网构软件可信性保证关键技术研究
|
摘要
存在于互联网各个节点上的主体化软件服务,通过多种机制进行协同、整合而形成的软件形态通称为网构软件。网构软件为有效进行异构资源整合、充分利用互联网上大量的软件服务提供了有效手段。但随着对网构软件功能需求的不断增加,系统的结构、体系变得日趋复杂,同时由于软件的运行环境从传统的“封闭、静态、可控”环境转变到了“开放、动态、难控”的互联网环境,对可信性保证的要求变得日益突出。但目前网构软件可信性保证技术在信任关系的约束机制、推荐信息的准确性、信任衰减参数的合理性、信任演化模型的系统化、可信性评估方法的切实性等方面还存在着不足。针对上述不足,本文在网构软件可信性保证关键技术方面进行了研究,具体研究内容与创新点包括:
(1)在实体个体层面,研究网构软件的可信实体模型。提出了具有自省性、自明性、自主性特点的网构软件强可信智能实体模型。定义了实体可信情况形式化描述语言(EDSADL),使实体能够通过自省机制实时监控与保障自身的可信性水平,并向外界公布以供验证。设计了业务功能模块与可信性保障模块分离的系统结构,保证了实体在向外界公开可信保障机制的同时对自身业务细节的保密性。设计了“环境感知——策略调度——行为触发”的机制,使实体具有感知环境刺激而自主演化的能力,保证了实体在外界环境可信性发生变化时能够做出适时地响应。
(2)在实体间协同的层面,研究网构软件实体间的信任约束机制。引入契约式设计思想,从服务使用者和提供者的角度出发,采用“承诺—评估”机制明确双方的权利和义务,为实体交互过程中的双边规范定义了从低层接口语义到高层可信性情况的约束。定义了信任契约中前置条件、后置条件和不变式3要素的描述方法,保证了服务使用者、提供者以及服务交互关系的可信性。为实体协同、合作和竞争提供了有力的评估依据。
(3)对于信任传递参数,研究实体间信任传递衰减参数的计算方法。综合主观信任与客观评估的优点,提出了基于评估的信任衰减过程。在对实体环境进行可信性评估的基础上,通过逐级计算、信息合并来综合多个推荐者实体的推荐信息,使用对实体间传输可信性的评估结果来修正推荐信息,计算得到信任传递过程中的衰减参数。该方法充分考虑了外部环境、实体自身条件等情况对主观信任值的影响,使信任传递过程中信任衰减参数的计算更加客观、准确。
(4)在系统层面,研究网构软件可信性演化模型。提出了一种对网构软件体系结构进行形式化的建模方法,建立了系统结构模型,并据此提出了基于分层Petri网的网构软件可信性演化模型。通过上层Petri网对实体之间的各种基本协同关系进行了建模,以此形成系统整体组成结构的描述,反映了实体间的信任关系的演化;通过下层Petri网对实体内部的契约协商策略进行了建模,设计了基于信任等级带有路径引导的信任契约协商方法。从系统整体的角度建立起动静结合、层次分明、描述统一的网构软件可信性演化模型。
(5)在系统测试与可信性评估层面,研究网构软件系统可信性评估模型。提出了符合网构软件异构性、结构化、动态化特征的可信性评估方法。定义了基于贝叶斯网络的网构软件可信性评估体系,通过树形结构整合了传统的静态指标以及适用于网构软件的动态指标。提出了基于结构模式的可信性评估指标及其计算方法,在描述各实体之间结构关系、语义关系的基础上,涵盖了对网构软件系统整体及其组成实体可信性的评估。建立起不但能对系统进行评估,还能为用户选择最优化实体提供帮助的可信性评估模型。
Active and autonomic software services which are distributed on the nodes of Internetcan collaborate with each other in various manners. It forms a new software paradigmcalled Internetware. Internetware provides an effective means for integration ofheterogeneous resources, and helps people to make full use of the large number ofsoftware services on Internet. And system architecture of Internetware becomesincreasingly complex with the increasing of functional requirements. Therequirements of ensuring trustworthiness have become increasingly prominentbecause that the running environment of Internetware transfers from the traditional"closed, static, controllable" environment to "open, dynamic and decentralized"Internet environment. However, there exist some shortcomings in currentInternetware trustworthiness assurance techniques, such as, the constraint mechanismof trust relationship, accurate recommendation trust information, rational trustinformation attenuation parameters, systematic for trust evolution model, propertrustworthiness assessment, etc. To address the above issues, the thesis has studiedtrustworthiness assurance techniques of Internetware. The main contributions andinnovations are as follows:
(1) In aspect of individual entities, the thesis studies trustworthy entity model ofInternetware. A strong trustworthy intelligent Internetware entity model which isintrospective, self-evident and autonomous is proposed. Formal entity dependabilitydescription Language (EDSADL) is defined, so that entities can protect their owntrustworthiness level through introspection mechanism and send announcements forverification. System structure of separating business function modules andtrustworthiness protection module is designed, which ensures the confidentiality ofthe entities’ own business details while giving publicity to their trustworthinessprotection mechanisms to the outside world.“Context-aware--strategy scheduling--behavior trigger "mechanism is designed, so that entities have the ability to perceivestimulation of environment and evolve autonomously. The mechanism ensures that entities can response properly at the time of external environment trustworthinesschanging.
(2) In aspect of collaboration among entities, the thesis studies constraint mechanismof trust among Internetware entities. Design by contract ideas are introduced to clearthe rights and obligations of both collaboration sides by “commitment–assessment”mechanism starting from the perspective of service users and providers. It definesconstraints for bilateral specification of collaboration among entities from low-levelinterface semantics to high-level trustworthiness. Description methods ofpre-condition, post-condition and invariant of a trust contract is defined, which ensuretrustworthiness of service users, providers and service interactions. It provides astrong assessment basis for collaboration, cooperation and competition of entities.
(3) In aspect of trust transfer parameter, the thesis studies calculation of trust transferattenuation parameters among entities. Process of trust attenuation based onassessment is proposed by integrating advantages of subjective trust and objectiveassessment. Recommendation trust information from entities is integrated throughstep by step calculations and information merging on the basis of trustworthinessassessment of entity environment. Trust transfer attenuation parameter is calculatedby amending the integrated recommendation trust information by use of assessmentsresults of the inter-entity transfer trustworthiness. The method gives full considerationto the impact of external environment and entities conditions to subjective trust value,which makes calculation of trust transfer attenuation parameters among entities moreobjective and accurate.
(4) In aspect of the whole system, the thesis studies Internetware trustworthinessevolution model. A formal Internetware architecture modeling method is proposed.An Internetware system structure model is established by structure analysis. AnInternetware trustworthiness evolution model based on hierarchical Petri nets ispresented according to the Internetware system structure model. All kinds of basiccollaboration relationships among entities are modeled in the upper Petri net, whichcomposites the description of the overall system structure and reflects the evolution oftrust relationship among entities. Contract negotiation strategy within entities is modeled in the underlying Petri net. Trust contract negotiation with path guiding isdesigned based on trust level. So that, an Internetware trustworthiness evolutionmodel is established from the perspective of the overall system with combining staticand dynamic, clear structure, and unified description.
(5) In aspect of system test and trustworthiness evaluation, the thesis studiesInternetware trustworthiness evaluation model. A trustworthiness evaluation methodwhich suite heterogeneous, structural, dynamic Internetware is proposed. AnInternetware trustworthiness evaluation system is defined, which integrates traditionalstatic metrics and dynamic metrics for Internetware by tree structure. Trustworthinessassessment metrics and its calculation method based on the structural model isproposed, which covers assessment for trustworthiness of Internetware system and itsentities according to description of structual relationship and semantic relationshipamong entities. The model not only is able to evaluate the whole system, but alsohelps users to select optimal entities.
