WO2023179578A1 - Code metric method and apparatus, device, and medium - Google Patents

Code metric method and apparatus, device, and medium Download PDF

Info

Publication number
WO2023179578A1
WO2023179578A1 PCT/CN2023/082650 CN2023082650W WO2023179578A1 WO 2023179578 A1 WO2023179578 A1 WO 2023179578A1 CN 2023082650 W CN2023082650 W CN 2023082650W WO 2023179578 A1 WO2023179578 A1 WO 2023179578A1
Authority
WO
WIPO (PCT)
Prior art keywords
score
metric
level
code
maintainability
Prior art date
Application number
PCT/CN2023/082650
Other languages
French (fr)
Chinese (zh)
Inventor
刘勇
严春霞
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2023179578A1 publication Critical patent/WO2023179578A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3616Software analysis for verifying properties of programs using software metrics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3676Test management for coverage analysis

Definitions

  • the present disclosure relates to but is not limited to the field of computer technology, and specifically relates to a code measurement method, device, computer equipment and readable medium.
  • the code architecture of software projects is extremely susceptible to corruption. Especially for large projects, without strict control mechanisms, the code structure will become chaotic. At this time, the complexity and maintenance difficulty of the system will skyrocket. To prevent this from happening, maintenance work based on architecture assessment needs to be added to the software life cycle. Therefore, a quantifiable code-level measurement method that can measure the overall code in multiple dimensions is needed.
  • the present disclosure provides a code measurement method, device, computer equipment and readable medium.
  • an embodiment of the present disclosure provides a code measurement method.
  • the method includes: obtaining a measurement index of a software code to be measured, where the measurement index includes measurement indicators of at least two characteristic dimensions; and according to the measurement index, The first weight in the characteristic dimension and the characteristic dimension The score of each characteristic dimension is calculated respectively; the measurement score is calculated according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the measurement score is used to measure the software code to be measured. quality.
  • embodiments of the present disclosure also provide a code measurement device, including a metric index extraction module, a feature dimension score calculation module and a metric score calculation module.
  • the metric index extraction module is configured to obtain the software code to be measured. Measurement indicators, the measurement indicators include measurement indicators of at least two characteristic dimensions; the characteristic dimension score calculation module is configured to, according to the first weight of the measurement indicator in the characteristic dimension and the score of each characteristic dimension , calculate the scores of the characteristic dimensions respectively; the metric score calculation module is configured to calculate the metric score according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the metric score is used to measure the to-be- Measuring the quality of software code.
  • an embodiment of the present disclosure also provides a computer device, including: at least one processor; a storage device on which at least one program is stored; when the at least one program is executed by the at least one processor, such that The at least one processor implements the code measurement method as described above.
  • embodiments of the present disclosure also provide a computer-readable medium on which a computer program is stored, wherein when the program is executed, the code measurement method as described above is implemented.
  • Figure 1 is a schematic diagram of the system framework provided by an embodiment of the present disclosure
  • Figure 2 is a schematic flowchart of a code measurement method provided by an embodiment of the present disclosure
  • Figure 3 is a schematic flowchart of calculating functional scores provided by an embodiment of the present disclosure
  • Figure 4 is a schematic flowchart of calculating maintainability scores provided by an embodiment of the present disclosure
  • Figure 5 is a schematic flowchart of calculating scalability scores provided by an embodiment of the present disclosure
  • Figure 6 is a schematic structural diagram of a code measurement device provided by an embodiment of the present disclosure.
  • Embodiments described herein may be described with reference to plan and/or cross-sectional illustrations, with the aid of idealized schematic illustrations of the present disclosure. Accordingly, example illustrations may be modified based on manufacturing techniques and/or tolerances. Therefore, the embodiments are not limited to those shown in the drawings but include modifications of configurations formed based on the manufacturing process. Accordingly, the regions illustrated in the figures are of a schematic nature and the shapes of the regions shown in the figures are illustrative of the specific shapes of regions of the element and are not intended to be limiting.
  • embodiments of the present disclosure provide a code measurement solution.
  • the embodiment of the present disclosure is based on the eight characteristics defined in the software quality model ISO25010, using the measurement tool set to extract the measurement indicators of each characteristic dimension, and based on the customized measurement algorithm formula, the absolute score is calculated based on the weight as Measure results.
  • the weight can be configured or modified according to actual usage.
  • the code measurement method provided by the embodiment of the present disclosure includes the following steps:
  • Step 21 Obtain the measurement indicators of the software code to be measured.
  • the measurement indicators include measurement indicators of at least two characteristic dimensions.
  • each feature dimension may be determined based on the software quality model ISO25010, and each feature dimension includes at least one measurement indicator.
  • feature dimensions may include any combination of the following: functionality, security, maintainability, scalability, efficiency, ease of use, reliability, and portability. It should be noted that portability can be reflected in scalability.
  • Step 22 Calculate the scores of the characteristic dimensions respectively based on the first weight of the measurement index in each of the characteristic dimensions and the score of the characteristic dimension.
  • Step 23 Calculate a measurement score based on the score of the characteristic dimension and the second weight of the characteristic dimension.
  • the measurement score is used to measure the quality of the software code to be measured.
  • the weighted sum of the scores of each feature dimension and the corresponding first weight is calculated to obtain the overall measurement score of the software code to be measured.
  • the measurement score can reflect the quality of the software code to be measured. The higher the measurement score, the The higher the quality of the software code to be measured, and vice versa.
  • a code measurement method provided by an embodiment of the present disclosure, the method includes: obtaining measurement indicators of the software code to be measured, the measurement indicators include measurement indicators of at least two characteristic dimensions; according to the first of the measurement indicators in each characteristic dimension The weight and the score of the characteristic dimension are used to calculate the score of the characteristic dimension respectively; the measurement score is calculated according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the measurement score is used to measure the software code to be measured. quality.
  • the embodiments of the present disclosure can quantify code-level architecture quality from multiple feature dimensions, and can generate scores for each feature dimension and an overall metric score of code quality. The level of the metric score can intuitively reflect the quality level and quality of the current software architecture.
  • Functional metrics include one or any combination of the following: coverage, vulnerability level, first vulnerability impact level.
  • the first vulnerability impact level is the impact level of quality and variety (quality+various) vulnerabilities; vulnerability levels can include the following Four types: critical (serious), error (error), warn (warning), review (code review); security metrics include the second vulnerability impact level, and the second vulnerability impact level is security and diversity (security+ The impact level of various) vulnerabilities; maintainability metrics include complexity; scalability metrics include duplication.
  • the first vulnerability impact level and the second vulnerability impact level can include high, medium, and low respectively.
  • the step of calculating the functional score includes:
  • Step 31 Calculate the scores of functional metrics.
  • the coverage score, the vulnerability level score, and the first vulnerability impact level score are calculated respectively.
  • coverage is scored based on branch coverage (branch_Coverag) And the functional score is calculated, the calculation formula is: (branch_Coverage*100)3/functional score.
  • the functionality score can be 1000.
  • Vulnerability level score functional score -(critical_num*P31+error_num*P32+warning_num*P33+review_num*P34) *C1*Functional score/code_lines;
  • critical_num is the number of critical-level vulnerabilities
  • error_num is the number of error-level vulnerabilities
  • warning_num is the number of warning-level vulnerabilities
  • review_num is the number of review-level vulnerabilities
  • P31, P32, P33, and P34 are the third of the four vulnerability levels respectively.
  • code_lines is the total number of lines of software code
  • C1 is the first constant. For example, C1 can be 20.
  • the score of the first vulnerability impact level is calculated based on the number of vulnerabilities of each first vulnerability impact level, the fourth weight of each first vulnerability impact level, the functional score, the second constant and the total number of lines of software code.
  • the calculation formula is: :
  • the first vulnerability impact level score functional score -(quality['high_level_num']*P41+quality['medium_level_num']*P42+ quality['low_level_num']*P43)*C2*Functional score/code_lines;
  • quality['high_level_num'] is the number of vulnerabilities with the impact level of high for the first vulnerability type of quality ⁇ various vulnerability type
  • quality['medium_level_num'] is the number of vulnerabilities with the impact level of medium for the first vulnerability type of quality ⁇ various vulnerability type
  • quality['low_level_num'] is the number of vulnerabilities with low impact level for the first vulnerability type of quality ⁇ various vulnerability type
  • P41, P42, and P43 are the fourth weights of the three first vulnerability impact levels respectively
  • code_lines is the total number of lines of software code
  • C2 is the second constant, for example, C2 can be 100.
  • Step 32 Calculate the weighted sum of the score of the metric index of functionality and the first weight of the metric index of functionality in functionality to obtain a score of functionality.
  • the first weight in functionality the first weight of vulnerability level in functionality, the first weight of vulnerability impact level in functionality.
  • the step of calculating the security score includes: the number of vulnerabilities according to each second vulnerability impact level, the fifth weight of each second vulnerability impact level, the security score, a third constant, and The total number of lines of software code is used to calculate the security score (Security_Score).
  • security['high_level_num'] is the number of vulnerabilities with the impact level of the second vulnerability of the security ⁇ various vulnerability type being high
  • security['medium_level_num'] is the number of vulnerabilities with the impact level of the second vulnerability of the security ⁇ various vulnerability type that is medium
  • security['low_level_num'] is the number of vulnerabilities with low impact level of the second vulnerability type of security ⁇ various vulnerability type
  • P51, P52, and P53 are the fifth weights of the three secondary vulnerability impact levels respectively
  • code_lines is the total number of lines of software code
  • C3 is the third constant.
  • C3 can be 625.
  • the security dimension has only one metric (i.e., the second vulnerability impact level)
  • the first weight P21 of the second vulnerability impact level in security is 1.
  • the step of calculating the maintainability score includes:
  • Step 41 Obtain complexity parameters, which include one or any combination of the following parameters: cyclomatic complexity, code depth, and number of method statements.
  • Step 42 Calculate a complexity parameter score based on the complexity parameter, the sixth weight of the complexity parameter, the maintainability score, and the fourth constant.
  • the average cyclomatic complexity (average_complexity) and average code depth (average_block_depth) can be obtained directly from Table 2.
  • average_complexity is the average cyclomatic complexity
  • average_block_depth is the average code depth
  • average_statements is the average number of method statements
  • P61, P62, and P63 are the sixth weights of average cyclomatic complexity, average code depth, and average number of method statements respectively
  • C4 is the sixth weight.
  • C4 can be 205.
  • the complexity parameter score (average) is the maintainability score; if the complexity parameter score (average) ⁇ maintainability score, then the complexity parameter score (average) is the actual calculated value.
  • Step 43 Calculate the first score based on the first n maximum values of the complexity parameter, the seventh weight of the first n maximum values of the complexity parameter, the sixth weight and the fifth constant of the complexity parameter, n is an integer greater than 1.
  • n 3
  • Table 3 is as follows:
  • top (first_com*P711+second_com*P712+ third_com*P713)*P61+(first_depth*P721+second_depth*P722+third_depth*P723)*P62+(first_stat*P731+second_stat*P732+third_stat*P733)*P63)*C5;
  • first_com, second_com, and third_com are the top three circles with the largest number respectively.
  • Complexity, first_stat, second_stat, and third_stat are the number of the top three method statements with the largest number
  • first_depth, second_depth, and third_depth are the top three code depths with the largest number
  • P61, P62, and P63 are the cyclomatic complexity, code depth, and method statement respectively.
  • the sixth weight of the number, P711, P712, and P713 are respectively the seventh weight of the first three cyclomatic complexities with the largest number
  • P721, P722, and P723 are respectively the seventh weight of the first three method statements with the largest number
  • P731, P732 and P733 are respectively the seventh weights of the first three code depths with the largest number
  • C5 is the fifth constant.
  • C5 can be 19.
  • first score (top) > the maintainability score, then the first score (top) is the maintainability score; if the first score (top) ⁇ the maintainability score, Then the first score (top) is the actual calculated value.
  • Step 44 Determine the maintainability score based on the first score, the complexity parameter score and the maintainability score.
  • determining the maintainability score (ie, step 44) based on the first score, the complexity parameter score and the maintainability score includes the following steps: based on the first score (top) and the complexity
