McGraw G. Software security: building security in[M]. Boston: Addison Wesley Professional, 2006: 3-9.
[2]
Wagner D, Foster J S, Brewer E A, et al. A first step towards automated detection of buffer overrun vulnerabilities//Network and Distributed System Security Symposium 2000. San Diego: , 2000: 3-17.
[3]
Viega J, Bloch J T, Kohno Y, et al. A static vulnerability scanner for C and C++ code//ACSAC '00. 16th Annual Conference. New Orleans: Computer Security Applications, 2000: 257-267.
[4]
Huang Guangyan, Zhang Guangmei, Li Xiaowei, et al. A state machine for detecting C C++ memory faults//ATS'05. Washington: IEEE Computer Society, 2005: 82-87.
[5]
Sabelfeld A, Myers A C. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 2003, 21(1): 5-19.
[6]
Torben A, Anindya B. Information flow analysis in logical form//CIS TR 2004. Kansas: Kansas State University, 2004: 100-115.
