SAW
From SAMATE
ACM SIGPLAN
Static Analysis Workshop (SAW 2008)
Co-located with PLDI 2008
|
12 June 2008
|
|
Photos courtesy Metropolitan Tucson Convention & Visitors Bureau. |
Contents |
Overview
SAW follows the Static Analysis Summit, held in 2006, and Static Analysis Summit II, held in 2007. This year’s edition features participants of the Static Analysis Tool Exposition (SATE) reporting their experience and interesting observations.
In addition to SATE presentations we solicit contributions describing basic research, applications, experience, or proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of interest include but are not limited to:
- Contribution of static analysis to software security assurance
- Issues in applying static analysis to binaries
- Static analysis at the design or requirements level
- Issues in scaling static analysis to deal with large systems
- Integration of, or tradeoffs between, different analysis techniques
- Flaw catching vs. sound analysis
- Benchmarks or reference datasets
- Formal pattern languages to describe vulnerabilities
- User experience drawing useful lessons or comparisons
- Case studies on real applications
Papers should be formatted using the ACM SIG templates, and, including figures and references, should not exceed 10 pages. Papers must be in PDF (preferred) and/or Postscript format and should be submitted electronically to Arnaud Venet <arnaud@kestreltechnology.com> by April 13, 2008.
Important Dates
- April 13, 2008: Submission due date
- April 28, 2008: Author notification
- May 12, 2008: Revised papers due
- June 12, 2008: SAW 2008 workshop
Registration
The workshop is over.
Program
This is the final program.
8:30 AM: Welcome to SAW & charge to attendees
8:50: SATE 2008 background - Vadim Okun, NIST, SATE organizer
9:20: Katrina O'Neil, Fortify, SATE participant
9:40: Paul Anderson, GrammaTech, SATE participant
10:00: Break
10:30: Observations on Static Analysis to Detect Weaknesses - Paul E. Black, NIST, SATE organizer
11:00 Steve Christey, MITRE, SATE organizer
11:30: Bill Pugh, U. Maryland, FindBugs, SATE participant
12:00: Lunch (included in registration)
1:30 PM: (presenter TBD), SofCheck, SATE participant
1:50: Romain Gaucher, NIST, SATE organizer & ran FlawFinder
2:10: SATE 2009 Planning: Why, Who, When, and Where? - Paul E. Black, NIST
3:10: Break
3:30: Parfait - Designing a Scalable Bug Checker of C Code, Cristina Cifuentes & Bernhard Scholz
4:00: Securing Java Code: Heuristics and An Evaluation of Static Analysis Tools, Michael S. Ware & Christopher J. Fox
4:30: Static Analysis of Medical Device Software using CodeSonar, Raoul Praful Jetley, Paul L. Jones, & Paul Anderson
5:00: Automatic Analysis for Managing and Optimizing Performance-Code Quality, Lamia Djoudi & William Jalby
Organization
Paul E. Black (NIST) paul.black@nist.gov
Arnaud Venet
Program Committee
Paul Anderson (Grammatech)
Anindya Banerjee (KSU)
Rod Chapman (Praxis High Integrity Systems)
Eric Goubault (CEA)
Klaus Havelund (Jet Propulsion Laboratory)
Francesco Logozzo (Microsoft Research)