publication . Conference object . Article . 2011

Detecting C Program Vulnerabilities

Anton Ermakov; Natalia Kushik;
Open Access
  • Published: 01 Jan 2011
  • Publisher: Institute for System Programming of the Russian Academy of Sciences
Abstract
C/C++ language is widely used for developing tools in various applications, in particular, software tools for critical systems are often written in C language. Therefore, the security of such software should be thoroughly tested, i.e., the absence of vulnerabilities has to be confirmed. When detecting C program vulnerabilities static source code analysis can be used. In this paper, we present a short survey of existing software tools for such analysis and show that for some kinds of C code vulnerabilities this analysis is insufficient. Thus, we briefly present an approach for SPIN based approach for vulnerability detection which may be useful in some cases.
doi: 10.15514/syrcose-2011-5-10
Subjects
free text keywords: static/dynamic detection method, Vulnerability, Secure coding, Computer security, computer.software_genre, computer, Source code, media_common.quotation_subject, media_common, Computer science, Vulnerability detection, Software, business.industry, business
Download fromView all 2 versions
https://doi.org/10.15514/syrco...
Conference object
Provider: UnpayWall
CyberLeninka - Russian open access scientific library
Article . 2011
Provider: CyberLeninka - Russian open access scientific library
http://syrcose.ispras.ru/2011/...
Conference object
Provider: Microsoft Academic Graph
http://dx.doi.org/10.15514/syr...
Conference object . 2014
Provider: Crossref
Powered by OpenAIRE Research Graph
Any information missing or wrong?Report an Issue