Hands-On Tutorial: Auditing Static Analysis Alerts Using a Lexicon and Rules

Abstract

Auditing Lexicon And Rules. This tutorial covers a set of auditing rules and part of the lexicon we've developed. Lexicon contains a set of determinations for static analysis alerts. Includes a set of auditing rules to help auditors make consistent decisions in commonly-encountered situations. Different auditors should make the same determination for a given alert! Improve the quality and consistency of audit data for the purpose of building machine learning classifiers. Help organizations make better-informed decisions about bug-fixes, development, and future audits.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2017
Accession Number
AD1087064

Entities

People

  • David Svoboda
  • Lori A. Flynn
  • William Snavely

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Autonomy
  • Human Systems

DTIC Thesaurus Topics

  • Auditing
  • Computer Programming
  • Computer Programs
  • Department Of Defense
  • Engineering
  • Governments
  • Language
  • Machine Learning
  • Materials
  • Operating Systems
  • Platforms
  • Software Development
  • Specifications
  • Standards
  • Universities
  • Virtual Machines
  • Web Applications

Readers

  • Computational Linguistics
  • Defense Financial Management and Audit.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - Machine Translation