Software Assurance Metrics And Tool Evaluation (SAMATE)
-
The Software Assurance Reference Dataset (SARD), Jan 2025,
DOI 10.6028/NIST.IR.8561
-
Reliability in Building Blocks for Secure Software, Dec 2024,
DOI 10.1109/MRL.2024.3449789
-
Report on Secure Hardware Assurance Reference Dataset (SHARD) Program, Oct 2024,
DOI 10.6028/NIST.IR.8540
-
Vulnerability Test Suite Generator (VTSG) Version 3, Oct 2023,
DOI 10.6028/NIST.IR.8493
-
SATE VI Report: Bug Injection and Collection, June 2023,
DOI 10.6028/NIST.SP.500-341
-
Guidelines on Minimum Standards for Developer Verification of Software,
Oct 2021,
DOI 10.6028/NIST.IR.8397,
arxiv 2107.12850
-
SATE VI Ockham Sound Analysis Criteria, April 2020,
DOI 10.6028/NIST.IR.8304
-
Formal Methods for Statistical Software, October 2019,
DOI 10.6028/NIST.IR.8274
-
Classification of Smart Contract Bugs Using the NIST Bugs Framework, 2019
DOI 10.1109/SERA.2019.8886793
-
SATE V Report: Ten Years of Static Analysis Tool Expositions, 2018 DOI 10.6028/NIST.SP.500-326
-
Randomness Classes in Bugs Framework (BF): True-Random Number Bugs (TRN) and Pseudo-Random Number Bugs (PRN), 2018
DOI 10.1109/COMPSAC.2018.00110
-
Juliet 1.3 Test Suite: Changes From 1.2, 2018
DOI 10.6028/NIST.TN.1995
-
A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs, 2018
DOI 10.6028/jres.123.005
-
SARD:
Thousands of Reference Programs for Software Assurance, 2017
-
Defeating Buffer Overflow: A Trivial but Dangerous Bug, 2016,
DOI 10.1109/MITP.2016.117
-
Report of the Workshop on Software Measures and Metrics to Reduce
Security Vulnerabilities (SwMM-RSV), 2016,
DOI 10.6028/NIST.SP.500-320
-
The Bugs Framework (BF): A Structured Approach to Express Bugs, 2016,
DOI 10.1109/QRS.2016.29
-
SATE V Ockham Sound Analysis Criteria, March 2016,
DOI 10.6028/NIST.IR.8113
-
A Fundamental CWE Effectiveness Test Suite for CWE-121: Stack-based Buffer Overflow, 2013
-
Report on the Static Analysis Tool Exposition (SATE) IV, 2013,
DOI 10.6028/NIST.SP.500-297
-
Report on the Metrics and Standards for Software Testing (MaSST) Workshop 2012,
DOI 10.6028/NIST.IR.7920
-
Juliet 1.1 C/C++ and Java Test Suite, 2012,
DOI 10.1109/MC.2012.345
-
Static Analyzers: Seat Belts for Your Code, 2012,
DOI 10.1109/MSP.2012.2
-
Software Vulnerabilities Precluded by SPARK, 2011
-
Report on the Third Static Analysis Tool Exposition (SATE 2010), 2011,
DOI 10.6028/NIST.SP.500-283
-
Counting Bugs is Harder Than You Think, 2011
-
The Second Static Analysis Tool Exposition (SATE 2009), 2010,
DOI 10.6028/NIST.SP.500-287
-
Static Analysis Tool Exposition (SATE) 2008, 2009
-
Static Analyzers in Software Engineering, 2009
-
Cyber Security Metrics and Measures, 2009
-
Proc. Static Analysis Workshop, 2008
-
Proc. Static Analysis Summit II, 2008
-
Software Assurance with SAMATE
Reference Dataset, Tool Standards, and Studies, 2007
-
Effect of Static Analysis Tools on
Software Security: Preliminary Investigation, 2007
-
SAMATE and
Evaluating Static Analysis Tools, 2007
-
Software Assurance During
Maintenance, 2006
-
SAMATE's Contribution to
Information Assurance, 2006
-
Proc. Workshop on Software
Security Assurance Tools, Techniques, and Metrics (SSATTM), 2005
-
Proc. Defining the State of the Art
in Software Security Tools (softSecToolsSOA) Workshop, 2005
-
Software Assurance Metrics And Tool
Evaluation, 2005
Formal Test Generation
Program Verification
-
Formal Methods for Statistical Software, 2019,
DOI 10.6028/NIST.IR.8274
Sect. 3.5.1 is A Model of Automated Testing.
-
Is "Implementation Implies Specification"
Enough?, 1999
-
Some Theorem Proving Aids, 1998
-
Formal Verification of a Merge-Sort Program with
Static Semantics, 1998
-
Axiomatic Semantics Verification of a
Secure Web Server, 1998
-
Formal
Verification of Secure Programs in the Presence of Side Effects, 1998
-
Verifying Resilient Software, 1997
-
Inference Rules for Programming Languages with Side Effects in
Expressions, 1996
-
A Brief Introduction to Formal Methods, 1996
-
Automatically Synthesized Term Denotation Predicates: A Proof
Aid, 1995
Other
-
A Historical Note on Shell Sort, Bresenham’s Algorithm, and the
Chinese Postman Problem, May 2022,
DOI 10.6028/NIST.SP.1280
-
Algorithms and Data Structures for New Models of Computation, Jan/Feb 2021,
DOI 10.1109/MITP.2020.3042858
-
DADS: The On-Line Dictionary of Algorithms and Data Structures, 2020,
DOI 10.6028/NIST.IR.8318
-
Opaque Wrappers and Patching: Negative Results, 2019,
DOI 10.1109/MC.2019.2936071.
PMCID PMC7066996.
-
Dramatically Reducing Software Vulnerabilities: Report to the White
House Office of Science and Technology Policy, Nov 2016,
DOI 10.6028/NIST.IR.8151
-
Insights on Formal Methods in Cybersecurity, 2016,
DOI 10.1109/MC.2016.131
What Happened to Formal Methods for Security? 2016,
DOI 10.1109/MC.2016.228
-
Test Generation Using Model Checking and Specification Mutation, 2014,
DOI 10.1109/MITP.2013.104
includes other history, such as the Standards Eastern Automatic Calculator
(SEAC), magnetic tape standards, Fortran test programs, DES, FIPS, Compass
conferences, and combinatorial testing.
-
NIST Contributions to IT, 2014,
DOI 10.1109/MITP.2014.20
-
Does Security Trump Reliability? 2013,
DOI 10.1109/MC.2013.383
-
FS-TST 2.0: Forensic Software
Testing Support Tools - Parts A, B, and C, 2006
-
Testing BIOS Interrupt 0x13 Based
Software Write Blockers, 2005
-
Software Write Block - Testing Support
Tools Validation, 2005
-
Modeling Quantum Information
Systems, 2004
-
Quantum Computing and Communications, 2002
-
Software Testing: Protocol Comparison, 1998
-
Proc.
LAL SuperScalar Waffle Feed, 1998
-
Hypothetical Intelligent Plants,
or, What Kind of Terminal Could a Tulip Use?, 1997
-
Queuing Analysis of Oblivious Packet-Routing
Networks, 1994
-
Gdist: A Distributed Configuration Control
System, 1988
-
A Two-Level Interactive Approach to Silicon
Compilation, 1986
Updated
Fri Jan 31 16:39:49 2025
by Paul E. Black
(paul.black@nist.gov)
This page's URL is https://hissa.nist.gov/~black/Papers/