13 / 14
[4] Chen H., Wagner D. MOPS: an infrastructure for examining security properties
of software.
Proc. of the 9th ACM conference on Computer and communications
security. CCS’02
. N.Y., 2002, pp. 235–244.
[5] Hovemeyer D., Spacco J., Pugh W. Evaluating and tuning a static analysis to find
null pointer bugs. CM SIGSOFT Software Engineering Notes, 2006, 31, 1 (Jan.),
pp. 13–19. DOI=
http://dx.doi.org/10.1145/1108768.1108798[6] Logozzo F., F¨ahndrich M. On the Relative Completeness of Bytecode Analysis Versus
Source Code Analysis. LNCS. 4959, 2008, pp. 197–212.
[7] Seoa S.-H., Guptaa A., Sallama A.M., Bertinoa E., Yimb K. 2014. Detecting mobile
malware threats to homeland security through static analysis.
Journal of Network and
Computer Applications
, 2014, 38 (Feb.), pp. 43–53.
URL:
http://dx.doi.org/10.1016/j.jnca.2013.05.008DOI: 10.1016/j.jnca.2013.05.008
[8] Zhu F., Wei J. Static analysis based invariant detection for commodity
operating systems.
Computers and Security
, 2014, no. 43, pp. 49–63.
DOI
=http://dx.doi.org/10.1016/j.cose.2014.02.00[9] Osovetskiy L.G. Detection Technology Undeclared Capabilities (Ndv) for the
Certification of the Software Industry at the Request of Information Security.
Voprosy
kiberbezopasnosti
[Cybersecurity issues], 2015, no. 1 (9), pp. 60–64 (in Russ.).
[10] Barabanov A.V., Markov A.S., Tsirlov V.L. The Conformity Assessment of
Information Security Solutions According to the Common Criteria.
Informatsionnye
tekhnologii
[Information technologies], 2015, vol. 21, no. 4, pp. 264–270 (in Russ.).
[11] Barabanov A., Markov A. Modern Trends in The Regulatory Framework of the
Information Security Compliance Assessment in Russia Based on Common Criteria.
Proc. of the 8th International Conference on Security of Information and Networks
(Sochi, Russian Federation, September 8–10, 2015). SIN ’15. ACM New York, N.Y.,
USA, 2015, pp. 30–33. URL:
http://dx.doi.org/10.1145/2799979.2799980DOI: 10.1145/2799979.2799980
[12] Static Analysis Technologies Evaluation Criteria v1.0. Ed. by Sherif Koussa;
Russian translation by Alec Shcherbakov, Alexey Markov,
Web Application Security
Consortium
, 2013. Available at:
http://projects.webappsec.org/w/page/71979863/Static%20Analysis%20Technologies%20Evaluation%20Criteria%20-%20Russian
[13] Markov A.S., Fadin A.A. Systematics of vulnerabilities and security defects of
program resources.
Zasita informacii. Inside
, 2013, no. 3 (51), pp. 56–61 (in Russ.).
[14] Avetisyan A.I., Belevantsev A.A., Chuklyaev I.I. The Technologies of Static and
Dynamic Analyses Detecting Vulnerabilities of Software.
Voprosy kiberbezopasnosti
[Cybersecurity issues], 2014, no. 3 (4), pp. 20–28 (in Russ.).
[15] Medvedev N.V., Markov A.S., Fadin A.A. Application of static signature analysis
to detect defects in web applications security.
Nauka i obrazovanie
.
MGTU
im. N.E. Baumana
[Science & Education of the Bauman MSTU. Electronic Journal],
2012, no. 9, p. 21. Available at:
http://technomag.edu.ru/en/doc/461281.htmlDOI: 10.7463/0912.0461281
[16] Boulanger, J.L., ed. Static Analysis of Software. The Abstract Interpretation. Wiley-
ISTE. 2011.
[17] Vylegzhanin V.V., Markin A.L., Markov A.S., Utochka R.A., Fadin A.A.,
Fambulov A.K., Tsirlov V.L. Sistema dlya opredeleniya programmnykh zakladok
[The System for Determining the Software Bugs]. Patent granting for useful model
no. RUS 114799. 29.12.2011.
[18] Markov A.S., Fadin A.A., Shvets V.V. Comparison of Software Code Security Static
Analyzers.
Zasita informacii. Inside
, 2015, no. 6 (66), pp. 2–7 (in Russ.).
[19] Zhidkov I.V., Kadushkin I.V. About the Signs of Potentially Dangerous Events in
Information Systems.
Voprosy kiberbezopasnosti
[Cybersecurity issues], 2014, no. 1
(2), pp. 40–48 (in Russ.).
110 ISSN 0236-3933. Вестник МГТУ им. Н.Э. Баумана. Сер. “Приборостроение”. 2016. № 1