Effect of Static Analysis Tools on Software Security: Preliminary Investigation

Vadim Okun; William F. Guthrie; Romain Gaucher; Paul E. Black

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Effect of Static Analysis Tools on Software Security: Preliminary Investigation

Published

October 29, 2007

Author(s)

Vadim Okun, William F. Guthrie, Romain Gaucher, Paul E. Black

Abstract

Static analysis tools can handle large-scale software and find thousands of defects. But do they improve software security? We evaluate the effect of static analysis tool use on software security in open source projects. We measure security by vulnerability reports in the National Vulnerability Database.

Proceedings Title

Workshop on Quality of Protection | 2007 | QoP

Conference Dates

October 29, 2007

Conference Location

Alexandria, VA

Conference Title

Workshop on Quality of Protection (QoP?07)

Pub Type

Conferences

Keywords

Software Security, Static Analysis Tools, Vulnerability

Citation

Okun, V. , Guthrie, W. , Gaucher, R. and Black, P. (2007), Effect of Static Analysis Tools on Software Security: Preliminary Investigation, Workshop on Quality of Protection | 2007 | QoP, Alexandria, VA (Accessed April 25, 2024)

Created October 29, 2007, Updated January 27, 2020

Effect of Static Analysis Tools on Software Security: Preliminary Investigation

Author(s)

Abstract

Keywords

Citation

Additional citation formats