Skip to main content
SpringerLink
Log in

A Unified Measurement Solution of Software Trustworthiness Based on Social-to-Software Framework

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

As trust becomes increasingly important in software domain, software trustworthiness — as a complex high-composite concept, has developed into a big challenge people have to face, especially in the current open, dynamic and ever-changing Internet environment. Furthermore, how to recognize and define trust problem from its nature and how to measure software trustworthiness correctly and effectively play a key role in improving users’ trust in choosing software. Based on trust theory in the field of humanities and sociology, this paper proposes a measurable S2S (Social-to-Software) software trustworthiness framework, introduces a generalized indicator loss to unify three parts of trustworthiness result, and presents a whole metric solution for software trustworthiness, including the advanced J-M model based on power function and time-loss rate for ability trustworthiness measurement, the fuzzy comprehensive evaluation advanced-model considering effect of multiple short boards for basic standard trustworthiness, and the identity trustworthiness measurement method based on the code homology detecting tools. Finally, it provides a case study to verify that the solution is applicable and effective.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Nami M, Suryn W. Software trustworthiness: Past, present and future In Proc. ISCTCS 2012, May 28-June 2, 2012, pp.1-12.

  2. Tang Y X, Liu Z L. Progress in software trustworthiness metrics models. Computer Engineering and Applications, 2010, 46(27): 12-16. (in Chinese)

    Google Scholar 

  3. Amoroso E, Taylor C, Watson J et al. A process-oriented methodology for assessing and improving software trustworthiness. In Proc. the 2nd ACM Conference on Computer and Communications Security, Nov. 1994, pp.39-50.

  4. Zhang H P, Shu F D, Yang Y et al. A fuzzy-based method for evaluating the trustworthiness of software processes. In New Modeling Concepts for Today’s Software Processes, Münch J, Yang Y, Schafer W (eds.), Springer Berlin Heidelberg, 2010, pp.297-308.

  5. Nazila Gol Mohammadi, Sachar Paulus, Mohamed Bishr, et al. Trustworthiness attributes and metrics for engineering trusted Internet-based software systems. In Cloud Computing and Services Science, Helfert M, Desprez F, Ferguson D, Leymann F (eds.), Springer International Publishing, 2014, pp.19-35.

  6. Zhang X, Li W, Zheng Z M, et al. Optimized statistical analysis of software trustworthiness attributes. Science China Information Sciences, 2012, 55(11): 2508-2520. (in Chinese)

    Article  MathSciNet  MATH  Google Scholar 

  7. Meyer B. The grand challenge of trusted components. In Proc. the 25th International Conference on Software Engineering, May 2003, pp.660-667.

  8. Yang F Q. Thinking on the development of software engineering technology. Journal of Software, 2005, 16(1): 1-7.

    Article  MathSciNet  MATH  Google Scholar 

  9. Jelinski Z, Moranda P B. Software reliability research. In Statistical Computer Performance Evaluation, Greiberger W (ed), Academic Press, 1972, pp.465-484.

  10. Yang X, Gul Jabeen, Luo P. The concept model and definition system of software trustworthiness based on trust theory of humanities and sociology, 2016. http://c.eemet.cn/trustworthiness.pdf, Jan. 2018.

  11. Huang Y F, Liu Y Z, Luo P. SSRGM: Software strong reliability growth model based on failure loss. In Proc. the 5th International Symposium on PAAP, Dec. 2012, pp.255-261.

  12. Fred B. Schneider, Editor. Trust in Cyberspace. Washington, DC: National Academy Press, 1998.

    Google Scholar 

  13. Becker S, Hasselbring W, Paul M et al. Trustworthy software systems: A discussion of basic concepts and terminology. SIGSOFT Softw. Eng. Notes, 2006, 31(6): 1-18.

    Article  Google Scholar 

  14. National Institute of Standards and Technology, U.S. Department of Commerce. Toward a preliminary framework for assessing the trustworthiness of software. IST Interagency Report 7755, Sept. 2010. http://ws680.nist.gov/publication/get_pdf.cfm?pub_id=906717, Jan. 2018.