  • the step of calculating the scalability score includes:
  • Step 51 Determine the number of top m repeated lines with the largest number of repeated lines in a statement, and calculate the second score based on the sixth constant, the number of m repeated lines, and the m eighth weights, where m is an integer greater than 1.
  • tops (top1*P81+top2*P82+top3*P83)*C6; among them, top1, top2, and top3 are the three largest numbers of repeated rows, and P81, P82, and P83 are the eighth weight corresponding to top1, top2, and top3 respectively.
  • C6 is the sixth constant, for example, C6 can be 2.5.
  • Step 52 Determine the repetition level of the repeated statement based on the number of repeated lines, and for each repetition level, calculate the score of each repetition level based on the number of repeated lines and the number of repetitions of the repeated statement under the repetition level.
  • the repetition level is high. Multiply the number of repeated lines (ni) of each high-level repeated statement (i) by its number of repetitions (xi), and add them up to obtain the high-level score. If 25>Number of repeated lines>49, the repetition level is medium. Multiply the number of repeated lines (ni) of each repeated statement (i) at the medium level by its number of repetitions (xi), and add them up to obtain a medium-level score. normal. If the number of repeated lines is ⁇ 25, the repetition level is low. Multiply the number of repeated lines (ni) of each low-level repeated statement (i) by its number of repetitions (xi), and add them up to obtain the low-level score low.
  • Step 53 Calculate a third score based on the score of the repetition level, the ninth weight of the repetition level, the seventh constant, the scalable score, and the total number of lines of software code.
  • weights (high*P91+normal*P92+low*P93)*C7*scalable score /code_lines;
  • high, normal, and low are the scores of high, medium, and low repetition levels respectively
  • P91, P92, and P93 are the ninth weights of high, medium, and low repetition levels respectively
  • code_lines is the total number of lines of software code
  • C7 is the seventh Constant, for example, C7 can be 40.
  • Step 54 Determine a scalability score based on the second score, the third score and the preset threshold.
  • determining the scalability score (ie, step 54) based on the second score, the third score, and a preset threshold includes the following steps: updating the second score (tops) and the third score based on the preset threshold. (weights); wherein, in response to the second score (tops) being greater than or equal to the threshold, the second score (tops) is the threshold, and in response to the third score (weights) being greater than or equal to the threshold, the third score (weights) is the threshold; Calculate the sum of the second score (tops) and the third score (weights) to obtain the scalability score (Scalability_Score).
  • the threshold may be set to 500.
  • the second score tops
  • the second score The number is the actual calculated value (ie, the value calculated in step 51). If the third score (weights) is less than the threshold, the third score is the actual calculated value (ie, the value calculated in step 53).
  • metric score (All_Score) Functionality_Score*P21+Security_Score*P22+Maintainability_Score*P23+Scalability_Score*P24;
  • Functionality_Score is the score of functionality
  • Security_Score is the score of security
  • Maintainability_Score is the score of maintainability
  • Scalability_Score is the score of scalability
  • P21 is the second weight of functionality
  • P22 is the second weight of security
  • P23 is the second weight of maintainability
  • P24 is the second weight of scalability.
  • each constant in the embodiment of the present disclosure is a fitting value, which is set to allow the score of a certain characteristic dimension to have more probability in the entire measurement result, so that it Falling more evenly within the score of the corresponding feature dimension (for example, 1000), the value of each constant can be adjusted according to the highest score of the software project to be measured.
  • the disclosed embodiments can be applied in a CI (Continuous Integration) continuous integration environment. It is called regularly every day, calculated through the solidified docker (application container engine), and the calculation results are written into the database for persistence. By analyzing the database data and Through interface display, etc., you can clearly see the development trend of the quality of the project code architecture and conduct quality control on the code. It should be noted that the embodiments of the present disclosure are not limited to applications in CI continuous integration environments, but can be used in all software development code measurement processes.
  • the embodiment of the present disclosure is a code-level architecture measurement solution generated to meet the actual status of quantifiable, multi-dimensional overall architecture measurement of code.
  • the measurement indicators of each characteristic dimension are extracted, calculated according to the weight according to the customized measurement algorithm formula, and finally the absolute score is obtained as the measurement result.
  • the scores and weights of each feature dimension are not fixed values and can be configured or modified according to actual usage.
  • the level of measurement scores can provide intuitive feedback on the quality level and degree of corruption of the current software architecture. Improvements based on measurement results can also be quickly fed back. Through this continuous closed-loop improvement, the software quality level can ultimately be improved and the architecture can be effectively prevented. of corruption.
  • embodiments of the present disclosure also provide a code measurement device, as shown in Figure As shown in 6, the code measurement device includes a metric index extraction module 101, a feature dimension score calculation module 102 and a metric score calculation module 103.
  • the metric index extraction module 101 is configured to obtain metric indexes of the software code to be measured, where the metric indexes include metric indexes of at least two characteristic dimensions.
  • the characteristic dimension score calculation module 102 is configured to respectively calculate the scores of the characteristic dimensions according to the first weight of each metric in the characteristic dimension and the score of the characteristic dimension.
  • the metric score calculation module 103 is configured to calculate a metric score according to the score of the characteristic dimension and the second weight of the characteristic dimension, where the metric score is used to measure the quality of the software code to be measured.
  • the feature dimensions include any combination of the following: functionality, security, maintainability, scalability, efficiency, ease of use, reliability, and portability.
  • the feature dimension score calculation module 102 is configured to calculate scores for functional metric indicators, where the functional metric indicators include one or any combination of the following: coverage, vulnerability level, first vulnerability impact Level, the first vulnerability impact level is the impact level of quality and diversity vulnerabilities; calculate the weighted sum of the scores of each metric index of the functionality and the first weight of each metric index of functionality in functionality, and obtain Functional rating.
  • the functional metric indicators include one or any combination of the following: coverage, vulnerability level, first vulnerability impact Level, the first vulnerability impact level is the impact level of quality and diversity vulnerabilities; calculate the weighted sum of the scores of each metric index of the functionality and the first weight of each metric index of functionality in functionality, and obtain Functional rating.
  • the coverage score is calculated based on branch coverage and functionality scores; the vulnerability level score is calculated based on the number of vulnerabilities at each vulnerability level, the third weight of each vulnerability level, the first constant, the functional The score and the total number of lines of software code are calculated; the score of the first vulnerability impact level is based on the number of vulnerabilities of each first vulnerability impact level, the fourth weight of each first vulnerability impact level, the functional score, the second constant and The total number of lines of software code is calculated.
  • the security metric includes a second vulnerability impact level, and the second vulnerability impact level is the impact level of security and diversity vulnerabilities; the feature dimension score calculation module 102 is used to calculate the second vulnerability impact level according to the impact of each second vulnerability.
  • the security score is calculated based on the number of vulnerabilities in the level, the fifth weight of each second vulnerability impact level, the security score, the third constant and the total number of lines of software code.
  • the maintainability metric includes complexity
  • the feature dimension score calculation module 102 is configured to obtain a complexity parameter, where the complexity parameter includes one of the following parameters: One or any combination: cyclomatic complexity, code depth, and number of method statements; calculate the complexity parameter score based on the complexity parameter, the sixth weight of the complexity parameter, the maintainability score, and the fourth constant; The first score is calculated based on the first n maximum values of the complexity parameter, the seventh weight of the first n maximum values of the complexity parameter, the sixth weight of the complexity parameter and the fifth constant, n is greater than an integer of 1; determine a maintainability score based on the first score, the complexity parameter score and the maintainability score.
  • the complexity parameter includes one of the following parameters: One or any combination: cyclomatic complexity, code depth, and number of method statements
  • calculate the complexity parameter score based on the complexity parameter, the sixth weight of the complexity parameter, the maintainability score, and the fourth constant
  • the first score is calculated based on the first n maximum values of the complexity parameter, the seventh weight of the
  • the feature dimension score calculation module 102 is configured to calculate a score value according to the first score and the complexity parameter score; in response to the score value being greater than or equal to the maintainability score , determining the maintainability score to be the maintainability score; in response to the score being less than the maintainability score, determining the maintainability score to be the score.
  • the scalability metric includes duplication
  • the feature dimension score calculation module 102 is configured to determine the number of top m repeated rows with the largest number of repeated rows of a statement, according to the sixth constant, the m Calculate the second score by weighting the number of repeated lines and m eighth weights, where m is an integer greater than 1; determine the repetition level of the repeated statement based on the number of repeated lines, and for each repetition level, according to each location under the repetition level Calculate the score of each repetition level based on the number of repeated lines and the number of repetitions of the repeated statements; based on the score of the repetition level, the ninth weight of each repetition level, the seventh constant, the scalability score and the total lines of software code number, calculate a third score; and determine a scalability score based on the second score, the third score and a preset threshold.
  • the characteristic dimension score calculation module 102 is configured to update the second score and the third score according to a preset threshold; wherein in response to the second score being greater than or equal to the threshold, the The second score is the threshold, and in response to the third score being greater than or equal to the threshold, the third score is the threshold; calculating the sum of the second score and the third score, we can obtain Scalability rating.
  • Embodiments of the present disclosure also provide a computer device.
  • the computer device includes: one or more processors and a storage device; wherein one or more programs are stored on the storage device.
  • the one or more programs are used by the above-mentioned one When executed by or multiple processors, the above one or more processors implement the code measurement method as provided in the foregoing embodiments.
  • Embodiments of the present disclosure also provide a computer-readable medium with a computer program stored thereon, When the computer program is executed, the code measurement method as provided in the foregoing embodiments is implemented.
  • Such software may be distributed on computer-readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media).
  • computer storage media includes volatile and nonvolatile media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. removable, removable and non-removable media.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disk (DVD) or other optical disk storage, magnetic cassettes, tapes, disk storage or other magnetic storage devices, or may Any other medium used to store the desired information and that can be accessed by a computer.
  • communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism, and may include any information delivery media .
  • Example embodiments have been disclosed herein, and although specific terms are employed, they are used and should be interpreted in a general illustrative sense only and not for purpose of limitation. In some instances, it will be apparent to those skilled in the art that features, characteristics and/or elements described in connection with a particular embodiment may be used alone, or may be used in conjunction with other embodiments, unless expressly stated otherwise. Features and/or components used in combination. Accordingly, it will be understood by those skilled in the art that various changes in form and details may be made without departing from the scope of the invention as set forth in the appended claims.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention provides a code metric method. The method comprises: obtaining metric indexes of a software code to be subjected to metrics, the metric indexes comprising metric indexes of at least two characteristic dimensions; respectively calculating scores of the characteristic dimensions according to first weights of the metric indexes in the characteristic dimensions and score values of the characteristic dimensions; and calculating a metric score according to the scores of the characteristic dimensions and second weights of the characteristic dimensions, the metric score being used for performing metric of the quality of said software code. According to embodiments of the present invention, architecture quality of a code level is quantified from multiple characteristic dimensions, the scores of the characteristic dimensions and the overall metric score of the code quality can be generated, the metric score can visually reflect the quality level and the decay degree of a current software architecture, and automatic identification is achieved on the software code quality, thereby facilitating related personnel knowing a development trend of a code architecture quality condition to control the quality of the code. The present invention further provides a code metric apparatus, a computer device, and a readable medium. FIG. 2

