"Evaluation of CERT Secure Coding Rules through Integration with Source" by Stephen Dewhurst, Chad R. Dougherty et al.

Software Engineering Institute

Authors

Stephen Dewhurst
Chad R. Dougherty, Carnegie Mellon UniversityFollow
Yurie Ito, Carnegie Mellon UniversityFollow
David Keaton, Carnegie Mellon UniversityFollow
Dan Saks
Robert C. Seacord, Carnegie Mellon UniversityFollow
David Svoboda, Carnegie Mellon UniversityFollow
Christopher Taschner, Carnegie Mellon UniversityFollow
Kazuya Togashi

Title

Evaluation of CERT Secure Coding Rules through Integration with Source Code Analysis Tools

Date of Original Version

6-2008

Type

Technical Report

Abstract or Table of Contents

This report describes a study conducted by the CERT Secure Coding Initiative and JPCERT to evaluate the efficacy of the CERT Secure Coding Standards and source code analysis tools in improving the quality and security of commercial software projects. In addition to assessing the ability of existing tools to detect violations of the standard, the ability to extend and improve the tools is surveyed. Finally, the use of a selected tool to improve the quality of code in the real-world case of a Japanese software vendor's product is described

Comments

CMU/SEI-2008-TR-014

Download

COinS

Research Showcase

Software Engineering Institute

Authors

Title

Date of Original Version

Type

Abstract or Table of Contents

Comments

Advanced Search

Browse

Links

Author Corner

Research Showcase

Software Engineering Institute

Authors

Title

Date of Original Version

Type

Abstract or Table of Contents

Comments

Share

Advanced Search

Browse

Links

Author Corner