Binary Information Press
To quantitatively predict software security, a component security model is proposed based on Stochastic Petri Nets (SPNs). An isomorphic Markov Chain (MC) is obtained from the component SPN model. A quantitative security evaluation prediction method is proposed. The prediction value is calculated according to the steady states probability distribution of MC, obtained from a software SPN model. Sensitivity analysis method is proposed. It provides a mean to trace back to the critical components for security enhancing.