[go: up one dir, main page]

CN107480069A - A kind of Ration Assessing Software Dependability method under low demand operator scheme - Google Patents

A kind of Ration Assessing Software Dependability method under low demand operator scheme Download PDF

Info

Publication number
CN107480069A
CN107480069A CN201710727374.7A CN201710727374A CN107480069A CN 107480069 A CN107480069 A CN 107480069A CN 201710727374 A CN201710727374 A CN 201710727374A CN 107480069 A CN107480069 A CN 107480069A
Authority
CN
China
Prior art keywords
software
test
distribution
low
probability
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710727374.7A
Other languages
Chinese (zh)
Inventor
吴纯
吴一纯
周俊燚
谢珊
缪惠芳
郑剑香
朱宗伦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xiamen University
Original Assignee
Xiamen University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xiamen University filed Critical Xiamen University
Priority to CN201710727374.7A priority Critical patent/CN107480069A/en
Publication of CN107480069A publication Critical patent/CN107480069A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3692Test management for test results analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Complex Calculations (AREA)

Abstract

本发明涉及一种低需求操作模式下的软件可靠性定量评估方法,包括以下步骤:S1、通过引入风险分析的测试剖面,用于帮助说明软件运行场景及限制测试边界,全面模拟软件的实际操作场景,并结合运行场景的相对频率构造完整准确的运行剖面;S2、根据软件运行剖面,进行蒙特卡罗采样并生成样本文件,样本文件可用于生成测试用例,其数量由可靠性目标决定;S3、根据样本文件利用仿真模型生成用于软件测试的测试用例;S4、采用贝叶斯推断,定量评估低需求操作模式下的软件需求失效概率PFDavg

The present invention relates to a method for quantitatively evaluating software reliability in a low-demand operation mode, comprising the following steps: S1. By introducing a test profile for risk analysis, it is used to help explain software operating scenarios and limit test boundaries, and comprehensively simulate the actual operation of the software Scenarios, and combined with the relative frequency of the running scenarios to construct a complete and accurate running profile; S2. According to the software running profile, perform Monte Carlo sampling and generate sample files. The sample files can be used to generate test cases, the number of which is determined by the reliability target; S3 . Generating test cases for software testing by using the simulation model according to the sample file; S4. Using Bayesian inference to quantitatively evaluate the software requirement failure probability PFD avg in the low-demand operation mode.

Description

一种低需求操作模式下的软件可靠性定量评估方法A Quantitative Evaluation Method of Software Reliability in Low Demand Operation Mode

技术领域technical field

本发明属于软件可靠性分析领域,具体是一种低需求操作模式下的软件可靠性定量评估方法。The invention belongs to the field of software reliability analysis, in particular to a method for quantitatively evaluating software reliability in a low-demand operation mode.

背景技术Background technique

软件可靠性分析包括定性分析和定量评估,定性分析的目的是识别软件设计中存在的薄弱环节,以便有针对性地进行改进;定量分析的目的是评定软件无故障完成规定功能的能力。由于软件的特殊性,其失效模式不易识别成为定性分析的难点,因此目前软件可靠性分析以定量评估为主。Software reliability analysis includes qualitative analysis and quantitative evaluation. The purpose of qualitative analysis is to identify weak links in software design so as to make targeted improvements; the purpose of quantitative analysis is to evaluate the ability of software to complete specified functions without failure. Due to the particularity of software, its failure mode is not easy to identify, which becomes the difficulty of qualitative analysis. Therefore, the current software reliability analysis is mainly based on quantitative evaluation.

现有的软件可靠性定量评估方法主要有:软件可靠性增长模型、贝叶斯信度网、黑盒测试、白盒测试、基于平均失效前时间的度量方法和基于缺陷密度的度量方法。上述方法大多针对高需求或连续操作模式的软件进行测试,在这种操作模式下软件持续运行响应,不间断地执行软件功能,例如控制系统软件,其可靠性通过软件发生失效的平均频率来衡量。The existing software reliability quantitative evaluation methods mainly include: software reliability growth model, Bayesian belief network, black-box testing, white-box testing, measurement methods based on mean time to failure and measurement methods based on defect density. Most of the above methods are tested for software with high demand or continuous operation mode, in which the software runs continuously and responds, and performs software functions without interruption, such as control system software, whose reliability is measured by the average frequency of software failures .

而对于低需求操作模式的软件,系统大多数时间内处于钝态,仅当特定状态发生时,软件才会执行设定功能,例如保护系统软件,这类软件常与安全功能相关,特定环境下执行特定功能决定了黑盒测试等随机测试过程已不适用。其可靠性已不能用发生失效的平均频率来衡量,而是通过需求发生时无法执行规定功能的概率来衡量。因此,衡量可靠性的指标不一样导致上述可靠性定量评估方法不能完全满足低需求操作模式的软件可靠性定量评估。For the software in the low-demand operation mode, the system is in a passive state most of the time. Only when a specific state occurs, the software will perform the set function, such as protecting system software. This type of software is often related to security functions. Execution of specific functions dictates that random testing processes such as black box testing are no longer applicable. Its reliability can no longer be measured by the average frequency of failure, but by the probability that the specified function cannot be performed when the demand occurs. Therefore, the indicators for measuring reliability are not the same, so the above-mentioned reliability quantitative evaluation method cannot fully meet the quantitative evaluation of software reliability in the low-demand operation mode.

