Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Paul E. Black; Elizabeth N. Fong;|
|Title:||Proceedings of Static Analysis Summit II|
|Published:||April 01, 2008|
|Abstract:||Static Analysis Summit II was held 8 and 9 November 2007. The workshop had a keynote address by Professor William Pugh, paper presentations, discussion sessions, a panel on Obfuscation Versus Analysis Who Will Win? , and a new technology demonstration fair. The workshop is one of a series by NIST s Software Assurance Metrics and Tool Evaluation (SAMATE) project, which is partially funded by DHS to help identify and enhance software security assurance tools. The Call for Papers pointed out that "Black-box" testing cannot realistically find maliciously implanted Trojan horses or subtle errors with many preconditions. For maximum assurance, static analysis must be applied to all levels of software artifacts, from models to source code to binaries. Static analyzers are quite capable and are developing quickly. Yet, developers, auditors, and examiners could use far more capabilities. The goal of this summit is to convene researchers, developers, and government and industrial users to define obstacles to such urgently-needed capabilities and try to identify feasible approaches to overcome them, either engineering ("solved" problems) or research. The Call for Papers solicited contributions describing basic research, applications, experience, or proposals relevant to static analysis tools, techniques, and their evaluation. These proceedings include the agenda, some notes on the discussions, and reviewed papers.|
|Pages:||pp. 71 - 102|
|Keywords:||Homeland security, proceedings, SAMATE, static analysis tools, source code analyzer, software assurance.|
|Research Areas:||Software Testing Metrics|