Kummita et al., 2019 - Google Patents
Integration of the Static Analysis Results Interchange Format in CogniCryptKummita et al., 2019
View PDF- Document ID
- 13478517004739575469
- Author
- Kummita S
- Piskachev G
- Publication year
- Publication venue
- arXiv preprint arXiv:1907.02558
External Links
Snippet
Background-Software companies increasingly rely on static analysis tools to detect potential bugs and security vulnerabilities in their software products. In the past decade, more and more commercial and open-source static analysis tools have been developed and are …
- 238000004458 analytical method 0 title abstract description 64
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4421—Execution paradigms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/51—Source to source
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/36—Software reuse
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/31—Programming languages or programming paradigms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/436—Semantic checking
- G06F8/437—Type checking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11899818B2 (en) | System and method for code-based protection of sensitive data | |
| EP3458953B1 (en) | Systems and methods for model-based analysis of software | |
| McClure et al. | SQL DOM: compile time checking of dynamic SQL statements | |
| US11663110B2 (en) | Analysis to check web API code usage and specification | |
| US8918501B2 (en) | Pattern-based computational health and configuration monitoring | |
| Davies et al. | Software bertillonage: Determining the provenance of software development artifacts | |
| US9134976B1 (en) | Cross-format analysis of software systems | |
| Huang et al. | Detecting sensitive data disclosure via bi-directional text correlation analysis | |
| Balliu et al. | Challenges of producing software bill of materials for java | |
| Cerny et al. | On code analysis opportunities and challenges for enterprise systems and microservices | |
| Williams et al. | Guided feature identification and removal for resource-constrained firmware | |
| Laranjeiro et al. | A technique for deploying robust web services | |
| Piskachev et al. | Secucheck: Engineering configurable taint analysis for software developers | |
| Almorsy et al. | VAM-aaS: online cloud services security vulnerability analysis and mitigation-as-a-service | |
| Kummita et al. | Integration of the Static Analysis Results Interchange Format in CogniCrypt | |
| Stamatogiannakis et al. | Prov 2r: practical provenance analysis of unstructured processes | |
| Wickert et al. | Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability | |
| White et al. | An early detection tool in Eclipse to support secure coding practices | |
| Hellström | Tools for static code analysis: A survey | |
| Rôla | Dynamic security testing | |
| Duarte et al. | An architecture for dynamic invariant generation in WS-BPEL web service compositions | |
| Ramirez | Empirical Study of Third-Party Library Detection in iOS and Android Applications | |
| Kadge | Analyzing Outliers in the Maven Central Repository with Object Oriented Design Metrics | |
| Pekkanen | Packaging complex web client in easily embeddable solution | |
| Mouheb et al. | An Aspect-Oriented approach for software security hardening: from design to implementation |