Journals Proceedings

Abstract

Software is often exposed to safety accidents due to hacking and defects. Most of the accidents are caused by bugs and security vulnerabilities in source code. The bugs and vulnerabilities should be eliminated during the development phase before software release. Nowadays, many software developers use static code analysis tools for secure software development. Thus it is necessary to have an effective way of evaluating the quality of static analysis. Despite the advantages of static code analysis, the developers avoid to use it because of the immoderate false alarms. Unless static analysis tool is tested appropriately, the false-alarm rate may be increased. In this paper, we propose a method of automatically generating test codes based on mutation testing techniques.