| With the continuous development of computer applications, software plays a vital role in the current information society. The trustworthiness of software has been regarded as a significant attribute of software by computer scientists and industry leaders. However, most of the researchers are only focusing on software security nowadays.With the perspective of software engineering methodology and regarding the trustworthiness as a multi-dimensional software assessment indicators, this paper studies the functionality, reliability, security, maintainability and scalability of software. The main work includes:1) Propose the Unified Software Model basing on formal language-Z specification and UML views and construct the Software Trustworthy Engineering method according to this model. This method can reduce the complexity of formal software model in large project and the uncertain factors introduced by human in traditional software engineering.2) Basing on Software Security Weakness Knowledge Database, implement the formal detection of security weakness at the design stage of Unified Software Model. This will avoid the high costs of mitigation of the design-level weakness at the later stage of software lifecycle, and at the same time, reduce the dependence of building secure software on the personal experience and knowledge of security experts.3) Design the Software Trustworthy Engineering Support Platform to facilitate the implementation of Software Trustworthy Engineering.This paper constructs an engineering theory system combining formal method and implements the verification of consistency and security of software design. This work integrates the other researches of our group and provides a solid theoretical foundation for future research. |
PDF Full Text Request