Rosina Bignall

Creative Software Engineer

NIST and Software Assurance

| 1 Comment

The last two days I’ve spent at NIST attending the Software Assurance Forum.  This has been really enjoyable for me! I am visiting a long time friend in Gaithersburg, MD who works at NIST and organized the Static Analysis Tools Expo as part of the conference.  There has been a lot of development in the last few years on automating tools to check for various problems in code.  The goal is somewhat related to the formal methods being studied in the lab I worked with in grad school in that both are trying to show that programs are correct although the approach is very different.  Analysis of programs is done in different ways by different vendors – some on the source code, some on the executable.  The SATE project is looking at various tools to do empirical research on large data sets.  Seven or eight tool vendors participated this year using their tools and analysis of real world programs and associated CVEs.  There is some very exceptional work going on in this field.

Author: Rosina Bignall

I've been on the internet since the 90's. Check out my professional blog at and my personal blog at

One Comment

  1. You actually make it seem so easy together with your presentation but I in finding this matter to be actually something that I believe I’d never understand. It kind of feels too complicated and extremely vast for me. I’m taking a look forward on your next publish, I will try to get the dangle of it!

Leave a Reply

Required fields are marked *.