Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publications Portal

You searched on: Author: paul black

Displaying records 21 to 30 of 63 records.
Resort by: Date / Title

21. Building a Test Suite for Web Application Scanners
Published: 1/7/2008
Authors: Elizabeth Nee nee Fong, Romain Gaucher, Vadim Okun, Paul E Black, Eric Dalci
Abstract: This paper describes the design of a test suite for thorough evaluation of web application scanners. Web application scanners are automated, black-box testing tools that examine web applications for security vulnerabilities. For several common vulner ...

22. Effect of Static Analysis Tools on Software Security: Preliminary Investigation
Published: 10/29/2007
Authors: Vadim Okun, William F Guthrie, Romain Gaucher, Paul E Black
Abstract: Static analysis tools can handle large-scale software and find thousands of defects. But do they improve software security? We evaluate the effect of static analysis tool use on software security in open source projects. We measure security by vulner ...

23. Software Assurance with SAMATE Reference Dataset, Tool Standards, and Studies
Published: 10/1/2007
Author: Paul E Black
Abstract: Today's avionics systems depend more and more on software from many sources: vendors, subcontractors, in-house, and open source. System interactions are exposed to external agents in contexts from air-to-ground links to OS patches downloaded via the ...

24. SAMATE and Evaluating Static Analysis Tools
Published: 9/1/2007
Author: Paul E Black
Abstract: We give some background on the Software Assurance Metrics And Tool Evaluation (SAMATE) project and our decision to work on static source code security analyzers. We give our experience bringing government, vendors, and users together to develop a spe ...

25. Source Code Security Analysis Tool Functional Specification Version 1.0
Series: Special Publication (NIST SP)
Report Number: 500-268
Published: 5/1/2007
Authors: Paul E Black, Michael J Kass, Hsiao-Ming Michael Koo
Abstract: Software assurance tools are a fundamental resource for providing an assurance argument for today?s software applications throughout the software development lifecycle. Some tools analyze software requirements, design models, source code, or executab ...

26. SAMATE's Contribution to Information Assurance
Published: 9/1/2006
Author: Paul E Black
Abstract: The amount of software in today's information world is far too large to check manually. Automated tools are a must. These tools can help design and build the right software in the first place, but they can also help if the system being designed inclu ...

27. Software Assurance During Maintenance
Published: 9/1/2006
Author: Paul E Black
Abstract: Software testing and maintenance tools must yield widely accepted assurance information in a standardized form. We can then use this information as evidence to make a case assuring us that the software is adequate for its use and secure enough for th ...

28. Proceedings of the Static Analysis Summit
Series: Special Publication (NIST SP)
Report Number: 500-262
Published: 7/1/2006
Authors: Paul E Black, Helen Gill, W. E. Martin, Elizabeth Nee nee Fong
Abstract: This is the proceeding of a summit held in June 2006 at the National Institute of Standards and Technology (NIST). This Static Analysis Summit is one of a series of meetings in the NIST Software Assurance Measurement and Tool Evaluation (SAMATE) proj ...

29. Proceedings of Workshop on Software Security Assurance Tools, Techniques, and Metrics
Series: Special Publication (NIST SP)
Report Number: 500-265
Published: 2/1/2006
Authors: Paul E Black, Michael J Kass, Elizabeth Nee nee Fong
Abstract: This is the proceedings of a workshop held on November 7 and 8, 2005 in Long Beach, California, USA, hosted by the Software Diagnostics and Conformance Testing Division, Information Technology Laboratory, of the National Institute of Standards and Te ...

30. FS-TST 2.0: Forensic Software Testing Support Tools Part C Code Review Report
Report Number: 7297-c
Published: 1/31/2006
Author: Paul E Black
Abstract: This NIST Internal Report deals with Release 2.0 of a software package, Forensic Software Testing Support Tools (FS-TST 2.0), developed to aid the testing of disk imaging tools typically used in forensic investigations. The package includes programs ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series