{"title":"供应链风险管理","authors":"P. Croll","doi":"10.1002/9781119816348.ch5","DOIUrl":null,"url":null,"abstract":"This paper describes the scope of the problem regarding software vulnerabilities and the current state of the practice in static code analysis for software assurance. Recommendations are made regarding the use of static analysis methods and tools during the software life. Static code analysis touch points during lifecycle reviews and challenges to automated static code analy- sis are also discussed.","PeriodicalId":311026,"journal":{"name":"Cybersecurity Risk Management","volume":"20 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Supply Chain Risk Management\",\"authors\":\"P. Croll\",\"doi\":\"10.1002/9781119816348.ch5\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes the scope of the problem regarding software vulnerabilities and the current state of the practice in static code analysis for software assurance. Recommendations are made regarding the use of static analysis methods and tools during the software life. Static code analysis touch points during lifecycle reviews and challenges to automated static code analy- sis are also discussed.\",\"PeriodicalId\":311026,\"journal\":{\"name\":\"Cybersecurity Risk Management\",\"volume\":\"20 2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity Risk Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/9781119816348.ch5\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity Risk Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/9781119816348.ch5","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper describes the scope of the problem regarding software vulnerabilities and the current state of the practice in static code analysis for software assurance. Recommendations are made regarding the use of static analysis methods and tools during the software life. Static code analysis touch points during lifecycle reviews and challenges to automated static code analy- sis are also discussed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
