OOPN-SRAM: A Novel Method for Software Risk Assessment

机译：OOPN-SRAM：一种用于软件风险评估的新方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper proposes a Software Risk Assessment Method based on Object-Oriented Petri Net (OOPN-SRAM), in which risk assessment procedure is divided into four steps, expressed as four corresponding objects, including asset recognition, weakness analysis, consequence property confirmation and risk calculation. Each object is modeled with Petri net. Specialists recognize software assets by the 1-9 scales method of Analytic Hierarchy Process (AHP). The weaknesses in a system are found by the vulnerability scanner. The damage degree and the exploitation likelihood of a weakness are evaluated by such authorities as Common Weakness Enumeration (CWE). The consequence properties are confirmed by specialists according to the software requirements. Finally, in the risk calculation, risk degree and overall risk value are calculated by using exponential method and weighted average method respectively. Furthermore, we illustrate the application of our OOPN-SRAM method with realistic examples including web-banking and forum, and make a comparison with traditional methods. The results show that OOPN-SRAM not only increases the efficiency of the evaluation process, but also makes the evaluation result more objective and accurate.

机译：本文提出了一种基于面向对象的Petri网（OOPN-SRAM）的软件风险评估方法，该方法将风险评估过程分为四个步骤，分别表示为四个对应的对象，包括资产识别，弱点分析，后果属性确认和风险。计算。每个对象都用Petri网建模。专家通过1-9标度的层次分析法（AHP）来识别软件资产。漏洞扫描程序可以发现系统中的弱点。弱点的损害程度和开发可能性由诸如普通弱点枚举（CWE）之类的机构评估。结果属性由专家根据软件要求进行确认。最后，在风险计算中，分别采用指数法和加权平均法计算风险度和总风险值。此外，我们通过包括网络银行和论坛在内的实际示例说明了OOPN-SRAM方法的应用，并与传统方法进行了比较。结果表明，OOPN-SRAM不仅提高了评估过程的效率，而且使评估结果更加客观，准确。

著录项

来源
《International Conference on Engineering of Complex Computer Systems》|2014年|150-153|共4页
会议地点
作者
Wu Xiaofei; Li Xiaohong; Feng Ruitao; Xu Guangquan; Hu Jing; Feng Zhiyong;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Availability; Computationalmodeling; Educationalinstitutions; Objectorientedmodeling; Riskmanagement; Security; Software; CWE; OOPN; riskassessment; software; vulnerabilityscanner;

机译：可用性;计算模型;教育机构;面向对象模型;风险管理;安全性;软件; CWE; OOPN;风险评估;软件;漏洞扫描程序;

相似文献

外文文献
中文文献
专利

1. Initial Hybrid Method for Analyzing Software Estimation, Benchmarking and Risk Assessment Using Design of Software [J] . J. Frank Vijay, C. Manoharan Journal of computer sciences . 2009,第10期

机译：使用软件设计分析软件评估，基准测试和风险评估的初始混合方法
2. Initial Hybrid Method for Analyzing Software Estimation, Benchmarking and Risk Assessment Using Design of Software | Science Publications [J] . C. Manoharan, J. F. Vijay Journal of computer sciences . 2009,第10期

机译：使用软件设计分析软件评估，基准评估和风险评估的初始混合方法科学出版物
3. Statistical methods and software for risk assessment: applications to a neurophysiological data set [J] . G. J. Karavasilis, V. K. Kotti, D. S. Tsitsis, Computational statistics & data analysis . 2005,第1期

机译：风险评估的统计方法和软件：神经生理数据集的应用
4. OOPN-SRAM: A Novel Method for Software Risk Assessment [C] . Wu Xiaofei, Li Xiaohong, Feng Ruitao, International Conference on Engineering of Complex Computer Systems . 2014

机译：OOPN-SRAM：一种软件风险评估的新方法
5. Device risk concept: A concrete method of risk assessment for quality system software. [D] . Price, Constance L. 2012

机译：设备风险概念：质量系统软件风险评估的一种具体方法。
6. Assessment of software methods for estimating protein-protein relative binding affinities [O] . Tawny R. Gonzalez, Kyle P. Martin, Jonathan E. Barnes, 2020