Description

代码度量方法、装置、设备及介质Code measurement methods, devices, equipment and media
相关公开的交叉引用Relevant public cross-references
本公开要求在2022年3月21日提交国家知识产权局、公开号为CN202210276975.1、发明名称为“代码度量方法、装置、设备及介质”的中国专利申请的优先权,该申请的全部内容通过引用结合在本公开中。This disclosure requires the priority of a Chinese patent application filed with the State Intellectual Property Office on March 21, 2022, with the publication number CN202210276975.1 and the invention name "Code Measurement Method, Device, Equipment and Medium". The entire content of the application incorporated by reference into this disclosure.
技术领域Technical field
本公开涉及但不限于计算机技术领域,具体涉及一种代码度量方法、装置、计算机设备和可读介质。The present disclosure relates to but is not limited to the field of computer technology, and specifically relates to a code measurement method, device, computer equipment and readable medium.
背景技术Background technique
软件项目的代码架构是及其容易被腐化的。特别是对于大型项目,在没有严格的管控机制下,代码结构会变得混乱不堪。此时,系统的复杂度及维护难度会直线上升。而要防止这种情况发生,需要在软件的生命周期中,加入基于架构评估的守护工作。因此需要一种可量化的,能够对代码进行多维度的整体度量的代码级的度量方法。The code architecture of software projects is extremely susceptible to corruption. Especially for large projects, without strict control mechanisms, the code structure will become chaotic. At this time, the complexity and maintenance difficulty of the system will skyrocket. To prevent this from happening, maintenance work based on architecture assessment needs to be added to the software life cycle. Therefore, a quantifiable code-level measurement method that can measure the overall code in multiple dimensions is needed.
目前软件代码度量的工具比较多也比较杂。大多代码度量的工具都偏重于软件的某一个方面进行度量,不能对软件生成一个可以量化的代码级的整体架构度量结果。Currently, there are many and complex tools for software code measurement. Most code measurement tools focus on measuring a certain aspect of the software, and cannot generate a quantifiable code-level overall architecture measurement result for the software.
发明内容Contents of the invention
本公开提供一种代码度量方法、装置、计算机设备和可读介质。The present disclosure provides a code measurement method, device, computer equipment and readable medium.
第一方面,本公开实施例提供一种代码度量方法,所述方法包括:获取待度量的软件代码的度量指标,所述度量指标包括至少两个特性维度的度量指标;根据所述度量指标在所述特性维度中的第一权重和所述特性维 度的分值,分别计算各所述特性维度的评分;根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,所述度量评分用于度量所述待度量的软件代码的质量。In a first aspect, an embodiment of the present disclosure provides a code measurement method. The method includes: obtaining a measurement index of a software code to be measured, where the measurement index includes measurement indicators of at least two characteristic dimensions; and according to the measurement index, The first weight in the characteristic dimension and the characteristic dimension The score of each characteristic dimension is calculated respectively; the measurement score is calculated according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the measurement score is used to measure the software code to be measured. quality.
又一方面,本公开实施例还提供一种代码度量装置,包括度量指标提取模块、特性维度评分计算模块和度量评分计算模块,所述度量指标提取模块被配置成,获取待度量的软件代码的度量指标,所述度量指标包括至少两个特性维度的度量指标;所述特性维度评分计算模块被配置成,根据所述度量指标在所述特性维度中的第一权重和各特性维度的分值,分别计算所述特性维度的评分;所述度量评分计算模块被配置成,根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,所述度量评分用于度量所述待度量的软件代码的质量。On the other hand, embodiments of the present disclosure also provide a code measurement device, including a metric index extraction module, a feature dimension score calculation module and a metric score calculation module. The metric index extraction module is configured to obtain the software code to be measured. Measurement indicators, the measurement indicators include measurement indicators of at least two characteristic dimensions; the characteristic dimension score calculation module is configured to, according to the first weight of the measurement indicator in the characteristic dimension and the score of each characteristic dimension , calculate the scores of the characteristic dimensions respectively; the metric score calculation module is configured to calculate the metric score according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the metric score is used to measure the to-be- Measuring the quality of software code.
又一方面,本公开实施例还提供一种计算机设备,包括:至少一个处理器;存储装置,其上存储有至少一个程序;当所述至少一个程序被所述至少一个处理器执行时,使得所述至少一个处理器实现如前所述的代码度量方法。In another aspect, an embodiment of the present disclosure also provides a computer device, including: at least one processor; a storage device on which at least one program is stored; when the at least one program is executed by the at least one processor, such that The at least one processor implements the code measurement method as described above.
又一方面,本公开实施例还提供一种计算机可读介质,其上存储有计算机程序,其中,所述程序被执行时实现如前所述的代码度量方法。In another aspect, embodiments of the present disclosure also provide a computer-readable medium on which a computer program is stored, wherein when the program is executed, the code measurement method as described above is implemented.
附图说明Description of the drawings
图1为本公开实施例提供的系统框架示意图;Figure 1 is a schematic diagram of the system framework provided by an embodiment of the present disclosure;
图2为本公开实施例提供的代码度量方法的流程示意图;Figure 2 is a schematic flowchart of a code measurement method provided by an embodiment of the present disclosure;
图3为本公开实施例提供的计算功能性的评分的流程示意图;Figure 3 is a schematic flowchart of calculating functional scores provided by an embodiment of the present disclosure;
图4为本公开实施例提供的计算可维护性的评分的流程示意图;Figure 4 is a schematic flowchart of calculating maintainability scores provided by an embodiment of the present disclosure;
图5为本公开实施例提供的计算可扩展性的评分的流程示意图;Figure 5 is a schematic flowchart of calculating scalability scores provided by an embodiment of the present disclosure;
图6为本公开实施例提供的代码度量装置的结构示意图。 Figure 6 is a schematic structural diagram of a code measurement device provided by an embodiment of the present disclosure.
具体实施方式Detailed ways
在下文中将参考附图更充分地描述示例实施例,但是所述示例实施例可以以不同形式来体现且不应当被解释为限于本文阐述的实施例。反之,提供这些实施例的目的在于使本公开透彻和完整,并将使本领域技术人员充分理解本公开的范围。Example embodiments will be described more fully below with reference to the accompanying drawings, which may, however, be embodied in different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully understand the scope of the disclosure to those skilled in the art.
如本文所使用的,术语“和/或”包括一个或多个相关列举条目的任何和所有组合。As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
本文所使用的术语仅用于描述特定实施例,且不意欲限制本公开。如本文所使用的,单数形式“一个”和“该”也意欲包括复数形式,除非上下文另外清楚指出。还将理解的是,当本说明书中使用术语“包括”和/或“由……制成”时,指定存在所述特征、整体、步骤、操作、元件和/或组件,但不排除存在或添加一个或多个其他特征、整体、步骤、操作、元件、组件和/或其群组。The terminology used herein is used to describe particular embodiments only and is not intended to limit the disclosure. As used herein, the singular forms "a," "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that when the terms "comprising" and/or "made of" are used in this specification, the presence of stated features, integers, steps, operations, elements and/or components is specified but does not exclude the presence or Add one or more other features, entities, steps, operations, elements, components, and/or groups thereof.
本文所述实施例可借助本公开的理想示意图而参考平面图和/或截面图进行描述。因此,可根据制造技术和/或容限来修改示例图示。因此,实施例不限于附图中所示的实施例,而是包括基于制造工艺而形成的配置的修改。因此,附图中例示的区具有示意性属性,并且图中所示区的形状例示了元件的区的具体形状,但并不旨在是限制性的。Embodiments described herein may be described with reference to plan and/or cross-sectional illustrations, with the aid of idealized schematic illustrations of the present disclosure. Accordingly, example illustrations may be modified based on manufacturing techniques and/or tolerances. Therefore, the embodiments are not limited to those shown in the drawings but include modifications of configurations formed based on the manufacturing process. Accordingly, the regions illustrated in the figures are of a schematic nature and the shapes of the regions shown in the figures are illustrative of the specific shapes of regions of the element and are not intended to be limiting.
