Embedded Information Systems Technology Support (EISTS). Task Order 0006: Vulnerability Path Analysis and Demonstration (VPAD). Volume 2 - White Box Definitions of Software Fault Patterns
Abstract
AFRL's Embedded Information Systems Technology Support (EISTS) contract vehicle was used to support the Vulnerability Path Analysis and Demonstration (VPAD) project sponsored by the Office of the Assistant Secretary of Defense (OASD) for Network and Information Integration (NII) - Department of Defense (DoD) Chief Information Officer (CIO), supporting the Globalization Task Force (Information Assurance). In this effort, LM Aero and KDM Analytics were tasked to support OASD in providing continued research in the area of Software Assurance (SwA) and to further work toward the development of SwA Ecosystem based on Object Management Group (OMG) standards. Focus of this effort was to advance semantic formalisms of Software Fault Patterns (weaknesses) and to create a Test Case Generator (TCG) capable of automatically generate various programming language test cases of fault code constructs. Such constructs could then serve as test cases to test the effectiveness of various static code analysis tools, thus providing enhanced tooling to reduce software vulnerabilities. This volume focuses on the Software Fault Pattern work performed by KDM Analytics.
Document Details
- Document Type
- Technical Report
- Publication Date
- Dec 01, 2011
- Accession Number
- ADB381215
Entities
People
- Ben A. Calloni
- Djenana Campana
- Nikolai Mansourov
Organizations
- Lockheed Martin