Patent · US Active

Identifying security vulnerability in computer software

US8468605B2 · kind B2 · utility

11Cited by

16References

10Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Yinnon A. Haviv · Kalanswa, IL
Roee Hay · Haifa, IL
Marco Pistoia · Amawalk, US
Adi Sharabani · Ramat Gan, IL
Takaaki Tateishi · Yamato, JP
Omer Tripp · Herzliya, IL
Omri Weisman · Nes Ziona, IL

Key dates

Filing date	Nov 30, 2009
Grant date	Jun 18, 2013
Priority date	—
Expiry date	Oct 15, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Identifying a security vulnerability in a computer software application by identifying at least one source in a computer software application, identifying at least one sink in the computer software application, identifying at least one input to any of the sinks, determining whether the input derives its value directly or indirectly from any of the sources, determining a set of possible values for the input, and identifying a security vulnerability where the set of possible values for the input does not match a predefined specification of legal values associated with the sink input.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.