除非另外限定,否则本文所用的所有术语(包括技术和科学术语)的含义与本领域普通技术人员通常理解的含义相同。还将理解,诸如那些在常用字典中限定的那些术语应当被解释为具有与其在相关技术以及本公开的背景下的含义一致的含义,且将不解释为具有理想化或过度形式上的含义,除非本文明确如此限定。Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art. It will also be understood that terms such as those defined in commonly used dictionaries should be construed to have meanings consistent with their meanings in the context of the relevant art and the present disclosure, and will not be construed as having idealized or excessive formal meanings, Unless expressly so limited herein.
为了能够实现量化的、并对软件代码进行多维度整体度量,本公开实施例提供一种代码度量方案。如图1所示,本公开实施例基于软件质量模型ISO25010中定义的八大特性,利用度量工具集提取各个特性维度的度量指标,根据自定义的度量算法公式,基于权重计算得出绝对的分数作为度量结果。其中,权重可以根据实际使用情况进行配置或者修改。 In order to achieve quantitative and multi-dimensional overall measurement of software code, embodiments of the present disclosure provide a code measurement solution. As shown in Figure 1, the embodiment of the present disclosure is based on the eight characteristics defined in the software quality model ISO25010, using the measurement tool set to extract the measurement indicators of each characteristic dimension, and based on the customized measurement algorithm formula, the absolute score is calculated based on the weight as Measure results. Among them, the weight can be configured or modified according to actual usage.
如图2所示,本公开实施例提供的代码度量方法,包括以下步骤:As shown in Figure 2, the code measurement method provided by the embodiment of the present disclosure includes the following steps:
步骤21,获取待度量的软件代码的度量指标,度量指标包括至少两个特性维度的度量指标。Step 21: Obtain the measurement indicators of the software code to be measured. The measurement indicators include measurement indicators of at least two characteristic dimensions.
在本步骤中,可以基于软件质量模型ISO25010确定多个特征维度以及各特征维度的度量指标,每个特征维度至少包括一个度量指标。In this step, multiple feature dimensions and measurement indicators of each feature dimension may be determined based on the software quality model ISO25010, and each feature dimension includes at least one measurement indicator.
在一些实施例中,特性维度可以包括以下任意组合:功能性、安全性、可维护性、可扩展性、效率、易用性、可靠性、可移植性。需要说明的是,可移植性可以在可扩展性中体现。In some embodiments, feature dimensions may include any combination of the following: functionality, security, maintainability, scalability, efficiency, ease of use, reliability, and portability. It should be noted that portability can be reflected in scalability.
步骤22,根据所述度量指标在各所述特性维度中的第一权重和所述特性维度的分值,分别计算所述特性维度的评分。Step 22: Calculate the scores of the characteristic dimensions respectively based on the first weight of the measurement index in each of the characteristic dimensions and the score of the characteristic dimension.
预先为每个特性维度配置第二权重,并针对每个特性维度,预先为该特性维度内的各度量指标配置第一权重,在本步骤中,根据各特性维度的分值分别计算各个度量指标的评分,并针对每个特性维度,计算各个度量指标的评分及各个度量指标的第一权重的加权和,得到相应特性维度的评分。Configure the second weight for each feature dimension in advance, and configure the first weight for each metric index within the feature dimension for each feature dimension. In this step, calculate each metric index based on the score of each feature dimension. score, and for each feature dimension, calculate the weighted sum of the score of each metric index and the first weight of each metric index to obtain the score of the corresponding feature dimension.
步骤23,根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,度量评分用于度量待度量的软件代码的质量。Step 23: Calculate a measurement score based on the score of the characteristic dimension and the second weight of the characteristic dimension. The measurement score is used to measure the quality of the software code to be measured.
在本步骤中,计算各特性维度的评分及对应的第一权重的加权和,得到待度量的软件代码整体的度量评分,度量评分能够反映待度量的软件代码的质量,度量评分越高,则待度量的软件代码的质量越高,反之亦然。In this step, the weighted sum of the scores of each feature dimension and the corresponding first weight is calculated to obtain the overall measurement score of the software code to be measured. The measurement score can reflect the quality of the software code to be measured. The higher the measurement score, the The higher the quality of the software code to be measured, and vice versa.
本公开实施例提供的代码度量方法,所述方法包括:获取待度量的软件代码的度量指标,度量指标包括至少两个特性维度的度量指标;根据所述度量指标在各特性维度中的第一权重和所述特性维度的分值,分别计算所述特性维度的评分;根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,度量评分用于度量待度量的软件代码的质量。本公开实施例可以从多个特性维度量化代码级的架构质量,并且能够生成各特性维度的评分和代码质量的整体度量评分,度量分数评分的高低能直观的反映出当前软件架构的质量水平和腐化程度,对软件代码质量实现自动识别, 以便相关人员了解代码架构质量情况的发展趋势对代码进行质量把控;基于度量结果上的改进也能快速的进行反馈,通过这种持续的闭环提升,最终能提升软件质量水平,有效阻止架构的腐化。A code measurement method provided by an embodiment of the present disclosure, the method includes: obtaining measurement indicators of the software code to be measured, the measurement indicators include measurement indicators of at least two characteristic dimensions; according to the first of the measurement indicators in each characteristic dimension The weight and the score of the characteristic dimension are used to calculate the score of the characteristic dimension respectively; the measurement score is calculated according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the measurement score is used to measure the software code to be measured. quality. The embodiments of the present disclosure can quantify code-level architecture quality from multiple feature dimensions, and can generate scores for each feature dimension and an overall metric score of code quality. The level of the metric score can intuitively reflect the quality level and quality of the current software architecture. Corruption degree, automatic identification of software code quality, This allows relevant personnel to understand the development trend of code architecture quality and control the quality of the code; improvements based on measurement results can also be quickly fed back. Through this continuous closed-loop improvement, the software quality level can ultimately be improved and the architecture can be effectively prevented from deteriorating. corrupt.
在本公开实施例中,以功能性(Functionality)、安全性(Security)、可维护性(Maintainability)以及可扩展性(Scalability)为例进行说明。功能性的度量指标包括以下之一或任意组合:覆盖率、漏洞级别、第一漏洞影响级别,第一漏洞影响级别为质量及多样性(quality+various)漏洞的影响级别;漏洞级别可以包括以下四种:critical(严重)、error(错误)、warn(警告)、review(代码走查);安全性的度量指标包括第二漏洞影响级别,第二漏洞影响级别为安全及多样性(security+various)漏洞的影响级别;可维护性的度量指标包括复杂度;可扩展性的度量指标包括重复度。第一漏洞影响级别和第二漏洞影响级别可以分别包括high、medium、low三种。In the embodiment of the present disclosure, functionality (Functionality), security (Security), maintainability (Maintainability) and scalability (Scalability) are taken as examples for description. Functional metrics include one or any combination of the following: coverage, vulnerability level, first vulnerability impact level. The first vulnerability impact level is the impact level of quality and variety (quality+various) vulnerabilities; vulnerability levels can include the following Four types: critical (serious), error (error), warn (warning), review (code review); security metrics include the second vulnerability impact level, and the second vulnerability impact level is security and diversity (security+ The impact level of various) vulnerabilities; maintainability metrics include complexity; scalability metrics include duplication. The first vulnerability impact level and the second vulnerability impact level can include high, medium, and low respectively.
各特性维度的度量指标、权重、特性维度的分值以及度量指标的获取工具如表1所示:The measurement indicators, weights, scores of the characteristic dimensions and the tools for obtaining the measurement indicators of each feature dimension are shown in Table 1:
表1

