Tue 6 Nov 2018 15:30 - 15:55 at Franklin - Showcase & Wrapup Chair(s): Tucker Taft

Static analysis tools are now widely used in industry, academia, and open-source for finding serious defects and security vulnerabilities. Experience has shown that deeper integrations with other tools in DevOps or SecOps environments can drastically increase the effectiveness of static analysis. Most integrations are ad-hoc pairwise connections, which inhibits flexibility and adoption, so there is a need for standards to remove those barriers. This talk briefly describes SARIF (Static Analysis Results Interchange Format) - an open standard for tool results, and introduces SASP (Static Analysis Server Protocol) - an early-stage mechanism for allowing tools to actively interact in a plug-and-play fashion. The plan to modernize several open-source tools under the DHS-funded STAMP program is given.

Tue 6 Nov

15:30 - 17:00: HILT 2018 - Showcase & Wrapup at Franklin
Chair(s): Tucker TaftAdaCore
hilt-2018-papers15:30 - 15:55
Industry talk
Paul AndersonGrammaTech, Inc
hilt-2018-papers15:55 - 16:20
Industry talk
Mario TroianiVirtual Software Systems
hilt-2018-papers16:20 - 16:45
Industry talk
hilt-2018-papers16:45 - 17:00
Day closing