Downloadable ContentDownload PDF
Enhancing secure coding assistant with error correction and contract programming
As cyber-attacks have become more prevalent in the recent decade, companies and governments have learnt the significant importance of enforcing robust programming practices to ensure software security and reliability during code generation. Various tools have been developed for the purpose of assisting programmers in secure coding, and the initial version of the tool called Secure Coding Assistant is one of such development efforts. Designed to support CERT rule violation detection, the tool is featured by providing a mechanism to detect rule violations early and by filling the void of open source tools. The tool is promising in secure programming education compared to other commercial products, however, the initial version does not provide assistance in error correction, nor does it takes into account the potentials of employing contract programming enforcement to assist users in improving program reliability. To achieve error correction and defect localization for both software security and reliability in Java programs, this project report presents our efforts for the implementations of assisting error corrections as well as enforcing contract programming. The tool is maintained on GitHub at http://benw408701.github.io/SecureCodingAssistant/.