Abstract
Many teams at CERN, develop their own software to solve their tasks. This software may be public or it may be used for internal purposes. It is of major importance for developers to know that their software is secure. Humans are able to detect bugs and vulnerabilities but it is impossible to discover everything when they need to read hundreds’ lines of code. As a result, computer scientists have developed tools which complete efficiently and within minutes the task of analysing source code and finding critical bugs and vulnerabilities. These tools are called static analysis and they are able to find, analyse and suggest solutions to the programmer in the early stages of development. The goal of this project is to evaluate and compare as many static analysis tools as possible (both freeware and commercial) according to metrics decided by CERN Security Team. The final result should not only be a selection of tools per language that software developers should utilise but also an automated way to use them and get useful reports that will help developers write better software. CERN openlab Summer Student Report September 2015 3 | P a g e Table of
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.