CN108121656A - A kind of software evaluation method and apparatus - Google Patents
A kind of software evaluation method and apparatus Download PDFInfo
- Publication number
- CN108121656A CN108121656A CN201611094850.8A CN201611094850A CN108121656A CN 108121656 A CN108121656 A CN 108121656A CN 201611094850 A CN201611094850 A CN 201611094850A CN 108121656 A CN108121656 A CN 108121656A
- Authority
- CN
- China
- Prior art keywords
- software
- standard
- matching degree
- requirement
- code quality
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3608—Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3644—Software debugging by instrumenting at runtime
Abstract
A kind of software evaluation method and apparatus are provided, for assessing the uniformity of a software and a standard.This method includes:Code quality analysis is carried out to the software, matching degree of the software to the software requirement of the standard is obtained according to analysis result, the software and its processes of research & development and the uniformity of the standard are assessed to the matching degree of the standard according to the software.By carrying out code quality analysis to software, matching degree of the software to the software requirement of standard is judged according to the result of code quality analysis, and then assesses the uniformity of the software and its processes of research & development and standard.A kind of scheme of standard consistency assessment is provided, program automated execution can be based on, and can objectively and accurately assess the standard consistency of software.
Description
Technical field
The present invention relates to technical field of software engineering more particularly to a kind of software evaluation method and apparatus.
Background technology
In modern society, typical software type has Industry Control, man-machine interface, office system, operating system, compiling
Device, database, game etc..Also, software also has application in industry-by-industry, such as:Industry, agricultural, bank, aviation, government
Deng.These applications promote economic and society development, also improve production efficiency and quality of life.
The quality of one software directly influences the system for running the software, therefore the assessment of software quality is particularly important.
There are many ways to software quality estimation, such as:It can be by formulating various standards, one software of assessment meets relevant criterion
Degree assesses the quality of software by assessing the standard consistency (compliance) of software.
By taking industrial circle as an example, the security of an industrial system is particularly important for the industrial system.And the industry is
Whether the software in system meets the security that security related request has been largely fixed the industrial system.Therefore, judge
The software run in one industrial system is the important hand for assessing the software quality to the matching degree of security related request
Section.
International Electrotechnical Commission (International Electrotechnical Commission, IEC) 61508,
《The functional safety of electrical/electronic/programmable electronic security system》It is a functional safety mark for being directed to electrical/electronic system
It is accurate.Described in the standard with product development, production, operation, service, eliminate and the safety in the entire life security cycle such as management
Process and demand.It is described in 61508 standards of IEC to the relevant requirement of the security of software.Therefore, for operating in work
A software in industry system, by judge in the software and IEC 61508 on software the relevant requirement of security symbol
Conjunction degree can assess the safe class reached with the relevant quality of security of the software.
At present, the artificial method of generally use assesses the standard consistency of software and its processes of research & development.This does
Method is time-consuming and laborious, less efficient.And result is based primarily upon the micro-judgment of appraiser, it is subjective.
The content of the invention
In view of this, the present invention provides a kind of software evaluation method and apparatus, to a software and its processes of research & development
The assessment of effective standard consistency is carried out, this method can be by machine automated execution, high efficiency and time conservation.
In a first aspect, the embodiment of the present invention provides a kind of software evaluation method, in this method, the software is carried out first
Code quality is analyzed, and then obtains matching degree of the software to the software requirement of the standard according to analysis result, and then
The one of the software and its processes of research & development and standard requirement is assessed to the matching degree of the standard according to the software
Cause property.
Wherein, when carrying out code quality analysis to the software, static test can be used and analyzed.It needs to illustrate
, there are many analysis methods, is not limited to static test, as long as the analysis result of software code quality can be obtained.
Wherein, the software requirement of standard may have more than one, optionally, can obtain the software to a kind of software requirement
Matching degree, can also obtain matching degree of the software at least two software requirements.Specific software requirement can marked
It is provided in standard.
It for a kind of software requirement, is realized in software development process by software, therefore, software quality can influence soft
Part is to the matching degree of software requirement.By carrying out code quality analysis to software, sentenced according to the result of code quality analysis
Break matching degree of the software to the software requirement of standard, and then assesses software and its processes of research & development and the uniformity of standard requirement.
A kind of scheme of standard consistency assessment is provided, program automated execution can be based on, and can accurately assess software
Standard consistency.
Optionally, for each at least one software feature, it is soft to this that the software is obtained according to analysis result
The matching degree of part characteristic, and according to the software to the matching degree of the software feature, assessment is for the software feature
The software and the uniformity of the standard.Wherein, the software feature meets institute for a software defined in the standard
A kind of characteristic that should have when stating the software requirement of standard.
For each software feature defined in standard, the consistent of software and its processes of research & development and standard is assessed respectively
Property.Assessment result is finer, can be that subsequent software modification etc. provides more detailed reference information.
Optionally, when to the software line code quality analysis, code quality analysis can be carried out to the software, obtained
At least one code quality warning information, wherein, each code quality warning information belongs to a kind of code quality warning information
Type.
