摘要: Abstract : The goal of the project, Static Security Analysis for Open Source Software", was to explore technologies improve security software by helping automate analysis. project successfully improved upon best published analysis techniques and made several releases publicly available as open source software. developed under this effort reduce both false positives negatives compared previous techniques. Additionally, tools are highly scalable extensible. Some these were adopted other projects within DARPA Composable High Assurance Trusted Software Program.
sci-hub.st 参考文章(3)
Eric A. Brewer, Alexander Aiken, David A. Wagner, Jeffrey S. Foster, A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. network and distributed system security symposium. ,(2000)
John Viega, J. T. Bloch, Tadayoshi Kohno, Gary McGraw, Token-based scanning of source code for security problems ACM Transactions on Information and System Security. ,vol. 5, pp. 238- 261 ,(2002) , 10.1145/545186.545188
Matt Bishop, Michael Dilger, Checking for Race Conditions in File Accesses Computing Systems. ,vol. 2, pp. 131- 152 ,(1996)