This two-day workshop focuses on decreasing software security vulnerabilities by orders of magnitude, using the strong guarantees that only sound static analysis can provide. The workshop is aimed at developers, managers and evaluators of security-critical projects, as well as researchers in cybersecurity.

The program features experts on sound static analysis applied to security, around three theme topics:

• Analysis of legacy code,
• Use in new development, and
• Accountable software quality.

Each topic will be introduced by a renowned international expert: David A. Wheeler from the Institute for Defense Analyses on the analysis of legacy code, K. Rustan M. Leino from Amazon on use in new development, and Visiting Research Engineer at CEA and Independent Consultant David Cok on accountable software quality. Tutorials and vendor displays will offer attendees the opportunity to practice and connect with technology and tool experts.

This workshop is a continuation and expansion of the Frama-C & SPARK Day 2017 which took place in Paris, France.