Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publications Portal

You searched on: Author: Paul Black

Displaying records 1 to 10 of 63 records.
Resort by: Date / Title

1. SATE V Ockham Sound Analysis Criteria
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 8113
Published: 3/22/2016
Authors: Paul E Black, Athos Ribeiro
Abstract: Static analyzers examine the source or executable code of programs to find problems. Many static analyzers use some heuristics or approximations to handle programs up to millions of lines of codes. We established the Ockham Sound Analysis Criteria ...

2. A Rational Foundation for Software Metrology
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 8101
Published: 1/20/2016
Authors: David W Flater, Paul E Black, Elizabeth Nee nee Fong, Raghu N Kacker, Vadim Okun, Stephen S Wood, David R Kuhn
Abstract: Much software research and practice involves ostensible measurements of software, yet little progress has been made on an SI-like metrological foundation for those measurements since the work of Gray, Hogan, et al. in 1996-2001. Given a physical ...

3. Towards a ,Periodic TableŠ of Bugs
Published: 6/19/2015
Authors: Paul E Black, Irena V Bojanova, Yaacov Yesha, Yan Wu
Abstract: High-confidence systems must not be vulnerable to attacks that reduce the security, reliability, or availability of the system as a whole. One collection of vulnerabilities is the Common Weakness Enumeration (CWE). It represents a considerable co ...

4. SATE V Ockham Sound Analysis Criteria
Published: 3/14/2014
Author: Paul E Black

5. Test Generation Using Model Checking and Specification Mutation
Published: 11/22/2013
Author: Paul E Black
Abstract: Although building quality into software is paramount, professionals find that testing is necessary to assure that the system will operate as desired. Developing tests can take significant resources. In 1998 NIST showed how tests can be automaticall ...

6. Report on the Metrics and Standards for Software Testing (MaSST) Workshop 2012
Series: NIST Interagency/Internal Report (NISTIR)
Report Number: 7920
Published: 4/22/2013
Authors: Paul E Black, Elizabeth Nee nee Fong
Abstract: The NIST Software Assurance Metrics And Tool Evaluation (SAMATE) project conducted a workshop on Metrics and Standards for Software Testing (MaSST) on June 20, 2012. This workshop was co-located with the IEEE Sixth International Conference on Sof ...

7. A Basic CWE-121 Buffer Overflow Effectiveness Test Suite
Published: 4/1/2013
Authors: Paul E Black, Hsiao-Ming Michael Koo, Thomas F Irish
Abstract: Phase 3 of MITRE's Common Weakness Enumeration (CWE) Compatibility and Effectiveness program allows a customer to understand how effective a software assurance tool is at finding weaknesses and what code complexities it handles. Phase 3 is based on ...

8. Report on the Static Analysis Tool Exposition (SATE) IV
Series: Special Publication (NIST SP)
Report Number: 500-297
Published: 2/4/2013
Authors: Vadim Okun, Aurelien M. Delaitre, Paul E Black
Abstract: The NIST SAMATE project conducted the fourth Static Analysis Tool Exposition (SATE IV) to advance research in static analysis tools that find security defects in source code. The main goals of SATE were to enable empirical research based on large ...

9. The New Golden Age of Algorithms and Data Structures
Published: 10/29/2012
Author: Paul E Black
Abstract: Before 1976 Communications of the ACM printed (and numbered!) new algorithms every issue. Quicksort was invented in 1960, Boyer-Moore string search in 1977, and combsort in 1980. I haven't seen a new, general sorting algorithm in over a decade. The l ...

10. The Juliet 1.1 C/C++ and Java Test Suite
Published: 10/1/2012
Authors: Frederick E Boland Jr., Paul E Black
Abstract: The Juliet Test Suite 1.1 is a collection of over 81,000 synthetic C/C++ and Java programs with known flaws. These programs are useful as test cases for testing the effectiveness of static analyzers and other software assurance tools, and are in the ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series