The immunity to malicious third parties is a fundamental security feature of a system. Ensuring this feature in information and communication technologies is a requirement for establishing a trustworthy Information Society. Several strategies can be explored to deal with this problem. One of them, called program analysis, relies on formal techniques that semi-automatically detect unintended behaviours in software systems. This approach allows the verification and secure exploitation of legacy and commercial-off-the-shelf components.
However, program analysis techniques for security are still in their infancy. They face several challenges, among which the incomplete detection of security flaws, and limited support both for programming languages and industrial verification procedures. These challenges are hindering the adoption of program analysis tools as part of the practices in security assurance and the compliance checks of certification standards.
The objective of STANCE has been to drive scientific and technological breakthroughs in the domain of software security. Over three and a half years, STANCE has defined, implemented and validated a set of program analysis tools capable of verifying the security of complex software systems made in C, C++ and Java. STANCE has built on existing assets: formal methods, state-of-the-art static and dynamic program analysis tools, security evaluation expertise. Industry-specific knowledge has been used and significantly extended. The resulting program analysis toolbox and supporting methods are increasing the trustworthiness and the cost-effectiveness of existing security-oriented processes. These innovations are durably altering the domain of software security assurance, with broad consequences on its legal, societal, and economic aspects.