(1)在实体个体层面,研究网构软件的可信实体模型。提出了具有自省性、自明性、自主性特点的网构软件强可信智能实体模型。定义了实体可信情况形式化描述语言(EDSADL),使实体能够通过自省机制实时监控与保障自身的可信性水平,并向外界公布以供验证。设计了业务功能模块与可信性保障模块分离的系统结构,保证了实体在向外界公开可信保障机制的同时对自身业务细节的保密性。设计了“环境感知——策略调度——行为触发”的机制,使实体具有感知环境刺激而自主演化的能力,保证了实体在外界环境可信性发生变化时能够做出适时地响应。
(2)在实体间协同的层面,研究网构软件实体间的信任约束机制。引入契约式设计思想,从服务使用者和提供者的角度出发,采用“承诺—评估”机制明确双方的权利和义务,为实体交互过程中的双边规范定义了从低层接口语义到高层可信性情况的约束。定义了信任契约中前置条件、后置条件和不变式3要素的描述方法,保证了服务使用者、提供者以及服务交互关系的可信性。为实体协同、合作和竞争提供了有力的评估依据。
(3)对于信任传递参数,研究实体间信任传递衰减参数的计算方法。综合主观信任与客观评估的优点,提出了基于评估的信任衰减过程。在对实体环境进行可信性评估的基础上,通过逐级计算、信息合并来综合多个推荐者实体的推荐信息,使用对实体间传输可信性的评估结果来修正推荐信息,计算得到信任传递过程中的衰减参数。该方法充分考虑了外部环境、实体自身条件等情况对主观信任值的影响,使信任传递过程中信任衰减参数的计算更加客观、准确。
(4)在系统层面,研究网构软件可信性演化模型。提出了一种对网构软件体系结构进行形式化的建模方法,建立了系统结构模型,并据此提出了基于分层Petri网的网构软件可信性演化模型。通过上层Petri网对实体之间的各种基本协同关系进行了建模,以此形成系统整体组成结构的描述,反映了实体间的信任关系的演化;通过下层Petri网对实体内部的契约协商策略进行了建模,设计了基于信任等级带有路径引导的信任契约协商方法。从系统整体的角度建立起动静结合、层次分明、描述统一的网构软件可信性演化模型。
(5)在系统测试与可信性评估层面,研究网构软件系统可信性评估模型。提出了符合网构软件异构性、结构化、动态化特征的可信性评估方法。定义了基于贝叶斯网络的网构软件可信性评估体系,通过树形结构整合了传统的静态指标以及适用于网构软件的动态指标。提出了基于结构模式的可信性评估指标及其计算方法,在描述各实体之间结构关系、语义关系的基础上,涵盖了对网构软件系统整体及其组成实体可信性的评估。建立起不但能对系统进行评估,还能为用户选择最优化实体提供帮助的可信性评估模型。
Active and autonomic software services which are distributed on the nodes of Internetcan collaborate with each other in various manners. It forms a new software paradigmcalled Internetware. Internetware provides an effective means for integration ofheterogeneous resources, and helps people to make full use of the large number ofsoftware services on Internet. And system architecture of Internetware becomesincreasingly complex with the increasing of functional requirements. Therequirements of ensuring trustworthiness have become increasingly prominentbecause that the running environment of Internetware transfers from the traditional"closed, static, controllable" environment to "open, dynamic and decentralized"Internet environment. However, there exist some shortcomings in currentInternetware trustworthiness assurance techniques, such as, the constraint mechanismof trust relationship, accurate recommendation trust information, rational trustinformation attenuation parameters, systematic for trust evolution model, propertrustworthiness assessment, etc. To address the above issues, the thesis has studiedtrustworthiness assurance techniques of Internetware. The main contributions andinnovations are as follows:
(1) In aspect of individual entities, the thesis studies trustworthy entity model ofInternetware. A strong trustworthy intelligent Internetware entity model which isintrospective, self-evident and autonomous is proposed. Formal entity dependabilitydescription Language (EDSADL) is defined, so that entities can protect their owntrustworthiness level through introspection mechanism and send announcements forverification. System structure of separating business function modules andtrustworthiness protection module is designed, which ensures the confidentiality ofthe entities’ own business details while giving publicity to their trustworthinessprotection mechanisms to the outside world.“Context-aware--strategy scheduling--behavior trigger "mechanism is designed, so that entities have the ability to perceivestimulation of environment and evolve autonomously. The mechanism ensures that entities can response properly at the time of external environment trustworthinesschanging.
(2) In aspect of collaboration among entities, the thesis studies constraint mechanismof trust among Internetware entities. Design by contract ideas are introduced to clearthe rights and obligations of both collaboration sides by “commitment–assessment”mechanism starting from the perspective of service users and providers. It definesconstraints for bilateral specification of collaboration among entities from low-levelinterface semantics to high-level trustworthiness. Description methods ofpre-condition, post-condition and invariant of a trust contract is defined, which ensuretrustworthiness of service users, providers and service interactions. It provides astrong assessment basis for collaboration, cooperation and competition of entities.
(3) In aspect of trust transfer parameter, the thesis studies calculation of trust transferattenuation parameters among entities. Process of trust attenuation based onassessment is proposed by integrating advantages of subjective trust and objectiveassessment. Recommendation trust information from entities is integrated throughstep by step calculations and information merging on the basis of trustworthinessassessment of entity environment. Trust transfer attenuation parameter is calculatedby amending the integrated recommendation trust information by use of assessmentsresults of the inter-entity transfer trustworthiness. The method gives full considerationto the impact of external environment and entities conditions to subjective trust value,which makes calculation of trust transfer attenuation parameters among entities moreobjective and accurate.
(4) In aspect of the whole system, the thesis studies Internetware trustworthinessevolution model. A formal Internetware architecture modeling method is proposed.An Internetware system structure model is established by structure analysis. AnInternetware trustworthiness evolution model based on hierarchical Petri nets ispresented according to the Internetware system structure model. All kinds of basiccollaboration relationships among entities are modeled in the upper Petri net, whichcomposites the description of the overall system structure and reflects the evolution oftrust relationship among entities. Contract negotiation strategy within entities is modeled in the underlying Petri net. Trust contract negotiation with path guiding isdesigned based on trust level. So that, an Internetware trustworthiness evolutionmodel is established from the perspective of the overall system with combining staticand dynamic, clear structure, and unified description.
(5) In aspect of system test and trustworthiness evaluation, the thesis studiesInternetware trustworthiness evaluation model. A trustworthiness evaluation methodwhich suite heterogeneous, structural, dynamic Internetware is proposed. AnInternetware trustworthiness evaluation system is defined, which integrates traditionalstatic metrics and dynamic metrics for Internetware by tree structure. Trustworthinessassessment metrics and its calculation method based on the structural model isproposed, which covers assessment for trustworthiness of Internetware system and itsentities according to description of structual relationship and semantic relationshipamong entities. The model not only is able to evaluate the whole system, but alsohelps users to select optimal entities.
引文
[1]吕建,马晓星,陶先平,等.网构软件的研究与进展.中国科学:信息科学,2006,36(10):1037~1080
[2] Dahl O J, Nygaad K. SIMULA-an Algol-based simulation language. Commun ACM,1966,9:671~678
[3] Booch G. Object-Oriented Analysis and Design with Applications. Reading: Addison-Wesley,1994
[4] Bachman F, Bass L, Buhman C. Technical Concepts of Component-Based SoftwareEngineering. CMU/SEI-2000-TR-008, ESC-TR-2000-007, USA2000
[5] OMG. CORBA Components3.0. Object Management Group.2002
[6] Szyperski C, Gruntz D, Murer S. Component-Software: Beyond Object-OrientedProgramming.2nd ed. Pearson Education Limited. Boston: Addison-Wesley/ACM Press,2002
[7] Alonso G, Casati F, Kuno H, et al. Web Services: Concepts, Architectures and Applications.Heideberg: Springer,2004
[8] Cerami E. Web Services Essentials. Sebastopol, Calif: O'Reilly.2002
[9] Huhns M, Singh M P. Service-oriented computing: Key concepts and principles. IEEEInternet Comput,2005,9(1):75~81
[10] Khalaf R, Mukhi N, Weerawarana S. Service-oriented composition in BPEL4WS. In:Proceedings of the2003World Wide Web conference. Palm Springs: IEEE ComputerSociety,2003
[11] Stal M. Using architectural patterns and blueprints for service-oriented architecture. IEEESoftware,2006,23(2):54~61
[12] OMG. Unified modeling language (UML), version1.3. Object Management Group,1999
[13] Bachman F, Bass L, Buhman C, et al. Technical Concepts of Component-Based SoftwareEngineering, CMU. Technical Report CMU/SEI-2000.2000
[14] Szyperski C, Gruntz D, Murer S. Component-Software: Beyond Object-OrientedProgramming.2nd ed. Pearson Education Limited. Boston: Addison-Wesley/ACM Press,2002
[15] Wooldridge M, Jennings N. Intelligent agents: Theory and practice. Knowl Eng Rev,1995,10(2):115~152
[16] Weiss G. Multiagent Systems: A Modern Approach to Distributed. Massachusettes: MITPress,1999
[17]杨芙清,吕建,梅宏.网构软件技术体系:一种以体系结构为中心的途径.中国科学:信息科学,2008,38(6):818~828
[18]杨芙清,梅宏,吕建,等.浅论软件技术发展.电子学报,2002,30(12A):1901~1906
[19] Milner R. Theories of the global ubiquitous computer. In: Foundations of Software Scienceand Computation Structures, LNCS2987. Berlin: Springer-Verlag,2004
[20] Shaw M. Sufficient correctness and homeostasis in open resource coalitions: How much canyou trust your software system. In: Proceeding of the Fourth International SoftwareArchitecture Workshop,2000
