The SAMATE Project Department of Homeland Security

SAMATE - Software Assurance Metrics And Tool Evaluation

From SAMATE

Welcome to the NIST SAMATE* project. This is sponsored by the U.S. Department of Homeland Security (DHS) National Cyber Security Division and NIST. This project supports the DHS Software Assurance Program. Introduction to SAMATE has more details.

For us, Software Assurance (SA) covers both the property and the process to achieve it:

Justifiable confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle and that the software functions in the intended manner
from CNSS National Information Assurance (IA) Glossary CNSSI-4009
... the planned and systematic set of activities that ensures that software processes and products conform to requirements, standards, and procedures
from NASA Software Assurance Standard NASA-STD-8739.8 (see quality assurance (1) in IEEE 610.12)

SAMATE Links

  • A new version of Juliet is available in two test suites, one for C/C++ and one for Java. Version 1.1 has additional documentation, covers more CWEs, and corrects many errors in individual tests. Version 1.0 is still available as individual test cases in the SARD and as test suites.
  • We are preparing the Static Analysis Tool Exposition (SATE) V. We plan to provide test cases to participating teams by June 1, 2013. Please contact us if you are interested in participating.
  • Source Code Security Analysis specifications, background, etc.
  • Web Application Scanner specifications, background, etc.

Join the SAMATE mailing list!

If you wish to participate in the online discussion of SAMATE, including the reference dataset, specifications, SATE, metrics, etc., please email Tim Boland. If you are already a member, the mailing list web site is http://groups.yahoo.com/group/samate/

Short URL to get to this site is http://samate.nist.gov/

We pronounce SAMATE suh-mate, which rhymes with date.

If you are looking for the (similarly named) Software Engineering Method And Theory (SEMAT) project web site, please visit http://semat.org/.

This web site was created July 2005.