Table 1

需要说明的是,表1中各度量指标的获取工具只是示例性说明,例如,复杂度也可通过代码圈复杂度扫描工具lizard获取。It should be noted that the tools for obtaining each metric in Table 1 are only illustrative. For example, complexity can also be obtained through the code cyclomatic complexity scanning tool lizard.
在一些实施例中,如图3所示,计算功能性的评分(Functionality_Score)的步骤包括:In some embodiments, as shown in Figure 3, the step of calculating the functional score (Functionality_Score) includes:
步骤31,计算功能性的度量指标的评分。Step 31: Calculate the scores of functional metrics.
在本步骤中,分别计算覆盖率的评分、漏洞级别的评分和第一漏洞影响级别的评分。In this step, the coverage score, the vulnerability level score, and the first vulnerability impact level score are calculated respectively.
在一些实施例中,覆盖率的评分根据分支覆盖率(branch_Coverag) 和功能性的分值计算得到,计算公式为:(branch_Coverage*100)3/功能性的分值。参考表1,功能性的分值可以为1000。In some embodiments, coverage is scored based on branch coverage (branch_Coverag) And the functional score is calculated, the calculation formula is: (branch_Coverage*100)3/functional score. Referring to Table 1, the functionality score can be 1000.
漏洞级别的评分根据各漏洞级别的漏洞数量、各漏洞级别的第三权重、第一常量、功能性的分值和软件代码的总行数计算得到,计算公式为:
漏洞级别的评分=
功能性的分值
-(critical_num*P31+error_num*P32+warning_num*P33+review_num*P34)
*C1*功能性的分值/code_lines;The vulnerability level score is calculated based on the number of vulnerabilities at each vulnerability level, the third weight of each vulnerability level, the first constant, the functionality score and the total number of lines of software code. The calculation formula is:
Vulnerability level score =
functional score
-(critical_num*P31+error_num*P32+warning_num*P33+review_num*P34)
*C1*Functional score/code_lines;
其中,critical_num为critical级别的漏洞数量,error_num为error级别的漏洞数量,warning_num为warning级别的漏洞数量,review_num为review级别的漏洞数量,P31、P32、P33、P34分别为4种漏洞级别的第三权重,code_lines为软件代码的总行数,C1为第一常量,示例性的,C1可以为20。Among them, critical_num is the number of critical-level vulnerabilities, error_num is the number of error-level vulnerabilities, warning_num is the number of warning-level vulnerabilities, review_num is the number of review-level vulnerabilities, and P31, P32, P33, and P34 are the third of the four vulnerability levels respectively. For the weight, code_lines is the total number of lines of software code, and C1 is the first constant. For example, C1 can be 20.
第一漏洞影响级别的评分根据各第一漏洞影响级别的漏洞数量、各第一漏洞影响级别的第四权重、功能性的分值、第二常量和软件代码的总行数计算得到,计算公式为:
第一漏洞影响级别的评分=
功能性的分值
-(quality['high_level_num']*P41+quality['medium_level_num']*P42+
quality['low_level_num']*P43)*C2*功能性的分值/code_lines;The score of the first vulnerability impact level is calculated based on the number of vulnerabilities of each first vulnerability impact level, the fourth weight of each first vulnerability impact level, the functional score, the second constant and the total number of lines of software code. The calculation formula is: :
The first vulnerability impact level score =
functional score
-(quality['high_level_num']*P41+quality['medium_level_num']*P42+
quality['low_level_num']*P43)*C2*Functional score/code_lines;
其中,quality['high_level_num']为quality\various漏洞类型的第一漏洞影响级别为high的漏洞数量,quality['medium_level_num']为quality\various漏洞类型的第一漏洞影响级别为medium的漏洞数量,quality['low_level_num']为quality\various漏洞类型的第一漏洞影响级别为low的漏洞数量;P41、P42、P43分别为3种第一漏洞影响级别的第四权重,code_lines为软件代码的总行数,C2为第二常量,示例性的,C2可以为100。 Among them, quality['high_level_num'] is the number of vulnerabilities with the impact level of high for the first vulnerability type of quality\various vulnerability type, quality['medium_level_num'] is the number of vulnerabilities with the impact level of medium for the first vulnerability type of quality\various vulnerability type. quality['low_level_num'] is the number of vulnerabilities with low impact level for the first vulnerability type of quality\various vulnerability type; P41, P42, and P43 are the fourth weights of the three first vulnerability impact levels respectively, and code_lines is the total number of lines of software code , C2 is the second constant, for example, C2 can be 100.
步骤32,计算功能性的所述度量指标的评分与功能性的所述度量指标在功能性中的第一权重的加权和,得到功能性的评分。Step 32: Calculate the weighted sum of the score of the metric index of functionality and the first weight of the metric index of functionality in functionality to obtain a score of functionality.
功能性的评分(Functionality_Score)的计算公式为:功能性的评分=覆盖率的评分*P11+漏洞级别的评分*P12+第一漏洞影响级别的评分*P13;其中,P11、P12、P13分别为覆盖率在功能性中的第一权重、漏洞级别在功能性中的第一权重、第一漏洞影响级别在功能性中的第一权重。The calculation formula of functional score (Functionality_Score) is: functional score = coverage score * P11 + vulnerability level score * P12 + first vulnerability impact level score * P13; among them, P11, P12, and P13 are coverage rates respectively. The first weight in functionality, the first weight of vulnerability level in functionality, the first weight of vulnerability impact level in functionality.
在一些实施例中,计算安全性的评分(Security_Score)的步骤包括:根据各第二漏洞影响级别的漏洞数量、各第二漏洞影响级别的第五权重、安全性的分值、第三常量和软件代码的总行数,计算安全性的评分(Security_Score)。安全性的评分(Security_Score)的计算公式为:
安全性的评分=
安全性的分值
-(security['high_level_num']*P51+security['medium_level_num']*P52
+security['low_level_num']*P53)C3*安全性的分值/code_lines;In some embodiments, the step of calculating the security score (Security_Score) includes: the number of vulnerabilities according to each second vulnerability impact level, the fifth weight of each second vulnerability impact level, the security score, a third constant, and The total number of lines of software code is used to calculate the security score (Security_Score). The calculation formula of the security score (Security_Score) is:
Safety rating =
security score
-(security['high_level_num']*P51+security['medium_level_num']*P52
+security['low_level_num']*P53)C3*security score/code_lines;
其中,security['high_level_num']为security\various漏洞类型的第二漏洞影响级别为high的漏洞数量,security['medium_level_num']为security\various漏洞类型的第二漏洞影响级别为medium的漏洞数量,security['low_level_num']为security\various漏洞类型的第二漏洞影响级别为low的漏洞数量;P51、P52、P53分别为3种第二漏洞影响级别的第五权重,code_lines为软件代码的总行数;C3为第三常量,示例性的,C3可以为625。Among them, security['high_level_num'] is the number of vulnerabilities with the impact level of the second vulnerability of the security\various vulnerability type being high, security['medium_level_num'] is the number of vulnerabilities with the impact level of the second vulnerability of the security\various vulnerability type that is medium, security['low_level_num'] is the number of vulnerabilities with low impact level of the second vulnerability type of security\various vulnerability type; P51, P52, and P53 are the fifth weights of the three secondary vulnerability impact levels respectively, and code_lines is the total number of lines of software code ;C3 is the third constant. For example, C3 can be 625.
由于安全性维度只有1个度量指标(即第二漏洞影响级别),因此,第二漏洞影响级别在安全性中的第一权重P21为1。Since the security dimension has only one metric (i.e., the second vulnerability impact level), the first weight P21 of the second vulnerability impact level in security is 1.
在一些实施例中,如图4所示,计算可维护性的评分(Maintainability_Score)的步骤包括:In some embodiments, as shown in Figure 4, the step of calculating the maintainability score (Maintainability_Score) includes:
步骤41,获取复杂度参数,复杂度参数包括以下参数之一或任意组合:圈复杂度、代码深度、方法语句数。 Step 41: Obtain complexity parameters, which include one or any combination of the following parameters: cyclomatic complexity, code depth, and number of method statements.
步骤42,根据所述复杂度参数、所述复杂度参数的第六权重、可维护性的分值和第四常量,计算复杂度参数评分。Step 42: Calculate a complexity parameter score based on the complexity parameter, the sixth weight of the complexity parameter, the maintainability score, and the fourth constant.
在本步骤中,可以直接从SourceMonitor-summary.xml中获取相关字段,获取的字段如表2所示:In this step, you can obtain relevant fields directly from SourceMonitor-summary.xml. The obtained fields are shown in Table 2:
表2
Table 2
平均圈复杂度(average_complexity)和平均代码深度(average_block_depth)可以直接从表2中获取。平均方法语句数(average_statements)根据表2计算得到,计算公式为:
average_statements=function_statements/functions。The average cyclomatic complexity (average_complexity) and average code depth (average_block_depth) can be obtained directly from Table 2. The average number of method statements (average_statements) is calculated according to Table 2. The calculation formula is:
average_statements=function_statements/functions.
复杂度参数评分(average)根据以下公式计算:
average=(average_complexity*P61+average_block_depth*P62+average_s
tatements*P63)*C4;The complexity parameter score (average) is calculated according to the following formula:
average=(average_complexity*P61+average_block_depth*P62+average_s
tatements*P63)*C4;
其中,average_complexity为平均圈复杂度,average_block_depth为平均代码深度,average_statements为平均方法语句数,P61、P62、P63分别为平均圈复杂度、平均代码深度、平均方法语句数的第六权重,C4为第四 常量,示例性的,C4可以为205。Among them, average_complexity is the average cyclomatic complexity, average_block_depth is the average code depth, average_statements is the average number of method statements, P61, P62, and P63 are the sixth weights of average cyclomatic complexity, average code depth, and average number of method statements respectively, and C4 is the sixth weight. Four Constant, for example, C4 can be 205.
需要说明的是,若复杂度参数评分(average)>可维护性的分值,则复杂度参数评分(average)为可维护性的分值;若复杂度参数评分(average)≤可维护性的分值,则复杂度参数评分(average)即为实际计算值。It should be noted that if the complexity parameter score (average) > the maintainability score, the complexity parameter score (average) is the maintainability score; if the complexity parameter score (average) ≤ maintainability score, then the complexity parameter score (average) is the actual calculated value.
步骤43,根据所述复杂度参数的前n个最大值、所述复杂度参数前n个最大值的第七权重、所述复杂度参数的第六权重和第五常量,计算第一分数,n为大于1的整数。Step 43: Calculate the first score based on the first n maximum values of the complexity parameter, the seventh weight of the first n maximum values of the complexity parameter, the sixth weight and the fifth constant of the complexity parameter, n is an integer greater than 1.
在本步骤中,根据表2统计各复杂度参数数量最大的前n个数量,得到表3,在本公开实施例中,n取3,表3如下:In this step, the top n numbers with the largest number of each complexity parameter are counted according to Table 2, and Table 3 is obtained. In the embodiment of the present disclosure, n is 3, and Table 3 is as follows:
表3
table 3
根据以下公式计算第一分数(top):
top=(first_com*P711+second_com*P712+
third_com*P713)*P61+(first_depth*P721+second_depth*P722+third_depth*P723)*P62+(first_stat*P731+second_stat*P732+third_stat*P733)*P63)*C5;Calculate the first score (top) according to the following formula:
top=(first_com*P711+second_com*P712+
third_com*P713)*P61+(first_depth*P721+second_depth*P722+third_depth*P723)*P62+(first_stat*P731+second_stat*P732+third_stat*P733)*P63)*C5;
