Research Article
A Quantitative Assessment Approach to COTS Component Security
Algorithm 1
QACS (quantitative assessment of component security) algorithm.
| Input: Interface information XML file; Fault injection operator; Prediction rules PRED; | | Probability matrix ; MC’s threshold and IC’s threshold value and . | | Output: The security level of the whole component | | 01 { | | 02 Read XML file; | | 03 MC = 0, IC = 0, = 0, cnt = 0; // cnt is the number of component vulnerability methods | | 04 While IC < do // For each interface in | | 05 { | | 06 , ; | | 07 While MC < θ do // For each method in | | 08 { | | 09 ; // is the number of the testing methods | | 10 Generate method parameter values set according to fault injection operators; | | 11 Call testing cases generating algorithm TGSM(); //call the generation algorithm of the | | minimum factors combined cover test case based on solution matrix | | 12 Running and ; | | 13 If (the output after running and satisfies PRED) | | 14 { | | 15 increment cnt; | | 16 × ;// the vulnerability level of the method in the interface | | 17 } | | 18 MC = /; | | 19 } | | 20 IC = /; | | 21 } | | 22 ; | | 23 (Output) ; | | 24 } |
|
