【作者】 丁帅；

【导师】 杨善林；

【作者基本信息】 合肥工业大学 ， 管理科学与工程， 2011， 博士

【摘要】 随着信息技术的快速发展，软件已经成为现代制造业和服务业不可分割的一部分，其运行行为对产品性能或服务质量具有直接影响。然而软件系统并不总是可信的，固有的缺陷和未处理的异常都将导致软件系统的行为可能会偏离用户的期望。因此，为了减少由于软件失信所引起的社会安全问题及其可能带来的巨大经济损失，迫切需要研究客观高效的软件可信性评估方法及模型，进而为保障软件实体的全面可信提供理论支持。传统的可信性评估模型或方法通常使用软件度量或逻辑验证方法对软件进行定量估计。这些模型或方法虽然解决了一些实际问题，但在应用于规模庞大、功能复杂且演化规律不确定的软件系统时，依然存在：缺乏对用户真实可信需求的全面把握、未能充分考虑影响评估结果正确性的关键因素、不具备动态自适应特征等问题。本文主要以复杂软件系统为研究对象，重点研究软件可信性评估过程中指标系统动态构建、客观赋权、评估模型构建与优化、可信性动态评估建模以及可信推荐等基础科学问题，大量数值实验表明这些模型及算法的合理性和有效性。本文的主要工作及取得的创新性成果如下：（1）研究了普适性的软件可信性评估过程。剖析了软件可信性评估过程中急需攻克的关键科学问题和研究难点，开发了可信性评估指标系统的动态构造模型及相关算法，构建了软件可信性评估应用系统的时间状态机模型。（2）对于软件可信性评估的不确定性问题，研究了基于ER方法和效用理论的软件可信性评估模型。提出了多源异构可信证据的采集及其一致转换方法，给出了基于全局不确定度的可信指标客观赋权方法，并建立了基于分布式框架的软件可信性评估推理模型，实验结果表明该模型较好地解决了具有多可信属性、不确定性、可信证据多量纲等特征的复杂系统软件的可信性评估问题，评估结果精确、完备且可解释性强。（3）对于可信证据的非可靠问题，研究了面向主客观可信证据的折扣估计方法。当使用群体专家主观评价或软件模型预测方式采集可信证据时，可以利用集成折扣估计与相对权重的联合系数对可信证据进行预处理，在此基础上还给出了一种ER改进方法，实验结果表明该方法适用于解决软件可信性评估过程中的证据非可靠问题，且有利于提升可信性评估模型的普适性。（4）对于可信证据的相关性问题，研究了应用于相关信念背景下的证据融合规则ECCR，开发了用于多源可信证据融合的水平合成算法，并提出了一种考虑证据相关性的软件可信性评估推理算法，实验结果表明该方法适用于解决软件可信性评估过程中的证据相关性问题，且由于将合并过程中由相对权重或折扣引起的未知从合成结果中剔除，提高了可信性评估模型的求解精度。（5）对于软件演化背景下的可信性动态评估及可信推荐问题，研究了基于关联矩阵变换的可信性评估指标系统动态自适应重构方法，提出了一种需求驱动的软件可信性动态评估模型，并将可信属性融入到软件服务的选择过程，建立了基于多属性匹配的可信云服务推荐系统及算法，实验结果表明该方法可以有效解决云计算环境下软件可信性动态评估及可信推荐问题。更多还原

【Abstract】 With the fast advance in information technology (IT), software has become indispensable tomodern manufacturing and services in which the operational behavior of the software has a directimpact on the product performance and the service quality. Unfortunately, software systems arenot always trustworthy---bugs and unhandled exceptions may cause software behavior to deviatedramatically from the user’s expectation. Therefore, there is an increasing demand for evaluatingsoftware trustworthiness to reduce the social security problems and the tremendous economiclosses caused by untrustworthy software.The current STE models focus on the quantitative evaluation of trustworthiness through theuse of software metrics or logic verification method. While these models successfully solved a lotof actual problems, they are facing three major challenges for complex software systems:(1) Theusers’ subjective trustworthiness requirements are neglected in practice;(2) The key fatorsimpacting trustworthiness evaluation are ignored in the models construction;(3) The traditionalmodels fail to have the dynamic adaptability. The dissertation systematically studies theconstruction of trustworthiness evaluation indicator system, the objective weighting, theevaluation model establishment and its optimization, and software recommendation consideringseveral trustworthy attributes. A great number of numerical experiments demonstrate theeffectiveness and applicability of the proposed models and algorithms.The main contributions of the dissertation are summarized as follows.(1) The universal software trustworthiness evaluation process is studied. Based on theanalysis of the key scientific issues in the software trustworthiness evaluation, a dynamicconstruction model of trustworthiness evaluation indicator system and a finite state model oftrustworthiness evaluation application are developed.(2) For the trustworthiness evaluation problem with a variety type of uncertainties, a softwaretrustworthiness evaluation model is developed by using the evidential reasoning approach and theutility theory. For the sake of multi-dimension evaluation information pre-processing, amultisource-heterogeneous trustworthiness evidences conversion and consistent constructionmethod is proposed. To enhance the accuracy and objectivity of the evaluation, a new objectiveweighting approach based on the total uncertainty measure is discussed. On this basis, atrustworthiness evaluation reasoning model, which can analyze and solve uncertainly softwaretrustworthiness evaluation problem, is given based on the distributed evaluation framework.Numerical experiments show that the proposed model is suitable to large-scaled industrial detection software characterized by multiple trustworthy attributes and uncertainty trustworthinessevidences.(3) For the trustworthiness evaluation problem characterized by unreliable evidences, twodiscounting-factor estimation methods are discussed for objective and subjective evidences,respectively. As for the evidences collection cases of expert scoring or software probability modelforecasting, a joint coefficient integrating discounting factor with relevance weight is defined forthe unreliable evidences pretreatment. In addition, an extended ER approach applying the jointcoefficient is proposed. The experimental analysis shows that the proposed discounting methodsare not only suitable for the unreliable evidences pretreatment but also for trustworthinessevaluation model enhancement.(4) For the trustworthiness evaluation problem with non-independent evidences, an improvedDenoeux cautious conjunctive rule and a horizontal evidence combination algorithm areintrouduced. On the analysis of objective problems, such as information uncertainty andcorrelation of information sources in the process of evaluation, a software trustworthinessevaluation reasoning algorithm is developed. The experimental analysis shows that the proposedtwo algorithms are suitable to solve the trustworthiness evaluation problem with non-independentevidences, and the accuracy of the trustworthiness evaluation model has improved.(5) For the trustworthiness dynamic evaluation and trustworthy software recommendationunder the software evolution, the incidence matrix is used to make correlation analysis betweentrustworthy attributes and then the variation rule of relative weight is revealed. An adaptive systemof reconstruction device, which can analyze and sovle the software trustworthiness evaluationindicator system of self-reconfiguration, is designed based on the incidence matrix. A completeframework of trustworthiness evaluation and evoluation model is proposed. On this basis, thetrustworthy attributes have been integrated with software service selction in Cloud Computing. Anovel cloud recommendation system (CRS) supporting software with various specified functionaland QoS guarantees such that the CRS can mediate multi-attribute matching between solutionsand consumer’s demands is designed.更多还原