CN116955198A - Rule set determining method and device - Google Patents
Rule set determining method and device Download PDFInfo
- Publication number
- CN116955198A CN116955198A CN202310965124.2A CN202310965124A CN116955198A CN 116955198 A CN116955198 A CN 116955198A CN 202310965124 A CN202310965124 A CN 202310965124A CN 116955198 A CN116955198 A CN 116955198A
- Authority
- CN
- China
- Prior art keywords
- rule
- target
- rules
- conflict
- standard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000001514 detection method Methods 0.000 claims abstract description 80
- 230000003068 static effect Effects 0.000 claims abstract description 18
- 238000003062 neural network model Methods 0.000 claims description 23
- 238000012549 training Methods 0.000 claims description 21
- 238000004590 computer program Methods 0.000 claims description 17
- 238000007689 inspection Methods 0.000 claims description 14
- 230000014759 maintenance of location Effects 0.000 claims description 6
- 230000000007 visual effect Effects 0.000 abstract description 4
- 238000012545 processing Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3608—Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Computer Hardware Design (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Quality & Reliability (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Stored Programmes (AREA)
Abstract
The application relates to the technical field of code detection and provides a method and a device for determining a rule set. The method comprises the following steps: acquiring a plurality of standard rule sets to be integrated; performing conflict check on each rule serving as a target rule to obtain a reserved rule corresponding to the target rule; summarizing all the reserved rules to obtain a target rule set; the conflict check includes: taking other rules except the target rule in all standard rule sets as reference rules; and comparing the content of the target rule with that of each reference rule respectively, judging whether the reference rule conflicts with the target rule, and determining a reserved rule. According to the application, conflict checking is carried out on each rule, one reserved rule is determined from a plurality of rules with the rule conflict, and finally, all reserved rules are summarized to obtain the target rule set, no rule conflict exists among the reserved rules, and the target rule set is utilized for static checking, so that a clear and visual detection result can be obtained, and an effective information reference is provided for developers.
Description
Technical Field
The present application relates to the field of code detection technologies, and in particular, to a method and an apparatus for determining a rule set.
Background
Currently, static detection of source codes is usually implemented by using detection software, and a single rule set or a set of multiple rule sets can be selected as a judgment standard of static detection in the detection software. When common rule sets such as MISRA C2008, MISRA C2012 and AUTOSAR are used, if a single rule set is used as a judgment standard, a detection report generated by static detection is not comprehensive enough, and hidden danger of defect omission exists, so that the quality of source codes is poor. If a set of multiple rule sets is used as a judgment standard, the source code is required to traverse all rule sets, and because the rule emphasis points of each rule set are different, conflicts may exist among rules belonging to different rule sets, so that a detection report generated by static detection according to the set of rule sets is redundant, a detection result cannot be intuitively and clearly presented, an effective adjustment direction is difficult to provide for a developer, and the detection efficiency is low.
Therefore, how to provide a solution to the above technical problem is a problem that needs to be solved by those skilled in the art.
Disclosure of Invention
In view of this, the embodiment of the application provides a method and a device for determining rule sets, so as to solve the problem of redundancy of inspection reports when a plurality of rule sets perform static inspection simultaneously in the prior art.
In a first aspect of an embodiment of the present application, a method for determining a rule set is provided, including:
acquiring a plurality of standard rule sets to be integrated;
traversing each rule in all standard rule sets, and executing conflict check on each rule as a target rule to obtain a reserved rule corresponding to the target rule;
summarizing all the reserved rules to obtain a target rule set for static inspection of the program code to be tested;
the conflict check includes:
taking other rules except the target rule in all standard rule sets as reference rules;
content comparison is carried out on the target rule and each reference rule respectively, and whether the reference rule conflicts with the target rule or not is judged;
if not, taking the target rule as a reserved rule;
if yes, determining a rule as a reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation principle.
In a second aspect of the embodiment of the present application, there is provided a rule set determining apparatus, including:
the acquisition module is used for acquiring a plurality of standard rule sets to be integrated;
the checking module is used for traversing each rule in all standard rule sets, and executing conflict checking on each rule serving as a target rule to obtain a reserved rule corresponding to the target rule;
the summarizing module is used for summarizing all the reserved rules to obtain a target rule set for static inspection of the program codes to be tested;
the inspection module includes:
a reference unit for taking other rules except the target rule in all standard rule sets as reference rules;
the comparison unit is used for comparing the content of the target rule with that of each reference rule respectively and judging whether the reference rule conflicts with the target rule; if not, taking the target rule as a reserved rule; if yes, determining a rule as a reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation principle.
