SEI Blog | Static Analysis

SEI Blog | Static Analysishttp://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Static Analysisen-usMon, 07 Oct 2024 00:00:00 -0400Evaluating Static Analysis Alerts with LLMshttps://www.sei.cmu.edu/blog/evaluating-static-analysis-alerts-with-llms/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLLMs show promising initial results in adjudicating static analysis alerts, offering possibilities for better vulnerability detection. This post discusses initial experiments using GPT-4 to evaluate static analysis alerts.William Klieber, Lori FlynnMon, 07 Oct 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/evaluating-static-analysis-alerts-with-llms/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesStatic AnalysisAI Engineering and Machine LearningSecure CodingRedemption: A Prototype for Automated Repair of Static Analysis Alertshttps://www.sei.cmu.edu/blog/redemption-a-prototype-for-automated-repair-of-static-analysis-alerts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.David SvobodaMon, 10 Jun 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/redemption-a-prototype-for-automated-repair-of-static-analysis-alerts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesStatic AnalysisSecure CodingTestingRelease of SCAIFE System Version 2.0.0 Provides Support for Continuous-Integration (CI) Systemshttps://www.sei.cmu.edu/blog/release-of-scaife-system-version-200-provides-support-for-continuous-integration-ci-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesKey features in new release of SCAIFE System Version 2.0.0 including support for continuous-integration (CI) systems, and status of evolving SEI SCAIFE workLori FlynnMon, 25 Oct 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/release-of-scaife-system-version-200-provides-support-for-continuous-integration-ci-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesContinuous Deployment of CapabilitySCALE: A Static Analysis Auditing ToolSecure CodingMachine LearningStatic AnalysisStatic Analysis Classification and PrioritizationSecure DevelopmentArtificial IntelligenceSource Code Analysis Integrated Framework Environment (SCAIFE)How to Use Static Analysis to Enforce SEI CERT Coding Standards for IoT Applicationshttps://www.sei.cmu.edu/blog/how-to-use-static-analysis-to-enforce-sei-cert-coding-standards-for-iot-applications/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe Jeep hack, methods to hack ATMs, and even hacks to a casino's fish tank provide stark evidence of the risks associated with the Internet of Things (IoT)....David SvobodaMon, 01 Apr 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/how-to-use-static-analysis-to-enforce-sei-cert-coding-standards-for-iot-applications/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity-Related RequirementsSecure CodingCyber Risk and Resilience ManagementStatic AnalysisCybersecuritySecure DevelopmentCyber MissionsBest Practices in Network SecurityA Fighting Chance: Arming the Analyst in the Age of Big Datahttps://www.sei.cmu.edu/blog/a-fighting-chance-arming-the-analyst-in-the-age-of-big-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe 2017 SEI Year in Review highlights the work of the institute undertaken from October 1, 2016, to September 30, 2017. This blog post, which was published in the 2017 Year in Review, highlights the work of three SEI researchers....Douglas SchmidtMon, 26 Mar 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/a-fighting-chance-arming-the-analyst-in-the-age-of-big-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBig DataData Modeling and AnalyticsStatic AnalysisVerifying Evolving Softwarehttps://www.sei.cmu.edu/blog/verifying-evolving-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post explores the challenges of verifying evolving software and presents research efforts aimed at improving verification techniques and tools.Arie GurfinkelMon, 20 Oct 2014 00:00:00 -0400https://www.sei.cmu.edu/blog/verifying-evolving-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesModel CheckingStatic AnalysisVerificationRegression Verification for Real-time Embedded Software Systemshttps://www.sei.cmu.edu/blog/regression-verification-for-real-time-embedded-software-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe DoD relies heavily on mission- and safety-critical real-time embedded software systems (RTESs), which play a crucial role in controlling systems ranging from airplanes and cars to infusion pumps and microwaves.Arie GurfinkelMon, 05 Dec 2011 00:00:00 -0500https://www.sei.cmu.edu/blog/regression-verification-for-real-time-embedded-software-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesModel CheckingStatic Analysis