SoftwareSecurity2013/Group 8

Group nr. 8

Group members:

• Djurre Broekhuis
• Gerlof Bouma
• Matthijs Gielen
• Tim van de Kamp
• Wouter de Vries

all from University of Twente

Topic: Verification Requirements V5 for FluxBB

Deliverables

• Log of what we have been doing so far *updated 2013-06-13*

The log should be a chronological list of who has been doing what, with dates.

Also useful to document decisions on who will be doing what, and by when.

• Introduction *updated 2013-06-13*

• Security Requirements

This describes the security requirements for your topic.

• Code Scanning Results *updated 2013-06-06*

This should discuss the results of the code scanning, for the Verfication Requirements your group is looking at.

• Reflection on code scanners *updated 2013-06-06*

Describe your impressions about the tools, in capabilities, limitations, etc.

Also, did you learn anything about specific security vulnerabilities from using them?

• Verdict on the security requirements *updated 2013-06-06*

This should give your verdict for each requirement (Pass/Fail/Don't know) with motivation, and an indication of what you did to reach this verdict.

• Reflection on the whole process *updated 2013-06-06*

Reflect on the whole process of doing a code review, or "Application Security Verification", in the way you did.