Black, P.
(1970),
An Analysis Framework and Additive Software Analysis, Dramatically Reducing Security Vulnerabilities, [online], https://samate.nist.gov/DRSV2016/
(Accessed April 24, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
An Analysis Framework and Additive Software Analysis
Author(s)
Abstract
We present a framework for software assurance, in addition to an additive software analysis approach. Both have the potential to dramatically reduce software vulnerabilities within the next seven years. The framework (1) aggregates tool outputs, (2) allows software assurance checkers to interoperate, and (3) passes program information between tools. The framework allows modular and distributed development of tool capabilities, promotes synergy between groups, and enables the development of hybrid tools. The framework requires documentary standards of the information passed, such as, code location, visible variables and their values, data and control flows, assertions and invariants, function signatures, and code weaknesses. Additive software analysis uses the framework to gather information, compare and confirm tool results, and enable one module to build on the capabilities of other modules.Citation
Dramatically Reducing Security Vulnerabilities
Pub Weblink
Pub Type
Websites
Keywords
software assurance
Citation
Created May 7, 2017, Updated February 19, 2017