Paul E. Black and Elizabeth Fong,
Proc. Static Analysis Summit II,
ADA Letters, 28(1):71-102, April 2008.
Static Analysis Summit II was held 8 and 9 November 2007. The
workshop had a keynote address by Professor William Pugh, paper
presentations, discussion sessions, a panel on "Obfuscation Versus
Analysis - Who Will Win?", and a new technology demonstration
fair. The workshop is one of a series by NIST's Software Assurance
Metrics and Tool Evaluation (SAMATE) project, which is partially
funded by DHS to help identify and enhance software security assurance
tools. The Call for Papers pointed out that "black-box" testing cannot
realistically find maliciously implanted Trojan horses or subtle
errors with many preconditions. For maximum assurance, static analysis
must be applied to all levels of software artifacts, from models to
source code to binaries. Static analyzers are quite capable and are
developing quickly. Yet, developers, auditors, and examiners could use
far more capabilities. The goal of this summit is to convene
researchers, developers, and government and industrial users to define
obstacles to such urgently-needed capabilities and try to identify
feasible approaches to overcome them, either engineering ("solved"
problems) or research.
The Call for Papers solicited contributions describing basic research,
applications, experience, or proposals relevant to static analysis
tools, techniques, and their evaluation. These proceedings include the
agenda, some notes on the discussions, and reviewed papers.
Get the proceedings in
Get the keynote presentation
This page's URL is /~black/Papers/procSASII.html
Fri Dec 16 12:49:57 2011
by Paul E. Black
Black's papers or
NIST home page.