search menu icon-carat-right cmu-wordmark

Mobile SCALe: Rules and Analysis for Secure Java and Android Coding

Technical Report
In this report, the authors describe Android secure coding rules, guidelines, and static analysis developed as part of the Mobile SCALe project.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2013-TR-015
DOI (Digital Object Identifier)
10.1184/R1/6575507.v1

Abstract

This report describes Android secure coding rules, guidelines, and static analysis that were developed as part of the Mobile Source Code Analysis Laboratory (SCALe) project. The project aims to create a set of rules that can be checked (and potentially enforced) and to develop checkers for these rules. These efforts are intended to increase confidence in continued safe and secure operation of mobile devices and the networks on which they operate. The focus for this phase of the project is the Android platform for mobile devices. Work described in this report involved three activities: (1) preparing the Java Coding Guidelines book for publication, (2) developing Android secure coding rules for the Android section of the CERT Oracle Secure Coding Standard for Java wiki, and (3) developing software that does static analysis of a set of Android apps for data flows between them so that security leaks can be detected.

Cite This Technical Report

Bauer, L., Flynn, L., Jia, L., Klieber, W., Long, F., Sutherland, D., & Svoboda, D. (2013, November 8). Mobile SCALe: Rules and Analysis for Secure Java and Android Coding. (Technical Report CMU/SEI-2013-TR-015). Retrieved April 18, 2024, from https://doi.org/10.1184/R1/6575507.v1.

@techreport{bauer_2013,
author={Bauer, Lujo and Flynn, Lori and Jia, Limin and Klieber, William and Long, Fred and Sutherland, Dean and Svoboda, David},
title={Mobile SCALe: Rules and Analysis for Secure Java and Android Coding},
month={Nov},
year={2013},
number={CMU/SEI-2013-TR-015},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6575507.v1},
note={Accessed: 2024-Apr-18}
}

Bauer, Lujo, Lori Flynn, Limin Jia, William Klieber, Fred Long, Dean Sutherland, and David Svoboda. "Mobile SCALe: Rules and Analysis for Secure Java and Android Coding." (CMU/SEI-2013-TR-015). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, November 8, 2013. https://doi.org/10.1184/R1/6575507.v1.

L. Bauer, L. Flynn, L. Jia, W. Klieber, F. Long, D. Sutherland, and D. Svoboda, "Mobile SCALe: Rules and Analysis for Secure Java and Android Coding," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2013-TR-015, 8-Nov-2013 [Online]. Available: https://doi.org/10.1184/R1/6575507.v1. [Accessed: 18-Apr-2024].

Bauer, Lujo, Lori Flynn, Limin Jia, William Klieber, Fred Long, Dean Sutherland, and David Svoboda. "Mobile SCALe: Rules and Analysis for Secure Java and Android Coding." (Technical Report CMU/SEI-2013-TR-015). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 8 Nov. 2013. https://doi.org/10.1184/R1/6575507.v1. Accessed 18 Apr. 2024.

Bauer, Lujo; Flynn, Lori; Jia, Limin; Klieber, William; Long, Fred; Sutherland, Dean; & Svoboda, David. Mobile SCALe: Rules and Analysis for Secure Java and Android Coding. CMU/SEI-2013-TR-015. Software Engineering Institute. 2013. https://doi.org/10.1184/R1/6575507.v1