Sciweavers

ESEM
2008
ACM
14 years 2 months ago
On establishing a benchmark for evaluating static analysis alert prioritization and classification techniques
Benchmarks provide an experimental basis for evaluating software engineering processes or techniques in an objective and repeatable manner. We present the FAULTBENCH v0.1 benchmar...
Sarah Smith Heckman, Laurie Williams
EURODAC
1995
IEEE
156views VHDL» more  EURODAC 1995»
14 years 4 months ago
VHDL quality: synthesizability, complexity and efficiency evaluation
With VHDL models increasing their size, it becomes more important to assure the quality of these descriptions in order to improve simulation performances, to make project maintain...
M. Mastretti
EUROMICRO
2005
IEEE
14 years 6 months ago
Software Security Analysis - Execution Phase Audit
Code revision of a leading telecom product was performed, combining manual audit and static analysis tools. On average, one exploitable vulnerability was found for every 4000 line...
Bengt Carlsson, Dejan Baca
COMSWARE
2006
IEEE
14 years 6 months ago
Comparing lexical analysis tools for buffer overflow detection in network software
Many of the bugs in distributed software modules are security vulnerabilities, the most common and also the most exploited of which are buffer overflows and they typically arise in...
Davide Pozza, Riccardo Sisto, Luca Durante, Adrian...
ICSE
2007
IEEE-ACM
14 years 6 months ago
Adaptive Probabilistic Model for Ranking Code-Based Static Analysis Alerts
Software engineers tend to repeat mistakes when developing software. Automated static analysis tools can detect some of these mistakes early in the software process. However, thes...
Sarah Smith Heckman
CCS
2007
ACM
14 years 6 months ago
Effect of static analysis tools on software security: preliminary investigation
Static analysis tools can handle large-scale software and find thousands of defects. But do they improve software security? We evaluate the effect of static analysis tool use on s...
Vadim Okun, William F. Guthrie, Romain Gaucher, Pa...
ICECCS
2007
IEEE
154views Hardware» more  ICECCS 2007»
14 years 6 months ago
A light-weight static approach to analyzing UML behavioral properties
Identifying and resolving design problems in the early design phase can help ensure software quality and save costs. There are currently few tools for analyzing designs expressed ...
Lijun Yu, Robert B. France, Indrakshi Ray, Kevin L...
SCAM
2008
IEEE
14 years 6 months ago
The Evolution and Decay of Statically Detected Source Code Vulnerabilities
The presence of vulnerable statements in the source code is a crucial problem for maintainers: properly monitoring and, if necessary, removing them is highly desirable to ensure h...
Massimiliano Di Penta, Luigi Cerulo, Lerina Aversa...
ICSE
2008
IEEE-ACM
15 years 1 months ago
Predicting accurate and actionable static analysis warnings: an experimental approach
Static analysis tools report software defects that may or may not be detected by other verification methods. Two challenges complicating the adoption of these tools are spurious f...
Joseph R. Ruthruff, John Penix, J. David Morgentha...