Classification of Smart Contract Bugs Using the NIST Bugs Framework, May 2019, 2019 IEEE 17th International Conference on Software Engineering Research, Management and Applications (SERA), Wesley Dingman, Aviel Cohen, Nick Ferrara, Adam Lynch, Patrick Jasinski, Paul E. Black, and Lin Deng. DOI 10.1109/SERA.2019.8886793.
Improving Software Assurance through Static Analysis Tool Expositions, October 2017, Journal of Cyber Security and Information Systems - Tools & Testing Techniques for Assured Software - DoD Software Assurance Community of Practice: Volume 2, 5(3):14-22, Terry S. Cohen, Damien Cupif, Aurelien Delaitre, Charles D. De Oliveira, Elizabeth Fong, and Vadim Okun.
Impact of Code Complexity on Software Analysis, February 2017, NIST Internal Report (IR) 8165, Charles D. DeOliveira, Elizabeth Fong, and Paul E. Black. DOI 10.6028/NIST.IR.8165.
Defeating Buffer Overflow: A Trivial but Dangerous Bug, November/December 2016, IT Professional, 18(6):58-61, Paul E. Black and Irena Bojanova. DOI 10.1109/MITP.2016.117.
Report of the Workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV), October 2016, National Institute of Standards and Technology (NIST) Special Publication (SP) 500-320, Paul E. Black and Elizabeth Fong. DOI 10.6028/NIST.SP.500-320.
The Bugs Framework (BF): A Structured Approach to Express Bugs, August 2016, 2016 IEEE International Conference on Software Quality, Reliability, and Security (QRS 2016), Vienna, Austria, Irena Bojanova, Paul E. Black, Yaacov Yesha, and Yan Wu. DOI 10.1109/QRS.2016.29.
Juliet 1.1 C/C++ and Java Test Suite, October 2012, Computer, 45(10):88-90, Tim Boland and Paul E. Black. DOI 10.1109/MC.2012.345.
Static Analyzers: Seat Belts for Your Code, May-June 2012, Security & Privacy, 10(3):48-52, Paul E. Black, DOI 10.1109/MSP.2012.2.
Software Vulnerabilities Precluded by SPARK, November 2011, ACM Int'l Conf. on Ada and Related Technologies: Engineering Safe, Secure, and Reliable Software (SIGAda 2011), Paul E. Black (NIST), Chris E. Dupilka (U.S. DoD), F. David Jones, and Joyce Tokar (Pyrrhus Software).
Counting Bugs is Harder Than You Think, 26 October 2012, University of Pretoria, Paul E. Black.
Choosing the Right Software Assurance Tools, 18 September 2012, Software Assurance Forum Fall 2012, MITRE, Virginia, Paul E. Black.
Road to Confidence in IT Systems: SAMATE's SATE and SARD projects, 26 May 2012, Information Security and Privacy Advisory Board (ISPAB) Workshop (NIST), Paul E. Black.
Toward CWE Compatibility Effectiveness, 31 October 2011, 7th Annual IT Security Automation Conference, Paul E. Black.
Static Analysis & Static Analysis Tools: Their Role in Software Development, 28 October 2011, Information-technology Promotion Agency (IPA) Software Engineering Center, Japan, Paul E. Black. Software Vulnerabilities Precluded by SPARK, 6 May 2011, 11th annual High Confidence Software and Systems Conference, Paul E. Black.