SafeRiver develops a static tool devoted to the exploration of software security in order to improve audit quality (reproducibility, coverage …). Automatic tools based on abstract interpretation take into account all possible executions and pointer aliasing and perform inter-procedural forward or backward analysis whereas these features are out of reach for a human auditor. Carto-C enables exhaustive reproducible security audits.

Carto-C computes (from the source code of the application) :

Carto-C has been evaluated on the NIST SATE test base Juliet 1.2 :

Juliet 1.2 : Carto-C:

Carto-C supports :

Carto-C 1.3.4 does not support :

Back to Christèle Faure home page.