Black, P.
, Mentzer, W.
, Fong, E.
and Stivalet, B.
(2023),
Vulnerability Test Suite Generator (VTSG) Version 3, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8493, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956521
(Accessed April 28, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Vulnerability Test Suite Generator (VTSG) Version 3
Published
Author(s)
, William Mentzer, Elizabeth Fong, Bertrand Stivalet
Abstract
The Vulnerability Test Suite Generator (VTSG) Version 3 can create vast numbers of synthetic programs with and without specific flaws or vulnerabilities. Such programs are useful for measuring static analysis tools. VTSG was designed by the Software Assurance Metrics and Tool Evaluation (SAMATE) team and originally implemented by students at TELECOM Nancy. The latest version is structured to be able to generate vulnerable and nonvulnerable synthetic programs expressing specific flaws in any programming language. It has libraries to generate PHP, C#, and Python programs. This document may help if you are trying to generate test cases in PHP, C#, or Python, adding new complexities or flaws or vulnerability, or modifying VTSG to have new capabilities or to generate test cases in other programming languages.Citation
NIST Interagency/Internal Report (NISTIR) - 8493
Report Number
8493
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
Software assurance, static analyzer, test case generator, software vulnerabilities.
Citation
Created October 13, 2023