Checkmarx source code analysis technologies
We invite you to contact our: Sales Support HR
               
 
 
News
 
12.10.2009   NIST - Special Publication 500-279
 
Checkmarx participated in NIST - Static Analysis Tool Exposition (SATE) 2008
 

Static Analysis Tool Exposition (SATE) 2008


The NIST SAMATE project conducted the first Static Analysis Tool Exposition
(SATE) in 2008 to advance research in static analysis tools that find security
defects in source code. The main goals of SATE were to enable empirical
research based on large test sets and to encourage improvement and speed
adoption of tools. The exposition was planned to be an annual event.
Briefly, participating tool makers ran their tool on a set of programs. Researchers
led by NIST performed a partial analysis of tool reports. The results and
experiences were reported at the Static Analysis Workshop in Tucson, AZ, in
June, 2008. The tool reports and analysis were made publicly available in 2009.

This special publication consists of the following papers. “Review of the First
Static Analysis Tool Exposition (SATE 2008),” by Vadim Okun, Romain
Gaucher, and Paul E. Black, describes the SATE procedure, provides observations
based on the data collected, and critiques the exposition, including the lessons
learned that may help future expositions. Paul Anderson’s “Commentary on
CodeSonar’s SATE Results” has comments by one of the participating tool
makers. Steve Christey presents his experiences in analysis of tool reports and
discusses the SATE issues in “Static Analysis Tool Exposition (SATE 2008)
Lessons Learned: Considerations for Future Directions from the Perspective of a
Third Party Analyst”.

To NIST website:
http://samate.nist.gov/index.php/SATE.html

Download the full report:
http://samate.nist.gov/docs/NIST_Special_Publication_500-279.pdf
Home   Company   Technology & Products   Partners & Customers   News   Careers   Contact Us