NIST logo

Publications Portal

You searched on: Author: paul black

Displaying records 11 to 20 of 57 records.
Resort by: Date / Title


11. NIST SP 500-268, Source Code Security Analysis Tool Function Specification Version 1.1
Series: Special Publication (NIST SP)
Report Number: 500-268 1.1
Published: 2/28/2011
Authors: Elizabeth Nee nee Fong, Paul E Black, Michael J Kass, Hsiao-Ming Michael Koo
Abstract: Software assurance tools are a fundamental resource to improve assurance in today's software applications. Some tools analyze software requirements or design models to help determine if an application is secure. Others analyze source code or executab ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907761

12. The Second Static Analysis Tool Exposition (SATE) 2009
Series: Special Publication (NIST SP)
Report Number: 500-287
Published: 7/2/2010
Authors: Vadim Okun, Paul E Black, Aurelien Michel Dominique Delaitre
Abstract: The NIST SAMATE project conducted the second Static Analysis Tool Exposition (SATE) in 2009 to advance research in static analysis tools that find security defects in source code. The main goals of SATE were to enable empirical research based on larg ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905879

13. Static Analysis Tool Exposition (SATE) 2008
Series: Special Publication (NIST SP)
Report Number: 500-279
Published: 6/22/2009
Authors: Vadim Okun, Romain Gaucher, Paul E Black
Abstract: The NIST SAMATE project conducted the first Static Analysis Tool Exposition (SATE) in 2008 to advance research in static analysis tools that find security defects in source code. The main goals of SATE were to enable empirical research based on large ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902679

14. Cyber Security Metrics and Measures
Published: 3/2/2009
Authors: Paul E Black, Karen Ann Scarfone, Murugiah P Souppaya
Abstract: Metrics are tools to facilitate decision making and improve performance and accountability. Measures are quantifiable, observable, and objective data supporting metrics. Operators can use metrics to apply corrective actions and improve performance. R ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51292

15. Static Analyzers in Software Engineering
Published: 3/2/2009
Author: Paul E Black
Abstract: Static analyzers can report possible problems in code and help reinforce good practices of developers. We contrast the strengths of static analyzers with testing and indicate the current state of the art.
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901506

16. Proceedings of the Static Analysis Workshop (SAW 2008)
Published: 6/12/2008
Authors: Paul E Black, Elizabeth Nee nee Fong
Abstract: Static Analysis Workshop (SAW 2008) was held on June 12, 2008 in Tucson, Arizona and was co-located with ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation (PLDI 2008). This workshop followed Static Analysis Summit, held ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=890004

17. Proceedings of Static Analysis Summit II
Published: 4/1/2008
Authors: Paul E Black, Elizabeth Nee nee Fong
Abstract: Static Analysis Summit II was held 8 and 9 November 2007.  The workshop had a keynote address by Professor William Pugh, paper presentations, discussion sessions, a panel on Obfuscation Versus Analysis Who Will Win? , and a new technology dem ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152088

18. Software Assurance Tools: Web Application Security Scanner Functional Specification Version 1.0
Series: Special Publication (NIST SP)
Report Number: 500-269
Published: 2/14/2008
Authors: Paul E Black, Elizabeth Nee nee Fong, Vadim Okun, Romain Gaucher
Abstract: Software assurance tools are a fundamental resource for providing an assurance argument for today's software applications throughout the software development lifecycle (SDLC). Software requirements, design models, source code, and executable code ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51294

19. Building a Test Suite for Web Application Scanners
Published: 1/7/2008
Authors: Elizabeth Nee nee Fong, Romain Gaucher, Vadim Okun, Paul E Black, Eric Dalci
Abstract: This paper describes the design of a test suite for thorough evaluation of web application scanners. Web application scanners are automated, black-box testing tools that examine web applications for security vulnerabilities. For several common vulner ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51244

20. Effect of Static Analysis Tools on Software Security: Preliminary Investigation
Published: 10/29/2007
Authors: Vadim Okun, William F Guthrie, Romain Gaucher, Paul E Black
Abstract: Static analysis tools can handle large-scale software and find thousands of defects. But do they improve software security? We evaluate the effect of static analysis tool use on software security in open source projects. We measure security by vulner ...
http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51237



Search NIST-wide:


(Search abstract and keywords)


Last Name:
First Name:







Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series