Development of graphic­analytical models for the software security testing algorithm

Authors

DOI:

https://doi.org/10.15587/1729-4061.2018.127210

Keywords:

security testing, graphic-analytical model, semi-Markov process, Laplace transform, generating function

Abstract

An analysis of one of the main types of software testing, namely security testing has been made. It was established that there are a number of specific features associated with the possibility of negative manipulation with software products. A graphic-analytical model of the algorithm of testing software security was developed. The model based on the theory of semi-Markov processes provides an adequate structural description of the actual testing process. However, accuracy of this model essentially depends on accuracy of reproduction of densities of distribution of duration of the system residence in each of the possible states. An alternative model that uses the method of probability-time graphs is less demanding. For its implementation, it is sufficient to know the mean values of duration of residence in each of the states and the probability of transitions from one state to another. Correlations were obtained for calculating statistical characteristics and density of distribution of the mean time of execution of the software security testing algorithm. The model can be used to study basic stages of software security testing. Application of this model will reduce software vulnerability and improve security of the IT project as a whole. Also, the model is applicable when developing new methods, algorithms, and procedures for managing the IT projects

Author Biographies

Serhii Semenov, National Technical University «Kharkiv Polytechnic Institute» Kyrpychova str., 2, Kharkіv, Ukraine, 61002

Doctor of Technical Sciences, Senior Researcher

Department of Computer Science and Programming

Oksana Sira, National Technical University «Kharkiv Polytechnic Institute» Kyrpychova str., 2, Kharkіv, Ukraine, 61002

Doctor of Technical Sciences, Professor

Department of distributed information systems and cloud technologies

Nina Kuchuk, V. N. Karazin Kharkiv National University Svobody sq., 4, Kharkiv, Ukraine, 61022

PhD

Department of Theoretical and Applied Systems Engineering

References

  1. Tobias, K. A (2011). Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security. No Starch Press, 208.
  2. The Software Improvement Group (SIG) measures software energy use. The Green IT Review. Available at: http://www.seflab.com/news/the-software-improvement-group-sig-measures-software-energy-use-the-green-it-review/
  3. Kuchuk, G., Kovalenko, A., Kharchenko, V., Shamraev, A. (2017). Resource-Oriented Approaches to Implementation of Traffic Control Technologies in Safety-Critical I&C Systems. Studies in Systems, Decision and Control, 313–337. doi: 10.1007/978-3-319-55595-9_15
  4. Semenov, S. H., Kassem Khalife (2017). Kompleks matematychnykh modelei protsessu rozrobky prohrammnoho zabezpechennia. Informatsiyni tekhnolohiyi ta kompiuterna inzheneriya, 3 (40), 61–68.
  5. Kharchenko, V., Kondratenko, Y., Kacprzyk, J. (Eds.) (2017). Green IT Engineering: Concepts, Models, Complex Systems Architectures. Studies in Systems, Decision and Control. doi: 10.1007/978-3-319-44162-7
  6. Annadurai, C. (2011). Review of Packet Scheduling Algorithms in Mobile Ad Hoc Networks. International Journal of Computer Applications, 15 (1), 7–10. doi: 10.5120/1914-2552
  7. Bordunov, I. B., Kosachev, A. S. (2009). Polnoe testirovanie s otkrytym sostoyaniem ogranichenno nedeterminirovannyh system. Programmirovanie, 6, 3–18.
  8. Mozhaev, O., Kuchuk, H., Kuchuk, N., Mozhaev, M., Lohvynenko, M. (2017). Multiservice network security metric. 2017 2nd International Conference on Advanced Information and Communication Technologies (AICT). doi: 10.1109/aiact.2017.8020083
  9. Burdonov, I. B., Kosachev, I. S. (2010). Bezopasnoe testirovanie simulyacii sistem s otkazami i razrusheniem. Modelirovanie i analiz informacionnyh sistem, 17 (4), 27–40.
  10. Goodmon, L. B., Anderson, M. C. (2011). Semantic integration as a boundary condition on inhibitory processes in episodic retrieval. Journal of Experimental Psychology: Learning, Memory, and Cognition, 37 (2), 416–436. doi: 10.1037/a0021963
  11. Kuchuk, G., Kharchenko, V., Kovalenko, A., Ruchkov, E. (2016). Approaches to selection of combinatorial algorithm for optimization in network traffic control of safety-critical systems. 2016 IEEE East-West Design & Test Symposium (EWDTS). doi: 10.1109/ewdts.2016.7807655
  12. Krishnan, M. S. (2015). Software Development Risk Aspects and Success Frequency on Spiral and Agile Model. International Journal of Innovative Research in Computer and Communication Engineering, 03 (01), 301–310. doi: 10.15680/ijircce.2015.0301024
  13. Raskin, L. G. (1988). Matematicheskie metody issledovaniya operaciy i analiza slozhnyh sistem vooruzheniya PVO. Kharkiv: VIRTA PVO, 178.
  14. Zhuravlev, A. Yu. (2014). Polumarkovskie processy. Moscow, 218.
  15. Bellman, R. E., Zadeh, L. A. (1970). Decision-Making in a Fuzzy Environment. Management Science, 17 (4), B-141–B-164. doi: 10.1287/mnsc.17.4.b141
  16. Raskin, L. G., Seraya, O. V. (2008). Nechetkaya matematika. Kharkiv: Parus, 352.
  17. Kaufman, A., Gupta, M. (1985). Introduction to Fuzzy Arithmetic: Theory and Applications. New York: VN. Reinhold, 351.
  18. Liu, B., Liu, Y.-K. (2002). Expected value of fuzzy variable and fuzzy expected value models. IEEE Transactions on Fuzzy Systems, 10 (4), 445–450. doi: 10.1109/tfuzz.2002.800692
  19. Pawlak, Z. (1982). Rough sets. International Journal of Computer & Information Sciences, 11 (5), 341–356. doi: 10.1007/bf01001956
  20. Raskin, L., Sira, O. (2016). Fuzzy models of rough mathematics. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 53–60. doi: 10.15587/1729-4061.2016.86739
  21. Raskin, L., Sira, O. (2016). Method of solving fuzzy problems of mathematical programming. Eastern-European Journal of Enterprise Technologies, 5 (4 (83)), 23–28. doi: 10.15587/1729-4061.2016.81292

Downloads

Published

2018-03-28

How to Cite

Semenov, S., Sira, O., & Kuchuk, N. (2018). Development of graphic­analytical models for the software security testing algorithm. Eastern-European Journal of Enterprise Technologies, 2(4 (92), 39–46. https://doi.org/10.15587/1729-4061.2018.127210

Issue

Section

Mathematics and Cybernetics - applied aspects