其中,first_com、second_com、third_com分别为数量最大的前三个圈 复杂度,first_stat、second_stat、third_stat为数量最大的前三个方法语句数,first_depth、second_depth、third_depth为数量最大的前三个代码深度,P61、P62、P63分别为圈复杂度、代码深度、方法语句数的第六权重,P711、P712、P713分别为数量最大的前三个圈复杂度的第七权重,P721、P722、P723分别为数量最大的前三个方法语句数的第七权重,P731、P732、P733分别为数量最大的前三个代码深度的第七权重,C5为第五常量,示例性的,C5可以为19。Among them, first_com, second_com, and third_com are the top three circles with the largest number respectively. Complexity, first_stat, second_stat, and third_stat are the number of the top three method statements with the largest number, first_depth, second_depth, and third_depth are the top three code depths with the largest number, P61, P62, and P63 are the cyclomatic complexity, code depth, and method statement respectively. The sixth weight of the number, P711, P712, and P713 are respectively the seventh weight of the first three cyclomatic complexities with the largest number, P721, P722, and P723 are respectively the seventh weight of the first three method statements with the largest number, P731, P732 and P733 are respectively the seventh weights of the first three code depths with the largest number, and C5 is the fifth constant. For example, C5 can be 19.
需要说明的是,若第一分数(top)>可维护性的分值,则第一分数(top)为可维护性的分值;若第一分数(top)≤可维护性的分值,则第一分数(top)即为实际计算值。It should be noted that if the first score (top) > the maintainability score, then the first score (top) is the maintainability score; if the first score (top) ≤ the maintainability score, Then the first score (top) is the actual calculated value.
步骤44,根据第一分数、复杂度参数评分和可维护性的分值确定可维护性的评分。Step 44: Determine the maintainability score based on the first score, the complexity parameter score and the maintainability score.
在一些实施例中,所述根据第一分数、复杂度参数评分和可维护性的分值确定可维护性的评分(即步骤44),包括以下步骤:根据第一分数(top)和复杂度参数评分(average)计算分数值,分数值=top*0.5+average*0.5;响应于分数值大于或等于可维护性的分值,确定可维护性的评分(Maintainability_Score)为可维护性的分值;响应于分数值小于可维护性的分值,确定可维护性的评分(Maintainability_Score)为分数值。In some embodiments, determining the maintainability score (ie, step 44) based on the first score, the complexity parameter score and the maintainability score includes the following steps: based on the first score (top) and the complexity The parameter score (average) calculates the score value, score value = top*0.5+average*0.5; in response to the score value being greater than or equal to the maintainability score, the maintainability score (Maintainability_Score) is determined to be the maintainability score. ; In response to the score value being less than the maintainability score, the maintainability score (Maintainability_Score) is determined to be the score value.
在一些实施例中,如图5所示,计算可扩展性的评分(Scalability_Score)的步骤包括:In some embodiments, as shown in Figure 5, the step of calculating the scalability score (Scalability_Score) includes:
步骤51,确定语句的重复行数最多的前m个重复行数,根据第六常量、m个重复行数和m个第八权重加权计算第二分数,m为大于1的整数。Step 51: Determine the number of top m repeated lines with the largest number of repeated lines in a statement, and calculate the second score based on the sixth constant, the number of m repeated lines, and the m eighth weights, where m is an integer greater than 1.
在本步骤中,对代码重复扫描工具cpd生成的duplication.xml文件进行分析,根据duplication.xml文件生成的结果,按照重复行数duplication->lines的值,按照从大到小排序并取前m个,并且计算出各个重复语句的重复次数。在本公开实施例中,m=3,重复行数最大的前3个分别为top1、top2、top3。In this step, analyze the duplication.xml file generated by the code duplication scanning tool cpd. According to the results generated by the duplication.xml file, according to the value of duplication->lines, sort from largest to smallest and take the top m , and calculate the number of repetitions of each repeated statement. In the embodiment of the present disclosure, m=3, and the top three with the largest number of repeated rows are top1, top2, and top3 respectively.
根据以下公式计算第二分数(tops):tops= (top1*P81+top2*P82+top3*P83)*C6;其中,top1、top2、top3为3个最大的重复行数,P81、P82、P83分别为与top1、top2、top3对应的第八权重,C6为第六常量,示例性的,C6可以为2.5。Calculate the second score (tops) according to the following formula: tops= (top1*P81+top2*P82+top3*P83)*C6; among them, top1, top2, and top3 are the three largest numbers of repeated rows, and P81, P82, and P83 are the eighth weight corresponding to top1, top2, and top3 respectively. , C6 is the sixth constant, for example, C6 can be 2.5.
步骤52,根据重复行数确定重复语句的重复等级,并针对每个重复等级,根据重复等级下所述重复语句的重复行数和重复次数,计算每个重复等级的评分。Step 52: Determine the repetition level of the repeated statement based on the number of repeated lines, and for each repetition level, calculate the score of each repetition level based on the number of repeated lines and the number of repetitions of the repeated statement under the repetition level.
若重复行数>49,则重复等级为高,将高等级的各重复语句(i)的重复行数(ni)乘以它的重复次数(xi),累计相加得到高等级的评分high。若25>重复行数>49,则重复等级为中,将中等级的各重复语句(i)的重复行数(ni)乘以它的重复次数(xi),累计相加得到中等级的评分normal。若重复行数<25,则重复等级为低,将低等级的各重复语句(i)的重复行数(ni)乘以它的重复次数(xi),累计相加得到低等级的评分low。If the number of repeated lines is >49, the repetition level is high. Multiply the number of repeated lines (ni) of each high-level repeated statement (i) by its number of repetitions (xi), and add them up to obtain the high-level score. If 25>Number of repeated lines>49, the repetition level is medium. Multiply the number of repeated lines (ni) of each repeated statement (i) at the medium level by its number of repetitions (xi), and add them up to obtain a medium-level score. normal. If the number of repeated lines is <25, the repetition level is low. Multiply the number of repeated lines (ni) of each low-level repeated statement (i) by its number of repetitions (xi), and add them up to obtain the low-level score low.
步骤53,根据所述重复等级的评分、所述重复等级的第九权重、第七常量、可扩展的分值和软件代码的总行数,计算第三分数。Step 53: Calculate a third score based on the score of the repetition level, the ninth weight of the repetition level, the seventh constant, the scalable score, and the total number of lines of software code.
计算第三分数(weights)的公式为:
weights=(high*P91+normal*P92+low*P93)*C7*可扩展的分值
/code_lines;The formula for calculating the third score (weights) is:
weights=(high*P91+normal*P92+low*P93)*C7*scalable score
/code_lines;
其中,high、normal、low分别为高、中、低重复等级的评分,P91、P92、P93分别为高、中、低重复等级的第九权重,code_lines为软件代码的总行数,C7为第七常量,示例性的,C7可以为40。Among them, high, normal, and low are the scores of high, medium, and low repetition levels respectively, P91, P92, and P93 are the ninth weights of high, medium, and low repetition levels respectively, code_lines is the total number of lines of software code, and C7 is the seventh Constant, for example, C7 can be 40.
步骤54,根据第二分数、第三分数和预设阈值,确定可扩展性的评分。Step 54: Determine a scalability score based on the second score, the third score and the preset threshold.
在一些实施例中,根据第二分数、第三分数和预设阈值,确定可扩展性的评分(即步骤54),包括以下步骤:根据预设阈值更新第二分数(tops)和第三分数(weights);其中,响应于第二分数(tops)大于或等于阈值,第二分数(tops)为阈值,响应于第三分数(weights)大于或等于阈值,第三分数(weights)为阈值;计算第二分数(tops)与第三分数(weights)之和,得到可扩展性的评分(Scalability_Score)。在一些实施例中,阈值可以设置为500。需要说明的是,若第二分数(tops)小于阈值,则第二分 数为实际计算值(即步骤51计算得到的值),若第三分数(weights)小于阈值,则第三分数为实际计算值(即步骤53计算得到的值)。In some embodiments, determining the scalability score (ie, step 54) based on the second score, the third score, and a preset threshold includes the following steps: updating the second score (tops) and the third score based on the preset threshold. (weights); wherein, in response to the second score (tops) being greater than or equal to the threshold, the second score (tops) is the threshold, and in response to the third score (weights) being greater than or equal to the threshold, the third score (weights) is the threshold; Calculate the sum of the second score (tops) and the third score (weights) to obtain the scalability score (Scalability_Score). In some embodiments, the threshold may be set to 500. It should be noted that if the second score (tops) is less than the threshold, then the second score The number is the actual calculated value (ie, the value calculated in step 51). If the third score (weights) is less than the threshold, the third score is the actual calculated value (ie, the value calculated in step 53).
在本公开实施例中,度量评分(All_Score)=Functionality_Score*P21+Security_Score*P22+Maintainability_Score*P23+Scalability_Score*P24;In the embodiment of the present disclosure, metric score (All_Score)=Functionality_Score*P21+Security_Score*P22+Maintainability_Score*P23+Scalability_Score*P24;
其中,Functionality_Score为功能性的评分,Security_Score为安全性的评分,Maintainability_Score为可维护性的评分,Scalability_Score为可扩展性的评分,P21为功能性的第二权重,P22为安全性的第二权重,P23为可维护性的第二权重,P24为可扩展性的第二权重。Among them, Functionality_Score is the score of functionality, Security_Score is the score of security, Maintainability_Score is the score of maintainability, Scalability_Score is the score of scalability, P21 is the second weight of functionality, and P22 is the second weight of security. P23 is the second weight of maintainability, and P24 is the second weight of scalability.
需要说明的是,本公开实施例中的各个常量(第一常量至第七常量)为拟合值,其设置目的是让某个特性维度的评分在整个度量结果中具有更多几率,使其更加均匀的落在相应特性维度的分值(例如1000)以内,各个常量的值可以根据要度量的软件项目的最高分数的不同而调整。It should be noted that each constant (the first constant to the seventh constant) in the embodiment of the present disclosure is a fitting value, which is set to allow the score of a certain characteristic dimension to have more probability in the entire measurement result, so that it Falling more evenly within the score of the corresponding feature dimension (for example, 1000), the value of each constant can be adjusted according to the highest score of the software project to be measured.
本公开实施例可以应用于CI(Continuous Integration)持续集成环境中,每天定时调用,通过固化的docker(应用容器引擎)进行计算,将计算结果写入数据库进行持久化,通过对数据库数据进行分析以及界面展示等,就可以清楚的看到项目代码架构质量情况的发展趋势,并对代码进行质量把控。需要说明的是,本公开实施例不限于应用在CI持续集成环境,所有的软件开发代码度量过程中均可使用。The disclosed embodiments can be applied in a CI (Continuous Integration) continuous integration environment. It is called regularly every day, calculated through the solidified docker (application container engine), and the calculation results are written into the database for persistence. By analyzing the database data and Through interface display, etc., you can clearly see the development trend of the quality of the project code architecture and conduct quality control on the code. It should be noted that the embodiments of the present disclosure are not limited to applications in CI continuous integration environments, but can be used in all software development code measurement processes.
本公开实施例是为了满足可量化的、对代码的多维度的整体架构度量的实际现状而生成的代码级架构度量方案。基于ISO25010中定义的软件质量模型的八大特性并且提取各个特性维度的度量指标,根据自定义的度量算法公式,按照权重进行计算,最后得出绝对的分数值作为度量结果。其中,各特性维度的分值和各权重都不是固定的值,可以根据实际使用情况进行配置或者修改。度量分数的高低能直观的反馈出当前软件架构的质量水平和腐化程度,基于度量结果上的改进也能快速的进行反馈,通过这种持续的闭环提升,最终能提升软件质量水平,有效阻止架构的腐化。The embodiment of the present disclosure is a code-level architecture measurement solution generated to meet the actual status of quantifiable, multi-dimensional overall architecture measurement of code. Based on the eight characteristics of the software quality model defined in ISO25010, the measurement indicators of each characteristic dimension are extracted, calculated according to the weight according to the customized measurement algorithm formula, and finally the absolute score is obtained as the measurement result. Among them, the scores and weights of each feature dimension are not fixed values and can be configured or modified according to actual usage. The level of measurement scores can provide intuitive feedback on the quality level and degree of corruption of the current software architecture. Improvements based on measurement results can also be quickly fed back. Through this continuous closed-loop improvement, the software quality level can ultimately be improved and the architecture can be effectively prevented. of corruption.
