Elisa Heymann: New Tutorial on Automated Assessment Tools at the 24th International Conference on Software Engineering and Data Engineering (SEDE 2015).
Software assurance tools – tools that scan the source or binary code of a program to find weaknesses – are the first line of defense in assessing the security of a software project. These tools can catch flaws in a program that can affect both the correctness and safety of the code.
The tutorial will start with basic background material about how software assessment tools work, the capabilities and limitations of such tools. It will then focus on a selection of both commercial and open source tools for C/C++ and Java, and demonstrate how to apply them to sample programs with known flaws. It will conclude with a live demonstration.