Black, P.
(1970),
SARD: A Software Assurance Reference Dataset, Cybersecurity Innovation Forum, [online], http://www.fbcinc.com/e/cif/
(Accessed December 15, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
SARD: A Software Assurance Reference Dataset
Author(s)
Abstract
Software assurance tools examine code for problems. To test such tools, we need programs with known bugs as ground truth. The Software Assurance Reference Dataset (SARD) is a publicly accessible collection of over 100,000 test cases in different programming languages, covering dozens of different classes of weaknesses, such as those in the Common Weakness Enumeration (CWE). The cases range from small, synthetic cases to production code, such as Google Chrome. In addition to collecting test cases, we are also working on a more precise and nuanced description language for weaknesses. We show examples such as heartbleed and Ghost.Citation
Cybersecurity Innovation Forum
Pub Weblink
Pub Type
Websites
Keywords
software assurance, programming languages
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created May 7, 2017, Updated February 19, 2017