{"id":"https://openalex.org/W4285490477","doi":"https://doi.org/10.1145/3533767.3534380","title":"An empirical study on the effectiveness of static C code analyzers for vulnerability detection","display_name":"An empirical study on the effectiveness of static C code analyzers for vulnerability detection","publication_year":2022,"publication_date":"2022-07-15","ids":{"openalex":"https://openalex.org/W4285490477","doi":"https://doi.org/10.1145/3533767.3534380"},"language":"en","primary_location":{"id":"doi:10.1145/3533767.3534380","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3533767.3534380","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://mediatum.ub.tum.de/doc/1659728/1659728.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090450563","display_name":"Stephan Lipp","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Stephan Lipp","raw_affiliation_strings":["TU Munich, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Munich, Germany","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010742852","display_name":"Sebastian B\u0103nescu","orcid":"https://orcid.org/0000-0003-0771-4826"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sebastian Banescu","raw_affiliation_strings":["TU Munich, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Munich, Germany","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002011805","display_name":"Alexander Pretschner","orcid":"https://orcid.org/0000-0002-5573-1201"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alexander Pretschner","raw_affiliation_strings":["TU Munich, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Munich, Germany","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5090450563"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":28.3945,"has_fulltext":true,"cited_by_count":97,"citation_normalized_percentile":{"value":0.99685604,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"544","last_page":"555"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8469078540802002},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.8341360092163086},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.6581896543502808},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6256288290023804},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.6209756731987},{"id":"https://openalex.org/keywords/spectrum-analyzer","display_name":"Spectrum analyzer","score":0.6111097931861877},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5869698524475098},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5635684132575989},{"id":"https://openalex.org/keywords/source-lines-of-code","display_name":"Source lines of code","score":0.5326203107833862},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.46647176146507263},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.4611089825630188},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.42090874910354614},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.4179907441139221},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.41303038597106934},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.35911521315574646},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2723468542098999},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2566581964492798},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.14309540390968323},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.11899358034133911}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8469078540802002},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.8341360092163086},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.6581896543502808},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6256288290023804},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.6209756731987},{"id":"https://openalex.org/C158007255","wikidata":"https://www.wikidata.org/wiki/Q1055222","display_name":"Spectrum analyzer","level":2,"score":0.6111097931861877},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5869698524475098},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5635684132575989},{"id":"https://openalex.org/C199519371","wikidata":"https://www.wikidata.org/wiki/Q942695","display_name":"Source lines of code","level":3,"score":0.5326203107833862},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.46647176146507263},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.4611089825630188},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.42090874910354614},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.4179907441139221},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.41303038597106934},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.35911521315574646},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2723468542098999},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2566581964492798},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.14309540390968323},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.11899358034133911},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":7,"locations":[{"id":"doi:10.1145/3533767.3534380","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3533767.3534380","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis","raw_type":"proceedings-article"},{"id":"pmh:doi:10.6084/m9.figshare.20294079","is_oa":true,"landing_page_url":null,"pdf_url":"https://mediatum.ub.tum.de/doc/1659728/1659728.pdf","source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Presentation"},{"id":"pmh:oai:figshare.com:article/20294079","is_oa":true,"landing_page_url":"https://figshare.com/articles/presentation/An_Empirical_Study_on_the_Effectiveness_of_Static_C_Code_Analyzers_for_Vulnerability_Detection/20294079","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:figshare.com:article/21967376","is_oa":true,"landing_page_url":"https://figshare.com/articles/presentation/An_Empirical_Study_on_the_Effectiveness_of_Static_C_Code_Analyzers_for_Vulnerability_Detection/21967376","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:mediatum.ub.tum.de:node/1659728","is_oa":true,"landing_page_url":"https://mediatum.ub.tum.de/1659728","pdf_url":null,"source":{"id":"https://openalex.org/S4377196330","display_name":"mediaTUM  (Technical University of