search menu icon-carat-right cmu-wordmark

Secure Coding Tools and Advancements Publications

The documents in this collection describe tools useful to secure coding developed or advanced by the SEI.

Publisher:

Software Engineering Institute

The documents in this collection describe tools useful to Secure Coding developed or advanced by the SEI:

  • Clang Thread Safety Analysis, a tool that uses annotations to enforce thread safety policies in C and C++ programs
  • how the DidFail tool was enhanced to improve its effectiveness
  • the Pointer Ownership Model, which can statically identify classes of errors involving dynamic memory in C/C++ programs
  • the as-if infinitely ranged (AIR) integer model, a mechanism for eliminating integral exceptional conditions

C/C++ Thread Safety Analysis

October 2014

In this paper, the authors describe Clang Thread Safety Analysis, a tool that uses annotations to enforce thread safety policies in C and C++ programs.

Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets

March 2015

In this report, the authors describe how the DidFail tool was enhanced to improve its effectiveness.

Pointer Ownership Model

June 2013

In this paper, David Svoboda describes the Pointer Ownership Model, which can statically identify classes of errors involving dynamic memory in C/C++ programs.

As-If Infinitely Ranged Integer Model, Second Edition

April 2010

In this report, the authors present the as-if infinitely ranged (AIR) integer model, a mechanism for eliminating integral exceptional conditions.