It, can be for each code matter when obtaining the software to the matching degree of the software feature according to analysis result
Warning information type is measured, obtains an information content and an impact factor.Wherein, described information quantity is described at least one
Belong to the quantity of the code quality warning information of the type in code quality warning information, the impact factor belongs to for weighing
The appearance of the code quality warning information of the type is to influence of the software to the software feature matching degree.Then, it is comprehensive
All code qualities obtained analyze corresponding above-mentioned two information of prompt message type, obtain the software to the software
The matching degree of characteristic.
For each code quality warning information type, there is corresponding impact factor to weigh the code for belonging to the type
The appearance of quality prompt message is to influence of the software to the software feature matching degree.It is obtained according to the impact factor soft
Part is to the matching degree of a software feature, compared with the mode of manual evaluation, warp of the assessment result independent of appraiser
It tests, it is more objective.
Optionally, according to the software to the matching degree of the software requirement of the standard come assess the software and its
It, can be by the software to the matching degree of the software requirement of the standard, with it when processes of research & development and the uniformity of the standard
He is compared the matching degree of the software requirement of the standard at least one software, to assess the software and its research and development stream
The uniformity of journey and the standard.Wherein, by compared with the assessment result of other software, to obtain software to be assessed
Standard consistency.
Second aspect provides a kind of software evaluation device, for assessing a software and its processes of research & development and a standard
Uniformity, including:One code quality analysis module, for carrying out code quality analysis to the software;One software will
Evaluation module is sought, for the analysis result according to the code quality analysis module, obtains the software to the soft of the standard
The matching degree of part requirement;One standard consistency evaluation module, for the matching degree according to the software to the standard
To assess the software and its processes of research & development and the uniformity of standard requirement.
Wherein, the software requirement of standard may have more than one, optionally, can obtain the software to a kind of software requirement
Matching degree, can also obtain matching degree of the software at least two software requirements.Specific software requirement can marked
It is provided in standard.
It for a kind of software requirement, is realized in software development process by software, therefore, software quality can influence soft
Part is to the matching degree of software requirement.By carrying out code quality analysis to software, sentenced according to the result of code quality analysis
Break matching degree of the software to the software requirement of standard, and then assesses software and its processes of research & development and the uniformity of standard requirement.
A kind of scheme of standard consistency assessment is provided, program automated execution can be based on, and can accurately assess software
Standard consistency.
Optionally, the software requirement evaluation module, specifically for each at least one software feature, according to
The analysis result of the code quality analysis module obtains matching degree of the software to the software feature, wherein, it is described soft
A kind of characteristic that part characteristic should have when meeting the software requirement of the standard for a software defined in the standard;It is described
Standard consistency evaluation module, specifically for each at least one software feature, according to the software to the software
The matching degree of characteristic, assessment require consistent for the software and its processes of research & development of the software feature with the standard
Property.
For each software feature defined in standard, the consistent of software and its processes of research & development and standard is assessed respectively
Property.Assessment result is finer, can be that subsequent software modification etc. provides more detailed reference information.
Optionally, the code quality analysis module, specifically for the software carry out code quality analysis, obtain to
A few Codabar code quality warning information, wherein, each code quality warning information belongs to a kind of code quality warning information class
Type;
The software requirement evaluation module, is specifically used for:For each code quality warning information type, obtain as follows
Two information:One information content, described information quantity are to belong to the type in at least one code quality warning information
Code quality warning information quantity and an impact factor, the impact factor belongs to generation of the type for weighing
The appearance of code quality warning information is to influence of the software to the software feature matching degree;And comprehensive acquisition is all described
Corresponding two information of code quality analysis warning information type, obtains the software and meets journey to the software feature
Degree.
For each code quality warning information type, there is corresponding impact factor to weigh the code for belonging to the type
The appearance of quality prompt message is to influence of the software to the software feature matching degree.It is obtained according to the impact factor soft
Part is to the matching degree of a software feature, compared with the mode of manual evaluation, warp of the assessment result independent of appraiser
It tests, it is more objective.
Optionally, the standard consistency evaluation module, specifically for the software requirement by the software to the standard
Matching degree, compared with other at least one softwares are to the matching degree of the software requirement of the standard, to assess
State software and its processes of research & development and the uniformity of standard requirement.
The third aspect provides a kind of software evaluation device, including:At least one processor, at least one processor and
The machine readable instructions being stored in at least one processor, at least one processor perform the machine readable finger
When making, realize in a first aspect, or first aspect the method that is provided of any possible realization method.
Fourth aspect provides a kind of machine readable media, and machine readable instructions, institute are stored on the machine readable media
Machine readable instructions are stated when being executed by processor, perform the processor in a first aspect, or any of first aspect can
The method that the realization method of energy is provided.
Description of the drawings
Fig. 1 is a kind of flow chart of software evaluation method provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another software evaluation method provided in an embodiment of the present invention;
Fig. 3 is a kind of structure diagram of software evaluation device provided in an embodiment of the present invention;
Fig. 4 is the structure diagram of another software evaluation device provided in an embodiment of the present invention.
