Analysis of the Heartbleed Vulnerability
In response to the recent Heartbleed vulnerability, James A. Kupsch and Barton P. Miller of the University of Wisconsin analyzed the problematic sections of the OpenSSL code and how it challenged the capabilities of software assurance tools. Read their full analysis here, and learn how the SWAMP can be used to reduce the likelihood of such events in the future.
Citation information for the white paper is below.
MLA: Kupsch, James A., and Miller, Barton P. “Why Do Software Assurance Tools Have Problems Finding Bugs Like Heartbleed?” Continuous Software Assurance Marketplace, 22 Apr. 2014. Web. <https://www.swampinabox.org/doc/SWAMP-WP003-Heartbleed.pdf>
APA: Kupsch, J.A., & Miller, B.P. (2014, April 22). Why Do Software Assurance Tools Have Problems Finding Bugs Like Heartbleed? [PDF file]. Continuous Software Assurance Marketplace. Retrieved from https://www.swampinabox.org/doc/SWAMP-WP003-Heartbleed.pdf