TESTING THE DYNAMIC EXECUTION OF PYTHON PROGRAM CODE DURING THE CERTIFICATION TESTING (DEVELOPMENT) STAGE IN THE CERTIFICATION SYSTEM OF THE MINISTRY OF DEFENSE OF RUSSIA
Background. In many cases, software products subject to verification in the mandatory certification system of the Russian Ministry of Defense are developed using the interpreted Python programming language. When checking applications developed in the Python language for compliance of their code with...
Saved in:
| Published in | Надежность и качество сложных систем no. 2 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | English |
| Published |
Penza State University Publishing House
01.06.2023
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Background. In many cases, software products subject to verification in the mandatory certification system of the Russian Ministry of Defense are developed using the interpreted Python programming language. When checking applications developed in the Python language for compliance of their code with the requirements of the governing document "Protection against unauthorized access to information. Part 1. Information security software. Classification according to the level of control of the absence of undeclared capabilities" (State Technical Commission of Russia, Moscow, 1999) 1, hereinafter – RD NDV, along with static analysis, a dynamic analysis should be carried out (for control levels of RD NDV 3 and 2). Materials and methods. At the same time, at present, the certification system of the Russian Ministry of Defense lacks certified tools and recommended methods and algorithms that can be used to test the dynamic execution of the Python code of programs at the stage of certification tests. A promising approach in the study of undeclared capabilities of the Python code of applications during dynamic testing is a method based on the use of statistics generated by the built-in profiler of the Python interpreter. Results and conclusions. The article describes in detail the sequence of actions for generating, using statistical data obtained through the Python profiling system, reporting, the analysis of which allows drawing reasonable conclusions on the compliance / non-compliance of the studied application code developed in the Python programming language with the requirements of the RD NDV, in terms of dynamic analysis. |
|---|---|
| AbstractList | Background. In many cases, software products subject to verification in the mandatory certification system of the Russian Ministry of Defense are developed using the interpreted Python programming language. When checking applications developed in the Python language for compliance of their code with the requirements of the governing document "Protection against unauthorized access to information. Part 1. Information security software. Classification according to the level of control of the absence of undeclared capabilities" (State Technical Commission of Russia, Moscow, 1999) 1, hereinafter – RD NDV, along with static analysis, a dynamic analysis should be carried out (for control levels of RD NDV 3 and 2). Materials and methods. At the same time, at present, the certification system of the Russian Ministry of Defense lacks certified tools and recommended methods and algorithms that can be used to test the dynamic execution of the Python code of programs at the stage of certification tests. A promising approach in the study of undeclared capabilities of the Python code of applications during dynamic testing is a method based on the use of statistics generated by the built-in profiler of the Python interpreter. Results and conclusions. The article describes in detail the sequence of actions for generating, using statistical data obtained through the Python profiling system, reporting, the analysis of which allows drawing reasonable conclusions on the compliance / non-compliance of the studied application code developed in the Python programming language with the requirements of the RD NDV, in terms of dynamic analysis. |
| Author | Samarov, Vladimir |
| Author_xml | – sequence: 1 givenname: Vladimir surname: Samarov fullname: Samarov, Vladimir |
