A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs

Paul E. Black

首页> 外文期刊>Journal of Research of the National Institute of Standards and Technology >A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs

【24h】

A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs

机译：软件保证参考数据集：数千个具有已知错误的程序

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

The Software Assurance Reference Dataset (SARD) [1] is a growing collection of over 170 000 programs with precisely located bugs. The programs are in C, C++, Java~1, PHP, and C# and cover more than 150 classes of weaknesses, such as SQL injection, cross-site scripting (XSS), buffer overfow, and use of a broken cryptographic algorithm. Most are automatically generated synthetic programs, each a few pages of code long, but there are also over 7000 full-sized applications. In addition, SARD has production code and has hundreds of cases written by hand. The code is typical quality. It is neither pristine nor obfuscated. Many cases have corresponding good cases, in which weaknesses are fixed, to test for false positives.

机译：软件保证参考数据集（SARD）[1]是一个超过170 000个程序的越来越多的集合，具有精确定位的错误。这些程序位于C，C ++，Java〜1，PHP和C＃中，并覆盖了超过150类的弱点，如SQL注入，跨站点脚本（XSS），缓冲区过度和使用破旧的加密算法。大多数都是自动生成的合成程序，每页代码长，但也有超过7000个全尺寸应用程序。此外，SARD还具有生产代码，并具有数百个案例用手写。代码是典型的质量。它既不是原始也不会困扰。许多情况有相应的好情况，其中缺点是固定的，以测试误报。

著录项

来源
《Journal of Research of the National Institute of Standards and Technology》 |2018年第2018期|共3页
作者
Paul E. Black;
展开▼
作者单位

National Institute of Standards and Technology Gaithersburg MD 20899;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类 T-65712;
关键词
cybersecurity; software assurance; software quality; static analysis;

机译：网络安全;软件保证;软件质量;静态分析;

相似文献

外文文献
中文文献
专利

1. A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs [J] . Paul E. Black Journal of Research of the National Institute of Standards and Technology . 2018,第期

机译：软件保证参考数据集：数千个具有已知错误的程序
2. A Static Bug Detector For Uninitialized Field References In Java Programs [J] . Sunae SEO, Youil KIM, Hyun, IEICE Transactions on Information and Systems . 2007,第10期

机译：用于Java程序中未初始化字段引用的静态错误检测器
3. Adding Semantic Aspects to Social Software Engineering for Improve Software Debugging and Codification Software Engineer’s Educational Program [J] . Nematallah Ghanavati Indian Journal of Education and Information Management . 2014,第2期

机译：在社交软件工程中增加语义方面的内容，以改善软件调试和编码过程软件工程师的教育计划
4. SOFTWARE ASSURANCE WITH SAMATE REFERENCE DATASET, TOOL STANDARDS, AND STUDIES [C] . Paul E. Black IEEE/AIAA Digital Avionics Systems Conference . 2006

机译：使用Samate参考数据集，工具标准和研究的软件保证
5. Advanced Software Fault Localization for Programs with Multiple Bugs [D] . Gao, Ruizhi 2017

机译：具有多个错误的程序的高级软件故障本地化
6. PRIMO Monte Carlo software benchmarked against a reference dosimetry dataset for 6 MV photon beams from Varian linacs [O] . Marcelino Hermida–López, David Sánchez–Artuñedo, Juan Francisco Calvo–Ortega 2018

机译：PRIMO Monte Carlo软件以来自Varian直线加速器的6 MV光子束的参考剂量数据集为基准
7. SOFTWARE ASSURANCE WITH SAMATE REFERENCE DATASET, TOOL STANDARDS, AND STUDIES [O] . 2010

机译：具有相同参考数据集，工具标准和研究的软件保障
8. Software Assurance Curriculum Project Volume 1: Master of Software Assurance Reference Curriculum [R] . Mead, N. R., Allen, J. H., Ardis, M., 2010

机译：软件保障课程项目第1卷：软件保障参考课程硕士

A Software Assurance Reference Dataset: Thousands of Programs With Known Bugs

摘要

著录项

相似文献

相关主题

期刊订阅