In a third aspect of the embodiments of the present application, there is provided an electronic device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the above method when executing the computer program.
In a fourth aspect of the embodiments of the present application, there is provided a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the above method.
Compared with the prior art, the embodiment of the application has the beneficial effects that: according to the embodiment of the application, conflict checking is carried out on each rule in the standard rule set, one reserved rule is determined from a plurality of rules with the rule conflict, and finally all reserved rules are summarized to obtain the target rule set, the rule conflict does not exist among the reserved rules, and the target rule set is utilized to carry out static checking on the program code to be tested, so that a clear and visual detection result can be obtained, and effective information reference is provided for developers.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic view of an application scenario according to an embodiment of the present application;
FIG. 2 is a flowchart of a method for determining a rule set according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a rule set determining apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
A method and apparatus for determining a rule set according to embodiments of the present application will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic view of an application scenario according to an embodiment of the present application. The application scenario may include a first terminal device 101, a second terminal device 102, a third terminal device 103, a server 104, and a network 105.
The first terminal device 101 may be hardware or software. When the first terminal device 101 is hardware, it may be various electronic devices having a display screen and supporting communication with the server 104, including but not limited to smartphones, tablets, laptop portable computers, desktop computers, and the like; when the first terminal apparatus 101 is software, it may be installed in the electronic apparatus as described above. The first terminal device 101 may be implemented as a plurality of software or software modules, or may be implemented as a single software or software module, which is not limited in this regard by the embodiment of the present application. Further, various applications, such as a data processing application, an instant messaging tool, social platform software, a search class application, a shopping class application, and the like, may be installed on the first terminal device 101.
The second terminal device 102 may be hardware or software. When the second terminal device 102 is hardware, it may be a variety of electronic devices having a display screen and supporting communication with the server 104, including but not limited to smartphones, tablets, laptop and desktop computers, and the like; when the second terminal device 102 is software, it may be installed in the electronic device as described above. The second terminal device 102 may be implemented as a plurality of software or software modules, or may be implemented as a single software or software module, as the embodiments of the present application are not limited in this respect. Further, various applications may be installed on the second terminal device 102, such as a data processing application, an instant messaging tool, social platform software, a search class application, a shopping class application, and the like.
The third terminal device 103 may be hardware or software. When the third terminal device 103 is hardware, it may be various electronic devices having a display screen and supporting communication with the server 104, including but not limited to smartphones, tablets, laptop and desktop computers, etc.; when the third terminal device 103 is software, it may be installed in the electronic device as described above. The third terminal device 103 may be implemented as a plurality of software or software modules, or may be implemented as a single software or software module, which is not limited in this regard by the embodiment of the present application. Further, various applications, such as a data processing application, an instant messaging tool, social platform software, a search class application, a shopping class application, and the like, may be installed on the third terminal device 103.
The server 104 may be a server that provides various services, for example, a background server that receives a request transmitted from a terminal device with which communication connection is established, and the background server may perform processing such as receiving and analyzing the request transmitted from the terminal device and generate a processing result. The server 104 may be a server, a server cluster formed by a plurality of servers, or a cloud computing service center, which is not limited in this embodiment of the present application.
The server 104 may be hardware or software. When the server 104 is hardware, it may be various electronic devices that provide various services to the first terminal device 101, the second terminal device 102, and the third terminal device 103. When the server 104 is software, it may be a plurality of software or software modules providing various services to the first terminal device 101, the second terminal device 102, and the third terminal device 103, or may be a single software or software module providing various services to the first terminal device 101, the second terminal device 102, and the third terminal device 103, which is not limited in this embodiment of the present application.
The network 105 may be a wired network using coaxial cable, twisted pair and optical fiber connection, or may be a wireless network that can implement interconnection of various communication devices without wiring, for example, bluetooth (Bluetooth), near field communication (Near Field Communication, NFC), infrared (Infrared), etc., which are not limited by the embodiment of the present application.
It should be noted that the specific types, numbers and combinations of the first terminal device 101, the second terminal device 102, the third terminal device 103, the server 104 and the network 105 may be adjusted according to the actual requirements of the application scenario, which is not limited in the embodiment of the present application.
