Vulnerability detection in multicomponent software using a set of generalized code graph representations

The paper presents a survey of existing software security analysis method and their ability to detect vulnerabilities caused by errors in several software components implemented in different programming languages. A set of three generalized code graph representations is proposed for implementation of software security analysis methods with consideration for interaction between components written in different programming languages. A software security analysis system architecture and a prototype of a system that uses proposed generalized code graph representation was developed. The prototype supports analysis of software components written in PHP, C and. NET based programming languages