Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology

Published byDeon Trease Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology"— Presentation transcript:

1 Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology http://samate.nist.gov/ Michael.kass@nist.gov

2 June 8, 2005 2 Outline Overview of Software Assurance (SwA) tool testing at NIST Overview of Software Assurance (SwA) tool testing at NIST Description of SAMATE project Description of SAMATE project Follow-on Follow-on

3 June 8, 2005 3 Dept Homeland Security Concern Do software assurance tools work as they should? Do software assurance tools work as they should? Do they really find vulnerabilities and catch bugs? How much assurance does running the tool provide? Do they really find vulnerabilities and catch bugs? How much assurance does running the tool provide? Software Assurance tools should be: Software Assurance tools should be: Tested (accurate and reliable) Tested (accurate and reliable) Peer reviewed Peer reviewed Generally accepted Generally accepted

4 June 8, 2005 4 Goals of SAMATE Develop metrics for the effectiveness of SwA tools and to identify deficiencies in software assurance methods and tools Develop metrics for the effectiveness of SwA tools and to identify deficiencies in software assurance methods and tools Perform SwA R&D to assess current methods and tools in order to identify deficiencies which can lead to software product failures and vulnerabilities Perform SwA R&D to assess current methods and tools in order to identify deficiencies which can lead to software product failures and vulnerabilities Identify gaps in methods and tools and suggest areas of research Identify gaps in methods and tools and suggest areas of research

5 June 8, 2005 5 The NIST SAMATE Project (Software Assurance Metrics and Tool Evaluation) 1. Conduct surveys Tools Tools Researchers and companies Researchers and companies 2. Host workshops & conference sessions Taxonomy of SwA functions and techniques Taxonomy of SwA functions and techniques Order of importance (cost/benefit, criticalities, …) Order of importance (cost/benefit, criticalities, …) Gaps and research agendas Gaps and research agendas Studies to develop tool effectiveness metrics Studies to develop tool effectiveness metrics 3. Evaluate tools Detailed specification Detailed specification Test plans Test plans Host reference dataset library Host reference dataset library

6 June 8, 2005 6 A Taxonomy of Static Analysis Tool Functions Language Language Source/Binary analysis Source/Binary analysis Semantic checking (abstract syntax tree) Semantic checking (abstract syntax tree) Interprocedural analysis Interprocedural analysis Strong type checking (type casting vulnerabilities, uninitialized variable use) Strong type checking (type casting vulnerabilities, uninitialized variable use) Memory allocation checking (memory leaks, deallocation of unallocated memory) Memory allocation checking (memory leaks, deallocation of unallocated memory) Logic checking (unnecessary code, unreachable code) Logic checking (unnecessary code, unreachable code) Interface checking (include file cycling) Interface checking (include file cycling) Security checking Security checking Buffer overflow/underflow Buffer overflow/underflow Stack overflows Stack overflows Heap overflows Heap overflows Integer overflow/underflow Integer overflow/underflow Tainted data Tainted data Error path problems Error path problems Locking problems Locking problems Code metric generation (LOC, number of methods, levels of inheritance) Code metric generation (LOC, number of methods, levels of inheritance)

7 June 8, 2005 7 SA Tool Effectiveness Metrics What constitutes a tool’s effectiveness metric? Number of defects detected vs. total defects Number of defects detected vs. total defects Number of false positives Number of false positives Number of false negatives Number of false negatives …

8 June 8, 2005 8 Documenting tool effectiveness Tool functional specification Tool functional specification Test plan Test plan Reference dataset Reference dataset Test report Test report

9 June 8, 2005 9 T (mos.) 126 121824 Workshop1 SA classes 3459 1521 Workshop 3 Define Metric Workshop 2 fill gaps focus group class 1 focus group class 1 Function Taxonomy Tool Survey Publication select func strawman spec test plan draft Spec0 Spec1 test plan select func strawman spec draft Spec0 Spec1 SAMATE Project Timeline focus group class 2 focus group class 2 tool testing matrix test reports

10 June 8, 2005 10 Contact for SAMATE Participation Paul Black Paul Black Project Leader, Software Diagnostics & Conformance Testing Division, Software Quality Group Project Leader, Software Diagnostics & Conformance Testing Division, Software Quality Group paul.black@nist.gov paul.black@nist.gov

Download ppt "Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology"

Similar presentations

Static Analysis for Security

Static Analysis for Security
Advanced programming tools at Microsoft

Advanced programming tools at Microsoft
Juliet Test Suite Overview

Juliet Test Suite Overview
Verification and Validation

Verification and Validation
Testing and Quality Assurance

Testing and Quality Assurance
Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.

Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
The Path to Multi-core Tools Paul Petersen. Multi-coreToolsThePathTo 2 Outline Motivation Where are we now What is easy to do next What is missing.

The Path to Multi-core Tools Paul Petersen. Multi-coreToolsThePathTo 2 Outline Motivation Where are we now What is easy to do next What is missing.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Static code check – Klocwork

Static code check – Klocwork
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.

Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
1 Software Testing and Quality Assurance Lecture 2 Software Verification & Validation.

1 Software Testing and Quality Assurance Lecture 2 Software Verification & Validation.
1 Static Testing: defect prevention SIM3302. 2 objectives Able to list various type of structured group examinations (manual checking) Able to statically.

1 Static Testing: defect prevention SIM objectives Able to list various type of structured group examinations (manual checking) Able to statically.
1 Achieving Trusted Systems by Providing Security and Reliability (Research Project #22) Project Members: Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun.

1 Achieving Trusted Systems by Providing Security and Reliability (Research Project #22) Project Members: Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun.
In vfprintf(), if (fmt points to “%n”) then **ap = (character count) Achieving Trusted Systems by Providing Security and Reliability FORMAL REASONING ON.

In vfprintf(), if (fmt points to “%n”) then **ap = (character count) Achieving Trusted Systems by Providing Security and Reliability FORMAL REASONING ON.
1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.

1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.

This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.

This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.

1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.
Testing Dr. Andrew Wallace PhD BEng(hons) EurIng

Testing Dr. Andrew Wallace PhD BEng(hons) EurIng

Similar presentations

Ads by Google