A Hybrid Approach to Enhancing the Reliability of Software

Quantified Score

Visualization

Abstract

Two approaches to enhancing the reliability and security of software—static analysis of the source code and dynamic protection—are compared. Advantages and disadvantages of these approaches are discussed. A hybrid approach to enhancing the reliability of software is suggested that combines advantages of both methods and smoothes over their drawbacks. A classification of dynamic protection systems is presented in terms of the time of their operation, abstraction level at which modifications are introduced and the protection code operates, and principles of protection. A pragmatic approach to the development and evolution of an algorithm for finding errors of a certain class in the source code that result in reducing the reliability or security of the system is described. The algorithm calculates an approximation of the exact solution (the set of dangerous fragments), and every next version of the algorithm improves the approximation to the exact solution. At each stage, the hybrid algorithm is used: when the static analysis cannot decide whether there are errors or not, the task of preventing the effects of possible errors is entrusted to the dynamic protection system. The iterative improvement of the algorithm has two purposes: to reduce the number of false alerts and to reduce the workload on the dynamic protection system. Application of the approach to a class of errors reducing the security of software is considered.