发明内容Contents of the invention

本发明为解决上述问题而提供一种低需求操作模式下的软件可靠性定量评估方法。具体技术方案如下:In order to solve the above problems, the present invention provides a method for quantitatively evaluating software reliability in a low-demand operation mode. The specific technical scheme is as follows:

一种低需求操作模式下的软件可靠性定量评估方法,包括以下步骤:A method for quantitatively evaluating software reliability in a low-demand operating mode, comprising the following steps:

S1、通过引入风险分析的测试剖面,用于帮助说明软件运行场景及限制测试边界,全面模拟软件的实际操作场景,并结合运行场景的相对频率构造完整准确的运行剖面;S1. By introducing the test profile of risk analysis, it is used to help explain the software operation scenario and limit the test boundary, comprehensively simulate the actual operation scenario of the software, and combine the relative frequency of the operation scenario to construct a complete and accurate operation profile;

S2、根据软件运行剖面,进行蒙特卡罗采样并生成样本文件,样本文件可用于生成测试用例,其数量由可靠性目标决定;S2. According to the software running profile, perform Monte Carlo sampling and generate sample files, which can be used to generate test cases, the number of which is determined by the reliability target;

S3、根据样本文件利用仿真模型生成用于软件测试的测试用例;S3. Generate a test case for software testing by using the simulation model according to the sample file;

S4、采用贝叶斯推断,定量评估低需求操作模式下的软件需求失效概率PFDavg。进一步地,步骤S4的具体过程如下:S4. Using Bayesian inference to quantitatively evaluate the software requirement failure probability PFD avg in the low-demand operation mode. Further, the specific process of step S4 is as follows:

S41、令随机变量Y代表测试之前未知的事件概率,将其先验分布假设为β分布,表示为β(a,b),随机变量Y的概率密度函数为S41. Let the random variable Y represent the unknown event probability before the test, assume its prior distribution as a β distribution, expressed as β(a,b), and the probability density function of the random variable Y is:

其中0≤y≤1且a、b均为大于0的整数,归一化常数B(a,b)是β函数;Where 0≤y≤1 and a and b are both integers greater than 0, and the normalization constant B(a, b) is a β function;

S42、β(a,b)随机变量Y的均值为S42. The mean of β(a,b) random variable Y is

S43、根据贝叶斯理论,在给定观测值X时,Y的后验概率密度函数为S43. According to Bayesian theory, when the observation value X is given, the posterior probability density function of Y is

其中,g(x|y)为观察值X条件下Y的似然函数,用于刻画产生数据x的过程,f(y|x)为随机变量Y在n次测试后的观测值X下的后验概率密度函数,对f(y|x)进行计算,得到Among them, g(x|y) is the likelihood function of Y under the observation value X condition, which is used to describe the process of generating data x, f(y|x) is the random variable Y under the observation value X after n tests Posterior probability density function, calculate f(y|x), get

S44、计算得到Y的后验分布为β(x+a,n-x+b)和后验分布均值为S44. The calculated posterior distribution of Y is β(x+a, n-x+b) and the mean value of the posterior distribution is

其中x为被观测到的故障次数,n为测试总次数,a和b是Y先验分布的参数;Where x is the number of observed failures, n is the total number of tests, a and b are the parameters of the prior distribution of Y;

S45、通过贝叶斯方法可以生成系统故障概率上限yu,并通过置信水平θ描述上限yu的可信程度,表示为S45. The upper limit of the system failure probability y u can be generated by the Bayesian method, and the confidence level of the upper limit y u can be described by the confidence level θ, expressed as

Pr{Y≤yu|x}=θ;Pr{Y≤y u |x}=θ;

S46、令a=b=1,即在测试之前软件需求失效概率为1/2,以及x=0,即要求测试过程没有观测到故障,可以将后验累积分布函数S46, let a=b=1, that is, the failure probability of the software requirement is 1/2 before the test, and x=0, that is, it is required that no fault is observed in the testing process, and the posterior cumulative distribution function can be

简化为Simplified to

F(yu|0)=1-(1-yu)n+1=θ,F(y u |0)=1-(1-y u ) n+1 =θ,

解上述等式得yu=1-(1-θ)1/(n+1) Solve the above equation to get y u =1-(1-θ) 1/(n+1)

S47、在进行n次无故障测试后,软件需求失效概率PFDavg的后验分布为β(1,n+1),得到待测软件的软件需求失效概率PFDavg的均值为1/n+1。S47. After n times of no-fault tests, the posterior distribution of the software requirement failure probability PFD avg is β(1,n+1), and the mean value of the software requirement failure probability PFD avg of the software to be tested is 1/n+1 .

