2016 IEEE 3rd World Forum on Internet of Things (WF-IoT) 2016
DOI: 10.1109/wf-iot.2016.7845497
|View full text |Cite
|
Sign up to set email alerts
|

Vulnerable C/C++ code usage in IoT software systems

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
13
0

Year Published

2017
2017
2024
2024

Publication Types

Select...
4
2
1

Relationship

1
6

Authors

Journals

citations
Cited by 15 publications
(13 citation statements)
references
References 7 publications
0
13
0
Order By: Relevance
“…For the systems whose history was analyzed, the last version of the system for each year was used. Then, we used the srcML (www.srcML.org) toolkit [1,11] to parse and analyze each file. The srcML format wraps the statements and structures of the source code syntax with XML elements, allowing tools, such as UnsafeFunsDetector, to use XML APIs to locate pieces of code, such as unsafe functions, and to analyze expressions in a quick and efficient manner.…”
Section: Methodsology For Detecting Unsafe Functionsmentioning
confidence: 99%
See 2 more Smart Citations
“…For the systems whose history was analyzed, the last version of the system for each year was used. Then, we used the srcML (www.srcML.org) toolkit [1,11] to parse and analyze each file. The srcML format wraps the statements and structures of the source code syntax with XML elements, allowing tools, such as UnsafeFunsDetector, to use XML APIs to locate pieces of code, such as unsafe functions, and to analyze expressions in a quick and efficient manner.…”
Section: Methodsology For Detecting Unsafe Functionsmentioning
confidence: 99%
“…Figure. 1. shows the change in number of unsafe functions used for the original study [1]. Figure. 2. shows the change in number of unsafe functions for the 4 additional systems studied.…”
Section: Historical Change Of Unsafe Function Frequencymentioning
confidence: 99%
See 1 more Smart Citation
“…Table 2 shows a brief overview of the related work, and the following paragraphs explain the work in details. Alnaeli et al [ 42 ] conducted an empirical study using static analysis methods on three C/C++ open-source IoT software packages to identify known vulnerable statements. They created a tool called UnsafeFunsDetector to find unsafe functions that are known to the research community or banned by some compiler producers.…”
Section: Related Workmentioning
confidence: 99%
“…Alnaeli et al [ 43 ] extended their previous work [ 42 ] to empirically examine the vulnerabilities of eighteen open-source IoT software systems, all of which were specifically written in C/C++ for IoT architectures. They found that usage of unsafe functions was still common among the selected systems, and developers were not working to improve the problems that were still present in the selected systems.…”
Section: Related Workmentioning
confidence: 99%