[21]赵丽娜,张引,叶修梓,等.基于PZP网络的网构软件自适应性研究.浙江大学学报(工学版),2005,42(8):1316~1322
[22]孙熙,庄磊,刘文,等.一种可定制的自主构件运行支撑框架.软件学报,2008,19(6):1340~1349
[23]刘文,孙熙,焦文品,等.一种基于自主构件的网构软件协作框架.计算机研究与发展,2006,46(Suppl.):217~221
[24]吕建,陶先平,马晓星,等.基于Agent的网构软件模型研究.中国科学E辑:信息科学,2005,35(12):1233~1253
[25]常志明,毛新军,齐治昌.基于Agent的网构软件构件模型及其实现.软件学报,2008,19(5):1113~1124
[26]丁博,王怀民,史殿习,等.一种支持软件可信演化的构件模型.软件学报,2011,22(1):17~27
[27] Papadopoulos G A, Arbab F. Coordination models and languages. Centrum voor Wiskundeen Information (CWI). Amsterdam: Software Engineering(SEN),1998
[28]侯丽珊,金芝.基于环境变迁的构件组合模型.电子学报,2005,33(12A):2370~2375
[29] Shaw M, Clements P. The golden age of software architecture. IEEE Software,2006,23(2):31-39
[30] Kumar N, Misurda J, Childers B R, et al. Instrumentation in software dynamic translators forself-managed systems. In: Proceedings of the1st ACM SIGSOFT Workshop onSelf-managed Systems. New York: SCM Press,2004.90-94
[31]马晓星,余萍,陶先平,等.一种面向服务的动态协同架构机器支撑平台.计算机学报,2005,(4):467~477
[32] Tao X, Lu J, Ma X. ARTeMIS: a multi-model coordination middleware based on mobileagent. Technical Report. State Key Laboratory for Novel Software Technology, Nanjing:Nanjing University,2003
[33] Blaze M, Feigenbaum J, Lacy J. Decentralized trust management, In: Proc17th Symposiumon Security and privacy. Los Alamitos: IEEE Computer Society Press,1996:164~173
[34] Zhang L, Xu F, Wang Y, et al. Design and implementation of cascaded monitor in trustmanagement system. Nanjing University,2006
[35] Grandison T, Sloman M. Trust management tools for internet application. In: Proceeding ofthe First International Conference on Trust Management. Berlin: Springer-Verlag,2002
[36] Tesauro G, Chess D M, Walsh W E, et al. A multi-agent systems approach to autonomiccomputing. In: Proceedings of the3rd International Joint Conference on Autonomous Agentsand Multiagent System-Volume1. New York: IEEE Computer Society,2004:467~471
[37] Appavoo J, Hui K, Soules C A N, et al. Enabling autonomic behavior in systems softwarewith hot swapping. IBM Syst J,2003,42:60~76
[38]张焕国,罗捷,金刚,等.可信计算研究进展.武汉大学学报(理学版),2006,52:513~518
[39] Trusted Computing Group (TCG). TCPA Main Specification, Version1.1b.2002
[40] Anderson J P. Computer Security Technology Planning Study. ESD-TR-73-51, Vol. I,AD-758206, ESD/AFSC, Hanscom AFB, Bedford MA, October1972
[41] Department of Defense Computer Security Center. Department Of Defense TrustedComputer System Evaluation Criteria. DoD5200.28-STD. USA: DOD,1985
[42] National Computer Security Center. Trusted Network Interpretation Of The TrustedComputer System Evaluation Criteria. NCSC-TG-005. USA:DOD,1987
[43] National Computer Security Center. Trusted Database Interpretation Of The TrustedComputer System Evaluation Criteria. NCSC-TG-005. USA:DOD,1987
[44] Trusted Computing Group. TCG. https://www.trustedcomputinggroup.org
[45] Trusted Computing Group. TCG规范列表. https://www.trustedcomputinggroup.org/specs/
[46] European Multilaterally Secure Computing Base (EMSCB). Towards trustworth systemswith open standards and trusted computing. http://www.opentc.org/
[47]张焕国,刘服珍,余发江,等.一种新型嵌入式安全模块. In:第一届中国可信计算与信息安全学术会议论文集.武汉大学学报(理学版),2004,50(s1):7~11
[48]国家密码管理局.可信计算密码支撑平台功能与接口规范.2007
[49]刘克,单志广,王戟,等.“可信软件基础研究”重大研究计划综述.中国科学基金—学科进展与展望,2008,3,145~151
[50] Trusted Computing Group. TCG Generic Server Specification. Version1.0. TCG,2005
[51] Sadeghi A R, Selhorst M, Stueble C, et al. TCG inside?–a note on TPM specificationcompliance. In: Proceedings of the1stACM Workshop on Scalable Trusted Computing. NewYork: ACM,2006.47~56
[52]陈火旺,王戟,董威.高可信软件工程技术.电子学报,2004,31:1934~1938
[53] TCG Specification Trusted Network Connect–TNC Architecture for InteroperabilityRevision1.1. http://www.trustedcomputinggroup.org
[54] Kuhn U, Selhorst M, Stuble C. Realizing property-based attestation and sealing withcommonly available hard-and software. In: Proceedings of the1stACM Workshop onScalable Trusted Somputing (STC’07). New York, NY,2007.50~57
[55]沈昌祥,张焕国,王怀民,等.可信计算的研究与发展.中国科学:信息科学,2010,40(2):139~166
[56] ISO/IEC, Information technology-security Techniques-Evaluation Criteria for IT Security.Part1: Introduction and General Model.2nd ed.2005. http://standards.iso.org
[57] Trusted Computing Group, TCG Architecture Overview, v1.2,28April2004. https://www.trustedcomputinggroup.org
[58] Gates B. Trustworthy Computing. Wired News, Jan.17,2002
[59]林闯.可信网络研究.计算机学报,2005,28(5):751~758
[60] Algirdas A, Jean-Claude L, Brian R, et al. Basic concepts and taxonomy of dependable andsecure computting. IEEE Trans Dependable Secure,2004,1(1):11~33
[61]王怀民,唐扬斌,尹刚,等.互联网软件的可信机理.中国科学E辑:信息科学,2006,36(10):1156~1169
[62]邓晓衡,卢锡城,王怀民. iVCE中基于可信评价的资源调度研究.计算机学报,2007,30(10):1750~1762
[63] Dong W, Wang J, Zhao C Z, et al. Automating software FMEA via formal analysis ofdependence relations. In: Proceedings of the32ndAnnual IEEE International ComputerSoftware and Applications Conference (COMPSAC). New York: IEEE Computer Society,2008:490~491
[64] Lyu M R. Handbook of Software Reliability Engineering. NewYork: IEEE Computer SocietyPress, McGraw-Hill Book Company,1996
[65] Rolland J F, Bodeveix J P, Filali M, et al. AADL modes for space software, data systems. In:Aerospace (DASIA2008). Palma de Majorca,2008.27~30
[66] Mens T, Demeyer S. Software Evolution. Berlin/Heidelberg: Springer-Verlag,2008
[67] Ghoshal S, Manimaran S, Rosu G, et al. Monitoring IVHM systems using a monitor-orientedprogramming framework. In: Proceedings of the6thNASA Langley Fomal MethodsWorkshop (LFM2008),2008
[68] Nahmsuk O. Software Implemented Hardware Fault Tolerance. California: StanfordUniversity,2001
[69]梅宏,王千祥,张路,等.软件分析技术进展.计算机学报,2009,9:1697~1710
[70] Clarke E M, Grumberg O, Peled D A. Model Checking. Massachusetts: MIT Press,2000
[71] Boldyreff C, Nutter D, Rank S, et al. Environments to support collaborative softwareengineering. In: Proceedings of the2ndWorkshop on Cooperative Supports for DistributedSoftware Engineering Processes,2003.25~28
[72] Oreizy P, Medvidovic N, Taylor R N. Runtime software adaptation: framework, approaches,and styles. ICSE,2008:899~910
[73] Ruhe M G, Eberlein A. COTS selection: past, present, and future. In: Proceedings of the14thAnnual IEEE International Conference and Workshops on the Engineering ofComputer-Based Systems, ECBS’07. Washington: IEEE Computer Society,2007.103~114
[74] Feiler N L, Gabriel P, Goodenough R, et al. Ultra-Large-Scale Systems: the SoftwareChallenge of the Future. Software Engineering Institute. Pittsburgh, PA: Carnegie MellonUniversity,2006
[75]王远,吕建,徐锋,等.一个适用于网构软件的信任度量及演化模型,软件学报,2006,17(4),682~690
[76] Blaze M, Feigenbaum J, Ioannidis J, et al. The KeyNote Trust Management System Version2, Internet RFC2704.1999
[77] Chu Y H, Feigenbaum J, LaMacchia B, et al. REFEREE: Trust management for Webapplications. World Wide Web J,1997,2(2):127~139
[78] Li N, Winsborough W H, Mitchell J C. Distributed credential chain discovery in trustmanagement. J Comput Secur,2003,11(1):35~86
[79] Freudenthal E, Pesin T, Port L. dRBAC: Distributed role-based access control for dynamiccoalition environments. In: Proc22nd International Conference on Distributed ComputingSystems (ICDCS’02). Vienna: IEEE,2002,294~306
[80] English C, Wagealla W, Nixon P, et al. Trusting collaboration in global computing systems.Lecture Notes in Computer Science2003,123~149
[81] Kamvar S, Schlosser M, Garcia-Molina H. The eigentrust algorithm for reputationmanagement in P2P networks. In: Proceedings of the12thInternational Conference on WorldWide Web2003,640~651
[82]张林,徐锋,王远,等.一种信任管理系统中层次式monitor机制的设计与实现.南京大学学报(自然科学),2007,43(2):191~198
[83]李佳伦,谷利泽,杨义先.一种具有时间衰减和主观预期的P2P网络信任管理模型.电子与信息学报,2009,31(11):2786~2790
[84]罗鑫,杨义先,胡正名,等.开放网络环境中的信任管理框架.北京邮电大学学报,2009,32(1):126~130
[85] Abdul-Rahman A, Hailes S. Using recommendations for managing trust in distributedsystems. In: IEEE Malaysia International Conference on Communication Citeseer1997
[86]胡建理,吴泉源,周斌,等.一种基于反馈可信度的分布式p2p信任模型.软件学报,2009,20(10):2885~2898
[87] Abdul-Rahman A, Hailes S. A distributed trust model. In: Proceeding of the1997NewSecurity Paradigms Workshop. Cumbria: ACM Press,1998.48~60
[88] Beth T, Borcherding M, Klein B. Valuation of trust in open NetWork. In: Proc. EuropeanSymposium on Research in Security (ESORICS). Brighton: Springer-Verlag,1994.3~18
[89] J sang A. A model for trust in security systems. In: Proceedings of the Second NordicWorkshop on Secure Computer Systems,1997
[90]徐锋,吕建,郑玮,等.一个软件服务协同中信任评估模型的设计.软件学报,2003,14(6):1043~1051
[91] Houser D, Wooders J. Reputation in auctions: theory and evidence from eBay. University ofArizona Working Paper, University of Arizona,2000
[92] Sepandar DK, Mario TS, Hector GM. The EigenTrust algorithm for reputation managementin P2P networks. In: Proc. of the12th Int'l Conf. on World Wide Web. Budapest: ACM Press,2003.640~651
[93] Zhou RF, Hwang K. PowerTrust: A Robust and Scalable Reputation System for TrustedPeer-to-Peer Computing. IEEE Transactions on parallel and distributed systems,2007,18(4):460~473.
