By Topic

SAVI: Static-Analysis Vulnerability Indicator

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

Open source software presents new opportunities for software acquisition but introduces risks. The selection of open source applications should take into account both features and security risks. Risks include security vulnerabilities, of which published vulnerabilities are only the tip of the iceberg. Having an application's source code lets us look deeper at its security. SAVI (Static-Analysis Vulnerability Indicator) is a metric for assessing risks of using software built by external developers. It combines several types of static-analysis data to rank application vulnerability.

Published in:

Security & Privacy, IEEE  (Volume:10 ,  Issue: 3 )