What's the Difference Between Sound and Unsound Static Analysis? (.PDF Download)

Static analysis has established itself as a "must-have" for the verification of critical software. Notably, it can find problems that are hard to uncover by testing, such as concurrency issues and security vulnerabilities. Many static analyzers can now associate CWE entries (for Common Weakness Enumeration,1 a well-known classification of security vulnerabilities) to their messages, to help users review all messages related to a given vulnerability. For example, CWE-120 is the

Register to view the full article

By registering on Electronic Design now, you'll not only gain access to premium content, you'll also become part of an exclusive, robust global engineering community!
Participate in Expert and Reader driven Q&A's
Start your own conversation by commenting on any article or blog
Download high-quality content including the highly anticipated Salary & Career Report

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish