A design and development of secure-coding check system based on CVE and CWE

Abstract

Recently, software has been utilized in various environments including computer, smartphone and medical devices because the application fields of IT products have been diversified. Moreover, software has evolved in a way to modify and redistribute source code freely by opening source code in recent years. However, open source software is being developed through those developers having no prior security related knowledge. Furthermore, it is being distributed without any verification. Hereupon, there are various security vulnerabilities that are exploited for an attack. Therefore, this paper examined security vulnerabilities from design phase to distribution phase of software and also proposed a system that can check whether software is securely coded. Moreover, this paper analyzed the equivalency of performance to the existing products as a result of the performance evaluation through Juliet code.