elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Imprint | Privacy Policy | Contact | Deutsch
Fontsize: [-] Text [+]

Benchmarking Open-Source Static Analyzers for Security Testing for C

Gentsch, Christoph and Krishnamurthy, Rohan and Heinze, Thomas (2021) Benchmarking Open-Source Static Analyzers for Security Testing for C. In: 9th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, ISoLA 2020, 12479, pp. 182-198. Springer. 9th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation, 17-29 Oct 2021, Rhodes, Greece. doi: 10.1007/978-3-030-83723-5_13. ISBN 978-3-030-83722-8.

[img] PDF - Only accessible within DLR
482kB

Official URL: https://link.springer.com/chapter/10.1007%2F978-3-030-83723-5_13

Abstract

As the number of available static analysis security testing (SAST) tools grows, the more difficult it becomes for developers to decide which tool(s) to use. We report on our evaluation of 11 open-source general-purpose SAST tools for the C programming language on the SARD Juliet Test Suite and of six tools on the Wireshark software. In line with the previous work, we find that there is no single superior tool, though sound tools performed the best on the Juliet test cases.

Item URL in elib:https://elib.dlr.de/143645/
Document Type:Conference or Workshop Item (Speech)
Title:Benchmarking Open-Source Static Analyzers for Security Testing for C
Authors:
AuthorsInstitution or Email of AuthorsAuthor's ORCID iD
Gentsch, ChristophChristoph.Gentsch (at) dlr.deUNSPECIFIED
Krishnamurthy, RohanRohan.Krishnamurthy (at) dlr.deUNSPECIFIED
Heinze, Thomasthomas.heinze (at) dlr.deUNSPECIFIED
Date:2021
Journal or Publication Title:9th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, ISoLA 2020
Refereed publication:Yes
Open Access:No
Gold Open Access:No
In SCOPUS:No
In ISI Web of Science:No
Volume:12479
DOI :10.1007/978-3-030-83723-5_13
Page Range:pp. 182-198
Editors:
EditorsEmailEditor's ORCID iD
Margaria, TizianaUNSPECIFIEDUNSPECIFIED
Steffen, BernhardUNSPECIFIEDUNSPECIFIED
Publisher:Springer
Series Name:Lecture Notes in Computer Science
ISBN:978-3-030-83722-8
Status:Published
Keywords:static analysis, SAST, C, security analysis, benchmark
Event Title:9th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation
Event Location:Rhodes, Greece
Event Type:international Conference
Event Dates:17-29 Oct 2021
HGF - Research field:Aeronautics, Space and Transport
HGF - Program:Space
HGF - Program Themes:Space System Technology
DLR - Research area:Raumfahrt
DLR - Program:R SY - Space System Technology
DLR - Research theme (Project):R - Intelligent analysis and methods for safe software development
Location: Jena
Institutes and Institutions:Institute of Data Science > Secure Digital Systems
Deposited By: Heinze, Thomas
Deposited On:01 Sep 2021 15:49
Last Modified:01 Sep 2021 15:49

Repository Staff Only: item control page

Browse
Search
Help & Contact
Information
electronic library is running on EPrints 3.3.12
Copyright © 2008-2017 German Aerospace Center (DLR). All rights reserved.