The invention discloses a modeling technology-based software security test method, which comprises the following steps of: transforming a software security defect test behavior demand and a software security function test behavior demand into formalized software security test behavior demand models, and generating security test cases of a finite state machine characteristic sequence based on the acquired models; and meanwhile, extracting security defects for the acquired security test cases, and complementing a security defect library. The method provided by the invention solves the problem of security test demand extraction in the current standard and an engineering system, and ensures the coverage and validity of the software security test demands. Meanwhile, the method provides a test process system from security test demand extraction, formalized demand description to automatic generation of the test cases, forms a set of full software security test method system and support system, shortens the software security test period at the same time of improving the pertinence, and is favorable for improving the software security quality.