9004 Problems of information security. Computer systems Проблемы информационной безопасности. Компьютерные системы 2071-8217 7 10.48612/jisp/nb67-m5g8-mpae Vulnerability detection in multicomponent software using a set of generalized code graph representations Выявление дефектов в многокомпонентном программном обеспечении с применением набора универсальных графовых представлений кода 0009-0008-4442-5365 Kubrin Georgiy kubrin@ibks.spbstu.ru 0000-0002-0232-7248 13103571000 Zegzhda Dmitry zegzhda_dp@spbstu.ru Peter the Great St. Petersburg Polytechnic University 01 08 2024 Спецвыпуск 65 75

The paper presents a survey of existing software security analysis method and their ability to detect vulnerabilities caused by errors in several software components implemented in different programming languages. A set of three generalized code graph representations is proposed for implementation of software security analysis methods with consideration for interaction between components written in different programming languages. A software security analysis system architecture and a prototype of a system that uses proposed generalized code graph representation was developed. The prototype supports analysis of software components written in PHP, C and. NET based programming languages

 software vulnerabilities detection logical vulnerabilities static code analysis graph theory multicomponent software analysis