[94] Xiong L, Liu L. PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer ElectronicCommunities. IEEE Transaction on knowledge data engineering,2004,16(7):843~857
[95]田春岐,邹仕洪,田慧蓉,等.一种基于信誉和风险评价的分布式P2P信任模型.电子与信息学报,2007,29(7):1628~1632
[96] J sang A, Haller J. Dirichlet Reputation Systems. In: Proceedings of the2nd InternationalConference on Availability, Reliability and Security Vienna. Los Vaqueros: IEEE computersociety,2007,112~119
[97] Meyer B, Zürich E T H, Barbara S. The grand challenge of Trusted Components, In:Proceedings of the25th International Conference on Software Engineering2003
[98] ISO/IEC9126Directives, ISO/IEC9126-1:2001Software engineering--Product quality--Part1: Quality model, ISO/IEC9126, ISO,2001
[99] Yacoub S M, Ammar H H. A methodology for architecture-level reliability risk analysis.IEEE Transactions on Software engineering.2002,28(6):529~547
[100] Hamlet D, Mason D, Woit D. Theory of Software Reliability Based on Components. In:Proceedings of the23rd International Conference on Software Engineering (ICSE'01),2001
[101] Roshandel R, Medvidovic N. Multi-View Software Component Modeling for Dependability.Lecture Notes in Computer Science Volume3069/2004
[102] Reussner R H, Schmidt H W, Poernomo I H. Reliability prediction for component-basedsoftware architectures. Journal of systems and software,2003,66:241~252.
[103] Guerra P A C, Filho F C, Pagano V A, Rubira C M F, Structuring Exception Handling forDependable Component-Based Software Systems. In: Proceedings of the30thEUROMICRO Conference (EUROMICRO’04),2004
[104] Bobbio A, Portinale L, Minichino M. Improving the analysis of dependable systems bymapping fault trees into Bayesian networks. Reliability Engineering and System Safety,2001,71(3),249~260
[105]吴国全,魏峻,黄涛.基于非确定性推理的网构软件服务质量动态评估方法.软件学报,2008,19(5),1173~1185
[106]郭树行,兰雨晴,金茂忠.软件构件的可信保证研究.计算机科学,2007,34(5),243~246
[107]毛晓光,邓勇进.基于构件软件的可靠性通用模型.软件学报,2004,15(1),27~32
[108]陈锦富.基于错误注入的构件安全性测试理论与技术研究.华中科技大学,博士论文,2009
[109]陈锦富,卢炎生,谢晓东.一种构件安全测试错误注入模型.计算机研究与发展,2009,46(7):1127~1135
[110] Wang Y, Vassileva J. A review on trust and reputation for Web service selection. In: Proc. ofthe27th Int’l Conf. on Distributed Computing Systems Workshops,2007
[111] Vu L H, Hauswirth M, Aberer K. Qos-Based service selection and ranking with trust andreputation management. In: Proc. of the Move to Meaningful Internet Systems2005: CoopIS,DOA, and ODBASE. LNCS3760,2005,466~483.
[112] Diamadopoulou V, Makris C, Panagis Y, et al. Techniques to support web service selectionand consumption with QoS characteristics. Journal of Network and Computer Applications,2008,31(2):108~130
[113] Zhang J, Xu D. A mobile agent-supported Web services testing platform. In: Proceedings ofthe IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.Washington, DC, USA: IEEE Computer Society,2008:637~644
[114] Shao L S, Zhao J F, Xie T, et al. User-perceived service availability: a metric and anestimation approach. In: Proceedings of the IEEE International Conference on Web Services,Los Angeles,2009. Washington, DC, USA: IEEE Computer Society,2009:647~654.
[115] Bai X Y, Dong W L, Tsai W T, et al. WSDL-based automatic test case generation for Webservices testing. In: Proceedings of the IEEE International Workshop on Service-OrientedSystem Engineering, Los Alamitos,2005. Washington, DC, USA: IEEE Computer Society,2005:215~220
[116] Maximilien E M, Singh M P. A framework and ontology for dynamic Web services selection.IEEE Internet Computing,2004,8(5):84~93
[117]朱曼玲,金芝.一种服务Agent的可信性评估方法.软件学报,2011,22(11):2593~2609
[118]孟琳琳,赵伟男,刘旭东,等. Web服务可信证据收集与评估机制研究.计算机科学与探索,2011,5(7),642~651
[119] Guannan Si, Jufeng Yang, Jing Xu, et al. An Evaluation Model for Dependability ofInternet-scale Software on Basis of Bayesian Networks, In: the IEEE Computer Software andApplications Conference (COMPSAC2012),2012
[120]司冠南,任宇涵,许静,等.基于贝叶斯网络的网构软件可信性评估模型.计算机研究与发展,2012,49(5)
[121]吕建,张鸣,廖宇,等.基于移动Agent技术的构件软件框架研究.软件学报,2000,11(8):1018~1024
[122]胡海洋,杨玫,陶先平,等. Cogent后组装机制的研究实现.电子学报,2002,30(12):1823~1827
[123] Lu J. Some research on componentware frameworks based on mobile agent technology.ACM SIGSOFT Software Engineering Notes,2004,29(2):8~15
[124] Lu J, Li Y J, Ma X X, et al. A hierarchical framework for parallel seismic applications.Communications of ACM,2000,43(10):55~59
[125] Ma X X, Lu J, Tao X P, et al. A mobile-agent-based approach to software coordination in theHOOPE system. Science in China, Series F,2002,45(3):203~219
[126]吕建,陶先平,马晓星,等.基于Agent的多模式协同中间件ARTEMIS-M3C.南京大学计算机软件新技术国家重点实验室技术报告,2004
[127] Mei H, Huang G. PKUAS: An architecture-based refective component operating platform. In:Proceedings of the10thIEEE Int’l Workshop on Futre Trends of Distributed ComputingSystems (FTDCS). Los Alamitos: IEEE Computer Society,2004.163~169
[128] Pan Y, Wang L, Zhang L, et al. Relevancy based sematic interoperation of reuse repositories.In: Proceedings of the12thACM SIGSOFT Symp. On Foundations of Software Engineering(FSE-12). New York: ACM Press,2004,211~220
[129]梅宏,黄罡,赵海燕,等.一种以软件体系结构为中心的网构软件开发方法.中国科学E辑:信息科学,2006,36(10):1100~1126
[130] Vestal S. A cursory overview and comparison of four architecture description languages.Technical Report, Honeywell Technology Center,1993
[131] Clements P C, A survey of architecture description language, In: Proceeding of the8thInternational Workshop on Software Specification and Design,1996
[132] Medvidovic N, Taylor R N, A classification and comparison framework for softwarearchitecture description language, IEEE Transactions On Software Engineering,2002,26(1),70~93
[133]朱雪阳,唐稚松.基于时序逻辑的软件体系结构描述语言XYZ/ADL.软件学报,2003,14(4):714~720
[134] Mei H, Chen F, Wang Q X, et al. ABC/ADL: An ADL Supporting Component Composition.LNCS2495, Springer-Verlag,2002:38~47
[135] Garlan D, Monroe R T, Acme: Architectural Description of Component-Based System, In:Proceedings of CASCON '97,1997
[136] World Wide Web Consortium. REC-xml-20081126. Extensible markup language (XML)1.0(fifth edition). Availiable at: http://www.w3.org/TR/2008/REC-xml-20081126/,2008
[137] World Wide Web Consortium. REC-xmlschema-0-20041028. Availiable at:http://www.w3.org/TR/REC-xmlschema-0-20041028/,2004
[138]张世琨,张文娟,常欣,等.基于软件体系结构的可复用构件制作和组装,软件学报,2001,12(9):1351~1359
[139] Avgustinov P, Tibble J, Bodden E, et al. Aspect for Trace Monitoring.Formal Approaches toTesting Systems and Runtime Verification, Seattle, WA, USA,2006,20~39
[140]文静,王怀民,应时,等.支持运行监控的可信软件体系结构设计方法.计算机学报,2010,33(12):2321~2334
[141] Mui L. Computational models of trust and reputation: agents, evolutionary games, and socialNetworks:[Ph D dissertation]. Combridge: Massachusetts Institute of Technology,2003
[142]王远,吕建,徐锋,等.一种面向网构软件体系结构的信任驱动服务选取机制,软件学报,2008,19(6),1350~1362
[143] Walket D M. The Oxford Companion to Law. Oxford University Press.1980
[144] Meyer B. Applying “design by contract”. Computer,1992,25(10):40~51
[145] Meyer B. Object Oriented Software Construction. Prentice-Hall.1998
[146] Lackner M, Krall A, Puntigam Franz. Supporting Design by Contract in Java, Journal ofObject Technology,2002,1(3)
[147] Beugnard A, Jezequel J M, Plouzeau N. Make components contract aware. Computer,1999,32(7):38~45
[148] Ling S, Poernomo I, Schmidt H, Describing web service architectures throughdesign-by-contract. ISCIS2003,2003:1008~1018
[149] Luders F, Lau K K, Ho S M. Specification of software components, building reliablecomponent-based software systems. Boston, London: Artech House Computing Library,2002.
[150] Murata T. Petri nets: properties, analysis and application. Proceedings of the IEEE,1989,77(4),541~580
[151]吴哲辉. Petri网导论.北京:机械工业出版社,2006
[152] Barkaoui K, Pradat-peyre J. Verification in comcurrent programming with Petri netsstructural techniques. In: Proceedings of the3rdInter IEEE High-Assurance SystemEngineering Symposium. Los Alamitos, CA: IEEE Computer Society Press,1998.124~133
[153] Yang Y P, Tan Q P, Xiao Y. Verifying Web Services Composition Based on HierarchicalColored Petri Nets. In: Proceedings of the first international workshop on Interoperability ofheterogeneous information systems. ACM,2005:47~54
[154] van der Aalst W M P.The application of Petri nets to workflow management.The Journal ofCircuits t Systems and Computers,1998,8(1):21~66
[155] Zhou M C, Leu M C. Modeling and performance analysis of a flexible PCB assembly stationusing Petri nets. Trans ASME J Electron Packag,1991,113(4):410~416
[156]韩耀军,蒋昌俊,罗雪梅.基于Petri网合成与化简的分布式数据库系统并发控制的死锁检测.小型微型计算机系统,2004,25(5):821~826.
