MOPS: an infrastructure for examining security properties of software
Proceedings of the 9th ACM conference on Computer and communications security
The verifying compiler: A grand challenge for computing research
Journal of the ACM (JACM)
IEEE Security and Privacy
An infrastructure to support interoperability in reverse engineering
Information and Software Technology
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Grammar Recovery from Parse Trees and Metrics-Guided Grammar Refactoring
IEEE Transactions on Software Engineering
Research on XML Based Static Software Security Analysis
WCSE '10 Proceedings of the 2010 Second World Congress on Software Engineering - Volume 01
Hi-index | 0.00 |
Software defects are easy to cause when programming by C++ language, because of its features of flexibility and complexity, as well as its large number of undefined behaviors. According to "MISRA C++ 2008" safe subset, a method of software defects mining is raised based on static analysis technology. Source files can be converted into XML intermediate files, while rules in safe subset are expressed by XQuery expressions. And then match each rule to XML intermediate files to find the location of defects in source files. The experimental result of the prototype system shows that the software defects conflicting to safety rules can be mined effectively with low false alarm rate and low false negative rate.