SFPM 1.0b2 FTF Avatar
  1. OMG Issue

SFPM_ — Clarify the value of generating sample code from SFP

  • Key: SFPM_-5
  • Status: closed  
  • Source: KDM Analytics ( Dr. Nikolai Mansourov)
  • Summary:

    From AB review by Pete Rivett, March 17, 2020:
    I don’t see the value of being able to generate sample code from the Catalog – why not just insert existing code?

  • Reported: SFPM 1.0b1 — Tue, 15 Feb 2022 04:35 GMT
  • Disposition: Resolved — SFPM 1.0b2
  • Disposition Summary:

    Add supporting text clarifying the synthesis perspective of SFP application

    CWE already provides few illustrative examples of weaknesses in selected languages. This is important for human consumption. However, such examples cannot be considered as a useful part of machine-consumable knowledge. They need to be parsed, they do not identify the core parts of the "fault" ( not often precise enough to do using the language syntax); they do not provide guidance on true positive/false positive; they are very limited in the code and data complexity and in their language coverage. The industry of code analysis tools requires millions of systematic test cases with appropriate metadata.

  • Updated: Tue, 9 Jan 2024 22:27 GMT