软件可靠性是软件工程领域中的研究热点之一，故障率分析是软件可靠性的典型研究方法.然而，软件构建模式已从单体模式演进到以开源软件为代表的规模化协作模式，操作系统作为代表性产物之一，所含开源软件之间通过组合关系和依赖关系，形成了一个包含上万节点的供应关系网络.典型方法缺乏对供应关系的考量，无法准确识别和评估因此而引入的软件可靠性问题.把供应链概念体系拓展到开源软件领域，提出一种基于知识的面向开源协作模式下软件供应可靠性的管理方法：面向开源软件生态进行本体设计，构建开源软件知识图谱，实现知识的提取、存储和管理，以知识为驱动，结合传统的供应链管理方法，提出一组面向开源软件供应链的可靠性管理方法，构成一套开源软件供应链管理系统.实验以Linux操作系统发行版的构建为例，展示了开源软件供应链对操作系统可靠性的支撑能力.结果表明，开源软件供应链将有助于理清和评估大型复杂系统软件的可靠性风险.

Software reliability is one of the research hotspots in the field of software engineering, and failure rate analysis is a typical research method for software reliability. However, the software construction mode has evolved from a single mode to a large-scale collaborative model represented by open source software. As one of the representative products, the operating system included open source software connected through combining relationships and dependencies has formed a supply network of tens of thousands of nodes. Typical methods lack consideration of supply relationships and cannot accurately identify and evaluate the software reliability issues introduced as a result. This article extends the concept of supply chain to the field of open source software, proposes a knowledge-based management method for software supply reliability in collaborative model: design the ontological body for the open source software ecosystem firstly, and then construct the knowledge graph of open source software to achieve the extraction, storage and management of knowledge; driven by knowledge, combined with traditional supply chain management methods, A set of reliability management methods for open source software supply chain is proposed, which constitutes a set of open source software supply chain management system. Taking the construction of a Linux operating system distribution as an example in experiment, it demonstrates how the open source software supply chain will support the reliability of the operating system. Results show that the open source software supply chain will help to clarify and evaluate the reliability risk of large complex system software.

中国科学院战略性科技先导专项（XDC05040100）；国家重点研发计划（2017YFB0801900）；中国科学院前沿科学重点研究计划（ZDBS-LY-JSC038）；国家自然科学基金（61772507）