Fig. 2 is a flow chart of a method for determining a rule set according to an embodiment of the present application. The method of determining the rule set of fig. 2 may be performed by the first or second or third terminal device or server of fig. 1. As shown in fig. 2, the method for determining the rule set includes:
s201: acquiring a plurality of standard rule sets to be integrated;
s202: traversing each rule in all standard rule sets, and executing conflict check on each rule as a target rule to obtain a reserved rule corresponding to the target rule;
s203: summarizing all the reserved rules to obtain a target rule set for static inspection of the program code to be tested;
wherein the conflict check comprises:
s2021: taking other rules except the target rule in all standard rule sets as reference rules;
s2022: content comparison is carried out on the target rule and each reference rule respectively, and whether the reference rule conflicts with the target rule or not is judged;
s2023: if not, taking the target rule as a reserved rule;
s2024: if yes, determining a rule as a reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation principle.
When the standard rule set is obtained in step S201, the standard rule set may be obtained according to a requirement document matched with the program code to be tested, where the requirement document includes a standard rule set required for static detection of the program code to be tested, for example, a mistac 2004 rule set, a mistac 2012 rule set, an AutoSAR rule set, a code FORMAT rule set [ form ], a GLOBAL static analysis rule set [ GLOBAL ], a NAMING rule set [ NAMING ], a metric index rule set [ METRICS ], a potential defect rule set [ PB ], an optimization rule set [ OPT ], and the like, which are specifically set according to actual conditions, and are not limited herein.
After step S201 and before step S202, the method may further include: deleting the rule which is not applicable to the program code to be tested from all standard rule sets, for example, deleting the rule which is not applicable to the automobile industry from the standard rule sets when the program code to be tested is used in the automobile industry.
In step S202, the conflict check may be completed through a neural network model, that is, traversing each rule in all standard rule sets, and executing the conflict check on each rule as a target rule to obtain a reserved rule corresponding to the target rule, which includes; traversing each rule in all standard rule sets, and executing conflict check on each rule serving as a target rule by using the trained conflict check neural network model to obtain a reserved rule corresponding to the target rule.
Specifically, the conflict checking neural network model for performing conflict checking needs to be trained before executing the method, and the training process of the conflict checking neural network model includes:
acquiring an initial neural network model;
obtaining a training sample; the training samples comprise positive samples and negative samples, wherein the positive samples comprise first target rule samples and first reference rule samples which have rule conflict with the first target rule samples, and the negative samples comprise second target rule samples and second reference rule samples which have no rule conflict with the second target rule samples;
training the initial neural network model by using a training sample until the training result of the initial neural network model meets a preset training standard, and determining the trained initial neural network model as a conflict checking neural network model.
It will be appreciated that for each positive sample, a first target rule sample and a first reference rule sample are included, the first target rule sample and the first reference rule sample being both rule in nature, the former corresponding to the target rule at the time of conflict check and the latter corresponding to the reference rule at the time of conflict check. According to the definition of the rule, one rule should include a rule object, a detection parameter, and a numerical range corresponding to the detection parameter, so that the first target rule sample may include a target rule object, a target detection parameter, and a target numerical range corresponding to the target detection parameter, and the first reference rule sample may include a reference rule object, a reference detection parameter, and a reference numerical range corresponding to the reference detection parameter.
For whether the two rules conflict with each other or not, judging according to the range corresponding to the rule description, for example, when the rule objects and the detection parameters of the two rules are the same, the allowed numerical ranges of the rules are inconsistent; or the rule objects of the two rules are the same, the detection parameters are different, but the numerical range of one detection parameter affects the numerical influence range of the other detection parameter; or rule objects and detection parameters of the two rules are different, but the setting of the former rule influences the setting of the latter rule, which can be regarded as rule conflicts, the specific type of rule conflicts can be set according to the strictness of rule conflicts, and positive samples of different types can be set according to different rule conflicts. In an exemplary embodiment, the positive samples include one or more of a first positive sample, a second positive sample, and a third positive sample, wherein:
in the first positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range and the reference numerical value range have no intersection;
in the second positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range is different from the reference numerical value range;
in the third positive sample, the target rule object is the same as the reference rule object, the target detection parameter is different from the reference detection parameter, and the target reference range of the target detection parameter corresponding to the target reference range of the reference detection parameter exceeds the reference value range.
