About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
Our Work
Overview
Mission Areas
Systems Engineering
Information Technology
MITRE Research Program
MITRE Federal Employee Fellowship Program
Technology Transfer Office
Technical Papers

Follow Us:
Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > Our Work > Technical Papers >

Software Assurance Findings Expression Schema (SAFES) Overview

January 2012

Sean Barnum, The MITRE Corporation

ABSTRACT

The Software Assurance Findings Expression Schema (SAFES) is a unified schema that will support the full range of software assurance activities in a consistent and automatable fashion by providing a common mechanism (structure and content) for all tools, analysis services and analysis practices in the software assurance field to report, integrate and analyze findings in a consistent fashion. Such a unified schema is a foundational requirement for effectively leveraging multi-perspective and multi-tool software assurance analysis approaches and methodologies which is a current priority focus of many government and commercial organizations. A unified schema will enable and encourage greater consistency in findings, will establish more structured tool results that are more useful to users, will enable integration of results from multiple tools/services and will enable automated processing of tool/service results. This is a collaborative community effort with MITRE providing primary technical leadership, but with the involvement and contributions of an assortment of software assurance tool and service vendors and software assurance practitioners willing to participate and other interested members of the software assurance community. This schema was developed from an attempt to successfully analyze, integrate and capture the current state of the practice, current state of the art as well as new thinking beyond the current state of the art in the field of software assurance findings. The primary artifact for this effort is an XML-based schema that not only provides a common communication mechanism for findings but does so in a structured fashion that enables greater flexibility in its application and its future growth and enhancement. SAFES is currently sponsored by the NSA Center for Assured Software (CAS) (with forthcoming additional support from the DHS Software Assurance Program), with MITRE leading all technical development.

View/Download Document

Additional Search Keywords

n/a

 

Page last updated: February 24, 2012   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.
IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us