Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Paul E. Black (Fed)

Computer Scientist

Dr. Black has nearly 20 years of industrial experience in areas such as developing software for IC design and verification, assuring software quality, and managing business data processing. He is in the Software Quality Group, Systems and Software Division, Information Technology Laboratory. The web site he began and edits, the on-line Dictionary of Algorithms and Data Structures, ( was accessed almost 20,000 times a day from all over the world.

Dr. Black began his Ph.D. at UC Berkeley, then transferred to Brigham Young University where he graduated in 1998. He has taught classes at Brigham Young University and Johns Hopkins University. Dr. Black has published in the areas of static analysis, software testing, software configuration control, networks and queuing analysis, formal methods, software verification, quantum computing, and computer forensics.

Software/Hardware Experience: 

Programming Languages: Python, C, Perl, Java, Pascal, C++, ML, Lisp, Fortran, RPG II, Assembler, and Forth
Operating Systems: Linux, UNIX, Microsoft Windows, and VAX/VMS
Computers: Intel, Sun, DEC VAX, and IBM System 3


For a complete listing of Dr. Black's publications, see:

Professional Societies:


U.S. Department of Commerce Bronze Medal for developing a series of outstanding technical guidelines addressing critical cybersecurity needs prioritized by the White House, December 2017.

U.S. Department of Commerce Bronze Medal for leadership in the development of software assurance test methods and reference data, December 2013.

Best Project Chief Certificate for extensive knowledge, hard work, and loyalty to the team members of SAMATE, September 2006.

ITL Outstanding Authorship Award in recognition of his publication, "Quantum Computing and Communications", September 2003.

Selected Publications

SATE VI Ockham Sound Analysis Criteria

Paul E. Black, Kanwardeep S. Walia
Static analyzers examine the source or executable code of programs to find problems. Many static analyzers use heuristics or approximations to examine programs

Formal Methods for Statistical Software

Paul E. Black
"Statistical software" encompasses several distinct classes of software. This report explains what formal methods, tools, and approaches may be able to increase

Juliet 1.3 Test Suite: Changes From 1.2

Paul E. Black
The Juliet test suite is a systematic set of thousands of small test programs in C/C++ and Java exhibiting over 100 classes of errors, such as buffer overflow

Opaque Wrappers and Patching: Negative Results

Paul E. Black, Monika Singh
When a patch is released for buggy software, bad actors may be able to analyze the patch and create an attack on unpatched machines. A wrapper could block


Vulnerability Test Suite Generator (VTSG) Version 3

Paul E. Black, William Mentzer, Elizabeth Fong, Bertrand Stivalet
The Vulnerability Test Suite Generator (VTSG) Version 3 can create vast numbers of synthetic programs with and without specific flaws or vulnerabilities. Such

SATE VI Report: Bug Injection and Collection

Aurelien Delaitre, Paul E. Black, Damien Cupif, Guillaume Haben, Loembe Alex-Kevin, Vadim Okun, Yann Prono, Aurelien Delaitre
The SATE VI report presents the results of a security-focused bug finding evaluation exercise carried out from 2018 to 2023 on various code bases using static

Impact of Code Complexity On Software Analysis

Charles D. De Oliveira, Elizabeth Fong, Paul E. Black
The Software Assurance Metrics and Tool Evaluation (SAMATE) team studied thousands of warnings from static analyzers. Tools have difficulty distinguishing
Created October 9, 2019, Updated December 8, 2022