基于相同的技术构思,本公开实施例还提供一种代码度量装置,如图 6所示,所述代码度量装置包括度量指标提取模块101、特性维度评分计算模块102和度量评分计算模块103。Based on the same technical concept, embodiments of the present disclosure also provide a code measurement device, as shown in Figure As shown in 6, the code measurement device includes a metric index extraction module 101, a feature dimension score calculation module 102 and a metric score calculation module 103.
度量指标提取模块101被配置成,获取待度量的软件代码的度量指标,所述度量指标包括至少两个特性维度的度量指标。The metric index extraction module 101 is configured to obtain metric indexes of the software code to be measured, where the metric indexes include metric indexes of at least two characteristic dimensions.
特性维度评分计算模块102被配置成,根据各度量指标在所述特性维度中的第一权重和所述特性维度的分值,分别计算所述特性维度的评分。The characteristic dimension score calculation module 102 is configured to respectively calculate the scores of the characteristic dimensions according to the first weight of each metric in the characteristic dimension and the score of the characteristic dimension.
度量评分计算模块103被配置成,根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,所述度量评分用于度量所述待度量的软件代码的质量。The metric score calculation module 103 is configured to calculate a metric score according to the score of the characteristic dimension and the second weight of the characteristic dimension, where the metric score is used to measure the quality of the software code to be measured.
在一些实施例中,所述特性维度包括以下任意组合:功能性、安全性、可维护性、可扩展性、效率、易用性、可靠性、可移植性。In some embodiments, the feature dimensions include any combination of the following: functionality, security, maintainability, scalability, efficiency, ease of use, reliability, and portability.
在一些实施例中,特性维度评分计算模块102被配置成,计算功能性的度量指标的评分,所述功能性的度量指标包括以下之一或任意组合:覆盖率、漏洞级别、第一漏洞影响级别,所述第一漏洞影响级别为质量及多样性漏洞的影响级别;计算所述功能性的各度量指标的评分与功能性的各度量指标在功能性中的第一权重的加权和,得到功能性的评分。In some embodiments, the feature dimension score calculation module 102 is configured to calculate scores for functional metric indicators, where the functional metric indicators include one or any combination of the following: coverage, vulnerability level, first vulnerability impact Level, the first vulnerability impact level is the impact level of quality and diversity vulnerabilities; calculate the weighted sum of the scores of each metric index of the functionality and the first weight of each metric index of functionality in functionality, and obtain Functional rating.
在一些实施例中,覆盖率的评分根据分支覆盖率和功能性的分值计算得到;漏洞级别的评分根据各漏洞级别的漏洞数量、各漏洞级别的第三权重、第一常量、功能性的分值和软件代码的总行数计算得到;第一漏洞影响级别的评分根据各第一漏洞影响级别的漏洞数量、各第一漏洞影响级别的第四权重、功能性的分值、第二常量和软件代码的总行数计算得到。In some embodiments, the coverage score is calculated based on branch coverage and functionality scores; the vulnerability level score is calculated based on the number of vulnerabilities at each vulnerability level, the third weight of each vulnerability level, the first constant, the functional The score and the total number of lines of software code are calculated; the score of the first vulnerability impact level is based on the number of vulnerabilities of each first vulnerability impact level, the fourth weight of each first vulnerability impact level, the functional score, the second constant and The total number of lines of software code is calculated.
在一些实施例中,安全性的度量指标包括第二漏洞影响级别,所述第二漏洞影响级别为安全及多样性漏洞的影响级别;特性维度评分计算模块102用于,根据各第二漏洞影响级别的漏洞数量、各第二漏洞影响级别的第五权重、安全性的分值、第三常量和软件代码的总行数,计算安全性的评分。In some embodiments, the security metric includes a second vulnerability impact level, and the second vulnerability impact level is the impact level of security and diversity vulnerabilities; the feature dimension score calculation module 102 is used to calculate the second vulnerability impact level according to the impact of each second vulnerability. The security score is calculated based on the number of vulnerabilities in the level, the fifth weight of each second vulnerability impact level, the security score, the third constant and the total number of lines of software code.
在一些实施例中,可维护性的度量指标包括复杂度,特性维度评分计算模块102被配置成,获取复杂度参数,所述复杂度参数包括以下参数之 一或任意组合:圈复杂度、代码深度、方法语句数;根据所述复杂度参数、所述复杂度参数的第六权重、可维护性的分值和第四常量,计算复杂度参数评分;根据所述复杂度参数的前n个最大值、所述复杂度参数前n个最大值的第七权重、所述复杂度参数的第六权重和第五常量,计算第一分数,n为大于1的整数;根据所述第一分数、所述复杂度参数评分和可维护性的分值确定可维护性的评分。In some embodiments, the maintainability metric includes complexity, and the feature dimension score calculation module 102 is configured to obtain a complexity parameter, where the complexity parameter includes one of the following parameters: One or any combination: cyclomatic complexity, code depth, and number of method statements; calculate the complexity parameter score based on the complexity parameter, the sixth weight of the complexity parameter, the maintainability score, and the fourth constant; The first score is calculated based on the first n maximum values of the complexity parameter, the seventh weight of the first n maximum values of the complexity parameter, the sixth weight of the complexity parameter and the fifth constant, n is greater than an integer of 1; determine a maintainability score based on the first score, the complexity parameter score and the maintainability score.
在一些实施例中,特性维度评分计算模块102被配置成,根据所述第一分数和所述复杂度参数评分计算分数值;响应于所述分数值大于或等于所述可维护性的分值,确定所述可维护性的评分为所述可维护性的分值;响应于所述分数值小于所述可维护性的分值,确定所述可维护性的评分为所述分数值。In some embodiments, the feature dimension score calculation module 102 is configured to calculate a score value according to the first score and the complexity parameter score; in response to the score value being greater than or equal to the maintainability score , determining the maintainability score to be the maintainability score; in response to the score being less than the maintainability score, determining the maintainability score to be the score.
在一些实施例中,可扩展性的度量指标包括重复度,特性维度评分计算模块102被配置成,确定语句的重复行数最多的前m个重复行数,根据第六常量、所述m个重复行数和m个第八权重加权计算第二分数,m为大于1的整数;根据所述重复行数确定重复语句的重复等级,并针对每个重复等级,根据所述重复等级下各所述重复语句的重复行数和重复次数,计算每个重复等级的评分;根据所述重复等级的评分、各重复等级的第九权重、第七常量、可扩展性的分值和软件代码的总行数,计算第三分数;根据所述第二分数、所述第三分数和预设阈值,确定可扩展性的评分。In some embodiments, the scalability metric includes duplication, and the feature dimension score calculation module 102 is configured to determine the number of top m repeated rows with the largest number of repeated rows of a statement, according to the sixth constant, the m Calculate the second score by weighting the number of repeated lines and m eighth weights, where m is an integer greater than 1; determine the repetition level of the repeated statement based on the number of repeated lines, and for each repetition level, according to each location under the repetition level Calculate the score of each repetition level based on the number of repeated lines and the number of repetitions of the repeated statements; based on the score of the repetition level, the ninth weight of each repetition level, the seventh constant, the scalability score and the total lines of software code number, calculate a third score; and determine a scalability score based on the second score, the third score and a preset threshold.
在一些实施例中,特性维度评分计算模块102被配置成,根据预设阈值更新所述第二分数和所述第三分数;其中,响应于所述第二分数大于或等于所述阈值,所述第二分数为所述阈值,响应于所述第三分数大于或等于所述阈值,所述第三分数为所述阈值;计算所述第二分数与所述第三分数之和,得到可扩展性的评分。In some embodiments, the characteristic dimension score calculation module 102 is configured to update the second score and the third score according to a preset threshold; wherein in response to the second score being greater than or equal to the threshold, the The second score is the threshold, and in response to the third score being greater than or equal to the threshold, the third score is the threshold; calculating the sum of the second score and the third score, we can obtain Scalability rating.
本公开实施例还提供了一种计算机设备,该计算机设备包括:一个或多个处理器以及存储装置;其中,存储装置上存储有一个或多个程序,当上述一个或多个程序被上述一个或多个处理器执行时,使得上述一个或多个处理器实现如前述各实施例所提供的代码度量方法。Embodiments of the present disclosure also provide a computer device. The computer device includes: one or more processors and a storage device; wherein one or more programs are stored on the storage device. When the one or more programs are used by the above-mentioned one When executed by or multiple processors, the above one or more processors implement the code measurement method as provided in the foregoing embodiments.
本公开实施例还提供了一种计算机可读介质,其上存储有计算机程序, 其中,该计算机程序被执行时实现如前述各实施例所提供的代码度量方法。Embodiments of the present disclosure also provide a computer-readable medium with a computer program stored thereon, When the computer program is executed, the code measurement method as provided in the foregoing embodiments is implemented.
本领域普通技术人员可以理解,上文中所公开方法中的全部或某些步骤、装置中的功能模块/单元可以被实施为软件、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些物理组件或所有物理组件可以被实施为由处理器,如中央处理器、数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。这样的软件可以分布在计算机可读介质上,计算机可读介质可以包括计算机存储介质(或非暂时性介质)和通信介质(或暂时性介质)。如本领域普通技术人员公知的,术语计算机存储介质包括在用于存储信息(诸如计算机可读指令、数据结构、程序模块或其他数据)的任何方法或技术中实施的易失性和非易失性、可移除和不可移除介质。计算机存储介质包括但不限于RAM、ROM、EEPROM、闪存或其他存储器技术、CD-ROM、数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、程序模块或者诸如载波或其他传输机制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。Those of ordinary skill in the art can understand that all or some steps in the methods disclosed above and functional modules/units in the devices can be implemented as software, firmware, hardware, and appropriate combinations thereof. In hardware implementations, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may consist of several physical components. Components execute cooperatively. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, a digital signal processor, or a microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit . Such software may be distributed on computer-readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). As is known to those of ordinary skill in the art, the term computer storage media includes volatile and nonvolatile media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. removable, removable and non-removable media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disk (DVD) or other optical disk storage, magnetic cassettes, tapes, disk storage or other magnetic storage devices, or may Any other medium used to store the desired information and that can be accessed by a computer. Additionally, it is known to those of ordinary skill in the art that communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism, and may include any information delivery media .
本文已经公开了示例实施例,并且虽然采用了具体术语,但它们仅用于并仅应当被解释为一般说明性含义,并且不用于限制的目的。在一些实例中,对本领域技术人员显而易见的是,除非另外明确指出,否则可单独使用与特定实施例相结合描述的特征、特性和/或元素,或可与其他实施例相结合描述的特征、特性和/或元件组合使用。因此,本领域技术人员将理解,在不脱离由所附的权利要求阐明的本发明的范围的情况下,可进行各种形式和细节上的改变。 Example embodiments have been disclosed herein, and although specific terms are employed, they are used and should be interpreted in a general illustrative sense only and not for purpose of limitation. In some instances, it will be apparent to those skilled in the art that features, characteristics and/or elements described in connection with a particular embodiment may be used alone, or may be used in conjunction with other embodiments, unless expressly stated otherwise. Features and/or components used in combination. Accordingly, it will be understood by those skilled in the art that various changes in form and details may be made without departing from the scope of the invention as set forth in the appended claims.

