论文信息 - Static Analyzers: Seat Belts for Your Code

Static Analyzers: Seat Belts for Your Code

Just as seat belt use is widespread, static analysis should be part of ethical software development. Because security must be designed in, static analysis should occur early in software development to reduce vulnerabilities or, even better, provide feedback to educate software developers and reinforce good practices, minimizing vulnerable constructs ever getting in the code. Even as industry migrates to languages safer than unconstrained C, thus eliminating many possible weaknesses, static analysis can be even more useful to check annotations, guarantees, conditions, and specifications provided by developers.

Paul E. Black | P. Black

[1] P. Reneke,et al. NIST Special Publication 984 , 2002 .

[2] Aurelien Delaitre,et al. The Second Static Analysis Tool Exposition (SATE) 2009 , 2010 .

[3] Vadim Okun,et al. Static Analysis Tool Exposition (SATE) 2008 , 2009 .

[4] Vadim Okun,et al. Static Analysis Tool Exposition (SATE) 2008 | NIST , 2009 .

[5] Aurelien Delaitre,et al. Report on the third static analysis tool exposition (SATE 2010) , 2011 .

[6] José Luis Vicedo González,et al. TREC: Experiment and evaluation in information retrieval , 2007, J. Assoc. Inf. Sci. Technol..

[7] B. Boehm,et al. Code Verification and Run-Time Error Detection Through , 2007 .

[8] Paul E. Black,et al. Proceedings of Static Analysis Summit II , 2008 .