The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 10, 2020
Filed:
Dec. 05, 2016
International Business Machines Corporation, Armonk, NY (US);
Kristofer Alyn Duer, Manchester, NH (US);
Jonathan J. Butler, Manchester, NH (US);
John Thomas Peyton, Jr., Arlington, MA (US);
Stephen Darwin Teilhet, Milford, NH (US);
Omer Tripp, New York, NY (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A static analysis tool is augmented to provide a mechanism by which a large set (and potentially all) security warnings output from the tool may be represented to the user in a manner that is manageable for consumption by the user. According to this disclosure, a static analysis is run on a program to generate a set of security warnings. Using dynamic programming, the set of security warnings output by the static analysis are mapped onto a collection of fix points, wherein a fix point captures a location within the program that should be visited to fix a set of warnings that map to that fix point. The fix points represent the highest probable locations of particular potential vulnerabilities in the program. They are computed in a parametric manner, preferably according to user preferences, by solving an instance of a 'knapsack' problem.