Presentation is loading. Please wait.

Presentation is loading. Please wait.

Planning for SATE V Paul E. Black National Institute of Standards and Technology

Published byWillis Cannon Modified over 8 years ago

Similar presentations

Presentation on theme: "Planning for SATE V Paul E. Black National Institute of Standards and Technology"— Presentation transcript:

1 Planning for SATE V Paul E. Black National Institute of Standards and Technology http://www.nist.gov/ paul.black@nist.gov

2 18 August 2015 Paul E. Black 2 Thorns, Roses, and Buds What should we … not do again? … continue doing? … start doing? Well?

3 18 August 2015 Paul E. Black 3 Tool Users: What Do You Want From SATE? How Can It Help? SATE IV goals are –Enable empirical research based on large test sets, –Encourage improvement of tools, –Speed adoption of tools by objectively demonstrating their use on real software.

4 18 August 2015 Paul E. Black 4 What tracks and objects? Keep PHP? Add more languages: C#? Add binaries? –Precompiled, so tool maker doesn’t have to fiddle with options, compiler, etc. Focus on concurrency and threading? –deadlock detection –race conditions Malicious code (backdoor) detection?

5 18 August 2015 Paul E. Black 5 Procedure or Scope Changes? Parallel static and black box/dynamic/web app scanner tracks on same test set? Further: test set is one program and code reviewers, testers, fuzzers, etc. play, too Go beyond security to general quality & bug finding? We want to use SAFES format, to receive warning reports, and CCR (Claims Coverage Representation), for declaration of what tools look for.

6 18 August 2015 Paul E. Black 6 Possible time line Recruit users for program planning committee Organizing meeting in the fall, say October Begin concentrated work in Jan/Feb 2013 –recruit participants and choose test cases Release test cases in April 2013 Team submit results in July We finish analysis in October Next workshop in December

7 18 August 2015 Paul E. Black 7 Who Participates? How can we spread invitations wider? Who should we recruit? Broaden set of organizers –Program planning committee –Analyzers Don’t share results so more tool makers participate?

8 18 August 2015 Paul E. Black 8 On behalf of the organizers, participants, and program committee

Download ppt "Planning for SATE V Paul E. Black National Institute of Standards and Technology"

Similar presentations

How to Grade Wikis Ways to look for and grade evidence of collaboration & build strong partnerships.

How to Grade Wikis Ways to look for and grade evidence of collaboration & build strong partnerships.
Learner-Centered Education Course Redesign Initiative Builds upon work of prior LCE grants Will award 10-15 grants of $40,000 - $50,000, with the option.

Learner-Centered Education Course Redesign Initiative Builds upon work of prior LCE grants Will award grants of $40,000 - $50,000, with the option.
GEOSS Data Sharing Principles. GEOSS 10-Year Implementation Plan 5.4 Data Sharing The societal benefits of Earth observations cannot be achieved without.

GEOSS Data Sharing Principles. GEOSS 10-Year Implementation Plan 5.4 Data Sharing The societal benefits of Earth observations cannot be achieved without.
Months of the year December January November October February

Months of the year December January November October February
Extreme Programming Alexander Kanavin Lappeenranta University of Technology.

Extreme Programming Alexander Kanavin Lappeenranta University of Technology.
Lawrence Livermore National Laboratory ROSE Compiler Project Computational Exascale Workshop December 2010 Dan Quinlan Chunhua Liao, Justin Too, Robb Matzke,

Lawrence Livermore National Laboratory ROSE Compiler Project Computational Exascale Workshop December 2010 Dan Quinlan Chunhua Liao, Justin Too, Robb Matzke,
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Testing and Quality Assurance

Testing and Quality Assurance
PARCC Progress Update 1 June 26, 2013. In the Last Year… 2 June 2012 Minimum Technology Specifications, Version 1.0, Released Item Development Began August.

PARCC Progress Update 1 June 26, In the Last Year… 2 June 2012 Minimum Technology Specifications, Version 1.0, Released Item Development Began August.
SATE 2010 Background Vadim Okun, NIST October 1, 2010 The SAMATE Project

SATE 2010 Background Vadim Okun, NIST October 1, 2010 The SAMATE Project
Choosing SATE Test Cases Based on CVEs Sue Wang October 1, 2010 The SAMATE Project 1SATE 2010 Workshop.

Choosing SATE Test Cases Based on CVEs Sue Wang October 1, 2010 The SAMATE Project 1SATE 2010 Workshop.
Chubaka Producciones Presenta :.

Chubaka Producciones Presenta :.
BEDES & SEED Building Energy Data Exchange Specification & Standard Energy Efficiency Data Platform April 14, 2015 Robin Mitchell Lawrence Berkeley National.

BEDES & SEED Building Energy Data Exchange Specification & Standard Energy Efficiency Data Platform April 14, 2015 Robin Mitchell Lawrence Berkeley National.
Drift Chambers at DESY and CERN Mike Green, Fabrizio Salvatore, Michele Faucci Giannelli.

Drift Chambers at DESY and CERN Mike Green, Fabrizio Salvatore, Michele Faucci Giannelli.
Mike Azocar Sr. Developer Technical Specialist Microsoft Corporation

Mike Azocar Sr. Developer Technical Specialist Microsoft Corporation
2012 JANUARY Sun Mon Tue Wed Thu Fri Sat

2012 JANUARY Sun Mon Tue Wed Thu Fri Sat
CS533 Concepts of Operating Systems Class 3 Monitors.

CS533 Concepts of Operating Systems Class 3 Monitors.
CAEP 101: A Culture of Evidence

CAEP 101: A Culture of Evidence
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.

This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
How do you practice Software Testing? By Michael Kelly.

How do you practice Software Testing? By Michael Kelly.

Similar presentations

Ads by Google