence relation, initial weight } polynary array form represent The Security functional component of input;Four kinds of incidence relations and its strong or weak relation between input Security functional component are:Subordinate relation> Directly rely on relation>Indirectly rely on relation>Select dependence;
Hypergraph model structure principle two, by Security functional component using in the form of multi-component system as construction hypergraph model when it is initial defeated Enter;
Hypergraph model structure principle three, by the subordinate relation with shared Security functional component and directly rely on the safe work(of relation Can component merging, the super side of construction;
After hypergraph model structure principle four, merging, the average value of a plurality of super side right weight is calculated;
Security functional component reclassification principle one, all super sides for characterizing the relation that indirectly relies on of disconnection, that is, disconnect in super side and owning Incidence relation between Security functional component;
In Security functional component reclassification principle two, the super side of disconnection selection dependence between the low Security functional component of the degree of association Incidence relation;
Step 2, extracted by carrying out Security functional component problem and Software security protection scope, set up Security functional component and divide again The multi-to-multi incidence relation of class and Software security protection scope, and also it is associated with Software security protection scope in demand entry;Need The extraction condition of satisfaction is simultaneously including assessing whether object security function is able to detect that potential security violationAssess object peace Whether global function is detected can take corresponding protection to act after potential security violationAs the method previously described, complete all The extraction of the Security functional component problem of Security functional component in Security functional component reclassification;
Step 3, obtain mapping relations between Security functional component reclassification and demand entry;
Step 4, structure demand for security template;The multi-to-multi incidence relation of entry and Security functional component problem according to demand, be Every demand entry builds a demand for security entry template;Demand for security entry template is by a series of Security functional component problems Describe to constitute with functional requirement.
CN201710333738.3A 2017-05-12 2017-05-12 Demand for security template construction method based on demand for security meta-model Pending CN107133521A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710333738.3A CN107133521A (en) 2017-05-12 2017-05-12 Demand for security template construction method based on demand for security meta-model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710333738.3A CN107133521A (en) 2017-05-12 2017-05-12 Demand for security template construction method based on demand for security meta-model

Publications (1)

Publication Number Publication Date
CN107133521A true CN107133521A (en) 2017-09-05

Family

ID=59732330

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710333738.3A Pending CN107133521A (en) 2017-05-12 2017-05-12 Demand for security template construction method based on demand for security meta-model

Country Status (1)

Country Link
CN (1) CN107133521A (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070044084A1 (en) * 2005-08-09 2007-02-22 Nec Laboratories America, Inc. Disjunctive image computation for sequential systems
CN102103514A (en) * 2011-03-02 2011-06-22 天津大学 Method for analyzing security demand based on activity graph expansion under CC (Common Criteria)
CN102109991A (en) * 2010-07-30 2011-06-29 兰雨晴 Software package dependency relationship modeling method
CN102799816A (en) * 2012-06-29 2012-11-28 天津大学 Software safety function component management method based on CC (the Common Criteria for Information Technology Security Evaluation)
US8327304B2 (en) * 2010-11-18 2012-12-04 International Business Machines Corporation Partitioning for hardware-accelerated functional verification
CN103259788A (en) * 2013-04-27 2013-08-21 天津大学 Formal modeling and validation method based on security protocols
CN103365777A (en) * 2013-07-04 2013-10-23 卫生部统计信息中心 Test case generation system and system
CN103870342A (en) * 2014-04-06 2014-06-18 冷明 Task core value calculating method on the basis of node attribute function in cloud computing environment
CN103885839A (en) * 2014-04-06 2014-06-25 孙凌宇 Cloud computing task scheduling method based on multilevel division method and empowerment directed hypergraphs
CN103970651A (en) * 2014-04-18 2014-08-06 天津大学 Software architecture safety assessment method based on module safety attributes
CN103984623A (en) * 2014-04-28 2014-08-13 天津大学 Software security risk assessment method based on defect detection

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070044084A1 (en) * 2005-08-09 2007-02-22 Nec Laboratories America, Inc. Disjunctive image computation for sequential systems
CN102109991A (en) * 2010-07-30 2011-06-29 兰雨晴 Software package dependency relationship modeling method
US8327304B2 (en) * 2010-11-18 2012-12-04 International Business Machines Corporation Partitioning for hardware-accelerated functional verification
CN102103514A (en) * 2011-03-02 2011-06-22 天津大学 Method for analyzing security demand based on activity graph expansion under CC (Common Criteria)
CN102799816A (en) * 2012-06-29 2012-11-28 天津大学 Software safety function component management method based on CC (the Common Criteria for Information Technology Security Evaluation)
CN103259788A (en) * 2013-04-27 2013-08-21 天津大学 Formal modeling and validation method based on security protocols
CN103365777A (en) * 2013-07-04 2013-10-23 卫生部统计信息中心 Test case generation system and system
CN103870342A (en) * 2014-04-06 2014-06-18 冷明 Task core value calculating method on the basis of node attribute function in cloud computing environment
CN103885839A (en) * 2014-04-06 2014-06-25 孙凌宇 Cloud computing task scheduling method based on multilevel division method and empowerment directed hypergraphs
CN103970651A (en) * 2014-04-18 2014-08-06 天津大学 Software architecture safety assessment method based on module safety attributes
CN103984623A (en) * 2014-04-28 2014-08-13 天津大学 Software security risk assessment method based on defect detection

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李洪波: ""基于安全需求模板的软件安全需求获取工具设计与实现"", 《万方学位论文数据库》 *

Similar Documents

Publication Publication Date Title
CN102024112B (en) PE (portable executable) file pack detection method based on static characteristics
Danese et al. Automatic extraction of assertions from execution traces of behavioural models
CN102624574B (en) Security testing method and device for protocol implementation
CN105868116A (en) Semantic mutation operator based test case generation and optimization method
CN101013452A (en) Symbolized model detection method
CN105740711B (en) A kind of malicious code detecting method and system based on kernel objects behavior ontology
CN105447388B (en) A kind of Android malicious code detection system based on weight and method
AU2018374073B2 (en) Correlation modeling method for coupling failure of critical components of deep well hoist under incomplete information condition
CN102445941B (en) Method for automatically determining and analyzing interoperability test results of on-board equipment of train control system
CN104635144A (en) Hardware trojan detection method independent of datum curve
CN107247450A (en) Circuit breaker failure diagnostic method based on Bayesian network
Prechtel et al. Evaluating spread of ‘gasless send’in ethereum smart contracts
CN104866764A (en) Object reference graph-based Android cellphone malicious software detection method
CN103995780A (en) Program error positioning method based on statement frequency statistics
CN111064735B (en) SQL injection vulnerability detection method and system for power information system
Pan et al. Refactoring packages of object–oriented software using genetic algorithm based community detection technique
Saydemir et al. On the use of evolutionary coupling for software architecture recovery
CN107133521A (en) Demand for security template construction method based on demand for security meta-model
Montaghami et al. Staged evaluation of partial instances in a relational model finder
Burrows et al. Coupling metrics for aspect-oriented programming: A systematic review of maintainability studies
CN111898134B (en) Intelligent contract vulnerability detection method and device based on LSTM and BiLSTM
CN105868777B (en) A kind of Method Using Relevance Vector Machine panzer piggyback pod method for diagnosing faults based on optimization
CN103713997A (en) Formal description and decomposition method for metamorphic relation
Yuan et al. Enhancing Deep Learning-based Vulnerability Detection by Building Behavior Graph Model
Lomuscio et al. Symbolic model checking for temporal-epistemic logic

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20170905

WD01 Invention patent application deemed withdrawn after publication