本发明的有益效果是:The beneficial effects of the present invention are:

本发明针对低需求操作模式软件特点,引入风险分析方法构建测试剖面并描述软件运行场景,根据运行场景相对频率采样生成测试用例,使得生成的测试用例适用于低需求操作模式软件。通过对待测软件进行无故障测试后,进行贝叶斯推断以达到定量评估低需求操作模式软件的可靠性目的。Aiming at the characteristics of low-demand operation mode software, the present invention introduces a risk analysis method to construct a test profile and describe software operation scenarios, and generates test cases according to relative frequency sampling of operation scenarios, so that the generated test cases are suitable for low-demand operation mode software. After the fault-free test of the software to be tested, Bayesian inference is carried out to achieve the purpose of quantitatively evaluating the reliability of the low-demand operation mode software.

附图说明Description of drawings

图1为本发明的软件可靠性定量评估流程图;Fig. 1 is the software reliability quantitative evaluation flowchart of the present invention;

图2为本发明的实施例的压水堆核电站一回路模型;Fig. 2 is the primary circuit model of the pressurized water reactor nuclear power plant of the embodiment of the present invention;

图3为本发明的实施例的一回路流量低保护子系统软件架构图;Fig. 3 is a software architecture diagram of the primary circuit flow low protection subsystem of an embodiment of the present invention;

图4为本发明的实施例的一回路冷却剂流量低故障树;Fig. 4 is the low fault tree of primary circuit coolant flow rate of the embodiment of the present invention;

图5为本发明的实施例的无故障测试次数与概率变化曲线。Fig. 5 is the variation curve of the number of no-fault tests and the probability of the embodiment of the present invention.

具体实施方式detailed description

为进一步说明各实施例,本发明提供有附图。这些附图为本发明揭露内容的一部分,其主要用以说明实施例,并可配合说明书的相关描述来解释实施例的运作原理。配合参考这些内容,本领域普通技术人员应能理解其他可能的实施方式以及本发明的优点。To further illustrate the various embodiments, the present invention is provided with accompanying drawings. These drawings are a part of the disclosure of the present invention, which are mainly used to illustrate the embodiments, and can be combined with related descriptions in the specification to explain the operating principles of the embodiments. With reference to these contents, those skilled in the art should understand other possible implementations and advantages of the present invention.

本发明的软件可靠性定量评估方法,通过引入概率风险评价技术分析与软件相关输入的产生机制,得到软件运行剖面,构建测试剖面通过采样生成样本,并输入系统仿真模型得到测试用例。再进行相应次数的无故障测试后,通过贝叶斯推断得到软件可靠性指标。The software reliability quantitative evaluation method of the present invention, by introducing probabilistic risk evaluation technology analysis and software-related input generation mechanism, obtains the software operation profile, constructs the test profile and generates samples through sampling, and inputs the system simulation model to obtain test cases. After a corresponding number of fault-free tests, the software reliability index is obtained through Bayesian inference.

现结合附图和具体实施方式对本发明进一步说明。The present invention will be further described in conjunction with the accompanying drawings and specific embodiments.

实施例:Example:

如图1至图5所示,作为一个具体的实施例,本发明通过对某压水堆核电站一回路系统的冷却剂流量低保护子系统软件。图1为本发明的软件可靠性定量评估流程图。如图2所示为压水堆核电站一回路模型,由反应堆和3条并联闭合的冷却剂环路组成,每条环路包括1台主冷却剂泵、1台蒸汽发生器以及相应管道和仪表组成,其中1条环路的热管段连接着稳压器。由于3条环路基本一致,节点图仅给出带有稳压器的一个环路。如图3所示为一回路流量低保护子系统软件架构图,输入参数有反应堆功率P、冷却剂流量Flow和泵断路器状态,输出为停堆信号。As shown in Figures 1 to 5, as a specific embodiment, the present invention protects the subsystem software for the low coolant flow rate of the primary circuit system of a certain pressurized water reactor nuclear power plant. Fig. 1 is a flowchart of software reliability quantitative assessment of the present invention. As shown in Figure 2, the primary circuit model of a pressurized water reactor nuclear power plant is composed of a reactor and three parallel closed coolant loops, and each loop includes a main coolant pump, a steam generator, and corresponding piping and instruments The heat pipe section of one loop is connected to the voltage regulator. Since the 3 loops are basically the same, the node diagram only shows a loop with a voltage regulator. Figure 3 shows the software architecture diagram of the primary circuit low flow protection subsystem. The input parameters include reactor power P, coolant flow Flow and pump circuit breaker status, and the output is a shutdown signal.