The target value range and the reference value range in the first positive sample have no intersection, for example, the first target rule sample is that the name of the A variable is not more than 2 bytes, the first reference rule sample is that the name of the A variable is between 4 and 8 bytes, at the moment, the target rule object and the reference rule object are both A variables, the target detection parameter and the reference detection parameter are both the lengths of the variable names, the target value range is (0, 2), the reference value range is [4,8], and obviously, the target value range and the reference value range have no intersection, and rule conflict can be considered to exist.
The target data range in the second positive sample is different from the reference value range, for example, the first target rule sample is "each switch statement must correspond to one default statement", the first reference rule sample is "use enumeration constant in switch statement, when the enumeration constant covers all possible values, default statements are not required to be set", at this time, the target rule object and the reference rule object are both switch statements, the target detection parameter and the reference detection parameter are both the number of default statements corresponding to the rule object, wherein the target data range is 1, the reference value range is 0 and 1, at this time, the target value range and the reference value range are in inclusion relation, and the range boundaries are different, so that it is determined that the target value range and the reference value range are different, and rule conflicts can be considered to exist.
The target detection parameter in the third positive sample is different from the reference detection parameter, at this time, the target reference range where the corresponding reference detection parameter is located needs to be determined according to the target data range of the target detection parameter, specifically, for example, the first target rule sample is that the name of the B variable should have descriptive property and can clearly express the purpose and meaning of the variable, the first reference rule sample is that the name of the B variable is not more than 4 bytes, at this time, the target rule object and the reference rule object are both B variables, but the target detection parameter is the expression content of the variable name, the reference detection parameter is the length of the variable name, at this time, the target detection parameter and the reference detection parameter are not identical, and the re-conversion determination needs to be performed, specifically:
the target numerical range of the target detection parameter is clear in expression degree, and the target reference range of the reference detection parameter corresponding to the target numerical range is determined, namely, the name length of the corresponding B variable is not limited when the name expression degree of the B variable is clear, because the name of the variable needs to be described in detail as far as possible when the name of the variable is required to meet the requirement of clear expression degree, so that the name length of the variable is too long, therefore, the implicit condition of the first target rule sample is that the name length of the variable name is only ensured to be greater than 0, namely, the target reference range of the first target rule sample corresponding to the reference detection parameter is: the name length is greater than 0, and the reference value range is: the name length is greater than 0 and not less than 4, and obviously the target reference range is beyond the reference value range, and rule conflict can be considered to exist.
Similar to the third positive sample, the positive sample may further include a fourth positive sample, in which the target rule object is different from the reference rule object, and the target detection parameter is different from the reference detection parameter, and the target reference ranges of the reference rule object and the reference detection parameter when the first target rule sample is satisfied are determined first according to the target rule object, the target detection parameter, and the target numerical range of the first target rule sample, and then the target reference ranges are compared with the reference numerical ranges, and if the target reference ranges exceed the reference numerical ranges, rule conflicts can be considered to exist.
It is to be understood that the positive samples in this embodiment may be one or more selected from the above four positive samples (first positive sample, second positive sample, third positive sample, fourth positive sample); in each positive sample, whether there is intersection, partial overlap, identical, complete inclusion, etc. the range set relationship of the target value range and the reference value range, for example, [1,3] and [5,7] are non-intersection, the range set relationship of [1,3] and [3,5] are partial overlap, the range set relationship of [1,3] and [1,3] are identical, the range set relationship of [1,3] and [2,3] is complete inclusion, the range set relationship of [1,3] and [1,5] is complete inclusion, and the condition for recognizing the range set relationship and the rule conflict can be set according to the severity of the conflict check:
most relaxed, the relationship of the determinable range sets is no intersection, and rule conflict exists;
the subspan, can judge the range set relation is no intersection or has partial overlap, then there is rule conflict;
most strictly, it may be determined that the range set relationships are no intersections or that there is partial overlap or complete inclusion, then there is a rule conflict, i.e., only exactly the same range set relationship is determined to be no rule conflict at this time.
The condition for identifying the rule conflict can be specifically selected according to the actual requirement, and is not limited herein.
It is to be understood that, if the number of reference rules that conflict with the target rule is 0, step S2023 is performed, and if the number of reference rules that conflict with the target rule is greater than 0, step S2024 is performed, and it is to be noted that the number of reference rules that conflict with the rule may be plural, and that one rule is determined as a reservation rule among all the reference rules that conflict with the target rule and the current target rule, and the determination of the reservation rule is based on a preset reservation rule.
