Static Security Analysis for Open Source Software

摘要

The goal of the project, Static Security Analysis for Open Source Software, was to explore technologies to improve the security of software by helping to automate security analysis. The project successfully improved upon the best published analysis techniques and made several releases publicly available as open source software. The analysis techniques developed under this effort reduce both false positives and false negatives compared to previous techniques. Additionally, the tools developed are highly scalable and extensible. Some of these tools were adopted by other projects within the DARPA Composable High Assurance Trusted Software Program.