[157]陆文,徐锋,吕建.一种开放环境下的软件可靠性评估方法.计算机学报,2010,33(3):452~462
[158] Winsborough W H, Seamons K E, Jones V E. Automated trust negotiation. In:DARPAInformation Survivability Conf. and Exposition. New York: IEEE Press,2000,88~102
[159] Walker D D, Mercer E G, Seamons K E. Or Best Offer: A Privacy Policy NegotiationProtocol. In: Proc. of the9th Int’l Workshop on Policies for Distributed Systems andNetworks. New York: IEEE Computer Society Press,2008,173~180
[160] Li J T, Li N H, Winsborough W H. Automated trust negoti-ation using cryptographiccredentials. In: ACM Transac-tions on Information and System Security,2009(13),46~57
[161]李建欣,怀进鹏. COTN:基于契约的信任协商系统[J].计算机学报,2006(8),1290~1300
[162]张妍,冯登国.吝啬语义信任协商[J].计算机学报,2009(10),1989~2003
[163] He Y, Zhu M L. A complete and efficient strategy based on petri net in automated trustnegotiation. In: Proceedings of the2nd international conference on Scalable informationsystems, Brussels: ACM,2007,75~81
[164] Johnson W, Mudumbai S, Thompson M. Authorization and attribute certificates for widelydistributed access control. In: IEEE Proc. of the7th Workshop on Enabling Technologies:Infrastructure for Collaborative Enterprises. Washington: IEEE Computer Society Press,1998.340~345
[165] Seamons K E, Winslett M, Yu T, et al. Requirements for policy languages for trustnegotiation. In: Proc. of the3rd Int’l Workshop on Policies for Distributed Systems andNetworks (POLICY2002). Washington: IEEE Computer Society Press,2002.68~79
[166] Yu T, Winslett M. A unified scheme for resource protection in automated trust negotiation. In:Proc. of the2003IEEE Symp. on Security and Privacy. Washington: IEEE Computer SocietyPress,2003.110~122
[167] Laprie J C, ed. Dependability: Basic Concepts and Terminology. Springer-Verlag,1992
[168]金茂忠,高仲仪,刘超,等.软件构件产品质量第一部分:质量模型.中华人民共和国电子行业标准SJ/T11374-2007,中华人民共和国信息产业部,2007
[169] Nilsson N著.郑扣根,庄越挺译.人工智能.机械工业出版社,2000
[170] Stephenson T A. An introduction to Bayesian Network theory and usage. IDIAP-RR00-03,2000
[171] Kim J H, Pearl J. A computation model for causal and diagnostic reasoning in inferencesystems. In: Proeeedings of the8thInternational Joint Conference on AI, Los Angeles,1983,190~193
[172] Charniak E. Bayesian Networks without tears. AI Magazine,1991,12(4):50~63
[173]黎锁平.运用蒙特卡罗方法求解随机性问题.甘肃工业大学学报,2001,27(2):95~97
[174] Jensen F V. An introduction to Bayesian Networks. UCL Press Ltd., London,1996
[175]吴欣,郭创新.基于贝叶斯网络的电力系统故障诊断方法.电力系统及其自动化学报,2005,17(4):11~15
[176]史建国,高晓光,李相民.基于离散模糊动态贝叶斯网络的空战态势评估及仿真.系统仿真学报,2006,18(5):1093~1096
[177] Heckerman D, Mamdani A, Wellman M. Real-world applications of Bayesian networks.Communications of the ACM,1995,38(3):38~45
[178] Buede D M, Tatman J A, Bresnick T A. Introduction to Bayesian Networks.http://www.ecse.rpi.edu/Homepages/qji/TutFinbd.ppt
[179] Getoor L, Friedman N, Koller D, et al. Learning probabilistic relational models withstructural uncertainty. In Proceedings of the International Conference on Machine Learning.Morgan Kaufman,2001,170~177
[180] Getoor L, Segal E, Taskar B, et al. Probabilistic models of text and link structure forhypertext classification. In IJCAI Workshop on Text Learning: Beyond Supervision,2001
[181] Torres-Toledano J G, Sucar L E. Bayesian Networks for Reliability Analysis of ComplexSystems. Proceedings of the6th Ibero-American Conference on AI: Progress in ArtificialIntelligence, vol1484of LNCS,1998,195~206
[182] Arroyo G, Sucar L, Villavicencio A. Probabilistic temporal reasoning and its application tofossil power plant operation. Expert Systems with Applications,1998,15,317-324
[183] Bai C G. Bayesian network based software reliability prediction with an operational profile.Journal of Systems and Software,2005,77(2):103~112
[184] Axel B, Helminen A. A Bayesian belief network for reliability assessment. SAFECOMP2001, vol2187of LNCS,2001,35~45
[185] Boudali H, Dugan J B. A discrete-time Bayesian network reliability modeling and analysisframework. Reliability Engineering and System Safety,2005,87(3):337~349
[186] Bouissou M, Martin F, Ourghanlian A. Assessment of a Safety Critical System IncludingSoftware: a Bayesian Belief Network for Evidence Sources. Proceeding of the Reliabilityand Maintainability Symposium (RAMS‘99),1999,142~150
[187] Montani S, Portinale L, Bobbio A, et al. Codetta-Raiteri. A tool for automatically translatingDynamic Fault Trees into Dynamic Bayesian Networks. Proceeding of the Reliability andMaintainability Symposium (RAMS2006),2006,434~441
[188] Weber P, Munteanu P, Jouffe L. Dynamic Bayesian Networks modelling the dependability ofsystems with degradations and exogenous constraints. Proceeding of the11th IFACSymposium on Information Control Problems in Manufacturing (INCOM'04),2004.
[189] Boudali H, Dugan J B. A continuous-time Bayesian network reliability modeling andanalysis framework. IEEE Transaction on Reliability.2006,55(1):86~97
[190] Voas J. Fault injection for the Masses. IEEE Computer,1997,30(12):129~130
[191] Hsueh M C, Tsai T K, Lyer R K. Fault injection techniques and tools. IEEE Computer,1997,30(4):75~82
[192] Delamam M E, Maidonado J C. Mathur A P. Interface Mutation: an approach for integrationtesting. IEEE Transactions on Software Engineenng,2001,27(3):228~247
[193] Avres D, Arlat J, Laprie J C, et al. Fault injection for formal testing of fault tolerance. IEEETransactions On Reliability,1996,45(3):443~455
[194] Barbosa R, Silva N, Duraes J, et al. Verification and validation of (Real Time) COTSproducts using fault injection techniques. In: Proceedings of Sixth Intemational IEEEConference on Commercial-off-the-Shelf (COTS)-Based Software Systems (ICCBSS’07).Canada: IEEE CS,2007,233~242
[195] Bieman J M, Dreilinger D, Lijun L. Using fault injection to increase software teste overage,In: Proceedings of the Seventh International Symposium on Software Reliability Engineenng(ISSRE’96). IEEE Computer Society.1996,166~174
[196] Regina L O M, Eliane M, Naaliel Vicente M. Fault injection approach based on dependenceanalysis, In: Proeeedings of the29thAnnual International Computer Software andApplications Conference (COMPSAC’05). IEEE Computer Society: Scotland.2005,181~188
[197] Yao W H, Shih K H, Tsung P L, et al. Web application security assessment by fault injectionand behavior monitoring. In: Proceedings of the12thInternational conference on World WideWeb (WWW2003), ACM: Budapest, Hungary.2003,148~159
[2] Dahl O J, Nygaad K. SIMULA-an Algol-based simulation language. Commun ACM,1966,9:671~678
[3] Booch G. Object-Oriented Analysis and Design with Applications. Reading: Addison-Wesley,1994
[4] Bachman F, Bass L, Buhman C. Technical Concepts of Component-Based SoftwareEngineering. CMU/SEI-2000-TR-008, ESC-TR-2000-007, USA2000
[5] OMG. CORBA Components3.0. Object Management Group.2002
[6] Szyperski C, Gruntz D, Murer S. Component-Software: Beyond Object-OrientedProgramming.2nd ed. Pearson Education Limited. Boston: Addison-Wesley/ACM Press,2002
[7] Alonso G, Casati F, Kuno H, et al. Web Services: Concepts, Architectures and Applications.Heideberg: Springer,2004
[8] Cerami E. Web Services Essentials. Sebastopol, Calif: O'Reilly.2002
[9] Huhns M, Singh M P. Service-oriented computing: Key concepts and principles. IEEEInternet Comput,2005,9(1):75~81
[10] Khalaf R, Mukhi N, Weerawarana S. Service-oriented composition in BPEL4WS. In:Proceedings of the2003World Wide Web conference. Palm Springs: IEEE ComputerSociety,2003
[11] Stal M. Using architectural patterns and blueprints for service-oriented architecture. IEEESoftware,2006,23(2):54~61
[12] OMG. Unified modeling language (UML), version1.3. Object Management Group,1999
[13] Bachman F, Bass L, Buhman C, et al. Technical Concepts of Component-Based SoftwareEngineering, CMU. Technical Report CMU/SEI-2000.2000
[14] Szyperski C, Gruntz D, Murer S. Component-Software: Beyond Object-OrientedProgramming.2nd ed. Pearson Education Limited. Boston: Addison-Wesley/ACM Press,2002
[15] Wooldridge M, Jennings N. Intelligent agents: Theory and practice. Knowl Eng Rev,1995,10(2):115~152
[16] Weiss G. Multiagent Systems: A Modern Approach to Distributed. Massachusettes: MITPress,1999
[17]杨芙清,吕建,梅宏.网构软件技术体系:一种以体系结构为中心的途径.中国科学:信息科学,2008,38(6):818~828
[18]杨芙清,梅宏,吕建,等.浅论软件技术发展.电子学报,2002,30(12A):1901~1906
[19] Milner R. Theories of the global ubiquitous computer. In: Foundations of Software Scienceand Computation Structures, LNCS2987. Berlin: Springer-Verlag,2004
[20] Shaw M. Sufficient correctness and homeostasis in open resource coalitions: How much canyou trust your software system. In: Proceeding of the Fourth International SoftwareArchitecture Workshop,2000
[21]赵丽娜,张引,叶修梓,等.基于PZP网络的网构软件自适应性研究.浙江大学学报(工学版),2005,42(8):1316~1322
[22]孙熙,庄磊,刘文,等.一种可定制的自主构件运行支撑框架.软件学报,2008,19(6):1340~1349
[23]刘文,孙熙,焦文品,等.一种基于自主构件的网构软件协作框架.计算机研究与发展,2006,46(Suppl.):217~221