按照图1所示流程,说明本发明低需求操作模式下的软件可靠性定量评估方法的具体实施过程。According to the flow shown in FIG. 1 , the specific implementation process of the software reliability quantitative evaluation method in the low-demand operation mode of the present invention is described.

步骤S1:基于风险分析建立测试剖面:通过引入风险分析的测试剖面,用于帮助说明软件运行场景及限制测试边界,全面模拟软件的实际操作场景,并结合运行场景的相对频率构造完整准确的运行剖面。结合压水堆核电站一回路模型和保护子系统软件输入空间,建立风险故障树如图4所示。顶事件为冷却剂流量低,导致顶事件发生有2个一级原因事件,并最终识别为7个事件割集。表1所示为末级事件在引起冷却剂流量低事故中的相对频率。Step S1: Establish a test profile based on risk analysis: By introducing a risk analysis test profile, it is used to help explain the software operation scenario and limit the test boundary, fully simulate the actual operation scenario of the software, and combine the relative frequency of the operation scenario to construct a complete and accurate operation profile. Combining the primary circuit model of the PWR nuclear power plant and the software input space of the protection subsystem, a risk fault tree is established as shown in Figure 4. The top event is low coolant flow rate, and there are 2 primary cause events leading to the top event, which are finally identified as 7 event cut sets. Table 1 shows the relative frequency of end-stage events in causing low coolant flow accidents.

表1Table 1

事件编号event number X1X1 X2X2 X3X3 X4X4 X5X5 X6X6 X7X7 相对频率relative frequency 5.42E-035.42E-03 5.42E-035.42E-03 3.91E-013.91E-01 3.28E-033.28E-03 5.58E-015.58E-01 2.60E-022.60E-02 1.10E-021.10E-02

由系统特征及冷却剂流量低故障树,建立故障影响组:gFlow、gPump、gFctrlI。三个故障影响组分别代表了管道阻塞故障、主泵故障、流量监测输入故障。结合末级事件相对频率描述待测软件的运行剖面,如表2所示。Based on the system characteristics and the low coolant flow fault tree, the fault impact groups are established: gFlow, gPump, gFctrlI. The three fault impact groups represent pipeline blockage faults, main pump faults, and flow monitoring input faults, respectively. Combined with the relative frequency of the final event, the operating profile of the software under test is described, as shown in Table 2.

表2Table 2

编号serial number 事件event 相对频率relative frequency 故障影响组Fault Affected Group 事件描述event description 11 X1X1 5.42E-035.42E-03 gFlowgFlow 流量组件FE1堵塞Flow assembly FE1 blocked 22 X2X2 5.42E-035.42E-03 gFlowgFlow 流量组件FE2堵塞Flow assembly FE2 blocked 33 X3X3 3.91E-013.91E-01 gFlowgFlow 过滤器S145堵塞Filter S145 clogged 44 X4X4 3.28E-033.28E-03 gPumpgPump 主泵机械故障Main pump mechanical failure 55 X5X5 5.58E-015.58E-01 gPumpgPump 主泵电气故障Main pump electrical failure 66 X6X6 2.60E-022.60E-02 gFctrlIgFctrlI 模拟输入模块故障Analog input module failure 77 X7X7 1.10E-021.10E-02 gFctrlIgFctrlI 流量传感器输入故障Flow sensor input failure

步骤S2:蒙特卡罗采样生成样本:根据软件运行剖面,进行蒙特卡罗采样并生成样本文件,样本文件可用于生成测试用例,其数量由可靠性目标决定。具体地,根据相对频率对运行剖面进行采样,样本文件包含代表不同类型故障的相关物理参数。根据相关标准,待测软件的可靠性目标为PFDavg=10-4,因此选择采样样本的数量为1万次,表3所示为部分样本文件。Step S2: Monte Carlo sampling to generate samples: According to the software running profile, perform Monte Carlo sampling and generate sample files. The sample files can be used to generate test cases, the number of which is determined by the reliability target. Specifically, operating profiles are sampled according to relative frequency, and the sample files contain relevant physical parameters representing different types of faults. According to relevant standards, the reliability target of the software to be tested is PFD avg =10 -4 , so the number of sampling samples is selected as 10,000 times. Table 3 shows some sample files.

表3table 3

样本编号sample number 事件编号event number 故障影响组Fault Affected Group 相关参数1Related parameter 1 相关参数2Related parameter 2 11 X5X5 gPumpgPump triptrip 1.21.2 22 X3X3 gFlowgFlow S145S145 5.650E-045.650E-04 33 X4X4 gPumpgPump seizureaffliction 0.30.3 44 X6X6 gFctrlIgFctrlI 31.2831.28 NANA

步骤S3:根据样本文件利用仿真模型生成用于软件测试的测试用例:在获得运行场景的样本文件之后需要将其转化为测试用例,由于不可能通过实际系统获取数据,选择搭建代表实际系统的物理仿真模型进行仿真,仿真结果作为每个样本对应的测试用例,代表着不同事故工况下软件的输入参数。Step S3: Use the simulation model to generate test cases for software testing according to the sample files: After obtaining the sample files of the running scenarios, they need to be converted into test cases. Since it is impossible to obtain data through the actual system, choose to build a physical system representing the actual system. The simulation model is used for simulation, and the simulation results are used as test cases corresponding to each sample, representing the input parameters of the software under different accident conditions.