Reference numerals list:
S101:Code quality analyzes S102:The software requirement matching degree analysis of standard
S103:Standard consistency assessment 21:Software code
22:Code quality analysis 23:Code quality prompt message
24:Software feature 25:Assessment result
26:The software requirement 30,40 of standard:Software evaluation device
301:Code quality analysis module 302:Software requirement evaluation module
303:Standard consistency evaluation module 401:At least one processor
402:At least one processor
Specific embodiment
As previously mentioned, the artificial method of generally use comments the standard consistency of software and its processes of research & development at present
Estimate.Still by taking foregoing 61508 standards of IEC as an example, at present usually by the expert standard of authority carry out formal examination & verification and/or
Evaluation.Such way is time-consuming and laborious.Also, since many software requirements in IEC 61508 are all abstract principles, in reality
In the evaluation process of border, it is also difficult to obtain objective assessment as a result, assessment result relies heavily on the experience of appraiser.
In the embodiment of the present invention, code quality analysis is carried out to software first, software pair is then obtained according to analysis result
The matching degree of the software requirement of standard, so according to software to the matching degree of standard come assess software and its processes of research & development with
The uniformity of standard.A kind of scheme of standard consistency assessment is provided, program automated execution can be based on, and can be relatively accurate
Assess the standard consistency of software and its processes of research & development in ground.
The replaceable current manual evaluation side of the scheme for carrying out software standard compliance evaluation provided in an embodiment of the present invention
Case can also be used as the useful supplement of current manual evaluation scheme.Scheme provided in an embodiment of the present invention is from time, place, people
The limitation of member, can easily be assessed at any time.Software developer can readily obtain assessment result, and according to assessment result
Carry out the modification of software and perfect.Software development cycle can effectively be shortened, and the standard one of software and its processes of research & development can be promoted
The realization of cause property.
The embodiment of the present invention can be based on following consideration when realizing:If software is required to very in a standard
It is realized in software development process well, then in terms of the software requirement defined for the standard, the quality of the software will compare
It is high, then when carrying out software code quality analysis, that analyzes is fewer with the relevant software defect of the software requirement.Cause
This, can assess the standard consistency of software and its processes of research & development based on the result of software code quality analysis.
Scheme provided in an embodiment of the present invention is applicable to the industry-by-industries such as industry, agricultural, bank, aviation, government.With work
Exemplified by industry, automobile making in industry, Power Plant Design, instrument and meter for automation manufacture etc. are applicable to.If defined in a standard
Software requirement can be weighed by software quality, then the standard that the embodiment of the present invention carries out software and its processes of research & development can be used
Consistency analysis.
Such as:The functional safety that foregoing IEC 61508 defines electrical/electronic/programmable electronic security system is related
Software requirement.The standard consistency that software and its processes of research & development are carried out according to scheme provided in an embodiment of the present invention is assessed,
Then can code quality analysis be carried out to software first, software is then obtained to soft defined in IEC 61508 according to analysis result
The matching degree of part requirement, and then software and the uniformity of IEC 61508 are assessed according to the matching degree.
For another example:Bank is directed to one bank of information security to the more demanding of information security, defined in some standards
The requirement that software should meet.By taking the Human Machine Interface of banking system as an example, it can be obtained such as by man-machine interface banking system
The amount of money, password figure input, when handling number with software logic, a kind of common software defect is:Programmer's not design pair
The logic that the legitimacy of input number is verified, illegal input may cause software anomaly or even system crash, and hacker can profit
Attack banking system in this way.If banking system will on the software of input legitimate verification defined in a standard
It asks, using the embodiment of the present invention, then can carry out code quality analysis to banking software, which is obtained according to analysis result
To the matching degree of the software requirement of the input legitimate verification defined in the standard, and then software is assessed according to the matching degree
With the uniformity of the standard.
In the following, for the ease of the understanding to the embodiment of the present invention, some descriptions occurred in the embodiment of the present invention are subject to
It explains.It should be noted that these explanations are not construed as that the present invention is claimed the restriction of scope.
1st, software code quality analysis
Software code quality analysis is used to carry out quality analysis to the code of a software, finds wherein that may be present lack
It falls into.Usual analysis result can include many Codabar code quality warning information (Quality Finding), the alarm of these code qualities
Information can prompt existing defects in software code (defect) or code quality warning information to be alternatively code quality correlation
Alarm (warning).
2nd, the standard consistency of software and its processes of research & development
Whether the standard consistency of software and its processes of research & development complies with standard for one software of evaluation and its processes of research & development
Requirement.The assessment result of the standard consistency of software is generally divided into multiple grades, such as:26262 standards of ISO are according to safety
Degree of risk determines system or system component demand for security grade (Automotive Safety of the division by A to D
Integrity Level automotive safety integrity level ASIL), wherein D grades for highest ranking, it is necessary to which most harsh safety needs
It asks.In a standard, there may be the requirement to software.If the R&D process of software have followed formulated in standard it is soft
Part requirement, the standard consistency of the usual software are preferable.
3、IEC 61508
As previously mentioned, IEC 61508 is a Functional Safety Standard for being directed to electrical/electronic system.Described in the standard
With product development, production, operation, service, eliminate and the security process and demand in the entire life security cycle such as management.
It is described in 61508 standards of IEC to the relevant requirement of the security of software and its processes of research & development.