[24]吕建,陶先平,马晓星,等.基于Agent的网构软件模型研究.中国科学E辑:信息科学,2005,35(12):1233~1253
[25]常志明,毛新军,齐治昌.基于Agent的网构软件构件模型及其实现.软件学报,2008,19(5):1113~1124
[26]丁博,王怀民,史殿习,等.一种支持软件可信演化的构件模型.软件学报,2011,22(1):17~27
[27] Papadopoulos G A, Arbab F. Coordination models and languages. Centrum voor Wiskundeen Information (CWI). Amsterdam: Software Engineering(SEN),1998
[28]侯丽珊,金芝.基于环境变迁的构件组合模型.电子学报,2005,33(12A):2370~2375
[29] Shaw M, Clements P. The golden age of software architecture. IEEE Software,2006,23(2):31-39
[30] Kumar N, Misurda J, Childers B R, et al. Instrumentation in software dynamic translators forself-managed systems. In: Proceedings of the1st ACM SIGSOFT Workshop onSelf-managed Systems. New York: SCM Press,2004.90-94
[31]马晓星,余萍,陶先平,等.一种面向服务的动态协同架构机器支撑平台.计算机学报,2005,(4):467~477
[32] Tao X, Lu J, Ma X. ARTeMIS: a multi-model coordination middleware based on mobileagent. Technical Report. State Key Laboratory for Novel Software Technology, Nanjing:Nanjing University,2003
[33] Blaze M, Feigenbaum J, Lacy J. Decentralized trust management, In: Proc17th Symposiumon Security and privacy. Los Alamitos: IEEE Computer Society Press,1996:164~173
[34] Zhang L, Xu F, Wang Y, et al. Design and implementation of cascaded monitor in trustmanagement system. Nanjing University,2006
[35] Grandison T, Sloman M. Trust management tools for internet application. In: Proceeding ofthe First International Conference on Trust Management. Berlin: Springer-Verlag,2002
[36] Tesauro G, Chess D M, Walsh W E, et al. A multi-agent systems approach to autonomiccomputing. In: Proceedings of the3rd International Joint Conference on Autonomous Agentsand Multiagent System-Volume1. New York: IEEE Computer Society,2004:467~471
[37] Appavoo J, Hui K, Soules C A N, et al. Enabling autonomic behavior in systems softwarewith hot swapping. IBM Syst J,2003,42:60~76
[38]张焕国,罗捷,金刚,等.可信计算研究进展.武汉大学学报(理学版),2006,52:513~518
[39] Trusted Computing Group (TCG). TCPA Main Specification, Version1.1b.2002
[40] Anderson J P. Computer Security Technology Planning Study. ESD-TR-73-51, Vol. I,AD-758206, ESD/AFSC, Hanscom AFB, Bedford MA, October1972
[41] Department of Defense Computer Security Center. Department Of Defense TrustedComputer System Evaluation Criteria. DoD5200.28-STD. USA: DOD,1985
[42] National Computer Security Center. Trusted Network Interpretation Of The TrustedComputer System Evaluation Criteria. NCSC-TG-005. USA:DOD,1987
[43] National Computer Security Center. Trusted Database Interpretation Of The TrustedComputer System Evaluation Criteria. NCSC-TG-005. USA:DOD,1987
[44] Trusted Computing Group. TCG. https://www.trustedcomputinggroup.org
[45] Trusted Computing Group. TCG规范列表. https://www.trustedcomputinggroup.org/specs/
[46] European Multilaterally Secure Computing Base (EMSCB). Towards trustworth systemswith open standards and trusted computing. http://www.opentc.org/
[47]张焕国,刘服珍,余发江,等.一种新型嵌入式安全模块. In:第一届中国可信计算与信息安全学术会议论文集.武汉大学学报(理学版),2004,50(s1):7~11
[48]国家密码管理局.可信计算密码支撑平台功能与接口规范.2007
[49]刘克,单志广,王戟,等.“可信软件基础研究”重大研究计划综述.中国科学基金—学科进展与展望,2008,3,145~151
[50] Trusted Computing Group. TCG Generic Server Specification. Version1.0. TCG,2005
[51] Sadeghi A R, Selhorst M, Stueble C, et al. TCG inside?–a note on TPM specificationcompliance. In: Proceedings of the1stACM Workshop on Scalable Trusted Computing. NewYork: ACM,2006.47~56
[52]陈火旺,王戟,董威.高可信软件工程技术.电子学报,2004,31:1934~1938
[53] TCG Specification Trusted Network Connect–TNC Architecture for InteroperabilityRevision1.1. http://www.trustedcomputinggroup.org
[54] Kuhn U, Selhorst M, Stuble C. Realizing property-based attestation and sealing withcommonly available hard-and software. In: Proceedings of the1stACM Workshop onScalable Trusted Somputing (STC’07). New York, NY,2007.50~57
[55]沈昌祥,张焕国,王怀民,等.可信计算的研究与发展.中国科学:信息科学,2010,40(2):139~166
[56] ISO/IEC, Information technology-security Techniques-Evaluation Criteria for IT Security.Part1: Introduction and General Model.2nd ed.2005. http://standards.iso.org
[57] Trusted Computing Group, TCG Architecture Overview, v1.2,28April2004. https://www.trustedcomputinggroup.org
[58] Gates B. Trustworthy Computing. Wired News, Jan.17,2002
[59]林闯.可信网络研究.计算机学报,2005,28(5):751~758
[60] Algirdas A, Jean-Claude L, Brian R, et al. Basic concepts and taxonomy of dependable andsecure computting. IEEE Trans Dependable Secure,2004,1(1):11~33
[61]王怀民,唐扬斌,尹刚,等.互联网软件的可信机理.中国科学E辑:信息科学,2006,36(10):1156~1169
[62]邓晓衡,卢锡城,王怀民. iVCE中基于可信评价的资源调度研究.计算机学报,2007,30(10):1750~1762
[63] Dong W, Wang J, Zhao C Z, et al. Automating software FMEA via formal analysis ofdependence relations. In: Proceedings of the32ndAnnual IEEE International ComputerSoftware and Applications Conference (COMPSAC). New York: IEEE Computer Society,2008:490~491
[64] Lyu M R. Handbook of Software Reliability Engineering. NewYork: IEEE Computer SocietyPress, McGraw-Hill Book Company,1996
[65] Rolland J F, Bodeveix J P, Filali M, et al. AADL modes for space software, data systems. In:Aerospace (DASIA2008). Palma de Majorca,2008.27~30
[66] Mens T, Demeyer S. Software Evolution. Berlin/Heidelberg: Springer-Verlag,2008
[67] Ghoshal S, Manimaran S, Rosu G, et al. Monitoring IVHM systems using a monitor-orientedprogramming framework. In: Proceedings of the6thNASA Langley Fomal MethodsWorkshop (LFM2008),2008
[68] Nahmsuk O. Software Implemented Hardware Fault Tolerance. California: StanfordUniversity,2001
[69]梅宏,王千祥,张路,等.软件分析技术进展.计算机学报,2009,9:1697~1710
[70] Clarke E M, Grumberg O, Peled D A. Model Checking. Massachusetts: MIT Press,2000
[71] Boldyreff C, Nutter D, Rank S, et al. Environments to support collaborative softwareengineering. In: Proceedings of the2ndWorkshop on Cooperative Supports for DistributedSoftware Engineering Processes,2003.25~28
[72] Oreizy P, Medvidovic N, Taylor R N. Runtime software adaptation: framework, approaches,and styles. ICSE,2008:899~910
[73] Ruhe M G, Eberlein A. COTS selection: past, present, and future. In: Proceedings of the14thAnnual IEEE International Conference and Workshops on the Engineering ofComputer-Based Systems, ECBS’07. Washington: IEEE Computer Society,2007.103~114
[74] Feiler N L, Gabriel P, Goodenough R, et al. Ultra-Large-Scale Systems: the SoftwareChallenge of the Future. Software Engineering Institute. Pittsburgh, PA: Carnegie MellonUniversity,2006
[75]王远,吕建,徐锋,等.一个适用于网构软件的信任度量及演化模型,软件学报,2006,17(4),682~690
[76] Blaze M, Feigenbaum J, Ioannidis J, et al. The KeyNote Trust Management System Version2, Internet RFC2704.1999
[77] Chu Y H, Feigenbaum J, LaMacchia B, et al. REFEREE: Trust management for Webapplications. World Wide Web J,1997,2(2):127~139
[78] Li N, Winsborough W H, Mitchell J C. Distributed credential chain discovery in trustmanagement. J Comput Secur,2003,11(1):35~86
[79] Freudenthal E, Pesin T, Port L. dRBAC: Distributed role-based access control for dynamiccoalition environments. In: Proc22nd International Conference on Distributed ComputingSystems (ICDCS’02). Vienna: IEEE,2002,294~306
[80] English C, Wagealla W, Nixon P, et al. Trusting collaboration in global computing systems.Lecture Notes in Computer Science2003,123~149
[81] Kamvar S, Schlosser M, Garcia-Molina H. The eigentrust algorithm for reputationmanagement in P2P networks. In: Proceedings of the12thInternational Conference on WorldWide Web2003,640~651
[82]张林,徐锋,王远,等.一种信任管理系统中层次式monitor机制的设计与实现.南京大学学报(自然科学),2007,43(2):191~198
[83]李佳伦,谷利泽,杨义先.一种具有时间衰减和主观预期的P2P网络信任管理模型.电子与信息学报,2009,31(11):2786~2790
[84]罗鑫,杨义先,胡正名,等.开放网络环境中的信任管理框架.北京邮电大学学报,2009,32(1):126~130
[85] Abdul-Rahman A, Hailes S. Using recommendations for managing trust in distributedsystems. In: IEEE Malaysia International Conference on Communication Citeseer1997
[86]胡建理,吴泉源,周斌,等.一种基于反馈可信度的分布式p2p信任模型.软件学报,2009,20(10):2885~2898
[87] Abdul-Rahman A, Hailes S. A distributed trust model. In: Proceeding of the1997NewSecurity Paradigms Workshop. Cumbria: ACM Press,1998.48~60
[88] Beth T, Borcherding M, Klein B. Valuation of trust in open NetWork. In: Proc. EuropeanSymposium on Research in Security (ESORICS). Brighton: Springer-Verlag,1994.3~18
[89] J sang A. A model for trust in security systems. In: Proceedings of the Second NordicWorkshop on Secure Computer Systems,1997
[90]徐锋,吕建,郑玮,等.一个软件服务协同中信任评估模型的设计.软件学报,2003,14(6):1043~1051
[91] Houser D, Wooders J. Reputation in auctions: theory and evidence from eBay. University ofArizona Working Paper, University of Arizona,2000
[92] Sepandar DK, Mario TS, Hector GM. The EigenTrust algorithm for reputation managementin P2P networks. In: Proc. of the12th Int'l Conf. on World Wide Web. Budapest: ACM Press,2003.640~651
[93] Zhou RF, Hwang K. PowerTrust: A Robust and Scalable Reputation System for TrustedPeer-to-Peer Computing. IEEE Transactions on parallel and distributed systems,2007,18(4):460~473.
