SAMATE and Evaluating Static Analysis Tools

@inproceedings{Black2007SAMATEAE,
  title={SAMATE and Evaluating Static Analysis Tools},
  author={Paul E. Black},
  year={2007}
}
We give some background on the Software Assurance Metrics And Tool Evaluation (SAMATE) project and our decision to work on static source code security analyzers. We give our experience bringing government, vendors, and users together to develop a specification and tests to evaluate such analyzers. We also present preliminary results of our study on whether such tools reduce vulnerabilities in practice. 

From This Paper

Figures, tables, and topics from this paper.
4 Citations
7 References
Similar Papers

Citations

Publications citing this paper.

References

Publications referenced by this paper.
Showing 1-7 of 7 references

All for one, but not one for all, Government Computer News

  • Peter A. Buxbaum
  • March. Available at http://www.gcn.com/print…
  • 2007
1 Excerpt

Making Security Measurable, Providing Assurance in the Software Lifecycle DHS- DoD Software Assurance Forum, Fair Lakes, Virginia

  • Robert A. Martin
  • 2007
1 Excerpt

Weird things that surprise academics trying to commercialize a static checking tool, http://www.stanford.edu/~engler/spin05-coverity.pdf

  • Andy Chou, Ben Chelf, +5 authors Dawson Engler
  • 2007
1 Excerpt

Software Security, Addison- Wesley

  • Gary McGraw
  • 2006
1 Excerpt

Buxbaum ( 2007 ) , All for one , but not one for all , Government Computer News , 26 ( 6 ) , 19 March

  • A Peter
  • Static Analysis for Security , Security and…
  • 2004

Similar Papers

Loading similar papers…