By Topic

Research on XML Based Static Software Security Analysis

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Hongbo Zheng ; Sch. of Software, Dalian Univ. of Technol., Dalian, China ; Kuanjiu Zhou ; Xiaochen Lai ; Chunyan Liu
more authors

Fatal security vulnerabilities are caused by undefined behaviors of C/C++ language used in Safety-Critical software design. Software static analysis is an important technique for identifying security vulnerabilities from software code and structure. The method of static analysis based on XML intermediate model is proposed in term of safety rules. The source code is interpreted as XML intermediate model, while safety rules are translated into vulnerabilities pattern, and Xquery expression is used to locate security vulnerabilities by this method. The experimental result of a prototype system based on this method shows that this method can effectively detect the software vulnerabilities in violation of safety rules and has the advantage of supporting customization of safety rules.

Published in:

Software Engineering (WCSE), 2010 Second World Congress on  (Volume:2 )

Date of Conference:

19-20 Dec. 2010