Implement DISA STIG Rules with Polyspace Bug Finder

Polyspace Bug Finder is a static analysis tool that can help automate the implementation of a subset of STIG rules.
193 Downloads
Updated 2 Oct 2024

View License

The Defense Information Systems Agency (DISA) has brought out many rules to enhance the security of DoD IA and IA-enabled devices/systems. These rules come in the form of the DISA Security Technical Implementation Guides (STIG). The STIG contains technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.
Polyspace Bug Finder is a static analysis tool that can help automate the implementation of a subset of STIG rules. Polyspace can detect several kinds of security vulnerabilities in your code such as unsafe encryption functions, unintended privilege elevation, tainted data, and other security issues. Using the Polyspace Bug Finder checkers, you can check for violations of STIG rules in your code.
The attached document and spreadsheet contains a mapping from DISA STIG rules (version 5) and the way to use this mapping with Polyspace Bug Finder. It also contains a checkers activation file mapped to DISA STIG rules and a Review Scope to filter results allowing to display only those results that correspond to DISA STIG rules.

Cite As

Christian Bard (2024). Implement DISA STIG Rules with Polyspace Bug Finder (https://www.mathworks.com/matlabcentral/fileexchange/66685-implement-disa-stig-rules-with-polyspace-bug-finder), MATLAB Central File Exchange. Retrieved .

MATLAB Release Compatibility
Created with R2024b
Compatible with any release
Platform Compatibility
Windows macOS Linux

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!
Version Published Release Notes
2.0.0.0

Updated some rules and created a DISA STIG Polyspace coding standards available since R2024b

1.2.0.0

Compatible with version 5 of DISA STIG rules and added a checkers activation file mapped to DISA STIG rules

1.1.0.0

Added Review Scope and corrected link inside Excel sheet

1.0.0.0