4、ISO 26262
International Organization for standardization (International Organization for Standardization, ISO)
26262 be for automotive electronics electric system and to the modification of the progress of IEC 61508.In ISO 26262-6 (road vehicles-work(
It can safe Part VI:Product development:Software level, Road vehicles-Functional safety Part 6:
Product development:Software level) requirement to software development process is proposed, including to software
The requirement that unit is designed and realized.
26262 Part VI chapter 8 8.4.3 of ISO save, describe automotive system software unit design and realize
Exploitation and verification process.Including three requirements:
1) unnecessary complexity is avoided;
2) testability;
3) it is maintainable.
It is further illustrated in 26262 Part VI chapter 8 8.4.4 of ISO sections and how to realize above three requirement, proposed
Following eight software features:
1) based on Software Architecture Design, in software unit in-line subroutine and the correct execution sequence of function;
2) the interface uniformity between software unit;
3) between software unit and in software unit, the correctness of data flow and control stream;
4) simplicity;
5) readable and comprehensibility;
6) robustness;
7) alterability of software;
8) it is directed to the testability of software unit testing.
The embodiment of the present invention is described in detail below in conjunction with the accompanying drawings.
Fig. 1 is a kind of flow chart of software evaluation method provided in an embodiment of the present invention.As shown in Figure 1, this method includes
Following steps:
S101:Code quality analysis is carried out to a software;
S102:Matching degree of the software to the software requirement of a standard is obtained according to analysis result;
S103:The one of the software and its processes of research & development and the standard is assessed to the matching degree of the standard according to the software
Cause property.
Optionally, different software features can be directed to, assesses the standard consistency of software and its processes of research & development respectively.Its
In, software feature can be a kind of characteristic that should have when a software defined in standard meets the software requirement of standard.Such as:
Foregoing 26262 Part VI chapter 8 8.4.4 of ISO section definition is used to implement software requirement, and automotive system software should have
Eight software features.
Wherein, in step s 102, can be exported for each at least one software feature according to step S101
Analysis result obtains matching degree of the software to the software feature, in step s 103, at least one software feature
Each, according to software to the matching degree of the software feature, assessment is for the software of the software feature and the uniformity of standard.
Specifically, when in step S101 to software line code quality analysis, code quality analysis can be carried out to software, obtained
To at least one code quality warning information, wherein, each code quality warning information belongs to a kind of code quality alarm letter
Cease type.
In step s 102, for each code quality warning information type, following two information can be obtained:
1) information content
The information content is the code quality warning information for belonging to the type at least one code quality warning information
Quantity;
2) impact factor
The impact factor is special to the software to software for weighing the appearance for the code quality warning information for belonging to the type
The influence of property matching degree.
In step s 102, comprehensive corresponding two information of all code qualities analysis warning information type obtained, obtains
To software to the matching degree of the software feature.
Fig. 2 shows the example for for different software features, assessing software and standard consistency respectively.As shown in Fig. 2,
Software code is analyzed by code quality, obtains at least one code quality warning information.One is obtained by the software requirement of standard
The n software feature that a software should have when meeting the software requirement of standard, n are positive integer.According at least one code matter
Analysis result analysis software is measured to the matching degree of each software feature, according to obtained matching degree, is directed to respectively
The assessment result (1 to n) of the software standard uniformity of each software feature.
Whether for different software features can be directed to, software is assessed respectively and its standard of processes of research & development is consistent
Property, in software evaluation method shown in FIG. 1, step S103 can by software to the matching degree of the software requirement of standard,
Compared with other at least one softwares are to the matching degree of the software requirement of standard, come assess software and its processes of research & development with
The uniformity of standard.
In the following, with reference to Fig. 2, by taking automotive system software and foregoing ISO 26262 as an example, illustrate in the embodiment of the present invention such as
The standard consistency of what one automotive system software of assessment and ISO 26262.
First, code quality analysis, such as static source code analysis are carried out to the automotive system software.It obtains such as following
The code quality warning information of type:
1) be assigned with a value but from be not used;
2) variable is not used;
3) unreachable source code;
4) function complex;
4) packet index over range;
5) it is yes that comparative result is total;
6) data conversion is inaccurate;
7) function exits rear memory and does not discharge;
8) null value detection prior pointer still with;
9) buffer overflow;
And other code quality prompt messages.
Then, the result that code quality is analyzed is mapped to foregoing ISO (including at least one code quality warning information)
On eight software features defined in 26262, to assess whether the automotive system software meets three defined in ISO 26262
Software requirement.Table 1 below illustrates the mapping process.Wherein, it is the various types of code quality warning information in first row,
First behavior is various software features.Intermediate number is impact factor.
1. code quality prompt message of table is to the mapping of 26262 software features of ISO
A software of a type of code quality warning information and ISO 26262 is represented used here as impact factor
Relation between characteristic.One impact factor belongs to the appearance of a type of code quality warning information to foregoing for measurement
Software feature matching degree influence, the software feature matching degree is for identifying between a software and a software feature
Matching degree.And then the impact factor can indicate:If the code quality of a certain type is found that in the software of exploitation
Warning information, then the code quality prompt message of this type meets journey to the specific software requirement of specific ISO 26262
The influence of degree.The definition of impact factor value can be as shown in Table 2 below.