In an exemplary embodiment, each rule in the standard rule set is correspondingly provided with a corresponding priority, the preset reservation rule is that a rule with a higher preset priority is determined to be a reservation rule, and the specific step S2024 determines, according to the preset reservation rule, one rule from the reference rule and the target rule that have rule conflict as a procedure of reservation rule, including: and determining a rule with higher preset priority as a reserved rule from the reference rule and the target rule which are in conflict with each other according to the preset priority of each rule.
In an exemplary embodiment, the preset reservation rule may be set according to the severity of the current conflict check, where the range set relationship is specifically two rules that are completely contained, and more stringent, a rule with a smaller numerical range in the two rules may be used as a reservation rule, and a rule with a larger numerical range in the two rules may be used as a reservation rule.
The specific preset reservation principle can be set according to actual requirements or expected results, particularly the preset priority, can be preset according to the importance degree of each rule in the standard rule set, and can also be adjusted according to the detection requirements and expected results of the program code to be detected by the method, and the method is not limited herein.
In an exemplary embodiment, considering that the standard rule set should have been verified in multiple directions when being released, it can be ensured that rule conflicts between two rules do not occur in the same standard rule set, so for a target rule, when determining a reference rule of the target rule, the standard rule set where the target rule is located can be directly excluded, so that the workload of conflict checking is reduced by reducing the number of the reference rules, and specifically, a process of taking all other rules except the target rule in the standard rule set as the reference rules includes: and taking other rules in all the standard rule sets except the standard rule set to which the target rule belongs as reference rules.
In an exemplary embodiment, after determining the retention rule corresponding to the target rule according to steps S2021-S2024, in order to avoid performing repeated conflict checking on the reference rule having a rule conflict with the target rule, after determining the retention rule in step S2024, other rules may be deleted, and the specific conflict checking further includes: among the reference rules and the target rules, which are in conflict with the reserved rules, the rest rules which are in conflict with the reserved rules are deleted from the standard rule set.
For example, the target rule is R1, and steps S2021 to S2024 are performed on R1 to perform conflict checking: when it is determined in step S2022 that there is a rule conflict between the reference rules R2 and R3 and the target rule, a rule is determined in step S2024 as a retention rule, for example, it is determined that the rule R1 is the retention rule, at this time, the reference rules R2 and R3 are remained, the rule R2 is deleted from the rule standard set in which R2 is located, the rule R3 is deleted from the rule standard set in which R3 is located, and when the standard rule set in which the original rule R2 is located is subsequently traversed, the conflict check is not performed with R2 as the target rule, and R3 is the same, so that the workload of the conflict check required in the present embodiment is reduced by reducing the number of target rules.
In an exemplary embodiment, each rule may include, in addition to the rule object, the detection parameter, the corresponding numerical range of the detection parameter, a corresponding suggestion and the severity of the rule violation, which generally remains consistent with a preset priority, i.e., the higher the priority, the higher the severity. After static inspection of the program code to be tested in step S204, an inspection result of whether the program code to be tested violates a certain rule in the target rule set is obtained, and correspondingly, the severity of response and advice prompt can be attached after the inspection result violating the certain rule,
according to the method provided by the embodiment of the application, conflict checking is carried out on each rule in the standard rule set, one reserved rule is determined from a plurality of rules with the rule conflict, and finally, all reserved rules are summarized to obtain the target rule set, the rule conflict does not exist among the reserved rules, and the target rule set is utilized to carry out static checking on the program code to be detected, so that a clear and visual detection result can be obtained, and an effective information reference is provided for developers.
Any combination of the above optional solutions may be adopted to form an optional embodiment of the present application, which is not described herein. It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present application.
The following are examples of the apparatus of the present application that may be used to perform the method embodiments of the present application. For details not disclosed in the embodiments of the apparatus of the present application, please refer to the embodiments of the method of the present application.
Fig. 3 is a schematic diagram of a rule set determining apparatus according to an embodiment of the present application. As shown in fig. 3, the determining device of the rule set includes:
an obtaining module 301, configured to obtain a plurality of standard rule sets to be integrated;
the checking module 302 is configured to traverse each rule in all the standard rule sets, perform conflict checking on each rule as a target rule, and obtain a reserved rule corresponding to the target rule;
the summarizing module 303 is configured to summarize all the retention rules to obtain a target rule set for static inspection of the program code to be tested;
the inspection module 302 includes:
a reference unit 3021 for taking, as a reference rule, other rules than the target rule in all the standard rule sets;
a comparison unit 3022, configured to compare the content of the target rule with each reference rule, and determine whether there is a rule conflict between the reference rule and the target rule; if not, taking the target rule as a reserved rule; if yes, determining a rule as a reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation principle.
