计算机工程与应用 ›› 2016, Vol. 52 ›› Issue (19): 97-101.

• 网络、通信与安全 • 上一篇    下一篇

面向可信软件的风险评估方法

王雪丽1,张  璇1,3,李  彤1,3,王  旭2   

  1. 1.云南大学 软件学院,昆明 650091
    2.云南大学 经济学院,昆明 650091
    3.云南省软件工程重点实验室,昆明 650091
  • 出版日期:2016-10-01 发布日期:2016-11-18

Method of risk assessment oriented to trustworthy software

WANG Xueli1, ZHANG Xuan1,3, LI Tong1,3, WANG Xu2   

  1. 1.School of Software, Yunnan University, Kunming 650091, China
    2.School of Economics, Yunnan University, Kunming 650091, China
    3.Software Engineering Key Laboratory of Yunnan, Yunnan University, Kunming 650091, China
  • Online:2016-10-01 Published:2016-11-18

摘要: 风险管理逐渐成为开发高质量软件过程中的重要的组成部分。风险评估作为风险管理的重要活动之一,是风险控制的前提。贝叶斯网络作为风险管理的有力工具之一,是处理不确定性的有效方法。结合贝叶斯网络与模糊理论,提出一种风险评估方法,首先使用贝叶斯网络对影响可信软件的风险因素进行风险概率评估,然后利用模糊综合评价法进行风险综合影响评估。该方法用于软件项目的风险评估,为开发高质量的可信软件提供新策略。

关键词: 风险管理, 风险评估, 贝叶斯网络, 可信软件, 模糊综合评价法

Abstract: Risk management has been becoming an important component of the high-quality software development process. As a powerful tool of risk management, Bayesian networks are the effective method for handling the uncertainties. As one of the important activities of risk management, risk assessment is the prerequisite of risk control. Combined with the Bayesian networks and fuzzy theory, this paper proposes a method for risk assessment. First of all, it uses Bayesian networks to assess the risk probability of the risk factors which are affecting trustworthy software, then uses fuzzy comprehensive evaluation method to evaluate the comprehensive effects of risks. This method is used to assess risks in the software project which can provide new strategies for developing high-quality trustworthy software.

Key words: risk management, risk assessment, Bayesian networks, trustworthy software, fuzzy comprehensive evaluation method