Static analysis for security

Top Cited Papers

13 December 2004

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Security & Privacy

Vol. 2 (6), 76-79
https://doi.org/10.1109/msp.2004.111

Abstract

All software projects are guaranteed to have one artifact in common $source code. Together with architectural risk analysis, code review for security ranks very high on the list of software security best practices. We look at how to automate source-code security analysis with static analysis tools.

Keywords

This publication has 7 references indexed in Scilit:

Using Static Analysis to Find Bugs
IEEE Software, 2008
Improving computer security using extended static checking
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2005
Using programmer-written compiler extensions to catch security holes
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2005
Risk analysis in software design
IEEE Security & Privacy, 2004
Software security
IEEE Security & Privacy, 2004
ESP
Published by Association for Computing Machinery (ACM) ,2002
Flow-sensitive type qualifiers
Published by Association for Computing Machinery (ACM) ,2002

Cited by 235 articles