According to the device provided by the embodiment of the application, the conflict check is carried out on each rule in the standard rule set, one reserved rule is determined from a plurality of rules with the rule conflict, and finally all reserved rules are summarized to obtain the target rule set, the rule conflict does not exist among the reserved rules, and the target rule set is utilized to carry out static check on the program code to be tested, so that a clear and visual detection result can be obtained, and an effective information reference is provided for developers.
In an exemplary embodiment, traversing each rule in all standard rule sets, performing conflict checking on each rule as a target rule to obtain a reserved rule corresponding to the target rule, including;
traversing each rule in all standard rule sets, and executing conflict check on each rule serving as a target rule by using the trained conflict check neural network model to obtain a reserved rule corresponding to the target rule.
In an exemplary embodiment, the training process of the conflict checking neural network model includes:
acquiring an initial neural network model;
obtaining a training sample; the training samples comprise positive samples and negative samples, wherein the positive samples comprise first target rule samples and first reference rule samples which have rule conflict with the first target rule samples, and the negative samples comprise second target rule samples and second reference rule samples which have no rule conflict with the second target rule samples;
training the initial neural network model by using a training sample until the training result of the initial neural network model meets a preset training standard, and determining the trained initial neural network model as a conflict checking neural network model.
In an exemplary embodiment, the first target rule sample includes a target rule object, a target detection parameter, and a target numerical range corresponding to the target detection parameter, and the first reference rule sample includes a reference rule object, a reference detection parameter, and a reference numerical range corresponding to the reference detection parameter;
the positive samples include one or more of a first positive sample, a second positive sample, and a third positive sample, wherein:
in the first positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range and the reference numerical value range have no intersection;
in the second positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range is different from the reference numerical value range;
in the third positive sample, the target rule object is the same as the reference rule object, the target detection parameter is different from the reference detection parameter, and the target reference range of the target detection parameter corresponding to the target reference range of the reference detection parameter exceeds the reference value range.
In an exemplary embodiment, the process of taking all rules in the standard rule set other than the target rule as the reference rule includes:
and taking other rules in all the standard rule sets except the standard rule set to which the target rule belongs as reference rules.
In an exemplary embodiment, the alignment unit 3022 is further configured to:
among the reference rules and the target rules, which are in conflict with the reserved rules, the rest rules which are in conflict with the reserved rules are deleted from the standard rule set.
In an exemplary embodiment, according to a preset reservation rule, a rule is determined as a procedure of reserving a rule among a reference rule and a target rule where a rule conflict occurs, including:
and determining a rule with higher preset priority as a reserved rule from the reference rule and the target rule which are in conflict with each other according to the preset priority of each rule.
Fig. 4 is a schematic diagram of an electronic device 4 according to an embodiment of the present application. As shown in fig. 4, the electronic apparatus 4 of this embodiment includes: a processor 401, a memory 402 and a computer program 403 stored in the memory 402 and executable on the processor 401. The steps of the various method embodiments described above are implemented by processor 401 when executing computer program 403. Alternatively, the processor 401, when executing the computer program 403, performs the functions of the modules/units in the above-described apparatus embodiments.
The electronic device 4 may be a desktop computer, a notebook computer, a palm computer, a cloud server, or the like. The electronic device 4 may include, but is not limited to, a processor 401 and a memory 402. It will be appreciated by those skilled in the art that fig. 4 is merely an example of the electronic device 4 and is not limiting of the electronic device 4 and may include more or fewer components than shown, or different components.
The processor 401 may be a central processing unit (Central Processing Unit, CPU) or other general purpose processor, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like.
The memory 402 may be an internal storage unit of the electronic device 4, for example, a hard disk or a memory of the electronic device 4. The memory 402 may also be an external storage device of the electronic device 4, for example, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the electronic device 4. Memory 402 may also include both internal storage units and external storage devices of electronic device 4. The memory 402 is used to store computer programs and other programs and data required by the electronic device.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, and the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above. The computer program may comprise computer program code, which may be in source code form, object code form, executable file or in some intermediate form, etc. The computer readable storage medium may include: any entity or device capable of carrying computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the content of the computer readable storage medium may be appropriately scaled according to the requirements of jurisdictions in which such computer readable storage medium does not include electrical carrier signals and telecommunication signals, for example, according to jurisdictions and patent practices.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.
