System for detecting source code security flaws through analysis of code history

摘要

The present invention relates to a system for detecting source code security flaws through analysis of code history. First, the system obtains a previously inferred information flow policy, the previously inferred informational flow policy being based on a previous source code revision. The system then determines changes in source code between a previous source code revision and a current source code revision. Finally, a current inferred information flow policy is generated by modifying the previously inferred information flow policy to reflect the changes in source code. If the changes in the source code do not comply with the previously inferred information flow policy, then the changes are reported to a developer.