NIST SAMATE Static Analysis Tool Exposition (SATE)

From OWASP
Jump to: navigation, search

NIST organized an exposition (SATE) for static analysis tools that find security relevant defects. Our goals are to enable empirical research based on large test sets and to encourage tool improvement. Briefly, participating tool makers run their tool on a set of open source programs. The results and experiences are shared at a workshop. The test sets, tool reports, and analysis are made publicly available later.

We present our experience organizing the exposition, discuss our observations of tool reports, and describe our plans for the next exposition.

In October 2010 we held the experience workshop for the third SATE.