Relation in table 2.ISO 26262 between software feature matching degree and impact factor
| The influence of software feature matching degree | Impact factor |
| Do not influence | 0 |
| Influence very little | 0.25 |
| It influences medium | 0.5 |
| It is affected | 0.75 |
| It influences notable | 1 |
Such as:Code quality warning information " function complex " represents:The complexity of some function has been more than industry
The scope that software can accept extensively, this indicates that software has substantially run counter to the software feature " simplicity " of the requirements of ISO 26262.Cause
This, in table 1 behavior " function complex ", be classified as in the grid of " simplicity " that indicate impact factor value be " 1.0 ".
Similarly, code quality warning information " unreachable source code " represent that some source codes are in the process of implementation can not
It reaches.For unit testing, this indicates that the extremely difficult test of these source codes, it may be necessary to which special instrument or method are come
Reach necessary test coverage.Therefore, in table 1 behavior " unreachable source code ", be classified as in the grid of " testability "
It is " 0.75 " to indicate impact factor.
A kind of type of code quality warning information may be mapped to multiple software features.Such as:" comparative result is always
Be " can represent to may also indicate that there are unnecessary and/or redundancy control module in source code on execution sequence there may be
Erroneous path.Therefore, this kind of code quality warning information be mapped to " data flow and control flow correctness " impact factor be
" 0.25 ", the impact factor for being mapped to " correct execution sequence " are " 0.5 ".
It is analyzed by code quality, can easily obtain the statistical information of code quality warning information, such as:In code
In quality analysis results, information content of code quality warning information etc. in a type of code quality warning information.Then,
According to the information shown in table 1, equation below 1 can be used to calculate a software to a kind of software defined in ISO 26262
The matching degree of characteristic.It is this be calculated the result is that quantitative, assessment result that the software standard one obtained from performs
It is and quantitative.Quantitative description avoids empirically subjective judgement divided rank common in current manual evaluation method, comments
Estimate result can accomplish it is more objective accurate.
C (f)=(weight factor of finding1 × occurance number of finding1)+
(weight factor of finding2 × occurance number of finding2)+... formula 1
Wherein, f represents a kind of software feature, and weight factor of finding1 represent the code of the first type
Quality warning information is mapped to the impact factor on software feature f, and occurance number of finding1 represent code
In quality analysis results type for the first type code quality warning information quantity, weight factor of
Finding2 represents that the code quality warning information of second of type is mapped to the impact factor on software feature f, occurance
Number of finding2 represent that type is the code quality warning information of second of type in code quality analysis result
Quantity.And so on, the type of all code quality warning information is weighted summation and is finished, obtains software to software feature
The matching degree C (f) of f.
Here, belonging to the quantity of a type of code quality prompt message can be normalized according to software size, than
Such as:It is normalized according to every 100,000 line code (100KLOC).So the assessment result of software standard uniformity would not be with soft
Part scale and become.Assuming that as shown in table 3, in every 100,000 line code, the information content of various types of code quality prompt messages
Respectively:
3. code quality analysis result of table is illustrated
The automotive system software is calculated using above-mentioned formula 1 and meets journey for software feature " correct execution sequence "
It spends and is:
C (f)=0 × 132+0 × 119+0.5 × 28+0 × 21+0 × 7+0.5 × 13+0 × 42+0.75 × 19+0.75 ×
17+0.25 × 5=48.75 ... formula 2
These quantitative descriptions can be known as " measured value " by us.Have these measured values, it is convenient to it is similar soft
Part project carries out the comparison of standard consistency.Alternatively, also can be by these measured values compared with the average value of industrial circle, root
The standard consistency of the automotive system software and ISO 26262 is assessed according to comparative result.It is soft that the automotive system is given in table 4
Part is directed to the measured value of each software feature and has reached the comparison of the software project average value of the standard consistency of ISO 26262
As a result example.
The comparative result of 4. software standard uniformity of table
By table 4 as it can be seen that the automotive system software is that can receive for the standard consistency of most software feature
's.But for " simplicity ", " readable and comprehensibility " and " alterability of software ", the measurement of the automotive system software
It is worth subaverage.Wherein, measured value is smaller represents that, for a software feature, the standard consistency of the automotive system software is got over
It is good.By table 4 it can be easily recognized that in the R&D process of the automotive system software, for which software feature, with reference to mark
Alignment request also needs to improve.
An embodiment of the present invention provides a kind of new schemes for being used to assess software standard uniformity.Such as people general at present
The method of work assessment is compared, and the program is time saving and energy saving, and is capable of providing objective effective assessment result.The program can be by software
Development organizations use, and effectively convenient assessment is carried out to self-developed software.
Fig. 3 is a kind of structure diagram of software evaluation device provided in an embodiment of the present invention.The software evaluation device 30,
For assessing a software and its uniformity of processes of research & development and a standard, as shown in figure 3, the device includes:
One code quality analysis module 301, for carrying out code quality analysis to software;
One software requirement evaluation module 302 for the analysis result according to code quality analysis module 301, obtains soft
Part is to the matching degree of the software requirement of standard;
One standard consistency evaluation module 303, for according to software to the matching degree of standard come assess software and its
Processes of research & development and the uniformity of standard requirement.
