Detecting C Program Vulnerabilities

C/C++ language is widely used for developing tools in various applications, in particular, software tools for critical systems are often written in C language. Therefore, the security of such software should be thoroughly tested, i.e., the absence of vulnerabilities has to be confirmed. When detecting C program vulnerabilities static source code analysis can be used. In this paper, we present a short survey of existing software tools for such analysis and show that for some kinds of C code vulnerabilities this analysis is insufficient. Thus, we briefly present an approach for SPIN based approach for vulnerability detection which may be useful in some cases.