步骤S4:执行测试并采用贝叶斯推断,定量评估低需求操作模式下的软件需求失效概率PFDavg:仿真结果包含了代表传感器信号等的物理参数数值,这些信号将作为测试用例输入到待测软件。Step S4: Execute the test and use Bayesian inference to quantitatively evaluate the software requirement failure probability PFD avg in the low-demand operation mode: the simulation results include the values of physical parameters representing sensor signals, etc., which will be input as test cases to the UUT software.

具体过程如下:The specific process is as follows:

令随机变量Y代表测试之前未知的事件概率,将其先验分布假设为β分布,表示为β(a,b)。则随机变量Y的概率密度函数为Let the random variable Y represent the unknown event probability before testing, and its prior distribution is assumed to be a β distribution, denoted as β(a,b). Then the probability density function of the random variable Y is

其中0≤y≤1且a、b均为大于0的整数,归一化常数B(a,b)是β函数。β(a,b)随机变量Y的均值为Where 0≤y≤1 and both a and b are integers greater than 0, and the normalization constant B(a, b) is a β function. The mean of β(a,b) random variable Y is

在贝叶斯定理中,g(x|y)为观察值X条件下Y的似然函数,用于刻画产生数据x的过程;f(y|x)为随机变量Y在n次测试后的观测值X下的后验概率密度函数。根据贝叶斯理论,在给定观测值X时,Y的后验概率密度函数为In Bayesian theorem, g(x|y) is the likelihood function of Y under the condition of observation value X, which is used to describe the process of generating data x; f(y|x) is the random variable Y after n tests Posterior probability density function for observations X. According to Bayesian theory, when the observation value X is given, the posterior probability density function of Y is

which is

故,Y的后验分布为β(x+a,n-x+b),其中x为被观测到的故障次数,n为测试总次数,a和b是Y先验分布的参数。后验分布均值为Therefore, the posterior distribution of Y is β(x+a,n-x+b), where x is the number of observed failures, n is the total number of tests, and a and b are the parameters of Y's prior distribution. The mean of the posterior distribution is

通过贝叶斯方法可以生成系统故障概率上限yu,并通过置信水平θ描述上限yu的可信程度,表示为Pr{Y≤yu|x}=θ,例如θ=0.95,表示事件Y的概率有95%的几率位于区间[0,yu]。The upper limit of the system failure probability y u can be generated by the Bayesian method, and the credibility of the upper limit y u can be described by the confidence level θ, which is expressed as Pr{Y≤y u |x}=θ, for example, θ=0.95, which means the event Y The probability of is 95% in the interval [0,y u ].

首先,令先验概率密度函数中的参数a=b=1,先验分布为退化均匀分布。以均匀分布确定被测软件的先验概率密度函数,可以被解释为无信息先验分布,即在测试之前软件失效概率为1/2,对于低需求操作模式的软件来说,这样的无信息先验分布估计结果是保守的。First, the parameter a=b=1 in the prior probability density function is set, and the prior distribution is a degenerate uniform distribution. Determine the prior probability density function of the software under test with a uniform distribution, which can be interpreted as an uninformative prior distribution, that is, the probability of software failure before testing is 1/2, for software with low demand operating modes, such an uninformative The prior distribution estimates turned out to be conservative.

然后,令x=0,即要求测试过程没有观测到故障,这在低需求操作模式软件测试过程中是很常见的,可以将后验累积分布函数Then, let x = 0, that is, it is required that no faults are observed during the testing process, which is very common in the software testing process of the low-demand operation mode, and the posterior cumulative distribution function can be expressed as

简化为Simplified to

F(yu|O)=1-(1-yu)n+1=θF(y u |O)=1-(1-y u ) n+1 =θ

解上述等式得Solve the above equation to get

yu=1-(1-θ)1/(n+l) y u =1-(1-θ) 1/(n+l)

上式表明:在无故障测试(即,x=0)的条件下,事件概率上限yu由置信水平θ和成功测试次数n决定。The above formula shows that: under the condition of no fault test (ie, x=0), the event probability upper limit y u is determined by the confidence level θ and the number of successful tests n.

在进行n次无故障测试后,软件需求故障PFDavg的后验分布为β(1,n+1),得到待测软件的故障概率均值为1/n+1。After n times of no-fault tests, the posterior distribution of the software requirement fault PFD avg is β(1,n+1), and the mean value of the fault probability of the software to be tested is 1/n+1.

