Paul E. Black, SAMATE and Evaluating Static Analysis Tools, Ada User Journal, 28(3):184-188, September 2007.

Abstract:
    We give some background on the Software Assurance Metrics and Tool Evaluation (SAMATE) project and our decision to work on static source code security analyzers. We give our experience bringing together government, vendors, and users together to develop a specification and tests to evaluate such analyzers. We also present preliminary results of our study on whether such tools reduce vulnerabilities in practice.

Get the paper in PDF (86k).

Get presentation slides (495k) from 12th Int'l Conf. on Reliable Software Technologies - Ada-Europe 2007.


This page's URL is /~black/Papers/staticAnalyExper Ada Geneva Jun 007.html

Updated Mon Oct 1 11:03:10 2007

by Paul E. Black  (paul.black@nist.gov)

Go to Black's papers or NIST home page.