Add to ORKGThis work presents a methodological approach to comparison of static security code analyzers. It substantiates the comparison of the static analyzers as to efficiency and functionality indicators, which are stipulated in the international regulatory documents. The test data for assessment of static analyzers efficiency is represented by synthetic sets of open-source software, which contain vulnerabilities. We substantiated certain criteria for quality assessment of the static security code analyzers subject to standards NIST SP 500-268 and SATEC. We carried out experiments that allowed us to assess a number of the Russian proprietary software tools and open-source tools. We came to the conclusion that it is of paramount importance to develo...
The SEI CERT C/C++ Coding Standard is a set of rules and recommendations for secure coding. It would...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Nowadays, many different tools to perform static analysis on software (ASATs) are available. These c...
This work presents a methodological approach to comparison of static security code analyzers. It sub...
Abstract Many teams at CERN, develop their own software to solve their tasks. This software may be...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
U ovom radu proučene su tehnike te načini na koji općenito rade alati za statičku analizu koda koji ...
Software vulnerabilities are added into programs during its development. Architectural flaws are i...
Automated static code analysis is an efficient technique to increase the quality of software during ...
This thesis aims at development of a tool support for comparing the output of static analysis applie...
This thesis has investigated what different tools for static code analysis, with anemphasis on secur...
Almost all software contains defects. Some defects are found easily while others are never found, ty...
This thesis presents the results of an evaluation of source code analyzers. Such tools constitute an...
V diplomskem delu smo preučili pristop statične analize programske kode za iskanje varnostnih luken...
Technological developments are increasing day by day and software products are growing in an uncontr...
The SEI CERT C/C++ Coding Standard is a set of rules and recommendations for secure coding. It would...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Nowadays, many different tools to perform static analysis on software (ASATs) are available. These c...
This work presents a methodological approach to comparison of static security code analyzers. It sub...
Abstract Many teams at CERN, develop their own software to solve their tasks. This software may be...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
U ovom radu proučene su tehnike te načini na koji općenito rade alati za statičku analizu koda koji ...
Software vulnerabilities are added into programs during its development. Architectural flaws are i...
Automated static code analysis is an efficient technique to increase the quality of software during ...
This thesis aims at development of a tool support for comparing the output of static analysis applie...
This thesis has investigated what different tools for static code analysis, with anemphasis on secur...
Almost all software contains defects. Some defects are found easily while others are never found, ty...
This thesis presents the results of an evaluation of source code analyzers. Such tools constitute an...
V diplomskem delu smo preučili pristop statične analize programske kode za iskanje varnostnih luken...
Technological developments are increasing day by day and software products are growing in an uncontr...
The SEI CERT C/C++ Coding Standard is a set of rules and recommendations for secure coding. It would...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Nowadays, many different tools to perform static analysis on software (ASATs) are available. These c...