Software source code, visual risk analysis: an example

This paper describes a method of addressing software attacks, e.g. Trojan horses on to software source code. Source code manipulation poses various threats to the delivering of a safe system. Changes to source code are usually controlled by change management software. Change management software does not detect security-related risks, which might be imbedded in the source code as a result of changes made to the source code. This paper describes a method, by means of an example, of a possible way in which to identify and secure possible risk patterns in the source code by use of visualisation and pattern recognising techniques. A prototype of the visual risk analyser is used on a program illustrative of the different phases of the visualisation method.