Optionally, software requirement evaluation module 302, specifically for each at least one software feature, according to
The analysis result of code quality analysis module 301 obtains matching degree of the software to the software feature, wherein, software feature is mark
A kind of characteristic that a software defined in standard should have when meeting the software requirement of standard;
Standard consistency evaluation module 303, specifically for each at least one software feature, according to software pair
The matching degree of the software feature, assessment is for the software and its processes of research & development and the uniformity of standard requirement of software feature.
Optionally, code quality analysis module 301 specifically for carrying out code quality analysis to software, obtains at least one
Codabar code quality warning information, wherein, each code quality warning information belongs to a kind of code quality warning information type;
Software requirement evaluation module 302, is specifically used for:For each code quality warning information type, obtain as follows
Two information:One information content, information content are the code matter for belonging to the type at least one code quality warning information
The quantity and an impact factor of warning information are measured, impact factor belongs to the code quality alarm letter of the type for weighing
The appearance of breath is to influence of the software to the software feature matching degree;And the comprehensive all code qualities analysis warning information obtained
Corresponding two information of type, obtains matching degree of the software to the software feature.
Optionally, standard consistency evaluation module 303, specifically for software is met journey to the software requirement of standard
Degree, compared with other at least one softwares are to the matching degree of the software requirement of standard, to assess software and its research and development stream
Journey and the uniformity of standard requirement.
Other optional realization methods of the software evaluation device 30 can refer to the realization in flow shown in FIG. 1.Wherein, generation
Code quality analysis module 301, is used to implement the processing of the software code quality analysis in the flow, software requirement evaluation module
302, for according to code quality analyze as a result, obtaining matching degree of the software to the software requirement of standard, standard consistency
Evaluation module 303, for assessing the one of software and its processes of research & development and standard requirement to the matching degree of standard according to software
Cause property.
Fig. 4 is the structure diagram of another software evaluation device provided in an embodiment of the present invention.As shown in figure 4, this is soft
Part apparatus for evaluating 40 may include:At least one processor 401, at least one processor 402 and it is stored at least one storage
Machine readable instructions on device 401 when wherein at least one processor 401 performs machine readable instructions, are realized as shown in fig. 1
Flow.
The embodiment of the present invention additionally provides a kind of computer storage media, stores that a machine is made to perform as described herein
Program code checking method instruction.Specifically, system or device equipped with storage medium can be provided, in the storage
It stores the software program code for realizing the function of any embodiment in above-described embodiment on medium, and makes the system or device
Computer (or CPU or MPU) read and perform the program code being stored in storage medium.
In this case, it is real that any one in above-described embodiment can be achieved in itself from the program code that storage medium is read
The function of example is applied, therefore the storage medium of program code and storage program code constitutes the part of the present invention.
For provide the storage medium embodiment of program code include floppy disk, hard disk, magneto-optic disk, CD (such as CD-ROM,
CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD+RW), tape, Nonvolatile memory card and ROM.Selectively,
Can by communication network from server computer download program code.
Further, it should be apparent that not only can be by performing the program code read-out by computer, but also can pass through
Instruction based on program code makes operating system of calculating hands- operation etc. to complete partly or completely practical operation, so as to
Realize the function of any one embodiment in above-described embodiment.
Further, it is to be appreciated that the program code read by storage medium is write into the expansion board in insertion computer
In in set memory or write in the memory set in the expanding element being connected with computer, then based on journey
The instruction of sequence code makes CPU in expansion board or expanding element etc. come executable portion and whole practical operations, so as to
Realize the function of any embodiment in above-described embodiment.
It should be noted that step and module not all in above-mentioned each flow and each system construction drawing is all necessary
, some steps or module can be ignored according to the actual needs.The execution sequence of each step be not it is fixed, can be according to need
It is adjusted.System structure described in the various embodiments described above can be physical arrangement or logical construction, i.e. have
A little modules may be realized by same physical entity, be realized alternatively, some modules may divide by multiple physical entities, alternatively, can be with
It is realized jointly by some components in multiple autonomous devices.
In various embodiments above, hardware cell mechanically or can be realized electrically.A for example, hardware list
Member can include permanent dedicated circuit or logic (such as special processor, FPGA or ASIC) to complete corresponding operating.Firmly
Part unit can also include programmable logic or circuit (such as general processor or other programmable processors), can by software into
Interim setting go to complete corresponding operating.Concrete implementation mode (mechanical system or dedicated permanent circuit or is faced
When the circuit that sets) can be determined based on cost and temporal consideration.
Detailed displaying and explanation have been carried out to the present invention above by attached drawing and preferred embodiment, however the invention is not restricted to
These embodiments having revealed that, base could be aware that with above-mentioned multiple embodiment those skilled in the art, can combine above-mentioned difference
Code examination & verification means in embodiment obtain the more embodiments of the present invention, these embodiments also protection scope of the present invention it
It is interior.
