NIST SAMATE Static Analysis Tool Exposition (SATE)

NIST organized an exposition (SATE) for static analysis tools that find security relevant defects. Our goals are to enable empirical research based on large test sets and to encourage tool improvement. Briefly, participating tool makers ran their tool on a set of open source programs. The results and experiences were reported at the Static Analysis Workshop in June. The test sets, tool reports, and analysis will be made publicly available later.

We present our experience organizing the exposition, discuss our observations of tool reports, and describe our plans for the next exposition.