We describe a method for finding security flaws in source code by way of static analysis. The method is notable because it allows a user to specify a wide range of security proper...
In this paper, we present a novel type and effect analysis for detecting memory errors in C source code. We extend the standard C type system with effect, region, and host annotat...
Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates...
Abstract. Automated theorem provers are used in extended static checking, where they are the performance bottleneck. Extended static checkers are run typically after incremental ch...
Static analysis tools can handle large-scale software and find thousands of defects. But do they improve software security? We evaluate the effect of static analysis tool use on s...
Vadim Okun, William F. Guthrie, Romain Gaucher, Pa...