Claims (10)
1. a kind of software evaluation method, for assessing a software and its uniformity of processes of research & development and a standard, feature
It is, including:
Code quality analysis is carried out to the software;
Matching degree of the software to the software requirement of the standard is obtained according to analysis result;
The software and its processes of research & development and standard requirement are assessed to the matching degree of the standard according to the software
Uniformity.
2. the method as described in claim 1, which is characterized in that
It is described that matching degree of the software to the software requirement of the standard is obtained according to analysis result, including:
For each at least one software feature, the software is obtained according to analysis result, the software feature is met
Degree, wherein, the software feature should have when meeting the software requirement of the standard for a software defined in the standard
A kind of characteristic having;
It is described that the software and its processes of research & development and the standard are assessed to the matching degree of the standard according to the software
It is required that uniformity, including:
For each at least one software feature, according to the software to the matching degree of the software feature, pin is assessed
To the software and its processes of research & development of the software feature and the uniformity of the standard.
3. method as claimed in claim 2, which is characterized in that
To the software line code quality analysis, including:
Code quality analysis is carried out to the software, obtains at least one code quality warning information, wherein, each Codabar code matter
Amount warning information belongs to a kind of code quality alarm type;
Each at least one software feature obtains the software to the software feature according to analysis result
Matching degree, including:
For each code quality alarm type, following two information is obtained:
One information content, described information quantity are to belong to the code of the type in at least one code quality warning information
The quantity of quality warning information and
One impact factor, the impact factor belong to the appearance of the code quality warning information of the type for measurement to described
Influence of the software to the software feature matching degree;
The comprehensive all code qualities obtained analyze corresponding two information of warning information type, obtain the software
To the matching degree of the software feature.
4. such as claims 1 to 3 any one of them method, which is characterized in that according to the software to the software of the standard
It is required that matching degree assess the software and its processes of research & development and the uniformity of standard requirement, including:
By the software to the matching degree of the software requirement of the standard, with other at least one softwares to the soft of the standard
The matching degree of part requirement is compared, to assess the software and its processes of research & development and the uniformity of standard requirement.
5. a kind of software evaluation device (30), for assessing a software and its uniformity of processes of research & development and a standard,
It is characterized in that, including:
One code quality analysis module (301), for carrying out code quality analysis to the software;
One software requirement evaluation module (302) for the analysis result according to the code quality analysis module (301), obtains
To the software to the matching degree of the software requirement of the standard;
One standard consistency evaluation module (303), for according to the software to the matching degree of the standard to assess
State software and its processes of research & development and the uniformity of standard requirement.
6. device (30) as claimed in claim 5, which is characterized in that
The software requirement evaluation module (302), specifically for each at least one software feature, according to the generation
The analysis result of code quality analysis module (301) obtains matching degree of the software to the software feature, wherein, the software
A kind of characteristic that characteristic should have when meeting the software requirement of the standard for a software defined in the standard;
The standard consistency evaluation module (303), specifically for each at least one software feature, according to described
Software is to the matching degree of the software feature, and assessment is for the software and its processes of research & development of the software feature and the mark
The uniformity of alignment request.
7. device (30) as claimed in claim 6, which is characterized in that
The code quality analysis module (301) specifically for carrying out code quality analysis to the software, obtains at least one
Code quality warning information, wherein, each code quality warning information belongs to a kind of code quality warning information type;
The software requirement evaluation module (302), is specifically used for:
For each code quality warning information type, following two information is obtained:
One information content, described information quantity are to belong to the code of the type in at least one code quality warning information
The quantity of quality warning information and
One impact factor, the impact factor belong to the appearance of the code quality warning information of the type for measurement to described
Influence of the software to the software feature matching degree;
The comprehensive all code qualities obtained analyze corresponding two information of warning information type, obtain the software
To the matching degree of the software feature.
8. such as claim 5~7 any one of them device (30), which is characterized in that the standard consistency evaluation module
(303), specifically for the matching degree by the software to the software requirement of the standard, with other at least one softwares to institute
The matching degree for stating the software requirement of standard is compared, to assess the software and its processes of research & development and standard requirement
Uniformity.
9. a kind of software evaluation device (40), including:At least one processor (401), at least one processor (402) and
The machine readable instructions being stored in at least one processor (401), which is characterized in that at least one processor
(401) when performing the machine readable instructions, such as Claims 1 to 4 any one of them method is realized.
