Bachelor Thesis BCLR-2021-41

BibliographyPohl, Timo: Secure infrastructure for exchanging rules in static code analysis tools.
University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Bachelor Thesis No. 41 (2021).
53 pages, english.
Abstract

In software engineering, static code analysis can be used to inspect code and detect security vulnerabilities even in early stages of the development. This is done by analyzing a piece of code against a set of rules. The aim of this work was to create a secure data exchange infrastructure for static code analysis tools and providers of the rules being used. This enables these tools to update their set of rules by downloading the latest rules from rule providers. First of all, a research on alternatives for possible rule exchange infrastructures was done. During this, many existing data exchange and update protocols were examined. Then the requirements engineering and the search for technologies and protocols was conducted. Based on these results, the rule exchange infrastructure was designed. During the whole process, security was of utmost importance, but also requirements like maintainability and expandability were taken into account.

Full text and
other links
Volltext
Department(s)University of Stuttgart, Institute of Software Technology, Empirical Software Engineering
Superviser(s)Wagner, Prof. Stefan; Ghatta, Sara
Entry dateOctober 11, 2021
   Publ. Computer Science