Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Static Analysis Workshop (SAW 2008)

[SAMATE Home | IntrO TO SAMATE | SARD | SATE | Bugs Framework | Publications | Tool Survey | Resources]

Biosphere 2 Center Complex by Gill Kenny
Credit: Gill Kenny
Mission San Xavier del Bac by Gill Kenny
Credit: Gill Kenny
Gila Woodpecker with Saguaros
Credit: Steve Renzi
Mexican Gold Poppies by Martha Lochert
Credit: Martha Lochert

Co-located with PLDI 2008
12 June 2008
Tucson, Arizona





SAW follows the Static Analysis Summit, held in 2006, and Static Analysis Summit II, held in 2007. This year’s edition features participants of the Static Analysis Tool Exposition (SATE) reporting their experience and interesting observations. 

In addition to SATE presentations we solicit contributions describing basic research, applications, experience, or proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of interest include but are not limited to:

  • Contribution of static analysis to software security assurance
  • Issues in applying static analysis to binaries
  • Static analysis at the design or requirements level
  • Issues in scaling static analysis to deal with large systems
  • Integration of, or tradeoffs between, different analysis techniques
  • Flaw catching vs. sound analysis
  • Benchmarks or reference datasets
  • Formal pattern languages to describe vulnerabilities
  • User experience drawing useful lessons or comparisons
  • Case studies on real applications

Papers should be formatted using the ACM SIG templates, and, including figures and references, should not exceed 10 pages. Papers must be in PDF (preferred) and/or Postscript format and should be submitted electronically to Arnaud Venet <arnaud [at] (arnaud[at]kestreltechnology[dot]com)> by April 13, 2008.

Important Dates

  • April 13, 2008: Submission due date 
  • April 28, 2008: Author notification 
  • May 12, 2008: Revised papers due 
  • June 12, 2008: SAW 2008 workshop


The workshop is over.


This is the final program.

8:30 AM: Welcome to SAW & charge to attendees

8:50: SATE 2008 background - Vadim Okun, NIST, SATE organizer

9:20: Katrina O'Neil, Fortify, SATE participant

9:40: Paul Anderson, GrammaTech, SATE participant

10:00: Break

10:30: Observations on Static Analysis to Detect Weaknesses - Paul E. Black, NIST, SATE organizer

11:00 Steve Christey, MITRE, SATE organizer

11:30: Bill Pugh, U. Maryland, FindBugs, SATE participant

12:00: Lunch (included in registration)

1:30 PM: (presenter TBD), SofCheck, SATE participant

1:50: Romain Gaucher, NIST, SATE organizer & ran FlawFinder

2:10: SATE 2009 Planning: Why, Who, When, and Where? - Paul E. Black, NIST

3:10: Break

3:30: Parfait - Designing a Scalable Bug Checker of C Code, Cristina Cifuentes & Bernhard Scholz

4:00: Securing Java Code: Heuristics and An Evaluation of Static Analysis Tools, Michael S. Ware & Christopher J. Fox

4:30: Static Analysis of Medical Device Software using CodeSonar, Raoul Praful Jetley, Paul L. Jones, & Paul Anderson

5:00: Automatic Analysis for Managing and Optimizing Performance-Code Quality, Lamia Djoudi & William Jalby


Paul E. Black (NIST) [at] (paul[dot]black[at]nist[dot]gov)
Arnaud Venet

Program Committee

Paul Anderson (Grammatech)
Anindya Banerjee (KSU)
Rod Chapman (Praxis High Integrity Systems)
Eric Goubault (CEA)
Klaus Havelund (Jet Propulsion Laboratory)
Francesco Logozzo (Microsoft Research)

Created March 24, 2021, Updated May 17, 2021