在本实施例中,将测试用例输入到一回路流量低保护子系统软件,结合软件实际响应和软件需求,分析软件运行是否符合软件需求规格书的要求,从而判定软件测试是否成功。在置信水平θ=0.95时,事件概率上限yu、概率均值Ey与无故障测试次数n的关系如图5所示,随着无故障测试次数(n)的增加,事件概率上限yu和概率均值Ey均呈下降趋势,软件可靠性随之上升。在进行n=10000次无故障测试后,软件需求失效概率PFDavg的后验分布为β(1,10001),得到软件需求失效概率PFDavg均值为1/10002≈10-4,对于此β分布的5%分位数和95%分位数分别为5×10-6和3×10-4,分析结果如表4所示。In this embodiment, the test cases are input into the primary circuit low flow protection subsystem software, and combined with the actual response of the software and the software requirements, it is analyzed whether the operation of the software meets the requirements of the software requirements specification, so as to determine whether the software test is successful. When the confidence level θ=0.95, the relationship between the event probability upper limit y u , the probability mean E y and the number of no-fault tests n is shown in Figure 5. With the increase of the number of no-fault tests (n), the event probability upper limit y u and The probability mean value Ey all showed a downward trend, and the software reliability increased accordingly. After n=10000 no-fault tests, the posterior distribution of software requirement failure probability PFD avg is β(1,10001), and the mean value of software requirement failure probability PFD avg is 1/10002≈10 -4 , for this β distribution The 5% quantile and 95% quantile of are respectively 5×10 -6 and 3×10 -4 , and the analysis results are shown in Table 4.

表4Table 4

故障模式failure mode 概率分布Probability distributions 5%分位数5% quantile 概率均值probability mean 95%分位数95% quantile RPS子系统软件故障RPS subsystem software failure Β(1,10001)Β(1,10001) 5×10-6 5×10 -6 1×10-4 1×10 -4 3×10-4 3×10 -4

本发明一种低需求操作模式下的软件可靠性定量评估方法,通过引入概率风险评价技术分析与软件相关输入的产生机制,得到软件运行剖面,构建测试剖面通过采样生成样本,并输入系统仿真模型得到测试用例。再进行相应次数的无故障测试后,通过贝叶斯推断得到软件可靠性指标。The present invention is a quantitative evaluation method for software reliability in low-demand operation mode. By introducing probabilistic risk evaluation technology analysis and software-related input generation mechanism, the software operation profile is obtained, and the test profile is constructed to generate samples through sampling and input into the system simulation model. Get the test case. After a corresponding number of fault-free tests, the software reliability index is obtained through Bayesian inference.

尽管结合优选实施方案具体展示和介绍了本发明,但所属领域的技术人员应该明白,在不脱离所附权利要求书所限定的本发明的精神和范围内,在形式上和细节上可以对本发明做出各种变化,均为本发明的保护范围。Although the present invention has been particularly shown and described in conjunction with preferred embodiments, it will be understood by those skilled in the art that changes in form and details may be made to the present invention without departing from the spirit and scope of the invention as defined by the appended claims. Making various changes is within the protection scope of the present invention.

Claims (2)