[94] Xiong L, Liu L. PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer ElectronicCommunities. IEEE Transaction on knowledge data engineering,2004,16(7):843~857
[95]田春岐,邹仕洪,田慧蓉,等.一种基于信誉和风险评价的分布式P2P信任模型.电子与信息学报,2007,29(7):1628~1632
[96] J sang A, Haller J. Dirichlet Reputation Systems. In: Proceedings of the2nd InternationalConference on Availability, Reliability and Security Vienna. Los Vaqueros: IEEE computersociety,2007,112~119
[97] Meyer B, Zürich E T H, Barbara S. The grand challenge of Trusted Components, In:Proceedings of the25th International Conference on Software Engineering2003
[98] ISO/IEC9126Directives, ISO/IEC9126-1:2001Software engineering--Product quality--Part1: Quality model, ISO/IEC9126, ISO,2001
[99] Yacoub S M, Ammar H H. A methodology for architecture-level reliability risk analysis.IEEE Transactions on Software engineering.2002,28(6):529~547
[100] Hamlet D, Mason D, Woit D. Theory of Software Reliability Based on Components. In:Proceedings of the23rd International Conference on Software Engineering (ICSE'01),2001
[101] Roshandel R, Medvidovic N. Multi-View Software Component Modeling for Dependability.Lecture Notes in Computer Science Volume3069/2004
[102] Reussner R H, Schmidt H W, Poernomo I H. Reliability prediction for component-basedsoftware architectures. Journal of systems and software,2003,66:241~252.
[103] Guerra P A C, Filho F C, Pagano V A, Rubira C M F, Structuring Exception Handling forDependable Component-Based Software Systems. In: Proceedings of the30thEUROMICRO Conference (EUROMICRO’04),2004
[104] Bobbio A, Portinale L, Minichino M. Improving the analysis of dependable systems bymapping fault trees into Bayesian networks. Reliability Engineering and System Safety,2001,71(3),249~260
[105]吴国全,魏峻,黄涛.基于非确定性推理的网构软件服务质量动态评估方法.软件学报,2008,19(5),1173~1185
[106]郭树行,兰雨晴,金茂忠.软件构件的可信保证研究.计算机科学,2007,34(5),243~246
[107]毛晓光,邓勇进.基于构件软件的可靠性通用模型.软件学报,2004,15(1),27~32
[108]陈锦富.基于错误注入的构件安全性测试理论与技术研究.华中科技大学,博士论文,2009
[109]陈锦富,卢炎生,谢晓东.一种构件安全测试错误注入模型.计算机研究与发展,2009,46(7):1127~1135
[110] Wang Y, Vassileva J. A review on trust and reputation for Web service selection. In: Proc. ofthe27th Int’l Conf. on Distributed Computing Systems Workshops,2007
[111] Vu L H, Hauswirth M, Aberer K. Qos-Based service selection and ranking with trust andreputation management. In: Proc. of the Move to Meaningful Internet Systems2005: CoopIS,DOA, and ODBASE. LNCS3760,2005,466~483.
[112] Diamadopoulou V, Makris C, Panagis Y, et al. Techniques to support web service selectionand consumption with QoS characteristics. Journal of Network and Computer Applications,2008,31(2):108~130
[113] Zhang J, Xu D. A mobile agent-supported Web services testing platform. In: Proceedings ofthe IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.Washington, DC, USA: IEEE Computer Society,2008:637~644
[114] Shao L S, Zhao J F, Xie T, et al. User-perceived service availability: a metric and anestimation approach. In: Proceedings of the IEEE International Conference on Web Services,Los Angeles,2009. Washington, DC, USA: IEEE Computer Society,2009:647~654.
[115] Bai X Y, Dong W L, Tsai W T, et al. WSDL-based automatic test case generation for Webservices testing. In: Proceedings of the IEEE International Workshop on Service-OrientedSystem Engineering, Los Alamitos,2005. Washington, DC, USA: IEEE Computer Society,2005:215~220
[116] Maximilien E M, Singh M P. A framework and ontology for dynamic Web services selection.IEEE Internet Computing,2004,8(5):84~93
[117]朱曼玲,金芝.一种服务Agent的可信性评估方法.软件学报,2011,22(11):2593~2609
[118]孟琳琳,赵伟男,刘旭东,等. Web服务可信证据收集与评估机制研究.计算机科学与探索,2011,5(7),642~651
[119] Guannan Si, Jufeng Yang, Jing Xu, et al. An Evaluation Model for Dependability ofInternet-scale Software on Basis of Bayesian Networks, In: the IEEE Computer Software andApplications Conference (COMPSAC2012),2012
[120]司冠南,任宇涵,许静,等.基于贝叶斯网络的网构软件可信性评估模型.计算机研究与发展,2012,49(5)
[121]吕建,张鸣,廖宇,等.基于移动Agent技术的构件软件框架研究.软件学报,2000,11(8):1018~1024
[122]胡海洋,杨玫,陶先平,等. Cogent后组装机制的研究实现.电子学报,2002,30(12):1823~1827
[123] Lu J. Some research on componentware frameworks based on mobile agent technology.ACM SIGSOFT Software Engineering Notes,2004,29(2):8~15
[124] Lu J, Li Y J, Ma X X, et al. A hierarchical framework for parallel seismic applications.Communications of ACM,2000,43(10):55~59
[125] Ma X X, Lu J, Tao X P, et al. A mobile-agent-based approach to software coordination in theHOOPE system. Science in China, Series F,2002,45(3):203~219
[126]吕建,陶先平,马晓星,等.基于Agent的多模式协同中间件ARTEMIS-M3C.南京大学计算机软件新技术国家重点实验室技术报告,2004
[127] Mei H, Huang G. PKUAS: An architecture-based refective component operating platform. In:Proceedings of the10thIEEE Int’l Workshop on Futre Trends of Distributed ComputingSystems (FTDCS). Los Alamitos: IEEE Computer Society,2004.163~169
[128] Pan Y, Wang L, Zhang L, et al. Relevancy based sematic interoperation of reuse repositories.In: Proceedings of the12thACM SIGSOFT Symp. On Foundations of Software Engineering(FSE-12). New York: ACM Press,2004,211~220
[129]梅宏,黄罡,赵海燕,等.一种以软件体系结构为中心的网构软件开发方法.中国科学E辑:信息科学,2006,36(10):1100~1126
[130] Vestal S. A cursory overview and comparison of four architecture description languages.Technical Report, Honeywell Technology Center,1993
[131] Clements P C, A survey of architecture description language, In: Proceeding of the8thInternational Workshop on Software Specification and Design,1996
[132] Medvidovic N, Taylor R N, A classification and comparison framework for softwarearchitecture description language, IEEE Transactions On Software Engineering,2002,26(1),70~93
[133]朱雪阳,唐稚松.基于时序逻辑的软件体系结构描述语言XYZ/ADL.软件学报,2003,14(4):714~720
[134] Mei H, Chen F, Wang Q X, et al. ABC/ADL: An ADL Supporting Component Composition.LNCS2495, Springer-Verlag,2002:38~47
[135] Garlan D, Monroe R T, Acme: Architectural Description of Component-Based System, In:Proceedings of CASCON '97,1997
[136] World Wide Web Consortium. REC-xml-20081126. Extensible markup language (XML)1.0(fifth edition). Availiable at: http://www.w3.org/TR/2008/REC-xml-20081126/,2008
[137] World Wide Web Consortium. REC-xmlschema-0-20041028. Availiable at:http://www.w3.org/TR/REC-xmlschema-0-20041028/,2004
[138]张世琨,张文娟,常欣,等.基于软件体系结构的可复用构件制作和组装,软件学报,2001,12(9):1351~1359
[139] Avgustinov P, Tibble J, Bodden E, et al. Aspect for Trace Monitoring.Formal Approaches toTesting Systems and Runtime Verification, Seattle, WA, USA,2006,20~39
[140]文静,王怀民,应时,等.支持运行监控的可信软件体系结构设计方法.计算机学报,2010,33(12):2321~2334
[141] Mui L. Computational models of trust and reputation: agents, evolutionary games, and socialNetworks:[Ph D dissertation]. Combridge: Massachusetts Institute of Technology,2003
[142]王远,吕建,徐锋,等.一种面向网构软件体系结构的信任驱动服务选取机制,软件学报,2008,19(6),1350~1362
[143] Walket D M. The Oxford Companion to Law. Oxford University Press.1980
[144] Meyer B. Applying “design by contract”. Computer,1992,25(10):40~51
[145] Meyer B. Object Oriented Software Construction. Prentice-Hall.1998
[146] Lackner M, Krall A, Puntigam Franz. Supporting Design by Contract in Java, Journal ofObject Technology,2002,1(3)
[147] Beugnard A, Jezequel J M, Plouzeau N. Make components contract aware. Computer,1999,32(7):38~45
[148] Ling S, Poernomo I, Schmidt H, Describing web service architectures throughdesign-by-contract. ISCIS2003,2003:1008~1018
[149] Luders F, Lau K K, Ho S M. Specification of software components, building reliablecomponent-based software systems. Boston, London: Artech House Computing Library,2002.
