An evaluation of free/open source static analysis tools applied to embedded software

Torri, Lucas; Fachini, Guilherme James de Angelis; Steinfeld, Leonardo; Camara, Vesmar; Carro, Luigi; Cota, Érika

doi:10.1109/latw.2010.5550368

Cited by 8 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It will check the source code of C/C++ and figure out the bugs, inconsistencies, non-portable constructs, redundant code, etc. It is developed by Gimpel Software and it has been continuously maintained for more than 25 years [19]. Two examples demonstrating the types of violations PC-Lint can catch are [12]:…”

Section: Pc-lintmentioning

confidence: 99%

Safety critical software ground rules

Addagarrala

Kinnicutt²

2018

IJET

View full text Add to dashboard Cite

Safety critical software development field is one of the active research areas in many industries like automotive, medical, railways, nuclear and aerospace are placing increased value on safety and reliability. Safety critical software systems are those systems whose failure could result in the death or a serious injury to the people’s life, security is one of the important topics in the field of safety-critical systems and it must be addressed completely in order to operate safety critical software successfully. In this paper we present a study about the set of standards and different ground rules to be followed in critical software development practices in different industries and the challenges in applying these standards. We also discuss the role of static analysis and software integrity levels in these standards, similarities in these standards and the set of activities followed in the development process of these standards.

show abstract

Section: Pc-lintmentioning

confidence: 99%

Safety critical software ground rules

Addagarrala

Kinnicutt²

2018

IJET

View full text Add to dashboard Cite

show abstract

“…Schumacher et al showed the value of gathering information from vulnerability databases to aid the discovery of vulnerabilities in software [13]. In [14] Torri et al evaluated 10 free and open source static analysis tools on embedded C programs. Torri et al found that while the results were very poor, even the best performing tool needed to be tweaked extensively to produce good results, and therefore, this approach was impractical for use in software development and vulnerability discovery [14].…”

Section: A Vulnerability Discoverymentioning

confidence: 99%

“…In [14] Torri et al evaluated 10 free and open source static analysis tools on embedded C programs. Torri et al found that while the results were very poor, even the best performing tool needed to be tweaked extensively to produce good results, and therefore, this approach was impractical for use in software development and vulnerability discovery [14]. Similar results were shown in [11] and [15].…”

Section: A Vulnerability Discoverymentioning

confidence: 99%

Mining Bug Databases for Unidentified Software Vulnerabilities

Wijayasekara

Manic

Wright

et al. 2012

2012 5th International Conference on Human System Interactions

View full text Add to dashboard Cite

Abstract-Identifying software vulnerabilities is becoming more important as critical and sensitive systems increasingly rely on complex software systems. It has been suggested in previous work that some bugs are only identified as vulnerabilities long after the bug has been made public. These vulnerabilities are known as hidden impact vulnerabilities. This paper discusses existing bug data mining classifiers and present an analysis of vulnerability databases showing the necessity to mine common publicly available bug databases for hidden impact vulnerabilities.We present a vulnerability analysis from January 2006 to April 2011 for two well known software packages: Linux kernel and MySQL. We show that 32% (Linux) and 62% (MySQL) of vulnerabilities discovered in this time period were hidden impact vulnerabilities. We also show that the percentage of hidden impact vulnerabilities in the last two years has increased by 53% for Linux and 10% for MySQL.We then propose a hidden impact vulnerability identification methodology based on text mining classifier for bug databases. Finally, we discuss potential challenges faced by a development team when using such a classifier.

show abstract

“…It is not surprising that many tools that process C code or associated intermediate languages (such as LLVM IR [38] and CIL [45]) partially or entirely lack support for inline assembly. For example, many bug-inding tools (e.g., the Clang Static Analyzer [70], splint [18,19,63], Frama-C [69], uno [26], and the LLVM sanitizers [55,58]), tools for source translation (e.g., c2go [44]), semantic models for C [36,43], and alternative execution environments such as Sulong [51±53] and Klee [12] still lack support for inline assembly, provide only partial support, or overapproximate it (e.g., by analyzing only the side efects speciied as part of the fragment), which can lead to imprecise analyses or missed optimization opportunities. How to provide better support depends on the tool, for example, in Sulong, adding support for assembly instructions requires emulating their behavior in Java, while support in a formal model would require specifying the instructions in a language such as Coq.…”

Section: Introductionmentioning

confidence: 99%