Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Static Analysis Workshop (SAW 2008)
[SAMATE Home | IntrO TO SAMATE | SARD | SATE | Bugs Framework | Publications | Tool Survey | Resources]
Co-located with PLDI 2008
12 June 2008
Tucson, Arizona
Contents
Overview
SAW follows the Static Analysis Summit, held in 2006, and Static Analysis Summit II, held in 2007. This year’s edition features participants of the Static Analysis Tool Exposition (SATE) reporting their experience and interesting observations.
In addition to SATE presentations we solicit contributions describing basic research, applications, experience, or proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of interest include but are not limited to:
- Contribution of static analysis to software security assurance
- Issues in applying static analysis to binaries
- Static analysis at the design or requirements level
- Issues in scaling static analysis to deal with large systems
- Integration of, or tradeoffs between, different analysis techniques
- Flaw catching vs. sound analysis
- Benchmarks or reference datasets
- Formal pattern languages to describe vulnerabilities
- User experience drawing useful lessons or comparisons
- Case studies on real applications
Papers should be formatted using the ACM SIG templates, and, including figures and references, should not exceed 10 pages. Papers must be in PDF (preferred) and/or Postscript format and should be submitted electronically to Arnaud Venet <arnaud [at] kestreltechnology.com (arnaud[at]kestreltechnology[dot]com)> by April 13, 2008.
Important Dates
- April 13, 2008: Submission due date
- April 28, 2008: Author notification
- May 12, 2008: Revised papers due
- June 12, 2008: SAW 2008 workshop
Registration
Program
This is the final program.
8:30 AM: Welcome to SAW & charge to attendees
8:50: SATE 2008 background - Vadim Okun, NIST, SATE organizer
9:20: Katrina O'Neil, Fortify, SATE participant
9:40: Paul Anderson, GrammaTech, SATE participant
10:00: Break
10:30: Observations on Static Analysis to Detect Weaknesses - Paul E. Black, NIST, SATE organizer
11:00 Steve Christey, MITRE, SATE organizer
11:30: Bill Pugh, U. Maryland, FindBugs, SATE participant
12:00: Lunch (included in registration)
1:30 PM: (presenter TBD), SofCheck, SATE participant
1:50: Romain Gaucher, NIST, SATE organizer & ran FlawFinder
2:10: SATE 2009 Planning: Why, Who, When, and Where? - Paul E. Black, NIST
3:10: Break
3:30: Parfait - Designing a Scalable Bug Checker of C Code, Cristina Cifuentes & Bernhard Scholz
4:00: Securing Java Code: Heuristics and An Evaluation of Static Analysis Tools, Michael S. Ware & Christopher J. Fox
4:30: Static Analysis of Medical Device Software using CodeSonar, Raoul Praful Jetley, Paul L. Jones, & Paul Anderson
5:00: Automatic Analysis for Managing and Optimizing Performance-Code Quality, Lamia Djoudi & William Jalby
Organization
Paul E. Black (NIST) paul.black [at] nist.gov (paul[dot]black[at]nist[dot]gov)
Arnaud Venet
Program Committee
Paul Anderson (Grammatech)
Anindya Banerjee (KSU)
Rod Chapman (Praxis High Integrity Systems)
Eric Goubault (CEA)
Klaus Havelund (Jet Propulsion Laboratory)
Francesco Logozzo (Microsoft Research)