Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

An Analysis Framework and Additive Software Analysis


Paul E. Black


We present a framework for software assurance, in addition to an additive software analysis approach. Both have the potential to dramatically reduce software vulnerabilities within the next seven years. The framework (1) aggregates tool outputs, (2) allows software assurance checkers to interoperate, and (3) passes program information between tools. The framework allows modular and distributed development of tool capabilities, promotes synergy between groups, and enables the development of hybrid tools. The framework requires documentary standards of the information passed, such as, code location, visible variables and their values, data and control flows, assertions and invariants, function signatures, and code weaknesses. Additive software analysis uses the framework to gather information, compare and confirm tool results, and enable one module to build on the capabilities of other modules.
Dramatically Reducing Security Vulnerabilities


software assurance


Black, P. (1970), An Analysis Framework and Additive Software Analysis, Dramatically Reducing Security Vulnerabilities, [online], (Accessed July 18, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created May 7, 2017, Updated February 19, 2017