10. a kind of machine readable media, which is characterized in that machine readable instructions are stored on the machine readable media, it is described
Machine readable instructions make the processor perform claim require 1~4 any one of them method when being executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611094850.8A CN108121656A (en) | 2016-11-30 | 2016-11-30 | A kind of software evaluation method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611094850.8A CN108121656A (en) | 2016-11-30 | 2016-11-30 | A kind of software evaluation method and apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108121656A true CN108121656A (en) | 2018-06-05 |
Family
ID=62226336
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611094850.8A Pending CN108121656A (en) | 2016-11-30 | 2016-11-30 | A kind of software evaluation method and apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108121656A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109871317A (en) * | 2019-01-11 | 2019-06-11 | 平安普惠企业管理有限公司 | Code quality analysis method and device, storage medium and electronic equipment |
| CN111338942A (en) * | 2020-02-21 | 2020-06-26 | 郑州昂视信息科技有限公司 | Software diversity evaluation method and system |
| CN113793130A (en) * | 2021-09-18 | 2021-12-14 | 上海中通吉网络技术有限公司 | Differentiated software process auditing method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090055804A1 (en) * | 2005-09-05 | 2009-02-26 | Gunther Blaschek | Method and device for automatically evaluating the quality of a software source code |
| US20100023928A1 (en) * | 2006-09-29 | 2010-01-28 | Anja Hentschel | Method for the computer-assisted analysis of software source code |
| CN102292706A (en) * | 2008-11-26 | 2011-12-21 | 株式会社Jastec | Software modification estimate method and software modification estimate system |
| CN102799822A (en) * | 2012-07-11 | 2012-11-28 | 中国信息安全测评中心 | Software running security measurement and estimation method based on network environment |
| CN105468510A (en) * | 2014-09-05 | 2016-04-06 | 北京畅游天下网络技术有限公司 | Method and system for evaluating and tracking software quality |
-
2016
- 2016-11-30 CN CN201611094850.8A patent/CN108121656A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090055804A1 (en) * | 2005-09-05 | 2009-02-26 | Gunther Blaschek | Method and device for automatically evaluating the quality of a software source code |
| US20100023928A1 (en) * | 2006-09-29 | 2010-01-28 | Anja Hentschel | Method for the computer-assisted analysis of software source code |
| CN102292706A (en) * | 2008-11-26 | 2011-12-21 | 株式会社Jastec | Software modification estimate method and software modification estimate system |
| CN102799822A (en) * | 2012-07-11 | 2012-11-28 | 中国信息安全测评中心 | Software running security measurement and estimation method based on network environment |
| CN105468510A (en) * | 2014-09-05 | 2016-04-06 | 北京畅游天下网络技术有限公司 | Method and system for evaluating and tracking software quality |
Non-Patent Citations (1)
| Title |
|---|
| 武剑洁,陈传波,肖来元编著: "《软件测试技术基础》", 31 October 2008, 华中科技大学出版社 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109871317A (en) * | 2019-01-11 | 2019-06-11 | 平安普惠企业管理有限公司 | Code quality analysis method and device, storage medium and electronic equipment |
| CN111338942A (en) * | 2020-02-21 | 2020-06-26 | 郑州昂视信息科技有限公司 | Software diversity evaluation method and system |
| CN111338942B (en) * | 2020-02-21 | 2022-09-09 | 郑州昂视信息科技有限公司 | Software diversity evaluation method and system |
| CN113793130A (en) * | 2021-09-18 | 2021-12-14 | 上海中通吉网络技术有限公司 | Differentiated software process auditing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102360335B (en) | Method for quantitatively evaluating value of security level DCS (Data Communication System) application software defect for nuclear power plant | |
| CN113688042A (en) | Method and device for determining test scene, electronic equipment and readable storage medium | |
| CN108121656A (en) | A kind of software evaluation method and apparatus | |
| CN111931047B (en) | Artificial intelligence-based black product account detection method and related device | |
| CN113837596A (en) | Fault determination method and device, electronic equipment and storage medium | |
| Grbac et al. | Stability of software defect prediction in relation to levels of data imbalance | |
| Ozment | Software security growth modeling: Examining vulnerabilities with reliability growth models | |
| CN108446213A (en) | A kind of static code mass analysis method and device | |
| CN113127342B (en) | Defect prediction method and device based on power grid information system feature selection | |
| CN112037191B (en) | Method and device for determining local leakage current density threshold value and computer equipment | |
| CN114638503A (en) | Asset risk pressure testing method, device, equipment and storage medium | |
| Manjula et al. | Cost optimization of a software reliability growth model with imperfect debugging and a fault reduction factor | |
| CN114236272B (en) | Intelligent detection system of electronic product | |
| CN116298930B (en) | Method, device and server for measuring health degree of battery pack | |
| CN114546841B (en) | Software quality assessment method based on cloud computing | |
| Agarwal | Markovian software reliability model for two types of failures with imperfect debugging rate and generation of errors | |
| CN117571742B (en) | Method and device for realizing chip quality inspection based on artificial intelligence | |
| CN116991149B (en) | Method and device for checking fee-controlled product, electronic equipment and storage medium | |
| CN113434408B (en) | Unit test case sequencing method based on test prediction | |
| Oakley et al. | Examining the impact of critical attributes on hard drive failure times: Multi‐state models for left‐truncated and right‐censored semi‐competing risks data | |
| CN111737096B (en) | Method and device for detecting integral grading of TPC-H pre-test system | |
| CN117763432A (en) | Communication fault prediction method, device, equipment and storage medium | |
| JP2006344050A (en) | Load verification requirement specifying apparatus, method, and program | |
| CN115032583A (en) | Method and system for rapidly testing metering error of electric energy meter based on ant colony algorithm | |
| CN117272152A (en) | Energy storage system fault diagnosis method, system, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180605 |
|
| RJ01 | Rejection of invention patent application after publication |