1 |
MSIP, SPRI, Software Industry Annual Report, 2014.
|
2 |
I. H. Kim, Facebook users private information leaked six million people [Internet], http://news.inews24.com/php/news-_view.php?g_serial=754079&g_menu=020600.
|
3 |
A. Buncombe, "Sony Pictures hack: US intelligence chief says North Korea cyberattack was 'most serious' ever against US interests," The Independent, 2015.
|
4 |
S. W. Lee, "Study on the information system aduit check list for enhanced privacy," MS. dissertation, Konkuk University, Seoul, ROK, 2015.
|
5 |
T. Lanowitz, "Now is the time for security at the application level," Gartner, 2005.
|
6 |
G. Tassey, "The economic impacts of inadequate infrastructure for software testing," National Institute of Standards and Technology, RTI Project 7007, 2002.
|
7 |
J. McManus and D. Mohindra, The CERT Sun Microsystems Secure Coding Standard for java [Internet], http://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=34669015.
|
8 |
OWASP, Welcome to OWASP [Internet], https://www.owasp.org/index.php/Main_Page.
|
9 |
CWE, A community Developed Dictionary of Software Weakness Types [Internet], http://cwe.mitre.or/.
|
10 |
JSF, The F-35 Lightning II Program [Internet], http://www.jsf.mil/.
|
11 |
MISRA, The Motor Industry Software Reliability Association [Internet], http://www.misra.org.uk/.
|
12 |
J. S. Cheon, D. H. Kang, and G. Woo, "A Concise Korean Programming Language Sprout," Journal of KIISE, Vol.42, No.4, pp.496-503, 2015.
DOI
|
13 |
D. H. Kang, Y. E. Kim, and G. Woo, "A Study on Improving Runtime Safety of a Sprout through Analysis of Java Secure Coding Guide," Proc. of the KIISE Korea Computer Congress 2015, pp.1751-1753, 2015.
|
14 |
OWASP, "OWASP Top 10-2013," The Ten Most Critical Web Application Security Risks, 2013.
|
15 |
B. Martin, M. Brown, A. Paller, and D. Kirby. "2011 CWE/SANS top 25 most dangerous software errors," Common Weakness Enumeration, 2011.
|
16 |
HP, IT Security in the Idea Economy [Internet], https://www.hpe.com/us/en/solutions/security.html.
|
17 |
Coverity, Coverity Software Testing Platform [Internet], http://www.coverity.com/products/.
|
18 |
IBM, IBM Security AppScan [Internet], http://www-03.ibm.com/software/products/en/appscan.
|
19 |
FindBugs, FindBugs because it's easy [internet], http://findbugs.sourceforge.net/findbugs2.html.
|
20 |
N. Ayewah, W. Pugh, J. D. Morgenthaler, J. Penix, and Y. Q. Zhou, "Evaluating static analysis defect warnings on production software," Proceedings of the 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, ACM, pp.1-8, 2007.
|
21 |
Evenstar, BigLook is the financial and enterprise security weaknesses SW diagnostic system optimized for enterprise environments [Internet], http://www.evenstar.co.kr/index-.php.
|
22 |
Trinitysoft, The Trinitysoft is committed to providing the best Web application security solutions [Internet], http://www.trinitysoft.co.kr/page/solution_04.
|
23 |
GTONE, SecurityPrism is secure coding solution to ensure safe application since the early stages of development [Internet], http://www.gtone.co.kr/main/ag/sp.php.
|
24 |
Fasoo, SPARROW is a source code analysis tool, using static analysis [internet], http://www.fasoo.com/site/fasoo/sourcecodeanalysis/sparrow.do.
|
25 |
Y. E. Kim, J. W. Song, and G. Woo, "A Design of a Korean Programming Language Ensuring Run-Time Safety through Categorizing C Secure Coding Rules," Journal of KIISE, Vol.42, No.4, pp.487-495, 2015.
DOI
|
26 |
V. B. Livshits and M. S. Lam, "Finding Security Vulnerabilities in Java Applications with Static Analysis," Usenix Security, pp.18-18, 2005.
|
27 |
D. E. Knuth, "An empirical study of FORTRAN programs," Software: Practice and Experience, Vol.1, No.2, pp.105-133, 1971.
DOI
|
28 |
A. V. Aho, R. Sethi, and J. D. Ullamn, "Compilers: Principles, Techniques, and Tools," 2nd ed., PEARSON, 2014.
|
29 |
T. Boland and P. E. Black, "Juliet 1.1 C/C++ and Java test suite," Computer, Vol.10, No.45, pp.88-90, 2012.
|
30 |
NIST and NSA CAS, Juliet Test Suite for Java and C/C++ [Internet], https://samate.nist.gov/SRD/testsuite.php.
|