Source code analysis (SCA) tools are allowed to analyze source code and/or compiled version of code in order to help find security flaws. Most SCA tools are capable of finding multiple types of flaws, but the capabilities of tools are not necessarily uniform across the spectrum of flaws they detect. Even tools that target a specific type of flaw are capable of finding some variants of that flaw and not others. Nowadays there is a lack of information concerning the quality of functioning results of the static code analysis tools. In order to overcome this the SCA usage for software security defects identification was investigated. The common SCA tools functioning results were considered. The effectiveness of SCA means to identify defects in the source code associated with software security was analyzed.

  Повний текст PDF - 460.713 Kb    Зміст випуску     Цитування публікації

  Якщо, ви не знайшли інформацію про автора(ів) публікації, маєте бажання виправити або відобразити більш докладну інформацію про науковців України запрошуємо заповнити "Анкету науковця"