A Software Security Assessment System Based on Analysis of Vulnerabilities
In recent years, software security plays an important role in verifying system safety and avoiding the casualties and property losses, but it is difficult to assess system security in traditional software engineering and software test. Focusing on the software security assessment system, this paper based on the vulnerability analysis method, which takes the advantage of both qualitative analysis and quantitative analysis to assess the security of software. The major methods of domestic and foreign software security measurement are discussed. Through the comparative analysis of existing vulnerability rating system, especially the CVSS and VRSS, this paper discovers their respective advantages and proposes a more accurate rating system to obtain the final security score of the software system.