| BookMark | eNptkbtugzAUQD2kUtM0f9CBsR1ofY15jQgMsRQgAqcqk2VeVaI0VNClv9SvLCRNpk6-vo9zpXvu0OzYHRuEHgA_E7Ac84UY2NYpwaZOMDF0ogPM0PyavUXLYdhjjIkLhGA8Rz-C5YInkSZWTAuKxIu5r7E35m8FTxMtDbVNIVZjtMnSKPNizU-DsXGbXWZ8lgkect879V9ojwF7Zet0E7NEPGm58CKm8eSfgbzIBYunPVMt5gnPRVZM_4CFLMnZFGbbPOfePbpp1WFoln_vAomQCX-lr9NoxK31CkwbdGJVNTgEWhdXpVvWrm1Qt2oVtlrTsksH3NKtS8MmtGlUTRxqEQcaE4zWsozxaAvEz9i6U3v52e8-VP8tO7WTp0TXv0vVf-2qQyPBrqiDFXUdRWnbmuXoAOrKaUqwbTCskUXPrKrvhqFv2isPsDwZk5MbObmRkzFJJIDxC_MEfgU |
| ContentType | Journal Article |
| CorporateAuthor | 16 NIITS LLC |
| CorporateAuthor_xml | – name: LLC – name: 16 NIITS |
| DBID | AAYXX CITATION DOA |
| DOI | 10.21685/2307-4205-2023-2-11 |
| DatabaseName | CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| ExternalDocumentID | oai_doaj_org_article_17c480a498a44ff5b1681dc8eb177136 10_21685_2307_4205_2023_2_11 |
| GroupedDBID | 642 AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ |
| ID | FETCH-LOGICAL-c1571-26cd1821f90cb9bd97349cfa06f567b819b9db3724eead2846281e513f663023 |
| IEDL.DBID | DOA |
| ISSN | 2307-4205 |
| IngestDate | Wed Aug 27 01:31:57 EDT 2025 Tue Jul 01 02:43:00 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c1571-26cd1821f90cb9bd97349cfa06f567b819b9db3724eead2846281e513f663023 |
| OpenAccessLink | https://doaj.org/article/17c480a498a44ff5b1681dc8eb177136 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_17c480a498a44ff5b1681dc8eb177136 crossref_primary_10_21685_2307_4205_2023_2_11 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2023-06-01 |
| PublicationDateYYYYMMDD | 2023-06-01 |
| PublicationDate_xml | – month: 06 year: 2023 text: 2023-06-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | Надежность и качество сложных систем |
| PublicationYear | 2023 |
| Publisher | Penza State University Publishing House |
| Publisher_xml | – name: Penza State University Publishing House |
| SSID | ssj0002912200 |
| Score | 2.2216825 |
| Snippet | Background. In many cases, software products subject to verification in the mandatory certification system of the Russian Ministry of Defense are developed... |
| SourceID | doaj crossref |
| SourceType | Open Website Index Database |
| SubjectTerms | certification tests of software products code profiling for dynamic analysis control of completeness and lack of redundancy at the level of files and functional objects dynamic code analysis of python programs |
| Title | TESTING THE DYNAMIC EXECUTION OF PYTHON PROGRAM CODE DURING THE CERTIFICATION TESTING (DEVELOPMENT) STAGE IN THE CERTIFICATION SYSTEM OF THE MINISTRY OF DEFENSE OF RUSSIA |
| URI | https://doaj.org/article/17c480a498a44ff5b1681dc8eb177136 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3NjtMwELbQnrggECCWn5UPHOBgbew4dnzMtk4bpKarxJXaU5Q4zrGg1fJSPCUzTrsqEhIXbo7jsaOZkWfG8XxDyGcsRZOO3jOEGmey14r1KunZkActRhU0j3_PN7Va7-S3fba_KPWFd8JmeOCZcbdce5knvTR5L-U0ZQNX4GL5PCBuEk8j2DbYvItgCvdgYbgQMf8ELzozKZJszpsTQJ7dPnUyrB7OBOP8D7t0Ad8f7Uz5krw4OYi0mD_sFXkWjq_JL2dbV9Ur6taWLg91Acyjdm8XOzxhotuS3h_cGlr3zXbVFBu62C5h4K450yxs46rylDVMz7N9uSjB-ZW2rlhZWtV_IWgPrbMbXAffbaq6al1zwOelLW3dWmw2O9iZizfEldYt1uxUZYF5nmnOhPIjBBl8MokfzDAanUrjpz5RU6b0AB7DYMYh1UIG0DqwZkrkPGQ8ncBZAe69JVfH78fwjlAv0jSVHgv6INCfN0qHRA1ApjxEmeaasDOLux8zlkYHMUgUSYci6VAkHYqkExCaXJM7lMPTWETCjh2gH91JP7p_6cf7_zHJB_I8Kko8fflIrh4ffoZP4Iw8DjdR734DKRjIDg |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=TESTING+THE+DYNAMIC+EXECUTION+OF+PYTHON+PROGRAM+CODE+DURING+THE+CERTIFICATION+TESTING+%28DEVELOPMENT%29+STAGE+IN+THE+CERTIFICATION+SYSTEM+OF+THE+MINISTRY+OF+DEFENSE+OF+RUSSIA&rft.jtitle=%D0%9D%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D1%8C+%D0%B8+%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%BE+%D1%81%D0%BB%D0%BE%D0%B6%D0%BD%D1%8B%D1%85+%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC&rft.au=V.V.+Samarov&rft.date=2023-06-01&rft.pub=Penza+State+University+Publishing+House&rft.issn=2307-4205&rft.issue=2&rft_id=info:doi/10.21685%2F2307-4205-2023-2-11&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_17c480a498a44ff5b1681dc8eb177136 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2307-4205&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2307-4205&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2307-4205&client=summon |