  15. ISO/IEC 14598-1. Information technology-software product evaluation-Part 1: General overview. Published standard. ISO/IEC, 1999.

  16. Shooman M L. Probabilistic models for software reliabilty prediction In Statistical Computer Performance Evaluation, Freiberger W (ed.), Academic Press, New York, June 1972, pp.485-502.

  17. Wang H M, Tang Y B, Yin G et al. Trustworthiness of Internet-based software. Science in China Series F: Information Sciences, 2006, 49(10): 1156-1169. (in Chinese)

    Article  Google Scholar 

  18. Ding X L, Wang H M, Wang Y Y et al. Verification oriented trustworthiness evidence and trustworthiness evaluation of software. Journal of Frontiers of Computer Science and Technology, 2010, 4(1): 46-53.

    Google Scholar 

  19. Shen G H, Huang Z Q, Qian J et al. Research on software trustworthiness evaluation model and its implementation. Journal of Frontiers of Computer Science and Technology, 2011, 5(6): 553-561.

    Google Scholar 

  20. Liu Y Z, Zhang L, Luo P, Yao Y. Research of trustworthy software system in the network. In Proc. the International Symposium on Parallel Architectures, Algorithms and Programming, Dec. 2012, pp.17-20.

  21. Geng J K, Ye D R, Luo P. Forecasting severity of software vulnerability using grey model GM. In Proc. the IEEE Advanced Information Technology, Electronic and Automation Control Conference (IAEAC), Dec. 2015, pp.344-348.

  22. Yang X, Luo P, Jabeen G. A measurable SocialToTech software trust framework based on cost-loss. In Proc. the 10th AEARU Workshop on Computer Science and Web Technology, Mar. 2015, pp.63-65.

  23. Colquitt J A, Scott B A, LePine J A. Trust, trustworthiness, and trust propensity: A meta-analytic test of their unique relationships with risk taking and job performance. Journal of Applied Psychology, 2007, 92(4): 909-927.

    Article  Google Scholar 

  24. Mayer R C, Davis J H, Schoorman F D. An integrative model of organizational trust. Acad. Manag. Rev., 1995, 20(3): 709734.

    Article  Google Scholar 

  25. Mcknight D H, Carter M, Thatcher J et al. Trust in a specific technology: An investigation of its components and measures. ACM Trans. Manage. Inf. Syst., 2011 2(2): 1-25.

    Article  Google Scholar 

  26. Mcknight D H, Chervany N L. What trust means in ecommerce customer relationships: An interdisciplinary conceptual typology. Int. J. Electron. Commerce, 2001, 6(2): 3559.

    Article  Google Scholar 

  27. Zhang W, Liu W, Wu X. Quantitative evaluation across software development life cycle based on evidence theory. In Proc. the 9th International Conference on Intelligent Computing Theories and Technology, Jul. 2013, pp.353-362.

  28. Yan G, Xu F, Yao Y et al. Enhancing trustworthiness evaluation in internetware with similarity and non-negative constraints. In Proc. the 5th Asia-Pacific Symposium on Internetware, Oct. 2013.

  29. Zhu M L, Jin Z. Approach for evaluating the trustworthiness of service agent. Journal of Software, 2011, 22(11): 2593-2609. (in Chinese)

    Article  Google Scholar 

  30. Si G N, Ren Y H, Xu J et al. A dependability evaluation model for Internetware based on Bayesian network. Journal of Computer Research and Development, 2012, 49(5): 1028-1038. (in Chinese)

    Google Scholar 

  31. Goel A L, Okumoto K. Time-dependent error detection rate model for software reliability and other performance measures. IEEE Transactions on Reliability, 1979, 28(3): 206-211.

    Article  MATH  Google Scholar 

  32. Musa J D Okumoto K. A logarithmic Poisson execution time model for software reliability measurement. In Proc. the 7th Int. Conf. Software Engineering, Mar. 1984, pp.230-238.

  33. Shick G J, Wolverton R W. An analysis of competing software reliability models. IEEE Transactions on Software Engineering, 1978, 4(2): 104-120.

    Article  MATH  Google Scholar 

  34. Torrado N, Wiper M P, Lillo R E. Software reliability modeling with software metrics data via Gaussian processes. IEEE Transactions on Software Engineering, 2013 39(8): 1179-1186.

