Source code verification tools for software security bugs

Proceedings of 5th International Conference on New Trends in Software Methodologies, Tools and Techniques, SoMeT_06

Volumn , Issue , 2006, Pages

  Michaud, Frédéric ^a   Painchaud, Frédéric ^a  

^a DEFENCE RESEARCH AND DEVELOPMENT CANADA VALCARTIER   (Canada)

Author keywords

C++; Defects; Dynamic analysis; Errors; Flaws; Java; Source code; Static analysis; Verification tools; Vulnerabilities

Indexed keywords

C++; JAVA; SOURCE CODES; VERIFICATION TOOLS; VULNERABILITIES;

DATA PROCESSING; DEFECTS; DYNAMIC ANALYSIS; ERRORS; JAVA PROGRAMMING LANGUAGE; PROGRAM DEBUGGING; STATIC ANALYSIS; VERIFICATION;

COMPUTER SOFTWARE;

EID: 84860314173     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (11)

1. Robert Charpentier and Martin Salois, Security Modeling for C2IS in UML/OCL, UNC, International Command & Control Research & Technology, 8th Symposium, SL 2003-067, June 2003 (18 pages).
2. Algirdas Avizienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 1, January-March 2004 (23 pages).
3. Bin Chen, François Guibault, Sébastien Laflamme, Marie-Gabrielle Vallet, Yun Wang, Secure Design Patterns: State-of-the-Art, Software Defects and Patterns Specification, Technical Report, École Polytechnique de Montréal, December 2004 (102 pages).
4. Bin Chen, François Guibault, Sébastien Laflamme, Marie-Gabrielle Vallet, YunWang, Security Oriented Design Patterns Catalog, Technical Report, École Polytechnique de Montréal, December 2004 (208 pages).
5. Jon Heffley and Pascal Meunier, Can Source Code Auditing Software Identify Common Vulnerabilities and Be Used to Evaluate Software Security? Proceedings of the 37th Hawaii International Conference on System Sciences, 2004 (10 pages).
6. David Evans and David Larochelle, Improving Security Using Lightweight Static Analysis, IEEE Software, January-February 2002 (10 pages).
7. David A. Wheeler, Secure Programming for Linux HOWTO, March 2003 (168 pages).
8. Thien La, Secure Software Development and Code Analysis Tools, September 2002 (51 pages).
9. Pete Broadwell and Emil Ong, A Comparison of Static Analysis and Fault Injection Techniques for Developing Robust System Services, EECS at UC Berkeley.
10. Gary McGraw, Brian Chess, Static Analysis for Security, IEEE Security & Privacy, 2004 (4 pages).
11. Glenn R. Luecke, James Coyle, Jim Hoekstra, Marina Kraeva, Ying Li, Olga Taborskaia, and Yanmei Wang, Detecting Run-Time Errors, The Iowa State University's High Performance Computing Group, 2005 (25 pages).