1 |
H. Chen and D. Wagner, "MOPS: an Infrastructure for Examining Security Properties of Software," Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 235-244, 2002.
|
2 |
Plum Hall Inc., Overview of Safe-Secure Project: Safe-Secure C/C++, http://www.plumhall.com/SSCC_MP_071b.pdf.
|
3 |
Coverity Inc., Coverity Static Analysis, http://www.coverity.com/products/static-analysis.html.
|
4 |
Fortify Software Inc., Fortify Source Code Analysis(SCA), http://www.fortify.com/products/sca.
|
5 |
Fasoo.com, About Sparrow, http://www.spaarrow.com/.
|
6 |
하경휘, 김상영, 최진우, 우종우, 김홍철, 박상서, "안전한 소스코드 작성을 위한 자동화 분석 도구의 개발," 한국멀티미디어학회 추계학술발표대회논문집, pp. 980-983, 2003.
|
7 |
Samsung Electronics, bada Developers, http://developer.bada.com.
|
8 |
Ben Morris, Manfred Bortenschlager, Cheng Luo, Michelle Sommerville, and Jon Lansdell, Introduction to bada: A Developer's Guide, Wiley, 2010.
|
9 |
Roger S. Pressman, Software Engineering: A Practitioner's Approach, McGraw-Hill, 2009.
|
10 |
Gartner, Nov 2005, http://gartner.com
|
11 |
Common Weakness Enumeration(CWE), A Community-Developed Dictionary of Software Weakness Types, http://cwe.mitre.org.
|
12 |
A. B. Tucker and R. E. Noonan, Programming Languages: Principles and Paradigms, Mc-Graw Hill, 2007.
|
13 |
Gary McGraw, Software Security, Addison- Wesley, February 2006.
|
14 |
John Viega and Gary McGraw, Building Secure Software, Addison-Wesley, September 2001.
|
15 |
Richard Ford and Michael Howard, "Improving Software Security by Eliminating the CWE Top 25 Vulnerabilities," IEEE Security & Privacy, Vol.7, Issue 3, pp. 68-71, 2009.
|
16 |
J. McManus and D. Mohindra, The CERT Sun Microsystems Secure Coding Standard for Java, CERT, 2009.
|
17 |
Lockheed Martin Corporation, J oint Strike Fighter: Air Vehicle C++ Coding Standards for The System Development and Demonstration Program, 2005.
|
18 |
MISRA, Guidelines for The Use Of The C Language in Vehicle Based Software, 1998.
|
19 |
Y. W. Huang, F. Yu, C. Hang, C. H. Tsai, D. T. Lee, and S. Y. Kuo, "Securing Web Application Code by Static Analysis and Runtime Protection," Proceedings of the 13th Conference on World Wide Web, pp. 40-52, 2004.
|
20 |
A.V. Aho, R. Sethi, and J. D. Ulman, Compilers: Principles, Techniques, and Tools, Addison Wesley, 2007.
|