The Defense Information Systems Agency (DISA) has brought out many rules to enhance the security of DoD IA and IA-enabled devices/systems. These rules come in the form of the DISA Security Technical Implementation Guides (STIG). The STIG contains technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.
Polyspace Bug Finder is a static analysis tool that can help in automating the implementation of the STIG. It detects several kinds of security vulnerabilities in your code such as unsafe encryption functions, unintended privilege elevation, tainted data and other security issues. Using the Bug Finder checkers, you can automatically check for violations of many STIG rules.
The attached document and spreadsheet contains a mapping from DISA STIG rules and the way to use this mapping with Polyspace Bug Finder. It also contains a Review Scope to filter results allowing to display only those results that correspond to DISA STIG rules.
Christian Bard (2023). Implementing DISA STIG Rules with Polyspace Bug Finder (https://www.mathworks.com/matlabcentral/fileexchange/66685-implementing-disa-stig-rules-with-polyspace-bug-finder), MATLAB Central File Exchange. 검색됨 .