Welcome
How It Works
Information
Registration
List of Participants
Catalogue of technology profiles
Downloads
Organizers and Partners
Round Table Talks
future talk programme
Future Match 2005
Login
E-Mail:
Password:
Forgotten password?
powered by
Deutsche Messe AG
Imprint
Catalogue of technology profiles
back to list
Technology Profile Details
Title:
Security Vulnerabilities and Critical Errors Detection in program source code
Company:
Institute for System Programming of the Russian Academy of Sciences (ISP RAS)
What we offer:
We offer static analysis technology for detection security vulnerabilities and critical errors in program source code.
The ISP RAS' compiler technologies department has developed the SVaCE Detector (Security Vulnerabilities and Critical Errors Detector) tool. The SVaCE Detector allows in fully automatic mode to detect in C/C++ program source code the following errors and vulnerabilities:
-Buffer overflow
-Access beyond the object bounds
-Format string vulnerability
-Dereferencing of the null pointer
-Reference to the object, which memory had been freed
-Repeated release of memory
-Memory leak
SVaCE Detector features:
-No need for executions of analyzed code
-Interprocedural level of whole-program source code analysis
-Advanced heuristics for reducing the amount of false warnings
-Average 40%-80% true positives rate
-Unique and effective methods of backward analyses for detecting source reasons for each warning and severance of false warnings
Collaboration sought:
Joint Venture Agreement, Technical Co-operation, Research & Development, Manufacturing Agreement, Licence Agreement, Commercial Agreement
What are we looking for:
We are looking for science and industrial partners for joint research and development work in the areas of deep static source code analysis, informational security and compiler design and optimization.
Keywords:
Data Security, Network Security, Computer software
Responsible:
Mr Arutyun Avetisyan
request a meeting
back to list
