skip to main content
research-article

Evaluation of static source code analyzers for avionics software development

Published:01 April 2008Publication History
Skip Abstract Section

Abstract

This paper describes an evaluation of static source code analyzers. The purpose of the evaluation was to determine their adequacy for use in developing realtime embedded software for aviation electronics where the use of development tools and methods is controlled by a federal regulatory agency. It describes the motivation for the evaluation, results, and conclusions.

References

  1. Zitser, Lippman, Leek, "Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open Source Code", ACM Foundations of Software Engineering 12, 2004, available at http://www.ll.mit.edu/IST/pubs/04_TestingStatic_Zitser.pdf Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Kratkiewicz, Lippmann, "A Taxonomy of Buffer Overflows for Evaluating Static and Dynamic Software Testing Tools", Proceedings of Workshop on Software Security Assurance Tools, Techniques, and Metrics, National Institute of Standards and Technology, February 2006, pp. 44--51Google ScholarGoogle Scholar
  3. Michaud, et al, "Verification Tools for Software Security Bugs", Proceedings of the Static Analysis Summit, National Institute of Standards and Technology, July 2006, available at http://samate.nist.gov/docs/Google ScholarGoogle Scholar
  4. Newsham, Chess, "ABM: A Prototype for Benchmarking Source Code Analyzers", Proceedings of Workshop on Software Security Assurance Tools, Techniques, and Metrics, National Institute of Standards and Technology, February 2006, pp. 52--59Google ScholarGoogle Scholar
  5. Forristal, "Review: Source-Code Assessment Tools Kill Bugs Dead", Secure Enterprise, December 1, 2005, http://www.ouncelabs.com/secure_enterprise.htmlGoogle ScholarGoogle Scholar
  6. Committee on Certifiably Dependable Software Systems, Software Certification and Dependability, The National Academies Press, 2004, pp. 11--12Google ScholarGoogle Scholar
  7. Common Weakness Enumeration, http://cve.mitre.org/cwe/index.html#graphicalGoogle ScholarGoogle Scholar
  8. Chelf, Measuring Software Quality: A Study Of Open Source Software, posted March 2006 at http://www.coverity.com/library/pdf/open_source_quality_report.pdfGoogle ScholarGoogle Scholar
  9. Software Considerations in Airborne Systems and Equipment Certification RTCA DO-178B, December 1, 1992Google ScholarGoogle Scholar
  10. SAMATE Reference Dataset, National Institute of Standards and Technology, http://samate.nist.gov/SRD/Google ScholarGoogle Scholar

Index Terms

  1. Evaluation of static source code analyzers for avionics software development

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGAda Ada Letters
          ACM SIGAda Ada Letters  Volume XXVIII, Issue 1
          April 2008
          74 pages
          ISSN:1094-3641
          DOI:10.1145/1387830
          Issue’s Table of Contents

          Copyright © 2008 Author

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 1 April 2008

          Check for updates

          Qualifiers

          • research-article
        • Article Metrics

          • Downloads (Last 12 months)0
          • Downloads (Last 6 weeks)0

          Other Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!