Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The Juliet 1.1 C/C++ and Java Test Suite

Published

Author(s)

Frederick E. Boland Jr., Paul E. Black

Abstract

The Juliet Test Suite 1.1 is a collection of over 81,000 synthetic C/C++ and Java programs with known flaws. These programs are useful as test cases for testing the effectiveness of static analyzers and other software assurance tools, and are in the public domain. This article describes the structure of Juliet and the test cases comprising it. The cases cover 181 different Common Weakness Enumeration (CWE) entries. Each case consists of a page or two of source code with a specific flaw embedded in a control- or data-flow variant, and most include similar, but non-flawed, code to test tool discrimination. The C/C++ or Java portion of the test suite may be downloaded at http://samate.nist.gov/SRD/testsuite.php.
Citation
Computer (IEEE Computer)
Volume
45
Issue
10

Keywords

software assurance, source code static analysis, Juliet test suite, CWE, SAMATE
Created October 1, 2012, Updated November 10, 2018