A Production Model System for Detecting Vulnerabilities in the Software Source Code

Abstract

This paper is devoted to static analysis of the software code security. We suggest using heuristic static code analysis to detect a full spectrum of vulnerabilities, including backdoors. Production rules are suggested for use to formalize heuristics for detection of vulnerabilities. We developed a conceptual system of production models for detection of a full spectrum of vulnerabilities in the software code. This paper provides examples of heuristic formalization for detection of certain vulnerabilities classified subject to CWE register. It also provides a brief statistics of application of the suggested heuristic analysis in the study of the software code security.