| With the rapid development of hardware, software becomes increasingly large andcomplex. Therefore inevitably software security vulnerabilities will be found in thesoftware development. As the basic method of software testing, static analysis can quicklyand accurately locate the source code of software defects. Static analysis could effectivelyensure the reliability and security of the software. Static analysis analyzes softwaresecurity, semantics and structure of the program based on compiler theory.Now the program languages free programmers from burden of development withflexibility and ability of expression. But, there are a lot of security vulnerabilities found inprogram languages, such as memory leaks, buffer overflow. If code could be constrainedwith a standard and the software defection could be found early in the development,software reliability can be improved highly. Vulnerability code can be summed up unifiedsource code mode with specific vulnerabilities. Static analyzer gains the state ofvulnerability through track of semantic of source ocde, which could count out thepossibility of vulnerability. Specific vulnerability could be found by pattern matching withsepcifc algorithm. Vulnerability detection algorithm can be described with the the unifiedsecurity rules language. Different detection algorithm could be described by security rulelanguage. Security language will be analyzed to be automation mode. The automaton willbe change state according to the semantics of the source code, control flow of souce codeand state of variable. The state automaton detect whether the semantic of source codematch the custom security rules by recording control flow of state information.Automation model is able to detect the source if they contain unsafe vulnerabilitymodel through source static analysis, semantic detection. Analyzer can improve therobustness of the software by repairing vulnerability with development experience. |
PDF Full Text Request