1.一种低需求操作模式下的软件可靠性定量评估方法,其特征在于,包括以下步骤:1. A software reliability quantitative evaluation method under a low demand operation mode, characterized in that, comprising the following steps: S1、通过引入风险分析的测试剖面,用于帮助说明软件运行场景及限制测试边界,全面模拟软件的实际操作场景,并结合运行场景的相对频率构造完整准确的运行剖面;S1. By introducing the test profile of risk analysis, it is used to help explain the software operation scenario and limit the test boundary, comprehensively simulate the actual operation scenario of the software, and combine the relative frequency of the operation scenario to construct a complete and accurate operation profile; S2、根据软件运行剖面,进行蒙特卡罗采样并生成样本文件,其数量由可靠性目标决定;S2. According to the software operation profile, perform Monte Carlo sampling and generate sample files, the number of which is determined by the reliability target; S3、根据样本文件,利用仿真模型生成用于软件测试的测试用例;S3. According to the sample file, use the simulation model to generate a test case for software testing; S4、执行测试并采用贝叶斯推断,定量评估低需求操作模式下的软件需求失效概率PFDavgS4. Execute the test and use Bayesian inference to quantitatively evaluate the software requirement failure probability PFD avg in the low-demand operation mode. 2.如权利要求1所述的一种低需求操作模式下的软件可靠性定量评估方法,其特征在于,所述步骤S4的具体过程如下:2. The software reliability quantitative evaluation method under a kind of low-demand operation mode as claimed in claim 1, is characterized in that, the specific process of described step S4 is as follows: S41、令随机变量Y代表测试之前未知的事件概率,将其先验分布假设为β分布,表示为β(a,b),则随机变量Y的概率密度函数为 S41. Let the random variable Y represent the unknown event probability before the test, assume its prior distribution as a β distribution, expressed as β(a,b), then the probability density function of the random variable Y is: 其中0≤y≤1且a、b均为大于0的整数,归一化常数B(a,b)是β函数;Where 0≤y≤1 and a and b are both integers greater than 0, and the normalization constant B(a, b) is a β function; S42、计算得到β(a,b)随机变量Y的均值为 S42. Calculate the mean value of the β(a,b) random variable Y as S43、根据贝叶斯理论,在给定观测值X时,Y的后验概率密度函数为其中,g(x|y)为观察值X条件下Y的似然函数,用于刻画产生数据x的过程,f(y|x)为随机变量Y在n次测试后的观测值X下的后验概率密度函数,对f(y|x)进行计算,得到 S43. According to Bayesian theory, when the observation value X is given, the posterior probability density function of Y is Among them, g(x|y) is the likelihood function of Y under the observation value X condition, which is used to describe the process of generating data x, f(y|x) is the random variable Y under the observation value X after n tests Posterior probability density function, calculate f(y|x), get S44、计算得到Y的后验分布为β(x+a,n-x+b)和后验分布均值为 其中x为被观测到的故障次数,n为测试总次数,a和b是Y先验分布的参数;S44. The calculated posterior distribution of Y is β(x+a, n-x+b) and the mean value of the posterior distribution is Where x is the number of observed failures, n is the total number of tests, a and b are the parameters of the prior distribution of Y; S45、通过贝叶斯方法可以生成系统故障概率上限yu,并通过置信水平θ描述上限yu的可信程度,表示为Pr{Y≤yu|x}=θ;S45. The upper limit of the system failure probability y u can be generated by the Bayesian method, and the credibility of the upper limit y u can be described by the confidence level θ, expressed as Pr{Y≤y u |x}=θ; S46、令a=b=1,即在测试之前软件需求失效概率为1/2,以及x=0,即要求测试过程没有观测到故障,可以将后验累积分布函数S46, let a=b=1, that is, the failure probability of the software requirement is 1/2 before the test, and x=0, that is, it is required that no fault is observed in the testing process, and the posterior cumulative distribution function can be 简化为 Simplified to F(yu|0)=1-(1-yu)n+1=θ,F(y u |0)=1-(1-y u ) n+1 =θ, 解上述等式得yu=1-(1-θ)1/(n+1) Solve the above equation to get y u =1-(1-θ) 1/(n+1) S47、在进行n次无故障测试后,软件需求失效概率PFDavg的后验分布为β(1,n+1),得到待测软件的软件需求失效概率PFDavg的均值为1/n+1。S47. After n times of no-fault tests, the posterior distribution of the software requirement failure probability PFD avg is β(1,n+1), and the mean value of the software requirement failure probability PFD avg of the software to be tested is 1/n+1 .
CN201710727374.7A 2017-08-23 2017-08-23 A kind of Ration Assessing Software Dependability method under low demand operator scheme Pending CN107480069A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710727374.7A CN107480069A (en) 2017-08-23 2017-08-23 A kind of Ration Assessing Software Dependability method under low demand operator scheme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710727374.7A CN107480069A (en) 2017-08-23 2017-08-23 A kind of Ration Assessing Software Dependability method under low demand operator scheme

Publications (1)

Publication Number Publication Date
CN107480069A true CN107480069A (en) 2017-12-15

Family

ID=60601393

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710727374.7A Pending CN107480069A (en) 2017-08-23 2017-08-23 A kind of Ration Assessing Software Dependability method under low demand operator scheme

Country Status (1)

Country Link
CN (1) CN107480069A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110377521A (en) * 2019-07-23 2019-10-25 郑州阿帕斯科技有限公司 A kind of target object verification method and device
CN110688152A (en) * 2019-09-27 2020-01-14 厦门大学 Software reliability quantitative evaluation method combining software development quality information
CN111143752A (en) * 2019-05-17 2020-05-12 深圳市德塔防爆电动汽车有限公司 Method for calculating safety importance of electric vehicle and electric vehicle
CN112035343A (en) * 2020-08-13 2020-12-04 武汉大学 Test case generation method and system based on Bayesian estimation
CN112147967A (en) * 2019-06-27 2020-12-29 北京新能源汽车股份有限公司 Automatic generation method and device for scene test case of automobile controller
CN112395200A (en) * 2020-11-25 2021-02-23 电信科学技术第十研究所有限公司 Method and device for determining probability of software reliability operation profile
CN117851266A (en) * 2024-03-05 2024-04-09 中国人民解放军海军工程大学 Bayesian verification method and device for reliability of safety-critical software