[150] Murata T. Petri nets: properties, analysis and application. Proceedings of the IEEE,1989,77(4),541~580
[151]吴哲辉. Petri网导论.北京:机械工业出版社,2006
[152] Barkaoui K, Pradat-peyre J. Verification in comcurrent programming with Petri netsstructural techniques. In: Proceedings of the3rdInter IEEE High-Assurance SystemEngineering Symposium. Los Alamitos, CA: IEEE Computer Society Press,1998.124~133
[153] Yang Y P, Tan Q P, Xiao Y. Verifying Web Services Composition Based on HierarchicalColored Petri Nets. In: Proceedings of the first international workshop on Interoperability ofheterogeneous information systems. ACM,2005:47~54
[154] van der Aalst W M P.The application of Petri nets to workflow management.The Journal ofCircuits t Systems and Computers,1998,8(1):21~66
[155] Zhou M C, Leu M C. Modeling and performance analysis of a flexible PCB assembly stationusing Petri nets. Trans ASME J Electron Packag,1991,113(4):410~416
[156]韩耀军,蒋昌俊,罗雪梅.基于Petri网合成与化简的分布式数据库系统并发控制的死锁检测.小型微型计算机系统,2004,25(5):821~826.
[157]陆文,徐锋,吕建.一种开放环境下的软件可靠性评估方法.计算机学报,2010,33(3):452~462
[158] Winsborough W H, Seamons K E, Jones V E. Automated trust negotiation. In:DARPAInformation Survivability Conf. and Exposition. New York: IEEE Press,2000,88~102
[159] Walker D D, Mercer E G, Seamons K E. Or Best Offer: A Privacy Policy NegotiationProtocol. In: Proc. of the9th Int’l Workshop on Policies for Distributed Systems andNetworks. New York: IEEE Computer Society Press,2008,173~180
[160] Li J T, Li N H, Winsborough W H. Automated trust negoti-ation using cryptographiccredentials. In: ACM Transac-tions on Information and System Security,2009(13),46~57
[161]李建欣,怀进鹏. COTN:基于契约的信任协商系统[J].计算机学报,2006(8),1290~1300
[162]张妍,冯登国.吝啬语义信任协商[J].计算机学报,2009(10),1989~2003
[163] He Y, Zhu M L. A complete and efficient strategy based on petri net in automated trustnegotiation. In: Proceedings of the2nd international conference on Scalable informationsystems, Brussels: ACM,2007,75~81
[164] Johnson W, Mudumbai S, Thompson M. Authorization and attribute certificates for widelydistributed access control. In: IEEE Proc. of the7th Workshop on Enabling Technologies:Infrastructure for Collaborative Enterprises. Washington: IEEE Computer Society Press,1998.340~345
[165] Seamons K E, Winslett M, Yu T, et al. Requirements for policy languages for trustnegotiation. In: Proc. of the3rd Int’l Workshop on Policies for Distributed Systems andNetworks (POLICY2002). Washington: IEEE Computer Society Press,2002.68~79
[166] Yu T, Winslett M. A unified scheme for resource protection in automated trust negotiation. In:Proc. of the2003IEEE Symp. on Security and Privacy. Washington: IEEE Computer SocietyPress,2003.110~122
[167] Laprie J C, ed. Dependability: Basic Concepts and Terminology. Springer-Verlag,1992
[168]金茂忠,高仲仪,刘超,等.软件构件产品质量第一部分:质量模型.中华人民共和国电子行业标准SJ/T11374-2007,中华人民共和国信息产业部,2007
[169] Nilsson N著.郑扣根,庄越挺译.人工智能.机械工业出版社,2000
[170] Stephenson T A. An introduction to Bayesian Network theory and usage. IDIAP-RR00-03,2000
[171] Kim J H, Pearl J. A computation model for causal and diagnostic reasoning in inferencesystems. In: Proeeedings of the8thInternational Joint Conference on AI, Los Angeles,1983,190~193
[172] Charniak E. Bayesian Networks without tears. AI Magazine,1991,12(4):50~63
[173]黎锁平.运用蒙特卡罗方法求解随机性问题.甘肃工业大学学报,2001,27(2):95~97
[174] Jensen F V. An introduction to Bayesian Networks. UCL Press Ltd., London,1996
[175]吴欣,郭创新.基于贝叶斯网络的电力系统故障诊断方法.电力系统及其自动化学报,2005,17(4):11~15
[176]史建国,高晓光,李相民.基于离散模糊动态贝叶斯网络的空战态势评估及仿真.系统仿真学报,2006,18(5):1093~1096
[177] Heckerman D, Mamdani A, Wellman M. Real-world applications of Bayesian networks.Communications of the ACM,1995,38(3):38~45
[178] Buede D M, Tatman J A, Bresnick T A. Introduction to Bayesian Networks.http://www.ecse.rpi.edu/Homepages/qji/TutFinbd.ppt
[179] Getoor L, Friedman N, Koller D, et al. Learning probabilistic relational models withstructural uncertainty. In Proceedings of the International Conference on Machine Learning.Morgan Kaufman,2001,170~177
[180] Getoor L, Segal E, Taskar B, et al. Probabilistic models of text and link structure forhypertext classification. In IJCAI Workshop on Text Learning: Beyond Supervision,2001
[181] Torres-Toledano J G, Sucar L E. Bayesian Networks for Reliability Analysis of ComplexSystems. Proceedings of the6th Ibero-American Conference on AI: Progress in ArtificialIntelligence, vol1484of LNCS,1998,195~206
[182] Arroyo G, Sucar L, Villavicencio A. Probabilistic temporal reasoning and its application tofossil power plant operation. Expert Systems with Applications,1998,15,317-324
[183] Bai C G. Bayesian network based software reliability prediction with an operational profile.Journal of Systems and Software,2005,77(2):103~112
[184] Axel B, Helminen A. A Bayesian belief network for reliability assessment. SAFECOMP2001, vol2187of LNCS,2001,35~45
[185] Boudali H, Dugan J B. A discrete-time Bayesian network reliability modeling and analysisframework. Reliability Engineering and System Safety,2005,87(3):337~349
[186] Bouissou M, Martin F, Ourghanlian A. Assessment of a Safety Critical System IncludingSoftware: a Bayesian Belief Network for Evidence Sources. Proceeding of the Reliabilityand Maintainability Symposium (RAMS‘99),1999,142~150
[187] Montani S, Portinale L, Bobbio A, et al. Codetta-Raiteri. A tool for automatically translatingDynamic Fault Trees into Dynamic Bayesian Networks. Proceeding of the Reliability andMaintainability Symposium (RAMS2006),2006,434~441
[188] Weber P, Munteanu P, Jouffe L. Dynamic Bayesian Networks modelling the dependability ofsystems with degradations and exogenous constraints. Proceeding of the11th IFACSymposium on Information Control Problems in Manufacturing (INCOM'04),2004.
[189] Boudali H, Dugan J B. A continuous-time Bayesian network reliability modeling andanalysis framework. IEEE Transaction on Reliability.2006,55(1):86~97
[190] Voas J. Fault injection for the Masses. IEEE Computer,1997,30(12):129~130
[191] Hsueh M C, Tsai T K, Lyer R K. Fault injection techniques and tools. IEEE Computer,1997,30(4):75~82
[192] Delamam M E, Maidonado J C. Mathur A P. Interface Mutation: an approach for integrationtesting. IEEE Transactions on Software Engineenng,2001,27(3):228~247
[193] Avres D, Arlat J, Laprie J C, et al. Fault injection for formal testing of fault tolerance. IEEETransactions On Reliability,1996,45(3):443~455
[194] Barbosa R, Silva N, Duraes J, et al. Verification and validation of (Real Time) COTSproducts using fault injection techniques. In: Proceedings of Sixth Intemational IEEEConference on Commercial-off-the-Shelf (COTS)-Based Software Systems (ICCBSS’07).Canada: IEEE CS,2007,233~242
[195] Bieman J M, Dreilinger D, Lijun L. Using fault injection to increase software teste overage,In: Proceedings of the Seventh International Symposium on Software Reliability Engineenng(ISSRE’96). IEEE Computer Society.1996,166~174
[196] Regina L O M, Eliane M, Naaliel Vicente M. Fault injection approach based on dependenceanalysis, In: Proeeedings of the29thAnnual International Computer Software andApplications Conference (COMPSAC’05). IEEE Computer Society: Scotland.2005,181~188
[197] Yao W H, Shih K H, Tsung P L, et al. Web application security assessment by fault injectionand behavior monitoring. In: Proceedings of the12thInternational conference on World WideWeb (WWW2003), ACM: Budapest, Hungary.2003,148~159