    Article  Google Scholar 

  35. Alhazmi O H, Malaiya Y K. Quantitative vulnerability assessment of systems software. In Proc. Reliability and Maintainability Symposium. Jan. 2005, pp. 615620.

  36. Anderson R. Security in open versus closed systems — The dance of Boltzmann, Coase and Moore. In Proc. the Conf. Open Source Software Economics, Jul. 2002, pp.1-15.

  37. Musa J D. Software reliability data. Technique Report, Data and Analysis Center for Software, Rome Air Development Center, Rome, 1979, pp.9-10.

  38. Rescorla E. Is fining security holes a good idea? IEEE Security & Privacy, 2005: 3(1): 14-19.

    Article  Google Scholar 

  39. Zeng D F. Software trustworthiness evidence assessment framework research based on life cycle [Master Thesis]. Beijing: The Key Laboratory for Information System Security, Software School, Tsinghua University, 2011. (in Chinese)

  40. Lang B, Liu X D, Wang H M et al. A classification model for software trustworthiness. Journal of Frontiers of Computer Science and Technology, 2010, 4(3): 231-239.

    Google Scholar 

  41. Lu G, Wang H M, Mao X G. A cognitive-based evidence model for software trustworthiness evaluation. Journal of Nanjing University (Natural Sciences), 2010, 46(4): 456-463.

  42. Immonen A, Palviainen M. Trustworthiness evaluation and testing of open source components. In Proc. the 7th International Conference on Quality Software, Oct. 2007, pp.316-321.

  43. ISO/IEC FDIS 9126-1:2001. Information technology — Software product quality — Part 1: Quality Model. Published Standard. ISO/IEC, June 2001.

  44. Tao H W, Chen Y X. A metric model for trustworthiness of softwares. In Proc. 2009 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, Sept. 2009, pp.69-72.

  45. Tao HW, Chen Y X. Another metric model for trustworthiness of softwares based on partition. In Quantitative Logic and Soft Computing, Cao B Y, Wang G J, Chen S L et al. (eds.), Springer, 2010, pp.695-705.

  46. Tao H W, Chen Y X. A new metric model for trustworthiness of softwares. Telecommunication Systems, 2012, 51(2): 95-105.

    Article  MathSciNet  Google Scholar 

  47. Kamiya T, Kusumoto S, Inoue K. CCFinder: A multilinguistic token-based code clone detection system for large scale source code. TSE, 2002, 28(7): 654–670.

    Google Scholar 

  48. Li Z, Lu Z, Myagmar S, Zhou Y. CP-Miner: A tool for finding copy-paste and related bugs in operating system code. In Proc. OSDI, Dec. 2004, pp.289–302.

  49. Lin C. Research on code clone detection system based on fingerprint [Master Thesis]. Beijing: The Key Laboratory for Information System Security, Software School, Tsinghua University, 2016. (in Chinese)

  50. Li J J. Research on code clone detection system based on fingerprint [Master Thesis]. Beijing: The Key Laboratory for Information System Security, Software School, Tsinghua University, 2015. (in Chinese)

Download references

Author information

Authors and Affiliations

  1. Key Laboratory for Information System Security, School of Software, Tsinghua University, Beijing, 100084, China

    Xi Yang, Gul Jabeen & Ping Luo

  2. School of Computer and Information, Hefei University of Technology, Hefei, 230009, China

    Xiao-Ling Zhu

  3. Department of Foreign Languages and Literatures, Tsinghua University, Beijing, 100084, China

    Mei-Hua Liu

Authors
  1. Xi Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gul Jabeen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ping Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiao-Ling Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mei-Hua Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xi Yang.

Electronic supplementary material

Below is the link to the electronic supplementary material.

ESM 1

(PDF 993 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yang, X., Jabeen, G., Luo, P. et al. A Unified Measurement Solution of Software Trustworthiness Based on Social-to-Software Framework. J. Comput. Sci. Technol. 33, 603–620 (2018). https://doi.org/10.1007/s11390-018-1843-2

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-018-1843-2

Keywords

Search

Navigation