Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Aurelien M. Delaitre; Vadim Okun; Elizabeth N. Fong;|
|Title:||Of Massive Static Analysis Data|
|Published:||June 20, 2013|
|Abstract:||Static analysis produces large amounts of data. The volume of data allows for new developments in research. Practical observations of the effectiveness of static analysis tools can be derived from that data. The question of tool statistical independence can also find preliminary answers. Effectiveness and independence are the key concepts to answer the one question tool users ask: which tool or set of tools should I use to meet my needs? The Software Assurance Metrics and Tool Evaluation (SAMATE) project at NIST has accumulated and published large amounts of relevant data, during four Static Analysis Tool Expositions (SATE). This collection allowed for the development and validation of practical metrics, in regard to static analysis tool effectiveness and independence. In this paper, we discuss the role of the data in determining which metrics can be derived.|
|Proceedings:||Software Security and Reliability (SERE) 2013|
|Dates:||June 18-20, 2013|
|Keywords:||software metrics, static analysis tools, security weaknesses, tool effectiveness, tool independence|
|Research Areas:||Threats & Vulnerabilities, Statistics, Software Testing Metrics|