International Journal of Open Information Technologies

The article discusses the issues of assessing the quality of a proprietary computing system in the acquisition and delivery processes. Descriptive quality models proposed in scientific literature and regulatory documents are considered. The analytical model of the quality of the software system has been improved. A theoretical basis has been developed for calculating the quality indicators "throughput" and "resource intensity". The concept of the influence of errors in binary code on the evaluation of quality indicators is introduced. Based on the methodology for calculating the impact of vulnerability in the system on information security, a method for calculating the impact of errors on other characteristics of the quality of the computing system is proposed. The advantages and disadvantages of error detection methods in a computer system in the absence of access to the development process are presented. In conclusion, the problems of methods for assessing quality indicators and finding errors in proprietary computing systems are outlined.

GOST R ISO/IEC 25010-2015 Information technology. Systems and software engineering. Systems and software Quality Requirements and Evaluation (SQuaRE). System and software quality models. – M.: Standartinform, 2015 – 36 p.

GOST 28195-89 Quality control of software systems. General principles. – M.: IPK Publishing House of Standards, 1989 – 31 p.

Lavrishcheva E. M. Software engineering. Paradigms, technologies and CASE tools: Studies for universities — 2nd ed., ispr. — M.: Yurayt Publishing House, 2016. — 280 p.

Lipaev V. V. Software engineering: methodological foundations: Studies for universities – M.-Berlin: Direct-Media, 2015. — 608 p.

Wentzel E. S. Probability theory: Studies for universities. — 6th ed. ster. — M.: Higher School, 1999.— 576 p.

The data bank of security threats: the website of the FSTEC of Russia. URL: https://bdu.fstec.ru/calc31 (visited: 07/14/2023).

Lipaev V. V. Functional security of software tools // Moscow: SINTEG, 2004. – Vol. 348. – p. 348.

Vasilenko M. N. et al. Errors in the technical documentation of railway automation and telemechanics and their impact on the safety of train traffic // Automation in transport. – 2019. – Vol. 5. – No. 1. – pp. 94-112.

N. V. Pakulin, E. M. Lavrishcheva, A. G. Ryzhov, S. V. Zelenov. Analysis of methods for assessing the reliability of equipment and systems. The practice of applying methods // Proceedings of the ISP RAS. – 2018. – Vol. 30. - No. 3. – pp. 99-12.

General Vulnerability Assessment System version 3.1: Specification of the standard: site FIRST. URL: https://www.first.org/cvss/v3.1/specification-document (visited: 14.09.2022).

Belevantsev A. A., Velesevich E. A. Analysis of the entities of programs in C/C++ languages and the connections between them for understanding programs // Proceedings of the ISP RAS. – 2015. – Vol. 27. – No. 2.

Novikov V. A., Fonarev M. O. Recompilation of disassembled program texts // Information security issues. - 2007. – No. 2. – pp. 51-54.

Buinevich M. V., Izrailov K. E. Investigation of the possibility of using machine learning to search for vulnerabilities in software code in the process of its static analysis // Integration of science, society, production and industry: problems and prospects. – 2020. – pp. 17-22