NIST SAMATE Reference Dataset Project

From RP
Jump to: navigation, search

About the NIST SAMATE Reference Dataset Project

Samate NIST logo2.png

The purpose of the SAMATE Reference Dataset (SRD) is to provide users, researchers, and software security assurance tool developers with a set of known security flaws. This will allow end users to evaluate tools and tool developers to test their methods. These test cases are designs, source code, binaries, etc., i.e. from all the phases of the software life cycle. The dataset includes "wild" (production), "synthetic" (written to test or generated), and "academic" (from students) test cases. This database will also contain real software application with known bugs and vulnerabilities. The dataset intends to encompass a wide variety of possible vulnerabilities, languages, platforms, and compilers. The dataset is anticipated to become a large-scale effort, gathering test cases from many contributors.

Access the Data

http://samate.nist.gov/SRD/index.php

Contents of the Data

Examples of code (including C, C++, Java, Ada, PHP, Python, C#) with known hacker vulnerabilities, ranked according to the severity of those vulnerabilities.