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102629232A (en) * 2012-01-09 2012-08-08 北京航空航天大学 Software reliability verifying and testing method with test validity introduced
US20130031423A1 (en) * 2011-07-26 2013-01-31 Google Inc System and Method for Identifying Fault Prone Computer Code Files
CN107025172A (en) * 2017-03-22 2017-08-08 厦门大学 A kind of method for testing software based on probabilistic risk assessment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130031423A1 (en) * 2011-07-26 2013-01-31 Google Inc System and Method for Identifying Fault Prone Computer Code Files
CN102629232A (en) * 2012-01-09 2012-08-08 北京航空航天大学 Software reliability verifying and testing method with test validity introduced
CN107025172A (en) * 2017-03-22 2017-08-08 厦门大学 A kind of method for testing software based on probabilistic risk assessment

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
ENRICO ZIO: "《The Monte Carlo Simulation Method for System Reliability and Risk Analysis》", 3 November 2012, SPRINGER *
周俊燚 等: ""安全级数字化系统软件测试用例生成方法研究"", 《核电子学与探测技术》 *
马飒飒 等: ""安全关键软件防危性评测方法研究"", 《计算机工程与设计》 *
齐蓓: ""基于软件体系结构的软件可靠性验证测评方法研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111143752A (en) * 2019-05-17 2020-05-12 深圳市德塔防爆电动汽车有限公司 Method for calculating safety importance of electric vehicle and electric vehicle
CN112147967A (en) * 2019-06-27 2020-12-29 北京新能源汽车股份有限公司 Automatic generation method and device for scene test case of automobile controller
CN110377521A (en) * 2019-07-23 2019-10-25 郑州阿帕斯科技有限公司 A kind of target object verification method and device
CN110377521B (en) * 2019-07-23 2022-11-18 郑州阿帕斯科技有限公司 Target object verification method and device
CN110688152A (en) * 2019-09-27 2020-01-14 厦门大学 Software reliability quantitative evaluation method combining software development quality information
CN110688152B (en) * 2019-09-27 2021-01-01 厦门大学 Software reliability quantitative evaluation method combining software development quality information
CN112035343A (en) * 2020-08-13 2020-12-04 武汉大学 Test case generation method and system based on Bayesian estimation
CN112035343B (en) * 2020-08-13 2022-02-01 武汉大学 Test case generation method and system based on Bayesian estimation
CN112395200A (en) * 2020-11-25 2021-02-23 电信科学技术第十研究所有限公司 Method and device for determining probability of software reliability operation profile
CN112395200B (en) * 2020-11-25 2024-04-02 电信科学技术第十研究所有限公司 Method and device for determining probability of software reliability operation profile
CN117851266A (en) * 2024-03-05 2024-04-09 中国人民解放军海军工程大学 Bayesian verification method and device for reliability of safety-critical software
CN117851266B (en) * 2024-03-05 2024-05-28 中国人民解放军海军工程大学 Bayesian verification method and device for reliability of safety-critical software

Similar Documents

Publication Publication Date Title
CN107480069A (en) A kind of Ration Assessing Software Dependability method under low demand operator scheme
RU2667691C1 (en) Method of fault diagnostics and the fault diagnostic system
US8751423B2 (en) Turbine performance diagnostic system and methods
RU2684225C2 (en) Aircraft engine monitoring system validation instrument
Li et al. False alarm reducing in PCA method for sensor fault detection in a nuclear power plant
CN104850750B (en) A kind of nuclear power plant reactor protects systems reliability analysis method
Miao et al. A clustering-based strategy to identify coincidental correctness in fault localization
CN111796233B (en) Method for evaluating secondary errors of multiple voltage transformers in double-bus connection mode
Kim et al. Failure rate updates using condition-based prognostics in probabilistic safety assessments
CN102411537A (en) Reliability verification test method based on mixed Bayesian prior distribution
CN115951292A (en) Electronic voltage transformer error state online evaluation method and device
Cai et al. Quantitative software reliability assessment methodology based on Bayesian belief networks and statistical testing for safety-critical software
CN112712305B (en) Aircraft system and health assessment method and device thereof
CN112507605A (en) Power distribution network anomaly detection method based on AnoGAN
Zhao et al. Research on an adaptive threshold setting method for aero-engine fault detection based on KDE-EWMA
Wang et al. A hybrid fault diagnosis strategy for chemical process startups
CN113221316A (en) Fault diagnosis strategy optimization method considering test uncertainty
CN110688152B (en) Software reliability quantitative evaluation method combining software development quality information
Farber et al. Using multiple-model adaptive estimation and system identification for fault detection in nuclear power plants
US20220058075A1 (en) Identifying faults in system data
CN117454735A (en) Model generation method, reliability analysis method, system, equipment and medium
Yu et al. The quantitative safety assessment for safety-critical software
JP2021110977A (en) Diagnostic equipment, diagnostic methods and programs
CN109815442B (en) Complex system reliability analysis method considering technical index measured value
Palmé et al. Similarity based modeling for turbine exit temperature spread monitoring on gas turbines

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171215