The SAMATE Project Department of Homeland Security

SAW

From SAMATE

ACM SIGPLAN

Static Analysis Workshop (SAW 2008)

Co-located with PLDI 2008


Gila Woodpecker with Saguaros
by Steve Renzi

Biosphere 2 Center Complex
by Gill Kenny

12 June 2008


 


 


Tucson, Arizona


Mission San Xavier del Bac
by Gill Kenny

Mexican Gold Poppies
by Martha Lochert

Photos courtesy Metropolitan Tucson Convention & Visitors Bureau.

Contents

Overview

SAW follows the Static Analysis Summit, held in 2006, and Static Analysis Summit II, held in 2007. This year’s edition features participants of the Static Analysis Tool Exposition (SATE) reporting their experience and interesting observations.

In addition to SATE presentations we solicit contributions describing basic research, applications, experience, or proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of interest include but are not limited to:

  • Contribution of static analysis to software security assurance
  • Issues in applying static analysis to binaries
  • Static analysis at the design or requirements level
  • Issues in scaling static analysis to deal with large systems
  • Integration of, or tradeoffs between, different analysis techniques
  • Flaw catching vs. sound analysis
  • Benchmarks or reference datasets
  • Formal pattern languages to describe vulnerabilities
  • User experience drawing useful lessons or comparisons
  • Case studies on real applications

Papers should be formatted using the ACM SIG templates, and, including figures and references, should not exceed 10 pages. Papers must be in PDF (preferred) and/or Postscript format and should be submitted electronically to Arnaud Venet <arnaud@kestreltechnology.com> by April 13, 2008.

Important Dates

  • April 13, 2008: Submission due date
  • April 28, 2008: Author notification
  • May 12, 2008: Revised papers due
  • June 12, 2008: SAW 2008 workshop

Registration

The workshop is over.

Program

This is the final program.

8:30 AM: Welcome to SAW & charge to attendees

8:50: SATE 2008 background - Vadim Okun, NIST, SATE organizer

9:20: Katrina O'Neil, Fortify, SATE participant

9:40: Paul Anderson, GrammaTech, SATE participant

10:00: Break

10:30: Observations on Static Analysis to Detect Weaknesses - Paul E. Black, NIST, SATE organizer

11:00 Steve Christey, MITRE, SATE organizer

11:30: Bill Pugh, U. Maryland, FindBugs, SATE participant

12:00: Lunch (included in registration)

1:30 PM: (presenter TBD), SofCheck, SATE participant

1:50: Romain Gaucher, NIST, SATE organizer & ran FlawFinder

2:10: SATE 2009 Planning: Why, Who, When, and Where? - Paul E. Black, NIST

3:10: Break

3:30: Parfait - Designing a Scalable Bug Checker of C Code, Cristina Cifuentes & Bernhard Scholz

4:00: Securing Java Code: Heuristics and An Evaluation of Static Analysis Tools, Michael S. Ware & Christopher J. Fox

4:30: Static Analysis of Medical Device Software using CodeSonar, Raoul Praful Jetley, Paul L. Jones, & Paul Anderson

5:00: Automatic Analysis for Managing and Optimizing Performance-Code Quality, Lamia Djoudi & William Jalby

Organization

Paul E. Black (NIST) paul.black@nist.gov

Arnaud Venet

Program Committee

Paul Anderson (Grammatech)

Anindya Banerjee (KSU)

Rod Chapman (Praxis High Integrity Systems)

Eric Goubault (CEA)

Klaus Havelund (Jet Propulsion Laboratory)

Francesco Logozzo (Microsoft Research)

Retrieved from "http://samate.nist.gov/index.php/SAW"