Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Paul E. Black (Assoc)

Displaying 101 - 125 of 180

Software Assurance with SAMATE Reference Dataset, Tool Standards, and Studies

October 1, 2007

Author(s)

Paul E. Black

Today's avionics systems depend more and more on software from many sources: vendors, subcontractors, in-house, and open source. System interactions are exposed to external agents in contexts from air-to-ground links to OS patches downloaded via the

SAMATE and Evaluating Static Analysis Tools

September 1, 2007

Author(s)

Paul E. Black

We give some background on the Software Assurance Metrics And Tool Evaluation (SAMATE) project and our decision to work on static source code security analyzers. We give our experience bringing government, vendors, and users together to develop a

Source Code Security Analysis Tool Functional Specification Version 1.0

May 1, 2007

Author(s)

Paul E. Black, Michael J. Kass, Hsiao-Ming M. Koo

Software assurance tools are a fundamental resource for providing an assurance argument for today?s software applications throughout the software development lifecycle. Some tools analyze software requirements, design models, source code, or executable

SAMATE's Contribution to Information Assurance

September 1, 2006

Author(s)

Paul E. Black

The amount of software in today's information world is far too large to check manually. Automated tools are a must. These tools can help design and build the right software in the first place, but they can also help if the system being designed includes

Software Assurance During Maintenance

September 1, 2006

Author(s)

Paul E. Black

Software testing and maintenance tools must yield widely accepted assurance information in a standardized form. We can then use this information as evidence to make a case assuring us that the software is adequate for its use and secure enough for the risk

Proceedings of the Static Analysis Summit

July 1, 2006

Author(s)

Paul E. Black, Helen Gill, W. E. Martin, Elizabeth N. Fong

This is the proceeding of a summit held in June 2006 at the National Institute of Standards and Technology (NIST). This Static Analysis Summit is one of a series of meetings in the NIST Software Assurance Measurement and Tool Evaluation (SAMATE) project

Proceedings of Workshop on Software Security Assurance Tools, Techniques, and Metrics

February 1, 2006

Author(s)

Paul E. Black, Michael J. Kass, Elizabeth N. Fong

This is the proceedings of a workshop held on November 7 and 8, 2005 in Long Beach, California, USA, hosted by the Software Diagnostics and Conformance Testing Division, Information Technology Laboratory, of the National Institute of Standards and

FS-TST 2.0: Forensic Software Testing Support Tools Part C Code Review Report

January 31, 2006

Author(s)

Paul E. Black

This NIST Internal Report deals with Release 2.0 of a software package, Forensic Software Testing Support Tools (FS-TST 2.0), developed to aid the testing of disk imaging tools typically used in forensic investigations. The package includes programs that

FS-TST 2.0: Forensic Software Testing Support Tools ? Part C ? Code Review Report

January 1, 2006

Author(s)

Paul E. Black

Software Assurances Metrics and Tool Evaluation

October 1, 2005

Author(s)

Paul E. Black

The National Software Reference Library (NSRL) of the U.S. National Institute of Standards and Technology (NIST) collects software from various sources and publishes file profiles computed from this software (such as MD5 and SHA-1 hashes) as a Reference

Proceedings of Defining the State of the Art in Software Security Tools Workshop

August 1, 2005

Author(s)

Paul E. Black, Elizabeth N. Fong

This proceeding is the result of a workshop held on August 10 and 11, 2005 hosted by the Software Diagnostics and Conformance Testing Division, Information Technology Laboratory, at the National Institute of Standards and Technology. The workshop,

Software Assurances Metrics and Tool Evaluation

June 1, 2005

Author(s)

Paul E. Black

NIST is starting two ambitious projects to (1) develop a taxonomy of software security flaws and vulnerabilities, (2) develop a taxonomy of software assurance (SA) functions and techniques which detect those flaws, (3) perform and maintain a survey of SA

FS-TST 2.0: Forensic Software Testing Support Tools ? Part A ? Test Plan, Test Design Specifications, and Test Case Specifications

April 25, 2005

Author(s)

Paul E. Black

Was this page helpful?