Report on the third static analysis tool exposition (SATE 2010)

The NIST Software Assurance Metrics And Tool Evaluation (SAMATE) project conducted the third Static Analysis Tool Exposition (SATE) in 2010 to advance research in static analysis tools that find security defects in source code. The main goals of SATE were to enable empirical research based on large test sets, encourage improvements to tools, and promote broader and more rapid adoption of tools by objectively demonstrating their use on production software. Briefly, participating tool makers ran their tool on a set of programs. Researchers led by NIST performed a partial analysis of tool reports. The results and experiences were reported at the SATE 2010 Workshop in Gaithersburg, MD, in October, 2010. The tool reports and analysis were made publicly available in 2011. This special publication consists of the following three papers. “The Third Static Analysis Tool Exposition (SATE 2010),” by Vadim Okun, Aurelien Delaitre, and Paul E. Black, describes the SATE procedure and provides observations based on the data collected. The other two papers are written by participating tool makers. “Goanna Static Analysis at the NIST Static Analysis Tool Exposition,” by Mark Bradley, Ansgar Fehnker, Ralf Huuck, and Paul Steckler, introduces Goanna, which uses a combination of static analysis with model checking, and describes its SATE experience, tool results, and some of the lessons learned in the process. Serguei A. Mokhov introduces a machine learning approach to static analysis and presents MARFCAT’s SATE 2010 results in “The use of machine learning with signaland NLP processing of source code to fingerprint, detect, and classify vulnerabilities and weaknesses with MARFCAT.”

[1]  Serguei A. Mokhov,et al.  L'Approche MARF à DEFT 2010: A MARF Approach to DEFT 2010 , 2010 .

[2]  Serguei A. Mokhov Study of best algorithm combinations for speech processing tasks in machine learning using median vs. mean clusters in MARF , 2008, C3S2E '08.

[3]  Dawson R. Engler,et al.  From uncertainty to belief: inferring the specification within , 2006, OSDI '06.

[4]  Dawson R. Engler,et al.  Z-Ranking: Using Statistical Analysis to Counter the Impact of Static Analysis Approximations , 2003, SAS.

[5]  Xiaochun Yang,et al.  A Synergy between Static and Dynamic Analysis for the Detection of Software Security Vulnerabilities , 2009, OTM Conferences.

[6]  Ralf Huuck,et al.  Model Checking Software at Compile Time , 2007, First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE '07).

[7]  Laurie A. Williams,et al.  On the value of static analysis for fault detection in software , 2006, IEEE Transactions on Software Engineering.

[8]  Richard P. Lippmann,et al.  Using a Diagnostic Corpus of C Programs to Evaluate Buffer Overflow Detection by Static Analysis Tools , 2005 .

[9]  Vijay Laxmi,et al.  MEDUSA: MEtamorphic malware dynamic analysis usingsignature from API , 2010, SIN.

[10]  Mourad Debbabi,et al.  File Type Analysis Using Signal Processing Techniques and Machine Learning vs. File Unix Utility for Forensic Analysis , 2008, IMF.

[11]  Richard Lippmann,et al.  Testing static analysis tools using exploitable buffer overflows from open source code , 2004, SIGSOFT '04/FSE-12.

[12]  Serguei A. Mokhov Introducing MARF: a Modular Audio Recognition Framework and its Applications for Scientific and Software Engineering Research , 2007, SCSS.

[13]  Serguei A. Mokhov Complete Complimentary Results Report of the MARF's NLP Approach to the DEFT 2010 Competition , 2010, ArXiv.

[14]  Aurelien Delaitre,et al.  The Second Static Analysis Tool Exposition (SATE) 2009 , 2010 .

[15]  Ching Y. Suen,et al.  Writer Identification Using Inexpensive Signal Processing Techniques , 2009, SCSS.

[16]  Koji Nakao,et al.  An Incident Analysis System NICTER and Its Analysis Engines Based on Data Mining Techniques , 2008, ICONIP.

[17]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.

[18]  Junfeng Yang,et al.  Correlation exploitation in error ranking , 2004, SIGSOFT '04/FSE-12.

[19]  Koji Nakao,et al.  A Proposal of Malware Distinction Method Based on Scan Patterns Using Spectrum Analysis , 2009, ICONIP.

[20]  Vadim Okun,et al.  Static Analysis Tool Exposition (SATE) 2008 , 2009 .

[21]  Marc-André Laverdière,et al.  Taxonomy of Linux Kernel Vulnerability Solutions , 2008, Innovative Techniques in Instruction Technology, E-learning, E-assessment, and Education.

[22]  Gabriel M. Kuper,et al.  Structural properties of XPath fragments , 2003, Theor. Comput. Sci..

[23]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[24]  Syrine Tlili Automatic detection of safety and security vulnerabilities in open source software , 2009 .

[25]  Yuqing Zhang,et al.  Eliminating Human Specification in Static Analysis , 2010, RAID.