Detecting the Beep Vulnerability with CodeSonar
The linux beep utility is a small utility command to literally send a tone to the user’s speaker. A subtle error in the utility...
Using Dynamic Metrics with Static Analysis
GrammaTech CodeSonar is primarily a static analysis tool, but there are some circumstances where it is useful to present...
The Economics of Static Analysis Tool Usage
INTRODUCTION:
The most effective tool is one that reports a good number of true positives, without too many false...
Human Factors in Evaluating Static Analysis Tools
INTRODUCTION:
Advanced static analysis tools are popular because they have proven effective at finding serious programming...
The Minefields of MISRA Coverage
INTRODUCTION:
Modern static analysis tools are typically used for two main purposes: finding bugs, and finding violations of...