• DocumentCode
    1418790
  • Title

    Static Analyzers: Seat Belts for Your Code

  • Author

    Black, Paul E.

  • Author_Institution
    US Nat. Inst. of Stand. & Technol., USA
  • Volume
    10
  • Issue
    3
  • fYear
    2012
  • Firstpage
    48
  • Lastpage
    52
  • Abstract
    Just as seat belt use is widespread, static analysis should be part of ethical software development. Because security must be designed in, static analysis should occur early in software development to reduce vulnerabilities or, even better, provide feedback to educate software developers and reinforce good practices, minimizing vulnerable constructs ever getting in the code. Even as industry migrates to languages safer than unconstrained C, thus eliminating many possible weaknesses, static analysis can be even more useful to check annotations, guarantees, conditions, and specifications provided by developers.
  • Keywords
    program diagnostics; security of data; software development management; software development; software security; software vulnerability reduction; static analysis; Computer bugs; Computer security; Filtering; Human factors; Privacy; Programming; Quality assurance; Software measurement; Software quality; SAMATE; SATE; Software Assurance Metrics and Tool Evaluation; Static Analysis Tool Exposition; computer security; software assurance; software engineering; software quality; static analysis;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2012.2
  • Filename
    6127855
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1418790