search menu icon-carat-right cmu-wordmark

SCAIFE API Definition Beta Version 0.0.2 for Developers

June 2019 White Paper
Lori Flynn, Ebonie McNeil

This paper provides the SCAIFE API definition for beta version 0.0.2. SCAIFE is an architecture that supports static analysis alert classification and prioritization.


Software Engineering Institute


The Source Code Analysis Integrated Framework Environment (SCAIFE) is designed so a wide variety of static analysis tools can integrate with the system using the API definition we are developing. We expect this paper to be of interest to organizations that develop and/or research static analysis alert auditing tools, aggregators, and other frameworks.

Developers may refer to this SCAIFE beta API definition to help them to estimate development effort that would be required to modify their organization’s tool(s) to make and respond to SCAIFE API calls. Also, this beta API definition is being published to generate feedback from developers and organizations interested in implementing the SCAIFE API, and to help improve SCAIFE API v1.0.0 to become more usable by developers of a wide variety of static analysis tools. Compared to the beta API definitions, the published SCAIFE API v1.0.0 definition will include implementation details, the architecture description, motivations, and a prototype system.