• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• Nuclear Engineering and Technology
• /
• v.47 no.2
• /
• pp.212-218
• /
• 2015

We describe a comparative analysis of different tools used to assess safety-critical software used in nuclear power plants. To enhance the credibility of safety assessments and to optimize safety justification costs, $Electricit{\acute{e}}$ de France (EDF) investigates the use of methods and tools for source code semantic analysis, to obtain indisputable evidence and help assessors focus on the most critical issues. EDF has been using the PolySpace tool for more than 10 years. Currently, new industrial tools based on the same formal approach, Abstract Interpretation, are available. Practical experimentation with these new tools shows that the precision obtained on one of our shutdown systems software packages is substantially improved. In the first part of this article, we present the analysis principles of the tools used in our experimentation. In the second part, we present the main characteristics of protection-system software, and why these characteristics are well adapted for the new analysis tools. In the last part, we present an overview of the results and the limitations of the tools.

• Management & Information Systems Review
• /
• v.2
• /
• pp.23-46
• /
• 1998

In this paper, comparative and analysis of multimedia author tools for to proper compatible multimedia author tools on multimedia author tools function and usage, and which breach of contract each author tools specific property prepare to forecast future multimedia expansion trend on information technology expansion. Multimedia essential element is hardware(storage, digital video, CD), software, sound, hypertext and hypermedia etc. Analysis criteria of multimedia author tools is programming environment, which are card, script, icon, time method.

• The Journal of Information Technology and Database
• /
• v.7 no.2
• /
• pp.101-115
• /
• 2000

Since web has been used as the front-end of database, many web database connectivity tools have been developed and being developed now. For web developers and educators, it has been a difficult problem to select one tool out of so many alternatives. This paper compares web database connectivity tools available on PC Windows environment in the viewpoint of developers and educators. This comparative analysis focuses on the functions and programming techniques provided by these tools through implementing a simple case study using these software solutions. The performance analysis of these tools was not done in this reason.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.17-23
• /
• 2004

Testing tools help software developers and test engineers to automate a part or the whole of test process and reduce the time and cost of software test. However. no automatic tools meet a variety of test requirements with various domains In this paper, we suggest a categorical taxonomy of automatic testing tools and analyze numerous commercial testing tools on its basis. Then we propose a development roadmap of software automatic testing tools. As a result of those analysis. we try to understand the complementary relations of the testing tools and seek for the direction of further development of the testing tools.

• Journal of the Korean Society for Precision Engineering
• /
• v.20 no.1
• /
• pp.229-239
• /
• 2003

The design process of machine tools is regarded as a sequential, discrete, and inefficient works as it requires various kinds of design tools and many working hours. This paper describes an integrated design system embedding a design methodology that can support efficiently and systematically the conceptual structural design of machine tools. The system is a knowledge-based design system and has four machine-tool-specific functional modules including configuration design, configuration analysis, structure design, and structural analysis support module. Through the configuration design and analysis module, a machine configuration appropriate for design requirements is selected, and then the arrangement of ribs fer each structural part is decided in the structure design module. Also, the structural analysis support module is used to evaluate design result by utilizing structural analysis software, ANSYS. The system is applied to design of a tapping machine, and shows that the machine structure can be designed fast and conveniently by processing each design step interactively.

• Journal of Korean Society for Quality Management
• /
• v.32 no.1
• /
• pp.1-20
• /
• 2004

Six sigma has been the most influential management innovation program since 1996 in Korea. As a result of successful implementation of 6 sigma, there have been a number of dramatic quality improvement cases. However, no empirical study of 6 sigma implementation study has done especially in the service industry of Korea. This article reviews status of finance companies which implemented 6 sigma programs in Korea and then demonstrates the relationship between 6 sigma problem solving tools such as analysis of variance and graph techniques, etc and project success and operational performance. Customer survey tools, process analysis, and documentation tool are identified as influential tools on project success. Tools of measure steps, customer survey tools, and documentation tool are found as influential tools on operational performance.

• Korean Journal of Human Ecology
• /
• v.17 no.1
• /
• pp.35-43
• /
• 2008

The purpose of this study is to develop evaluation tools for young children's mathematical ability based on the content standards of NCTM and to verify the suitability of the tools. The tools consist of 5 sub-tests with 90 items, including number and operation, algebra, geometry, measurement, data analysis and probability. The tool analysis was examined with 300 three-to five-years-old children and 31 math education professionals. The results of this research are as follows : First, in order of age the passing rate increased. The gap between high and low score group reveals a statistically meaningful difference. Second, the internal consistency reliability coefficient, Cronbach ${\alpha}$, is .96. Test-retest reliability is around .90. The concurrent validity correlation between this tools and Choi Hye-Jin's test(2003) is .85. The analysis of the content validity was proved appropriately by math education professionals.

• Architectural research
• /
• v.16 no.4
• /
• pp.131-137
• /
• 2014

Recently, the development of sustainable building assessment tools as means to invigorate the dissemination of sustainable buildings has been actively progressed. However, many assessment tools involve various problems in terms of assessment method and system framework, which greatly impede their credibility and applicability. If these problems persist over time, the role of sustainable building assessment tools as decision making measures during the design stage will be greatly limited. The objective of the study is to suggest a systematic model for sus- tainable building assessment tools by establishing a logical system of performance assessment framework. For this purpose, the Environmen- tal Impact Assessment(EIA) framework used in selected and modified to fit the building performance assessment. The analysis of performance assessment tools for sustainable buildings was conducted using the EIA framework. Based on the results of the analysis, a framework for the performance assessment of sustainable buildings was established.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.9
• /
• pp.51-58
• /
• 2019

Temporal analysis is very useful and important for digital forensics for reconstructing the timeline of digital events. Forgery of a file's timestamp can lead to inconsistencies in the overall temporal relationship, making it difficult to analyze the timeline in reconstructing actions or events and the results of the analysis might not be reliable. The purpose of the timestamp change is to hide the data in a steganographic way, and the other purpose is for anti-forensics. In both cases, the time stamp change tools are requested to use. In this paper, we propose a classification method based on the behavior of the timestamp change tools. The timestamp change tools are categorized three types according to patterns of the changed timestamps after using the tools. By analyzing the changed timestamps, it can be decided what kind of tool is used. And we show that the three types of the patterns are closely related to API functions which are used to develop the tools.