Munich)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I62916508","host_organization_name":"Technical University of Munich","host_organization_lineage":["https://openalex.org/I62916508"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"ConferencePaper"},{"id":"doi:10.6084/m9.figshare.20294079.v1","is_oa":true,"landing_page_url":"https://doi.org/10.6084/m9.figshare.20294079.v1","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"},{"id":"doi:10.6084/m9.figshare.21967376.v1","is_oa":true,"landing_page_url":"https://doi.org/10.6084/m9.figshare.21967376.v1","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:doi:10.6084/m9.figshare.20294079","is_oa":true,"landing_page_url":null,"pdf_url":"https://mediatum.ub.tum.de/doc/1659728/1659728.pdf","source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Presentation"},"sustainable_development_goals":[{"score":0.6800000071525574,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4285490477.pdf","grobid_xml":"https://content.openalex.org/works/W4285490477.grobid-xml"},"referenced_works_count":50,"referenced_works":["https://openalex.org/W814172419","https://openalex.org/W1710734607","https://openalex.org/W1761184020","https://openalex.org/W1852477053","https://openalex.org/W1989657183","https://openalex.org/W1992012690","https://openalex.org/W2019230987","https://openalex.org/W2020841721","https://openalex.org/W2022759867","https://openalex.org/W2025411198","https://openalex.org/W2043100293","https://openalex.org/W2101512909","https://openalex.org/W2107024044","https://openalex.org/W2130243914","https://openalex.org/W2137628566","https://openalex.org/W2137726309","https://openalex.org/W2141736632","https://openalex.org/W2145071552","https://openalex.org/W2149598089","https://openalex.org/W2158297335","https://openalex.org/W2280486853","https://openalex.org/W2514084604","https://openalex.org/W2515236103","https://openalex.org/W2543953340","https://openalex.org/W2562680154","https://openalex.org/W2565690877","https://openalex.org/W2624697062","https://openalex.org/W2766540688","https://openalex.org/W2777430404","https://openalex.org/W2784876765","https://openalex.org/W2793876926","https://openalex.org/W2795566764","https://openalex.org/W2854312182","https://openalex.org/W2888223970","https://openalex.org/W2890432166","https://openalex.org/W2901980656","https://openalex.org/W2954611248","https://openalex.org/W3033053557","https://openalex.org/W3093700956","https://openalex.org/W3105133011","https://openalex.org/W3106669766","https://openalex.org/W3112499362","https://openalex.org/W3170526652","https://openalex.org/W4200028713","https://openalex.org/W4200359469","https://openalex.org/W4233410239","https://openalex.org/W4244945045","https://openalex.org/W4246166885","https://openalex.org/W4250848060","https://openalex.org/W4393839021"],"related_works":["https://openalex.org/W2141388993","https://openalex.org/W1978034799","https://openalex.org/W1981466760","https://openalex.org/W1486481742","https://openalex.org/W2106371080","https://openalex.org/W4321227771","https://openalex.org/W2809528855","https://openalex.org/W2504614904","https://openalex.org/W2052691027","https://openalex.org/W3142482686"],"abstract_inverted_index":{"Static":[0],"code":[1,9,123,140,154],"analysis":[2,22,35],"is":[3,25],"often":[4],"used":[5],"to":[6,28,37,100,106,167,208,210],"scan":[7],"source":[8],"for":[10,116],"security":[11,67,240],"vulnerabilities.":[12,46],"Given":[13],"the":[14,64,84,90,119,187,214,220,237],"wide":[15],"range":[16],"of":[17,66,86,121,149,153,186,193,216,222],"existing":[18],"solutions":[19],"implementing":[20],"different":[21],"techniques,":[23],"it":[24],"very":[26],"challenging":[27],"perform":[29,168],"an":[30,97],"objective":[31],"comparison":[32],"between":[33],"static":[34,91,122,138,161,217],"tools":[36,180],"determine":[38],"which":[39],"ones":[40],"are":[41,49],"most":[42],"effective":[43],"at":[44,219],"detecting":[45],"Existing":[47],"studies":[48],"thereby":[50],"limited":[51],"in":[52,73,170,189],"that":[53,69,178,200],"(1)":[54],"they":[55,77],"use":[56],"synthetic":[57,173],"datasets,":[58],"whose":[59],"vulnerabilities":[60,87,102,157,188,230],"do":[61,78],"not":[62,79,104],"reflect":[63],"complexity":[65],"bugs":[68],"can":[70,205],"be":[71,206],"found":[72],"practice":[74],"and/or":[75],"(2)":[76],"provide":[80],"differentiated":[81],"analyses":[82],"w.r.t.":[83],"types":[85],"output":[88],"by":[89],"analyzers.":[92],"Hence,":[93],"their":[94],"conclusions":[95],"about":[96],"analyzer's":[98],"capability":[99],"detect":[101],"may":[103],"generalize":[105],"real-world":[107,194],"programs.":[108,195],"In":[109],"this":[110,201],"paper,":[111],"we":[112],"propose":[113],"a":[114,147,190],"methodology":[115],"automatically":[117],"evaluating":[118],"effectiveness":[120],"analyzers":[124,163],"based":[125],"on":[126],"CVE":[127],"reports.":[128],"We":[129],"evaluate":[130],"five":[131],"free":[132],"and":[133,135,155,184],"open-source":[134],"one":[136],"commercial":[137],"C":[139,162],"analyzer(s)":[141],"against":[142],"27":[143],"software":[144],"projects":[145],"containing":[146],"total":[148],"1.15":[150],"million":[151],"lines":[152],"192":[156],"(ground":[158],"truth).":[159],"While":[160],"have":[164],"been":[165],"shown":[166],"well":[169],"benchmarks":[171],"with":[172],"bugs,":[174],"our":[175,197],"results":[176,215],"indicate":[177],"state-of-the-art":[179],"miss":[181],"in-between":[182],"47%":[183],"80%":[185],"benchmark":[191],"set":[192],"Moreover,":[196],"study":[198],"finds":[199],"false":[202],"negative":[203],"rate":[204],"reduced":[207],"30%":[209],"69%":[211],"when":[212],"combining":[213],"analyzers,":[218],"cost":[221],"15":[223],"percentage":[224],"points":[225],"more":[226],"functions":[227],"flagged.":[228],"Many":[229],"hence":[231],"remain":[232],"undetected,":[233],"especially":[234],"those":[235],"beyond":[236],"classical":[238],"memory-related":[239],"bugs.":[241]},"counts_by_year":[{"year":2026,"cited_by_count":8},{"year":2025,"cited_by_count":33},{"year":2024,"cited_by_count":39},{"year":2023,"cited_by_count":17}],"updated_date":"2026-04-29T09:16:38.111599","created_date":"2025-10-10T00:00:00"}