计算机科学与探索 ›› 2014, Vol. 8 ›› Issue (8): 956-965.DOI: 10.3778/j.issn.1673-9418.1403007

• 系统软件与软件工程 • 上一篇    下一篇

基于复杂网络分析的软件高危缺陷评估方法

马皖王莹1,2,陈  林1,2+,陈芝菲1,2,王子元3   

  1. 1. 南京大学 软件新技术国家重点实验室,南京 210093
    2. 南京大学 计算机科学与技术系,南京 210093
    3. 南京邮电大学 计算机学院,南京 210023
  • 出版日期:2014-08-01 发布日期:2014-08-07

Software Severe Defects Evaluation Based on Complex Network Analysis

MA Wanwangying1,2, CHEN Lin1,2+, CHEN Zhifei1,2, WANG Ziyuan3   

  1. 1. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093, China
    2. Department of Computer Science and Technology, Nanjing University, Nanjing 210093, China
    3. School of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210023, China
  • Online:2014-08-01 Published:2014-08-07

摘要: 为了评估软件缺陷的风险,提出了一种基于复杂网络分析的软件缺陷评估方法。该方法首先用一个网络模型表达程序实体之间的关系,将源代码中的方法抽象为节点,方法间的调用关系抽象为有向边,以此构造程序源代码网络;然后分别用介数算法和PageRank算法计算造成软件缺陷的方法节点在源代码全局网络中的地位,由此评估缺陷的风险高低。实验结果表明,该方法在评估内部高危缺陷时有较好的效果,有助于提高软件开发维护人员对一些隐蔽高危缺陷的关注度,进而为后续修复缺陷与软件演化提供有益的线索。

关键词: 复杂网络, 高危缺陷, 缺陷评估, 介数, PageRank

Abstract: In order to evaluate the risk of software defects, this paper proposes an approach for defects evaluation based on complex network analysis. In this approach, a network model is used to express the relationship between entities, and the methods in source code and the call relations between them are extracted as nodes and directed edges respectively to construct the source code network. Then the importance of root cause nodes with respect to the whole network is computed by the betweenness centrality and PageRank, which is used to assess the severity of defects. The experimental results show that the approach has a good performance in evaluating inside software severe defects, which can help maintainers pay more attention to implicit severe defects and provide helpful reference to the program repair, thus supporting software evolution.

Key words: complex network, severe defects, defects evaluation, betweenness centrality, PageRank