Location
Huntsville (Ala.)
Start Date
6-7-2017
Presentation Type
Paper
Description
As cyber-attacks have become more prevalent in the recent decade, companies and governments have learnt the significant importance of enforcing robust programming practices to ensure software security and reliability during code generation. Various tools have been developed for the purpose of assisting programmers in secure coding, and the initial version of our tool called “Secure Coding Assistant” is one of such development efforts. Designed to support CERT rule violation detection, the tool is featured by “providing a mechanism to detect rule violations early” and by “filling the void of open source tools”. The tool is promising in secure programming education compared to other commercial products, however, the initial version does not provide assistance in error correction, nor does it takes into account the potentials of employing contract programming enforcement to assist users in improving program reliability. To achieve error correction and defect localization for both software security and reliability in Java programs, this paper presents our efforts for the implementations of assisting error correction and enforcing contract programming. Our tool is maintained on GitHub at http://benw408701.github.io/SecureCodingAssistant/.
Recommended Citation
Li, Chen; White, Benjamin; Dai, Jun; and Zhang, Cui, "Enhancing Secure Coding Assistant with Error Correction and Contract Programming" (2017). National Cyber Summit. 9.
https://louis.uah.edu/cyber-summit/ncs2017/ncs2017papers/9
Enhancing Secure Coding Assistant with Error Correction and Contract Programming
Huntsville (Ala.)
As cyber-attacks have become more prevalent in the recent decade, companies and governments have learnt the significant importance of enforcing robust programming practices to ensure software security and reliability during code generation. Various tools have been developed for the purpose of assisting programmers in secure coding, and the initial version of our tool called “Secure Coding Assistant” is one of such development efforts. Designed to support CERT rule violation detection, the tool is featured by “providing a mechanism to detect rule violations early” and by “filling the void of open source tools”. The tool is promising in secure programming education compared to other commercial products, however, the initial version does not provide assistance in error correction, nor does it takes into account the potentials of employing contract programming enforcement to assist users in improving program reliability. To achieve error correction and defect localization for both software security and reliability in Java programs, this paper presents our efforts for the implementations of assisting error correction and enforcing contract programming. Our tool is maintained on GitHub at http://benw408701.github.io/SecureCodingAssistant/.