Development of graphic­analytical models for the software security testing algorithm

Authors

DOI:

https://doi.org/10.15587/1729-4061.2018.127210

Keywords:

security testing, graphic-analytical model, semi-Markov process, Laplace transform, generating function

Abstract

An analysis of one of the main types of software testing, namely security testing has been made. It was established that there are a number of specific features associated with the possibility of negative manipulation with software products. A graphic-analytical model of the algorithm of testing software security was developed. The model based on the theory of semi-Markov processes provides an adequate structural description of the actual testing process. However, accuracy of this model essentially depends on accuracy of reproduction of densities of distribution of duration of the system residence in each of the possible states. An alternative model that uses the method of probability-time graphs is less demanding. For its implementation, it is sufficient to know the mean values of duration of residence in each of the states and the probability of transitions from one state to another. Correlations were obtained for calculating statistical characteristics and density of distribution of the mean time of execution of the software security testing algorithm. The model can be used to study basic stages of software security testing. Application of this model will reduce software vulnerability and improve security of the IT project as a whole. Also, the model is applicable when developing new methods, algorithms, and procedures for managing the IT projects

Author Biographies

Serhii Semenov, National Technical University «Kharkiv Polytechnic Institute» Kyrpychova str., 2, Kharkіv, Ukraine, 61002

Doctor of Technical Sciences, Senior Researcher

Department of Computer Science and Programming

Oksana Sira, National Technical University «Kharkiv Polytechnic Institute» Kyrpychova str., 2, Kharkіv, Ukraine, 61002

Doctor of Technical Sciences, Professor

Department of distributed information systems and cloud technologies

Nina Kuchuk, V. N. Karazin Kharkiv National University Svobody sq., 4, Kharkiv, Ukraine, 61022

PhD

Department of Theoretical and Applied Systems Engineering

References

  1. Tobias, K. A (2011). Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security. No Starch Press, 208.
  2. The Software Improvement Group (SIG) measures software energy use. The Green IT Review. Available at: http://www.seflab.com/news/the-software-improvement-group-sig-measures-software-energy-use-the-green-it-review/
  3. Kuchuk, G., Kovalenko, A., Kharchenko, V., Shamraev, A. (2017). Resource-Oriented Approaches to Implementation of Traffic Control Technologies in Safety-Critical I&C Systems. Studies in Systems, Decision and Control, 313–337. doi: 10.1007/978-3-319-55595-9_15
  4. Semenov, S. H., Kassem Khalife (2017). Kompleks matematychnykh modelei protsessu rozrobky prohrammnoho zabezpechennia. Informatsiyni tekhnolohiyi ta kompiuterna inzheneriya, 3 (40), 61–68.
  5. Kharchenko, V., Kondratenko, Y., Kacprzyk, J. (Eds.) (2017). Green IT Engineering: Concepts, Models, Complex Systems Architectures. Studies in Systems, Decision and Control. doi: 10.1007/978-3-319-44162-7
  6. Annadurai, C. (2011). Review of Packet Scheduling Algorithms in Mobile Ad Hoc Networks. International Journal of Computer Applications, 15 (1), 7–10. doi: 10.5120/1914-2552
  7. Bordunov, I. B., Kosachev, A. S. (2009). Polnoe testirovanie s otkrytym sostoyaniem ogranichenno nedeterminirovannyh system. Programmirovanie, 6, 3–18.
  8. Mozhaev, O., Kuchuk, H., Kuchuk, N., Mozhaev, M., Lohvynenko, M. (2017). Multiservice network security metric. 2017 2nd International Conference on Advanced Information and Communication Technologies (AICT). doi: 10.1109/aiact.2017.8020083
  9. Burdonov, I. B., Kosachev, I. S. (2010). Bezopasnoe testirovanie simulyacii sistem s otkazami i razrusheniem. Modelirovanie i analiz informacionnyh sistem, 17 (4), 27–40.
  10. Goodmon, L. B., Anderson, M. C. (2011). Semantic integration as a boundary condition on inhibitory processes in episodic retrieval. Journal of Experimental Psychology: Learning, Memory, and Cognition, 37 (2), 416–436. doi: 10.1037/a0021963
  11. Kuchuk, G., Kharchenko, V., Kovalenko, A., Ruchkov, E. (2016). Approaches to selection of combinatorial algorithm for optimization in network traffic control of safety-critical systems. 2016 IEEE East-West Design & Test Symposium (EWDTS). doi: 10.1109/ewdts.2016.7807655
  12. Krishnan, M. S. (2015). Software Development Risk Aspects and Success Frequency on Spiral and Agile Model. International Journal of Innovative Research in Computer and Communication Engineering, 03 (01), 301–310. doi: 10.15680/ijircce.2015.0301024
  13. Raskin, L. G. (1988). Matematicheskie metody issledovaniya operaciy i analiza slozhnyh sistem vooruzheniya PVO. Kharkiv: VIRTA PVO, 178.
  14. Zhuravlev, A. Yu. (2014). Polumarkovskie processy. Moscow, 218.
  15. Bellman, R. E., Zadeh, L. A. (1970). Decision-Making in a Fuzzy Environment. Management Science, 17 (4), B-141–B-164. doi: 10.1287/mnsc.17.4.b141
  16. Raskin, L. G., Seraya, O. V. (2008). Nechetkaya matematika. Kharkiv: Parus, 352.
  17. Kaufman, A., Gupta, M. (1985). Introduction to Fuzzy Arithmetic: Theory and Applications. New York: VN. Reinhold, 351.
  18. Liu, B., Liu, Y.-K. (2002). Expected value of fuzzy variable and fuzzy expected value models. IEEE Transactions on Fuzzy Systems, 10 (4), 445–450. doi: 10.1109/tfuzz.2002.800692
  19. Pawlak, Z. (1982). Rough sets. International Journal of Computer & Information Sciences, 11 (5), 341–356. doi: 10.1007/bf01001956
  20. Raskin, L., Sira, O. (2016). Fuzzy models of rough mathematics. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 53–60. doi: 10.15587/1729-4061.2016.86739
  21. Raskin, L., Sira, O. (2016). Method of solving fuzzy problems of mathematical programming. Eastern-European Journal of Enterprise Technologies, 5 (4 (83)), 23–28. doi: 10.15587/1729-4061.2016.81292

Downloads

Published

2018-03-28

How to Cite

Semenov, S., Sira, O., & Kuchuk, N. (2018). Development of graphic­analytical models for the software security testing algorithm. Eastern-European Journal of Enterprise Technologies, 2(4 (92), 39–46. https://doi.org/10.15587/1729-4061.2018.127210

Issue

Vol. 2 No. 4 (92) (2018): Mathematics and Cybernetics - applied aspects

Section

Mathematics and Cybernetics - applied aspects

License

Copyright (c) 2018 Serhii Semenov, Oksana Sira, Nina Kuchuk

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.