Claims (12)

  1. 一种代码度量方法,所述方法包括:A code measurement method, the method includes:
    获取待度量的软件代码的度量指标,所述度量指标包括至少两个特性维度的度量指标;Obtain measurement indicators of the software code to be measured, where the measurement indicators include measurement indicators of at least two characteristic dimensions;
    根据所述度量指标在所述特性维度中的第一权重和所述特性维度的分值,分别计算所述特性维度的评分;Calculate the scores of the characteristic dimensions respectively according to the first weight of the measurement indicator in the characteristic dimension and the score of the characteristic dimension;
    根据所述特性维度的评分和所述特性维度的第二权重计算度量评分,所述度量评分用于度量所述待度量的软件代码的质量。A measurement score is calculated according to the score of the characteristic dimension and the second weight of the characteristic dimension, and the measurement score is used to measure the quality of the software code to be measured.
  2. 如权利要求1所述的方法,其中,所述特性维度包括以下任意组合:功能性、安全性、可维护性、可扩展性、效率、易用性、可靠性、可移植性。The method of claim 1, wherein the characteristic dimensions include any combination of the following: functionality, security, maintainability, scalability, efficiency, ease of use, reliability, and portability.
  3. 如权利要求2所述的方法,其中,计算功能性的评分的步骤包括:The method of claim 2, wherein calculating the functional score includes:
    计算功能性的所述度量指标的评分,所述功能性的度量指标包括以下之一或任意组合:覆盖率、漏洞级别、第一漏洞影响级别,所述第一漏洞影响级别为质量及多样性漏洞的影响级别;Calculate the score of the functional metric, which includes one or any combination of the following: coverage, vulnerability level, first vulnerability impact level, where the first vulnerability impact level is quality and diversity The impact level of the vulnerability;
    计算所述功能性的所述度量指标的评分与所述功能性的所述度量指标在功能性中的第一权重的加权和,得到功能性的评分。Calculate the weighted sum of the score of the metric index of the functionality and the first weight of the metric index of the functionality in functionality to obtain a score of functionality.
  4. 如权利要求3所述的方法,其中,覆盖率的评分根据分支覆盖率和功能性的分值计算得到;The method of claim 3, wherein the coverage score is calculated based on branch coverage and functionality scores;
    漏洞级别的评分根据所述漏洞级别的漏洞数量、所述漏洞级别的第三权重、第一常量、功能性的分值和软件代码的总行数计算得到;The vulnerability level score is calculated based on the number of vulnerabilities in the vulnerability level, the third weight of the vulnerability level, the first constant, the functionality score and the total number of lines of software code;
    第一漏洞影响级别的评分根据各第一漏洞影响级别的漏洞数量、所述 第一漏洞影响级别的第四权重、功能性的分值、第二常量和软件代码的总行数计算得到。The score of the first vulnerability impact level is based on the number of vulnerabilities of each first vulnerability impact level, the description The fourth weight of the first vulnerability impact level, the functional score, the second constant and the total number of lines of software code are calculated.
  5. 如权利要求2所述的方法,其中,安全性的度量指标包括第二漏洞影响级别,所述第二漏洞影响级别为安全及多样性漏洞的影响级别;计算安全性的评分的步骤包括:The method of claim 2, wherein the security measurement index includes a second vulnerability impact level, and the second vulnerability impact level is the impact level of security and diversity vulnerabilities; the step of calculating the security score includes:
    根据所述第二漏洞影响级别的漏洞数量、所述第二漏洞影响级别的第五权重、安全性的分值、第三常量和软件代码的总行数,计算安全性的评分。A security score is calculated based on the number of vulnerabilities of the second vulnerability impact level, the fifth weight of the second vulnerability impact level, the security score, the third constant and the total number of lines of software code.
  6. 如权利要求2所述的方法,其中,可维护性的度量指标包括复杂度,计算可维护性的评分的步骤包括:The method of claim 2, wherein the maintainability metric includes complexity, and the step of calculating the maintainability score includes:
    获取复杂度参数,所述复杂度参数包括以下参数之一或任意组合:圈复杂度、代码深度、方法语句数;Obtain complexity parameters, which include one or any combination of the following parameters: cyclomatic complexity, code depth, and number of method statements;
    根据所述复杂度参数、所述复杂度参数的第六权重、可维护性的分值和第四常量,计算复杂度参数评分;Calculate a complexity parameter score according to the complexity parameter, the sixth weight of the complexity parameter, the maintainability score and the fourth constant;
    根据各所述复杂度参数的前n个最大值、所述复杂度参数前n个最大值的第七权重、所述复杂度参数的第六权重和第五常量,计算第一分数,n为大于1的整数;The first score is calculated according to the first n maximum values of each complexity parameter, the seventh weight of the first n maximum values of the complexity parameter, the sixth weight and the fifth constant of the complexity parameter, n is an integer greater than 1;
    根据所述第一分数、所述复杂度参数评分和可维护性的分值确定可维护性的评分。A maintainability score is determined based on the first score, the complexity parameter score, and a maintainability score.
  7. 如权利要求6所述的方法,其中,所述根据所述第一分数、所述复杂度参数评分和可维护性的分值确定可维护性的评分,包括:The method of claim 6, wherein determining a maintainability score based on the first score, the complexity parameter score and a maintainability score includes:
    根据所述第一分数和所述复杂度参数评分计算分数值;Calculate a score value based on the first score and the complexity parameter score;
    响应于所述分数值大于或等于所述可维护性的分值,确定所述可维护性的评分为所述可维护性的分值; In response to the score value being greater than or equal to the maintainability score, determining the maintainability score to be the maintainability score;
    响应于所述分数值小于所述可维护性的分值,确定所述可维护性的评分为所述分数值。In response to the score value being less than the maintainability score, the maintainability score is determined to be the score value.
  8. 如权利要求2所述的方法,其中,可扩展性的度量指标包括重复度,计算可扩展性的评分的步骤包括:The method of claim 2, wherein the scalability metric includes repeatability, and the step of calculating the scalability score includes:
    确定语句的重复行数最多的前m个重复行数,根据第六常量、所述m个重复行数和m个第八权重加权计算第二分数,m为大于1的整数;Determine the number of the first m repeated rows with the largest number of repeated rows in the statement, and calculate the second score based on the sixth constant, the m repeated row numbers and m eighth weights, where m is an integer greater than 1;
    根据所述重复行数确定重复语句的重复等级,并针对每个重复等级,根据所述重复等级下所述重复语句的重复行数和重复次数,计算每个重复等级的评分;Determine the repetition level of the repeated statement based on the number of repeated lines, and for each repetition level, calculate the score of each repetition level based on the number of repeated lines and the number of repetitions of the repeated statement under the repeated level;
    根据所述重复等级的评分、所述重复等级的第九权重、第七常量、可扩展性的分值和软件代码的总行数,计算第三分数;Calculate a third score based on the score of the repetition level, the ninth weight of the repetition level, the seventh constant, the scalability score, and the total number of lines of software code;
    根据所述第二分数、所述第三分数和预设阈值,确定可扩展性的评分。A score of scalability is determined based on the second score, the third score and a preset threshold.
  9. 如权利要求8所述的方法,其中,所述根据所述第二分数、所述第三分数和预设阈值,确定可扩展性的评分,包括:The method of claim 8, wherein determining the scalability score according to the second score, the third score and a preset threshold includes:
    根据预设阈值更新所述第二分数和所述第三分数;其中,响应于所述第二分数大于或等于所述阈值,所述第二分数为所述阈值,响应于所述第三分数大于或等于所述阈值,所述第三分数为所述阈值;The second score and the third score are updated according to a preset threshold; wherein, in response to the second score being greater than or equal to the threshold, the second score is the threshold, and in response to the third score Greater than or equal to the threshold, the third score is the threshold;
    计算所述第二分数与所述第三分数之和,得到可扩展性的评分。The sum of the second score and the third score is calculated to obtain a scalability score.
  10. 一种代码度量装置,包括度量指标提取模块、特性维度评分计算模块和度量评分计算模块,A code measurement device, including a metric index extraction module, a feature dimension score calculation module and a metric score calculation module,
    所述度量指标提取模块被配置成,获取待度量的软件代码的度量指标,所述度量指标包括至少两个特性维度的度量指标;The metric index extraction module is configured to obtain metric indexes of the software code to be measured, where the metric indexes include metric indexes of at least two characteristic dimensions;
    所述特性维度评分计算模块被配置成,根据所述度量指标在所述特性维度中的第一权重和各特性维度的分值,分别计算所述特性维度的评分; The characteristic dimension score calculation module is configured to calculate the score of the characteristic dimension according to the first weight of the measurement index in the characteristic dimension and the score of each characteristic dimension;
    所述度量评分计算模块被配置成,根据所述特性维度的评分和各特性维度的第二权重计算度量评分,所述度量评分用于度量所述待度量的软件代码的质量。The metric score calculation module is configured to calculate a metric score according to the score of the characteristic dimension and the second weight of each characteristic dimension, where the metric score is used to measure the quality of the software code to be measured.
  11. 一种计算机设备,包括:A computer device consisting of:
    至少一个处理器;at least one processor;
    存储装置,其上存储有至少一个程序;a storage device having at least one program stored thereon;
    当所述一个或多个程序被所述至少一个处理器执行时,使得所述至少一个处理器实现如权利要求1-9任一项所述的代码度量方法。When the one or more programs are executed by the at least one processor, the at least one processor is caused to implement the code measurement method according to any one of claims 1-9.
  12. 一种计算机可读介质,其上存储有计算机程序,其中,所述程序被执行时实现如权利要求1-9任一项所述的代码度量方法。 A computer-readable medium having a computer program stored thereon, wherein when the program is executed, the code measurement method according to any one of claims 1-9 is implemented.
PCT/CN2023/082650 2022-03-21 2023-03-21 Code metric method and apparatus, device, and medium WO2023179578A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210276975.1 2022-03-21
CN202210276975.1A CN116820912A (en) 2022-03-21 2022-03-21 Code measurement method, device, equipment and medium

Publications (1)

Publication Number Publication Date
WO2023179578A1 true WO2023179578A1 (en) 2023-09-28

Family

ID=88099974

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/082650 WO2023179578A1 (en) 2022-03-21 2023-03-21 Code metric method and apparatus, device, and medium

Country Status (2)

Country Link
CN (1) CN116820912A (en)
WO (1) WO2023179578A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106919373A (en) * 2015-12-28 2017-07-04 北京计算机技术及应用研究所 A kind of program code method for evaluating quality
CN110580218A (en) * 2018-06-08 2019-12-17 浙江大学 software code complexity detection method and device and electronic equipment
CN111382052A (en) * 2018-12-29 2020-07-07 北京奇虎科技有限公司 Code quality evaluation method and device and electronic equipment
CN111767212A (en) * 2020-06-17 2020-10-13 中国船舶重工集团公司第七一九研究所 Software code quality evaluation method, device, equipment and storage medium
CN114065223A (en) * 2021-11-26 2022-02-18 西安工业大学 Multi-dimensional software security risk assessment method based on CVSS

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106919373A (en) * 2015-12-28 2017-07-04 北京计算机技术及应用研究所 A kind of program code method for evaluating quality
CN110580218A (en) * 2018-06-08 2019-12-17 浙江大学 software code complexity detection method and device and electronic equipment
CN111382052A (en) * 2018-12-29 2020-07-07 北京奇虎科技有限公司 Code quality evaluation method and device and electronic equipment
CN111767212A (en) * 2020-06-17 2020-10-13 中国船舶重工集团公司第七一九研究所 Software code quality evaluation method, device, equipment and storage medium
CN114065223A (en) * 2021-11-26 2022-02-18 西安工业大学 Multi-dimensional software security risk assessment method based on CVSS

Also Published As

Publication number Publication date
CN116820912A (en) 2023-09-29

Similar Documents

Publication Publication Date Title
Colas et al. How many random seeds? statistical power analysis in deep reinforcement learning experiments
US10212184B2 (en) Method for the continuous calculation of a cyber security risk index
US10585774B2 (en) Detection of misbehaving components for large scale distributed systems
US20160241584A1 (en) Method and system for identifying a threatening network
US7584382B2 (en) Method and system for troubleshooting a misconfiguration of a computer system based on configurations of other computer systems
Park et al. Reassessing Schoenfeld residual tests of proportional hazards in political science event history analyses
AU2018214120B2 (en) System and method for determining an optimum QC strategy for immediate release results
RU2017118317A (en) SYSTEM AND METHOD FOR AUTOMATIC CALCULATION OF CYBER RISK IN BUSINESS CRITICAL APPLICATIONS
Cardoso de Oliveira et al. Multivariate extension of chi-squared univariate normality test
Hosseinichimeh et al. Estimating the parameters of system dynamics models using indirect inference
CN111209274B (en) Data quality checking method, system, equipment and readable storage medium
Southall et al. Early warning signals of infectious disease transitions: a review
CN113900844A (en) Service code level-based fault root cause positioning method, system and storage medium
CN115081969B (en) Abnormal data determination method and related device
Ampatzoglou et al. An embedded multiple-case study on OSS design quality assessment across domains
CN111178530A (en) Quality inspection method and device based on data annotation
WO2023179578A1 (en) Code metric method and apparatus, device, and medium
CN116743637B (en) Abnormal flow detection method and device, electronic equipment and storage medium
CN112380073B (en) Fault position detection method and device and readable storage medium
US10089475B2 (en) Detection of security incidents through simulations
Wang et al. Causality Based Propagation History Ranking in Social Networks.
Chen et al. The monitoring system of Business support system with emergency prediction based on machine learning approach
CN111382052A (en) Code quality evaluation method and device and electronic equipment
CN114679335A (en) Network security risk assessment training and assessment method and equipment for power monitoring system
Easttom Mathematically modelling cyber-attacks utilizing engineering techniques

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23773825

Country of ref document: EP

Kind code of ref document: A1