R. R. Fatkieva, V. V. Pometsko

A testing process is an inseparable part of software engineering. Despite a lot of methods and approaches to the software testing problem, critical vulnerabilities still can be found in finished products. Set of metrics, for most exploited vulnerabilities is described, and approach to software evaluation, based on described metrics is offered. Most exploited software vulnerabilities are described, approach to software evaluation based on described metrics is suggested. It is possible to apply such metrics during stage of automated static testing that also strengthens software code quality. A scanning software code of a tested program and its analysis according to program-s characteristics and functions is suggested. Limitations of this approach lie in the fact that exposing some vulnerability implies having corresponding metric. This approach lets to make fuller analysis of vulnerabilities presence basic indications and is also scalable