Claims (10)
1. A method for determining a rule set, comprising:
acquiring a plurality of standard rule sets to be integrated;
traversing each rule in all the standard rule sets, and executing conflict check on each rule serving as a target rule to obtain a reserved rule corresponding to the target rule;
summarizing all the reserved rules to obtain a target rule set for static inspection of the program code to be tested;
the conflict check includes:
taking all the rules except the target rule in the standard rule set as reference rules;
content comparison is carried out on the target rule and each reference rule respectively, and whether the reference rule conflicts with the target rule or not is judged;
if not, taking the target rule as the reservation rule;
if yes, determining one rule as the reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation rule.
2. The method according to claim 1, wherein traversing each rule in all the standard rule sets, performing a conflict check on each rule as a target rule, a process of obtaining a retention rule corresponding to the target rule, comprises;
and traversing each rule in all the standard rule sets, and executing conflict check on each rule serving as a target rule by using a trained conflict check neural network model to obtain a reserved rule corresponding to the target rule.
3. The method of claim 2, wherein the training process of the conflict checking neural network model comprises:
acquiring an initial neural network model;
obtaining a training sample; the training samples comprise positive samples and negative samples, wherein the positive samples comprise a first target rule sample and a first reference rule sample which has rule conflict with the first target rule sample, and the negative samples comprise a second target rule sample and a second reference rule sample which has no rule conflict with the second target rule sample;
and training the initial neural network model by using the training sample until the training result of the initial neural network model meets a preset training standard, and determining the trained initial neural network model as the conflict checking neural network model.
4. A method according to claim 3, wherein the first target rule sample comprises a target rule object, a target detection parameter, and a target value range corresponding to the target detection parameter, and the first reference rule sample comprises a reference rule object, a reference detection parameter, and a reference value range corresponding to the reference detection parameter;
the positive samples include one or more of a first positive sample, a second positive sample, a third positive sample, wherein:
in the first positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range and the reference numerical value range are not intersected;
in the second positive sample, the target rule object is the same as the reference rule object, the target detection parameter is the same as the reference detection parameter, and the target numerical value range is different from the reference numerical value range;
in the third positive sample, the target rule object is the same as the reference rule object, the target detection parameter is different from the reference detection parameter, and the target data range of the target detection parameter corresponds to the target reference range in which the reference detection parameter is located and exceeds the reference value range.
5. The method according to claim 1, wherein the process of taking all the rules in the standard rule set other than the target rule as reference rules includes:
and taking all the rules in the standard rule set except the standard rule set to which the target rule belongs as reference rules.
6. The method of claim 1, wherein the conflict check further comprises:
and deleting the rest rules which are in conflict with the reserved rules from the standard rule set where the rules are in conflict with the reserved rules in the reference rules and the target rules.
7. The method according to any one of claims 1 to 6, wherein determining one of the reference rule and the target rule, in which rule conflict occurs, as the reservation rule according to a preset reservation rule, comprises:
and determining the rule with higher preset priority as the reserved rule in the reference rule and the target rule which have rule conflict according to the preset priority of each rule.
8. A device for determining a set of rules, comprising:
the acquisition module is used for acquiring a plurality of standard rule sets to be integrated;
the checking module is used for traversing each rule in all the standard rule sets, and executing conflict checking on each rule serving as a target rule to obtain a reserved rule corresponding to the target rule;
the summarizing module is used for summarizing all the reserved rules to obtain a target rule set for static inspection of the program codes to be tested;
the inspection module includes:
a reference unit configured to use, as a reference rule, all the rules in the standard rule set other than the target rule;
the comparison unit is used for comparing the content of the target rule with that of each reference rule respectively and judging whether the reference rule conflicts with the target rule; if not, taking the target rule as the reservation rule; if yes, determining one rule as the reservation rule in the reference rule and the target rule which are in rule conflict according to a preset reservation rule.
