Static code analysis is a technology to detect various security vulnerabilities at implementation time. However, as studies show, developers reject static analysis tools, as they find them hard to configure such that they can operate efficiently in their application context. With their default parameters, most tools produce a high number of false warnings, while missing vulnerabilities that may be important. This demotivates the developers. The goal of this project is to reduce the gap between static analysis and software development, thereby improving the user experience of static analysis tools.
Learn MoreProject Lead
Developer
Research Advisor
Developer
Developer
Developer
Research Advisor
Goran Piskachev
Fraunhofer IEM Institute for Mechatronic Systems Design
Department Software Engineering and IT-Security
Zukunftsmeile 1
33102 Paderborn
e-Mail: goran.piskachev(at)iem.fraunhofer.de