Tell a friend
Print
Gentsch, Christoph and Krishnamurthy, Rohan and Heinze, Thomas (2021) Benchmarking Open-Source Static Analyzers for Security Testing for C. In: 9th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, ISoLA 2020, 12479, pp. 182-198. Springer. 9th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation, 17-29 Oct 2021, Rhodes, Greece. doi: 10.1007/978-3-030-83723-5_13. ISBN 978-3-030-83722-8.
![[img]](https://elib.dlr.de/style/images/fileicons/application_pdf.png) |
PDF
- Only accessible within DLR
482kB |
Official URL: https://link.springer.com/chapter/10.1007%2F978-3-030-83723-5_13
Abstract
As the number of available static analysis security testing (SAST) tools grows, the more difficult it becomes for developers to decide which tool(s) to use. We report on our evaluation of 11 open-source general-purpose SAST tools for the C programming language on the SARD Juliet Test Suite and of six tools on the Wireshark software. In line with the previous work, we find that there is no single superior tool, though sound tools performed the best on the Juliet test cases.
| Item URL in elib: | https://elib.dlr.de/143645/ | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Document Type: | Conference or Workshop Item (Speech) | ||||||||||||
| Title: | Benchmarking Open-Source Static Analyzers for Security Testing for C | ||||||||||||
| Authors: |
| ||||||||||||
| Date: | 2021 | ||||||||||||
| Journal or Publication Title: | 9th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, ISoLA 2020 | ||||||||||||
| Refereed publication: | Yes | ||||||||||||
| Open Access: | No | ||||||||||||
| Gold Open Access: | No | ||||||||||||
| In SCOPUS: | No | ||||||||||||
| In ISI Web of Science: | No | ||||||||||||
| Volume: | 12479 | ||||||||||||
| DOI: | 10.1007/978-3-030-83723-5_13 | ||||||||||||
| Page Range: | pp. 182-198 | ||||||||||||
| Editors: |
| ||||||||||||
| Publisher: | Springer | ||||||||||||
| Series Name: | Lecture Notes in Computer Science | ||||||||||||
| ISBN: | 978-3-030-83722-8 | ||||||||||||
| Status: | Published | ||||||||||||
| Keywords: | static analysis, SAST, C, security analysis, benchmark | ||||||||||||
| Event Title: | 9th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation | ||||||||||||
| Event Location: | Rhodes, Greece | ||||||||||||
| Event Type: | international Conference | ||||||||||||
| Event Dates: | 17-29 Oct 2021 | ||||||||||||
| HGF - Research field: | Aeronautics, Space and Transport | ||||||||||||
| HGF - Program: | Space | ||||||||||||
| HGF - Program Themes: | Space System Technology | ||||||||||||
| DLR - Research area: | Raumfahrt | ||||||||||||
| DLR - Program: | R SY - Space System Technology | ||||||||||||
| DLR - Research theme (Project): | R - Intelligent analysis and methods for safe software development | ||||||||||||
| Location: | Jena | ||||||||||||
| Institutes and Institutions: | Institute of Data Science > Secure Digital Systems | ||||||||||||
| Deposited By: | Heinze, Thomas | ||||||||||||
| Deposited On: | 01 Sep 2021 15:49 | ||||||||||||
| Last Modified: | 18 Aug 2022 13:32 |
Repository Staff Only: item control page
