1 |
SAMATE, Juliet Test Suite v1.2 for C/C++ User Guide, National Security Agency
|
2 |
SecurityPrism, http://www.gtone.co.kr/kr/security-static-analysis-tools.php
|
3 |
Hyun-Joon Kwon, Hyunha Kim, Kyung-Goo Doh, "Developing An Automatic Tool for Static Detection of Software Security Vulnerabilities", pp.37-40, KIISE, Vol. 28.2, Feburary 2010 (in Korean)
|
4 |
Hyunha Kim, Tae-Hyoung Choi, Seung-Cheol Jung, Oukseh Lee, Kyung-Goo Doh, Soo-Yong Lee, "Rule-based Source-code Analysis for Detection of Security Vulnerability", WISA2009:The 10th International Workshop on Information Security Applications, Busan, South Korea, August 25-27, 2009
|
5 |
Fortify Static Code Analyzer, https://saas.hpe.com/en-us/software/sca
|
6 |
Alfred V. Aho, Ravi Sethi, Jeffrey D. Ullman, "Compilers: Principled, Techniques, and Tools", Addison Wesley, 1986
|
7 |
Steven S. Muchnick, "Advanced Compiler Design and Implementation", Morgan Kaufmann, pp.169-265, 1997
|
8 |
C. Cadar, and K. Sen, "Symbolic execution for software testing: three decades later," Communications of the ACM, 56.2, pp.82-90, July 2013.
DOI
|
9 |
P. Cousot, and R. Cousot, "Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints," Proceedings of the 4th ACM SIGACT- SIGPLAN symposium on Principles of programming languages, pp.238-252, ACM, January 1977.
|
10 |
CWE, Common Weakness Enumeration, http://cwe.mitre.org/
|
11 |
NIST, https://samate.nist.gov/
|