Contact: Chad Boutin
301-975-4261
Computer
scientists at the National Institute of Standards and Technology (NIST)
have dramatically enlarged a database designed to improve applications
that help programmers find weaknesses in software. This database, the
SAMATE Reference Dataset (SRD), version 4.0, is a freely available
online tool aimed at helping programmers fortify their creations
against hackers.
A complex piece of software like an operating
system or a Web browser usually requires the combined effort of
multiple programmers to write up to millions of lines of computer code.
Before their software hits the market, it first must be put through its
paces to make sure it not only works as desired under a multitude of
different circumstances, but also that it is not vulnerable to cyber
attack. The act of checking out software in this fashion has become so
complicated in and of itself that developers created another type of
labor-saving program called a "static analyzer" to help with the
checking. Static analyzers doggedly run through the code looking for
obvious problems, but they can only find the weaknesses they have been
programmed to find—which is where the SRD comes in.
No comments:
Post a Comment