Prova de Doutoramento da aluna Sofia Oliveira Reis
Área: Engenharia Informática e de Computadores
Título da Tese: Understanding and Improving Static Application Security Testing Tools
Local da Prova: https://tecnico-pt.zoom.us/j/98706842296
Data: 22/09/2025
Hora: 14h00
Abstract: This dissertation explores the enhancement of static analyzers within the context of software security, a crucial area as the dependence on software for complex systems and daily activities grows. The research begins by organizing and describing the state of static analyzers, offering a structured overview of techniques, programming languages, performance data, and the challenges and trends in this field. It addresses the difficulties in testing and validating these tools against real vulnerabilities and proposes new methods for optimizing data production and collection. The dissertation also enhances software vulnerability detection in Infrastructure-as-Code scripts, investigates model uncertainty to decrease false positives, and explores how source code metrics can aid developers in crafting more effective patches. Conclusively, this work contributes new tools and insights that bolster the robustness, efficiency, and scalability of static analyzers, improving software security and suggesting future integration into software development pipelines for real-time security assurance.