9. An electronic device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 7 when the computer program is executed.
10. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310965124.2A CN116955198A (en) | 2023-07-31 | 2023-07-31 | Rule set determining method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310965124.2A CN116955198A (en) | 2023-07-31 | 2023-07-31 | Rule set determining method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116955198A true CN116955198A (en) | 2023-10-27 |
Family
ID=88458169
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310965124.2A Pending CN116955198A (en) | 2023-07-31 | 2023-07-31 | Rule set determining method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116955198A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117596041A (en) * | 2023-11-21 | 2024-02-23 | 深圳市马博士网络科技有限公司 | Method and device for detecting validity of security rule |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200272741A1 (en) * | 2019-02-27 | 2020-08-27 | International Business Machines Corporation | Advanced Rule Analyzer to Identify Similarities in Security Rules, Deduplicate Rules, and Generate New Rules |
| CN113688993A (en) * | 2021-07-19 | 2021-11-23 | 民航成都信息技术有限公司 | Airport operation resource rule conflict detection method, device, equipment and storage medium |
| CN115543838A (en) * | 2022-10-25 | 2022-12-30 | 中国工商银行股份有限公司 | Code scanning rule processing method and device, storage medium and electronic equipment |
| CN116226666A (en) * | 2023-02-22 | 2023-06-06 | 北京奇艺世纪科技有限公司 | Rule conflict detection method and device, electronic equipment and readable storage medium |
-
2023
- 2023-07-31 CN CN202310965124.2A patent/CN116955198A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200272741A1 (en) * | 2019-02-27 | 2020-08-27 | International Business Machines Corporation | Advanced Rule Analyzer to Identify Similarities in Security Rules, Deduplicate Rules, and Generate New Rules |
| CN113688993A (en) * | 2021-07-19 | 2021-11-23 | 民航成都信息技术有限公司 | Airport operation resource rule conflict detection method, device, equipment and storage medium |
| CN115543838A (en) * | 2022-10-25 | 2022-12-30 | 中国工商银行股份有限公司 | Code scanning rule processing method and device, storage medium and electronic equipment |
| CN116226666A (en) * | 2023-02-22 | 2023-06-06 | 北京奇艺世纪科技有限公司 | Rule conflict detection method and device, electronic equipment and readable storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117596041A (en) * | 2023-11-21 | 2024-02-23 | 深圳市马博士网络科技有限公司 | Method and device for detecting validity of security rule |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110598157B (en) | Target information identification method, device, equipment and storage medium | |
| CN110442712B (en) | Risk determination method, risk determination device, server and text examination system | |
| CN109359118B (en) | Data writing method and device | |
| CN112650685B (en) | Automatic test method, device, electronic equipment and computer storage medium | |
| CN110674047B (en) | Software testing method and device and electronic equipment | |
| CN116955198A (en) | Rule set determining method and device | |
| CN111078579A (en) | Monkey testing method and device and terminal equipment | |
| CN112559489A (en) | Block chain supervision method and equipment based on cross-chain and storage medium | |
| CN113392018B (en) | Traffic distribution method and device, storage medium and electronic equipment | |
| CN109471787B (en) | Software quality evaluation method and device, storage medium and electronic equipment | |
| CN111127223B (en) | Insurance product testing method, insurance product testing device and storage medium | |
| CN110162982B (en) | Method and device for detecting illegal rights, storage medium and electronic equipment | |
| CN111311393A (en) | Credit risk assessment method, device, server and storage medium | |
| CN116415258A (en) | Vulnerability detection method, device, equipment, medium and program product | |
| CN115080827A (en) | Sensitive data processing method and device | |
| CN114490390A (en) | Test data generation method, device, equipment and storage medium | |
| CN110032624B (en) | Sample screening method and device | |
| CN112527276A (en) | Data updating method and device in visual programming tool and terminal equipment | |
| CN111427874A (en) | Quality control method and device for medical data production and electronic equipment | |
| CN114138972B (en) | Text category identification method and device | |
| CN117851608B (en) | Case map generation method, device, equipment and medium | |
| CN116820539B (en) | System software operation maintenance system and method based on Internet | |
| CN112084114B (en) | Method and apparatus for testing interfaces | |
| CN116610559A (en) | Test method, test device, electronic equipment and computer readable storage medium | |
| CN112732471B (en) | Error correction method and error correction device for interface return data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240118 Address after: No. 13 Xingxiang Road, Zengjia Town, High tech Zone, Shapingba District, Chongqing, 400039 Applicant after: Chongqing Selis Phoenix Intelligent Innovation Technology Co.,Ltd. Address before: 401120 No. 618 Liangjiang Avenue, Longxing Town, Yubei District, Chongqing City Applicant before: Chongqing Celes New Energy Automobile Design Institute Co.,Ltd. |