Вестник КазНУ. Серия математика, механика, информатика (Dec 2020)

Applying the knowledge base of CWE weaknesses in software design

  • Zh. E. Sartabanova,
  • V. T. Dimitrov,
  • S. M. Sarsimbayeva

DOI
https://doi.org/10.26577/JMMCS.2020.v108.i4.06
Journal volume & issue
Vol. 108, no. 4
pp. 72 – 80

Abstract

Read online

The article deals with the issues of organizing software weaknesses by the software architect at the stage of its design using the developed ontological knowledge base of CWE weaknesses. The main goal of this research is to analyze the software defect system based on CWE and develop an ontology model (knowledge base) of this system for software architects. The use of artificial intelligence tools, in particular the development of knowledge bases based on weaknesses, will provide new opportunities for searching and researching software weaknesses. This model being developed will be useful for application by software developers, researchers in the field of software design and cybersecurity, as well as teachers of educational institutions that conduct courses in software development technology and information security. For developers, this model can serve as an assistant and reference when designing software, since weaknesses are organized by a well-known security tactic, helping the designer to embed security during the design process instead of detecting weaknesses after the software has been created. Researchers will be interested in studying and applying software weaknesses in their work. Teachers can use this model as a reference when studying and discussing security vulnerabilities in software design or architecture, as well as the types of errors that can be made during software development. The functions of the software architect are analyzed, and an example of the built ontological knowledge base of CWE weaknesses is given.

Keywords