| Along with the rapid development of computer technology, software has penetrated into various domains of the national economy and defense and plays an important role. However, with the increase in size and complexity, software failures and malfunctions grow, which greatly increase the cost of software maintenance, even affect users' confidence in software. How to improve the credibility of software in development phase to ensure that the software acts in line with users' expectations, which has become a hot issue in software engineering field. Thus, it is of great theory meaning and practical value to make researches on constructions of trusted software.The consistence of software's behavior and users' expectation is the essential feature of the trusted software. Through the implementation of effective monitoring to obtain software's runtime state, and comparing the monitoring results with the expected behavior, we can effectively increase the credibility of software, analyze and locate software failures accurately. Therefore, injecting the monitoring capacity into software in an appropriate way will be an important approach to improve the credibility of software. But the current monitoring technology is still in the early stages of development, and there are still many technical and practical limitations. We are confronted within many challenges desiderated to be solved, such as the sick monitoring requirements describing capability, the lack of effective monitoring programming model and the the lack of universal platform and tools which support monitoring.Based on in-depth study of the monitoring technique, this paper proposes a trusted software constitution model based on monitoring (TSCM) to solve this problem. And on this base, we design and implement a trusted software integration develop environment named TSIDE. TSIDE is able to inject the monitoring capacity into software with source code markup language (SRCML) technology and aspect-oriented programming (AOP) technology, and has versatility and scalability. The content of this paper can be generalized as follows:1. In this paper, we analyze the basic principles of SRCML technology, and we uses it to assist programmers to describe monitoring requirements. And then, we in-depth make researches on basic principles of AOP technology and several key technologies. Through classification and comparison of typical AOP development environment, we choose the AOP development environment XWeaver as the base technology for the realization of monitoring capability injection.2. We propose a trusted software constitution model based on monitoring named TSCM. This model consists of two components: the source code analysis module, the monitoring requirement description module, the monitoring code generation module and the monitoring code weaving module compose the first part. These modules are loosely coupled. The support tools are the second part, mainly used to provide support tools and templates for the realization of other functional modules. TSCM injects the monitoring capacity into software by the monitoring capacity injecting mechanism, and based on this, it provide software runtime monitoring ability by the monitoring mechanism.3. Based on TSCM model, we design and implement a trusted software integration develop environment named TSIDE. TSIDE is able to graphically display software source code information to help programmers to describe monitoring requirements, product monitoring AOP code, and weave the code into the interior of software as the programmers do not modify the source code manually, providing the monitoring capability to the software process on threads, functions and the key variables level.On the basis of the above work, this paper use a producer and consumer program to verify TSIDE, the test results show that TSIDE can help programmers input control requirement, automatically inject monitoring capacity into this program and effectively monitor it's running state. This preliminary verified the feasibility and effectiveness of this paper's work. |
PDF Full Text Request