Revision as of 12:17, 26 June 2012 by Jing Xie (Talk | contribs)

Jump to: navigation, search


This project is led by [Jing Xie] & Bill Chu. Other major contributors include Jun Zhu, Heather Richter Lipford, John Melton & Will Stranathan.

We have presented our talk Secure Programming Support in IDE at AppSec USA 2011 in Minneapolis.

You can view and download ourpresentation.

Project About

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP ASIDE Project (home page)
Purpose: ASIDE is an abbreviation for Application Security Integrated Development Environment. It is an Eclipse Plugin which is a software tool primarily designed to help students write more secure code by detecting and identifying potentially vulnerable code and providing informative fixes during the construction of programs in IDEs. ASIDE may be useful by professional developers as well.
License: N/A
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: Not Yet Created
Key Contacts
  • Contact Jun Zhu @ to contribute to this project
  • Contact Jun Zhu @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

Take a Look

ASIDE is still under development. But in order to give you a sense of what it should be doing, we have this old version of ASIDE DEMO. You will need Adobe Flash to display it. A newer version will soon be uploaded.


The first publicly available ASIDE can be downloaded now. You also need to download the complementary logging facility to make ASIDE work properly. ASIDE is built upon Eclipse IDE for Java EE Developers Version 3.5+.

To make it work, please place the two jar files under the plugins folder of your Eclipse installation directory and then restart your Eclipse.

Source Code

The source code is located at https://github.com/Jing-Xie/owasp-aside

Research Activities

1. Jing Xie, Heather Richter Lipford, and Bill Chu, Evaluating Interactive Support for Secure Programming, To appear at ACM Conference on Human Factors in Computing Systems (CHI), May 2012, Austin, Texas, USA

2. Jing Xie, Bill Chu, Heather Richter Lipford, and John T. Melton, ASIDE:IDE Support for Web Application Security, In Proceedings of 27th Annual Computer Security Applications Conference (ACSAC), December 5–9, 2011, Orlando, FL, USA

3. Jing Xie, Heather Richter Lipford, and Bill Chu, Why do programmers make security errors?, In Proceedings of IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC), September 18–22, 2011, Pittsburgh, PA, USA

4. Jing Xie, Bill Chu, and Heather Richter Lipford Interactive Support for Secure Software Development, In Proceedings of Engineering Secure Software and Systems Third International Symposium (ESSoS), February 2011, Madrid, Spain