We integrated SARIF into CogniCrypt tool. We summarized the standard and documented our convertor to ease the integration of the standard in other static analysis tools...
To what extent can we reduce the gap between the domains of static analysis and software development? Within this project, we work on an approach for the automatic generation of security checkers based on vulnerability specifications. The project focuses on the detection of Java vulnerabilities.