Proceedings of Defining the State of the Art in Software Security Tools Workshop, Paul E. Black (chair) and Elizabeth Fong (ed), NIST Special Publication 500-264, November 2005.

    This proceeding is the result of a workshop held on August 10 and 11, 2005 hosted by the Software Diagnostics and Conformance Division, Information Technology Laboratory, at the National Institute of Standards and Technology. The workshop, "Defining the State of the Art in Software Security Tools," is one of a series in the NIST Software Assurance Measurement and Tool Evaluation (SAMATE) project, which is partially funded by DHS to help identify and enhance software security assurance (SSA) tools. The goal of this workshop is to understand the state of the art of SSA tools that detect security flaws and vulnerabilities and develop a standard reference dataset of programs with known flaws. 45 people from outside NIST attended, including representatives from the federal government (NSF, FDA, NSA, DoD, and DHS), seven universities, more than a dozen tool vendors and service providers, and many research companies.

The proceedings include a summary, the call and agenda, attendees, their position statements and background information (33 pages), discussion material (15 pages), presentation slides and minutes (30 pages), and three submitted papers (20 pages). The workshop URL is

Get the proceedings in PDF (5.9M).

This page's URL is /~black/Papers/nistSP500-264_aug05.html

Updated Tue Nov 29 10:55:09 2005

by Paul E. Black  (

Go to Black's papers or NIST home page.