The SAMATE Project

Department of Homeland Security

Source Code Security Analysis

From SAMATE

For our purposes, a source code security analyzer

examines source code to
detect and report weaknesses that can lead to security vulnerabilities.

Specifications

Source Code Security Analysis Tool Functional Specification Version 1.0, NIST Special Publication 500-268 http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf

Drafts

7 May 2007 DRAFT http://samate.nist.gov/docs/source_code_security_analysis_tool_spec_05_07_07.pdf
29 January 2007 DRAFT http://samate.nist.gov/docs/source_code_security_analysis_tool_spec_01_29_07.pdf
- Public Comments and Responses
15 Sept 2006 DRAFT http://samate.nist.gov/docs/source_code_security_analysis_tool_spec_09_15_06.pdf

Test Plan

Source Code Security Analysis Tool Test Plan Version 1.0, NIST Special Publication 500-270

9 January 2008 DRAFT http://samate.nist.gov/docs/source_code_security_analysis_test_plan_01_09_08.pdf
- Please email comments to "samate-specs@nist.gov"
9 March 2007 DRAFT http://samate.nist.gov/docs/source_code_security_analysis_test_plan_03_09_07.pdf

Tool Instances

Source Code Security Analyzers

Retrieved from "http://samate.nist.gov/index.php/Source_Code_Security_Analysis"

Views

Personal tools

Navigation

Search

Toolbox