Research On The Evaluation Methods Of Software Trustworthiness

With the promotion and popularization of information technology, computer software is playingan important role in expanding application fields and solving complex problems. Software iseverywhere in modern information society. However, as the wide range of application field and thedynamic evolution of application environment, increasingly large-scale software system is notalways to be trustworthy, and often brings about a variety of malfunction or failure. Softwaretrustworthiness (ST) issues have become increasingly prominent, which has been the widespreadproblem of affecting the construction of national defense and the development of national economyin information society. In order to eliminate or mitigate the threat posed by the untrustworthysoftware to the national economy,“how to improve software trustworthiness” becomes the researchfocus of common concern in different academic organizations and research groups at home andabroad, among which, as a strong support to improve and guarantee ST, the software trustworthinessevaluation (STE) becomes the focus problem that the academia and the business communities arededicated to solve.Connotatively, ST is a kind of personalized feelings and evaluation of users on the realizationdegree of all expected trustworthy attributes (TAs). With the evolution of diversified needs of usersand users’ surroundings, the result of STE is usually changing, which makes ST present evolutioncharacteristic. This characteristic of ST makes the traditional software evaluation theory and modeldifficult to adapt to the STE in the new situation. In addition, STE is an important embodiment of themutual penetration of the technical level and management level. However, traditional softwareengineering field focuses on technical level, with the result that the present research of STE mainlyfocuses on the technical level including trustworthy software construction and ST testing, and lacksthe research on management level of STE. Therefore, the dissertation, from the perspective ofmanagement science, adopts research method of the integration of theory and practice to study theSTE method on the basis of the ST’s characteristics.The main research contents and innovations of the dissertation are summarized as follows:(1) The growth mechanism of ST is analyzed. Based on software evolution view, the softwaretrustworthiness growth process (STGP) is defined, four-stage STGP cycle model is constructed, andfour categories of factors impacting on the ST in different stage of STGP are refined. On this basis,the broad definition and narrow definition of ST and the definition of trustworthy software are givenrespectively, and the typical characteristics of ST are summarized.(2) The acquisition rule of key trustworthy attributes (KTAs) of software is studied. On the analysis of reduction requirement of software TAs, the acquisition rule of KTAs is put forward byintroducing linguistic multiple attribute group decision making (LMAGDM) method. Based onlinguistic description method, a requirement-oriented linguistic acquisition procedure of softwareTAs is developed. For the expert weights determining method in acquisition rule of software TAs,the basic metrics of linguistic assessment information are expanded, an optimization model of groupconsensus and an optimization model of alternative differences are constructed and an improvedPSO algorithm is designed for the solution.(3) The STE method under the circumstance of requirement stability (CRS) is studied. The STEproblem under the CRS is described and the STE procedure under the CRS is presented. Based onthe description, the weighting method of TAs is focused on. For the combination weighting approach,a new determining method of weight coefficients is given. The method constructs an uncertaintyoptimization model based on the principle of maximum entropy and a consistency optimizationmodel based on the principle of relative entropy. The improved PSO algorithm is used to solve themodel. An approach for evaluating reasonableness of different combination weighting method isproposed and a numerical example is conducted to show the reasonability and effectiveness of theproposed approach. Finally, the determining method of software trustworthiness level under the CRSis given.(4) The STE method under the circumstance of requirement evolution (CRE) is studied. TheSTE problem under the CRE is described and the STE procedure under the CRE is presented. Forthe impact of new customer requirement (NCR) to software TAs weights, the dissertation defines thepreference evolution of attribute, presents the acquisition method and classification method of NCRand its importance determining method. By building the house of quality between NCR and softwareTAs, a computation method for preference variable of TAs is presented. On this basis, a preferencesensing function is designed and the TAs weighting method under the CRE is proposed. Finally, thedetermining method of software trustworthiness level under the CRE is given.(5) The proposed methods are used to evaluate the trustworthiness of Product LifecycleManagement (PLM) software. The implementation situation of PLM software is analyzed. For theactual needs of evaluating PLM software, the methods proposed by this dissertation are applied tothe trustworthiness evaluation of PLM software for a large automobile manufacturing enterprise inChina. The acquisition rule of software TAs is used to obtain the TAs of PLM software, and for thetwo circumstances of the CRS and the CRE, the detailed evaluation process is given. This case studyproves that the research achievements of this dissertation have great value of application andpopularity.