机译：评估估算蛋白质 - 蛋白质相对结合亲和力的软件方法
7. Poster Session 3The imaging examination and quality assessmentP626Value of mitral and tricuspid annular displacement to assess the interventricular systolic relationship in severe aortic valve stenosis : a Pilot studyP627Follow-up echocardiography in asymptomatic valve disease: assessing the potential economic impact of the European and American guidelines in a dedicated valve clinic, compared to standard care.P628The tricuspid valve: identification of optimal view for assessing for prolapseP629Right atrial volume by two-dimensional echocardiography in healthy subjectsP630Disturbance of inter and intra atrial conduction assessed by tissue doppler imaging in patients with medicaly controlled hypertension and prehypertension.P631Liver stiffness by shear wave elastography, new noninvasive and quantitative tool for acute variation estimation of central venous pressure in real-time?P632Weak atrial kick contribution is associated with a risk for heart failure decompensationP633Usefulness of wave intensity analysis in predicting the response to cardiac resynchronization therapyP634Early subclinical left ventricular systolic and diastolic dysfunction in gestational hypertension and preeclampsiaP635Clinical comparison of three different echocardiographic methods for left ventricular ejection fraction and LV end diastolic volume measurementP636Assessment of right ventricular-arterial coupling parameters by 3D echocardiography in patients with pulmonary hypertension receiving specific vasodilator therapyP637Prediction of right ventricular failure after left ventricular assist device implant: assessing usefulness of standard and strain echocardiographyP638Kinematic analysis of diastolic function using the novel freely available software Echo E-waves - feasibility and reproducibilityP639Evaluation of coronary flow velocity by Doppler echocardiography in the treatment of hypertension with the ARB: correlation to the histological cardiac fibrosisP640The clinical significance of limited apical ischaemia and the prognostic value of stress echocardiography - A contemporary study from a high volume centerP641Effects of intermediate stenosis of left anterior descending coronary artery on survival in patients with chronic total occlusion of right coronary arteryP642Left ventricular remodeling after a first myocardial infarction in patients with preserved ejection fraction at dischargeP643Left atrial size and acute coronary syndromes. Let is make simple.P644Influence of STEMI reperfusion strategy on systolic and diastolic functionP645Aortic valve resistance risk-stratifies low-gradient severe aortic stenosisP646Does permanent pacemaker implantation complicate the prognosis of patients after transcatheter aortic valve implantation?P647Influence of metabolic syndrome and diabetes on progression of calcific aortic valve stenosis - The COFRASA - GENERAC StudyP648Low referral for aortic valve replacement accounts for worse long-term outcome in low versus high gradient severe aortic stenosis with preserved ejection fractionP649The impact of right ventricular function from aortic valve replacement: A randomised study comparing minimally invasive aortic valve surgery and conventional open heart surgery [O] . T. Ota, DNS Senaratne, NK. Preston, 2016

机译：海报课程3年度成像检查和质量评估P626尺寸二尖瓣环形位移，评估严重主动脉瓣狭窄中的间隔收缩系统关系：无症状瓣膜病的先导术627推翻超声心动图：评估欧洲和美国指南的潜在经济影响专用阀门诊所，与标准Care.P628相比，Tricuspid阀门：鉴定通过在医疗主题的Hystantsp630中，通过组织多普勒成像在医疗和术语中的癌细胞癌和术语患者进行评估，通过二维超声心动图进行评估的最佳视图。 .p631抗剪力波弹性凝视，新的非侵入性和定量工具，用于实时急性变异估计中央静脉压力的急性变化？P632Weak心房踢贡献与心力衰竭分数的风险有关波强度分析预测心脏重新同步的响应治疗634亚临床左心室收缩和舒张性功能障碍，妊娠期高血压分数的三种不同超声心动仪和LV端舒张型方法的比较，3D超声心动图右心室凝血率测量3636分类在患有肺动脉高压的患者中，左心室辅助装置植入后接受特异性血管扩张器治疗637预测右心室失效：评估使用新颖的自由可用的软件回声电子波的标准和菌株超声心动图338云分析的标准和菌株超声心动图638云分析 - 可行性和再现冠状动脉速度的可行性和再现率。多普勒超声心动图在治疗高血压与arb中：相关性与组织学心肌纤维化p640的相关性李的临床意义紧张的缺血性和应激超声心动图的预后价值 - 一种高批量中心的当代研究，来自左前期下降冠状动脉中间狭窄患者中间狭窄患者急性闭塞患者患者患者患者第一次心肌梗死后的慢性冠状动脉间梗死患者存活的现代研究排出的射血分数在排出的343夜心房尺寸和急性冠状动脉综合征处。让令人生意的是STEMIESTOMELETERIC功能的STEMIEST.P644。在收缩和舒张功能上进行STEMI和舒张型阀门电阻危险危险率低梯度严重主动脉鼻窦646doe永久性起搏器植入使经截觉管主动脉瓣植入后的患者预后复杂化吗？P647型综合征和糖尿病患者的进展主动脉瓣狭窄 - Cofrasa - Generac STOMP648LOW用于主动脉瓣膜置换术的转诊表明，低梯度严重主动脉狭窄的更差的长期结果，并具有射血瓣膜置换术射精术中的抗锻术术造成的影响：随机研究比较微创主动脉阀门手术和常规开放式心脏手术
8. Fire Risk Assessment Method: Guide to the Risk Methodology Software [R] . Forney, C. L., Jones, W. W. 1990

机译：火灾风险评估方法：风险方法软件指南

OOPN-SRAM: A Novel Method for Software Risk Assessment

摘要

著录项

相似文献

相关主题

期刊订阅