Research Article
A Quantitative Assessment Approach to COTS Component Security
Algorithm 1
QACS (quantitative assessment of component security) algorithm.
Input: Interface information XML file; Fault injection operator; Prediction rules PRED; | Probability matrix ; MC’s threshold and IC’s threshold value and . | Output: The security level of the whole component | 01 { | 02 Read XML file; | 03 MC = 0, IC = 0, = 0, cnt = 0; // cnt is the number of component vulnerability methods | 04 While IC < do // For each interface in | 05 { | 06 , ; | 07 While MC < θ do // For each method in | 08 { | 09 ; // is the number of the testing methods | 10 Generate method parameter values set according to fault injection operators; | 11 Call testing cases generating algorithm TGSM(); //call the generation algorithm of the | minimum factors combined cover test case based on solution matrix | 12 Running and ; | 13 If (the output after running and satisfies PRED) | 14 { | 15 increment cnt; | 16 × ;// the vulnerability level of the method in the interface | 17 } | 18 MC = /; | 19 } | 20 IC = /; | 21 } | 22 ; | 23 (Output) ; | 24 } |
|