publication . Conference object . Article . 2011

Detecting C Program Vulnerabilities

Anton Ermakov; Natalia Kushik;
Open Access
  • Published: 01 Jan 2011
  • Publisher: Institute for System Programming of the Russian Academy of Sciences
Abstract
C/C++ language is widely used for developing tools in various applications, in particular, software tools for critical systems are often written in C language. Therefore, the security of such software should be thoroughly tested, i.e., the absence of vulnerabilities has to be confirmed. When detecting C program vulnerabilities static source code analysis can be used. In this paper, we present a short survey of existing software tools for such analysis and show that for some kinds of C code vulnerabilities this analysis is insufficient. Thus, we briefly present an approach for SPIN based approach for vulnerability detection which may be useful in some cases.
Subjects
free text keywords: static/dynamic detection method, Vulnerability, Secure coding, Computer security, computer.software_genre, computer, Source code, media_common.quotation_subject, media_common, Computer science, Vulnerability detection, Software, business.industry, business
Any information missing or wrong?Report an Issue