NCI WEBSITE
NORMA eResearch @NCI Library

Solidity Smart Contract Testing with Static Analysis Tools

Tools

Behan, Senan (2022) Solidity Smart Contract Testing with Static Analysis Tools. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (618kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (1MB) | Preview

Abstract

Smart contract development is often overlooked in security terms and the consequences of vulnerable smart contracts embedded within a Blockchain can lead to current and future unforeseen negative consequences. Solidity smart contracts are a rapidly developing area within Blockchain technology. Several static analysis tools have been developed to assist in the secure creation of smart contracts, and datasets are provided to facilitate testing of tools.

This report describes the results of testing the Static Analysis tools, Osiris, Oyente and Slither against Solidity generated smart contracts which contained documented vulnerabilities, sourced from Smart Contract Weakness Classification and Test Cases (SWC) registry and SmartBugs repository. The Docker static analysis tool images can be utilised in testing to enhance security in smart contracts. The findings in this report demonstrated the dominance of Slither testing tool in scanning and detecting vulnerabilities, however False Negatives were present. The experiment also highlighted the issue of vulnerability classification in datasets and re-classification of the dataset smart contracts for vulnerabilities is required. This investigation demonstrated that Docker proved to be an effective means of testing the tools.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Slither; Osiris; Oyente; SmartBugs; SWC Registry; smart contracts; vulnerabilities; Solidity; Static Analysis; testing
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Electronic computers. Computer science > Computer Systems
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science > Computer Systems
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Clara Chan
Date Deposited: 24 Nov 2022 18:05
Last Modified: 24 Nov 2022 18:05
URI: https://norma.ncirl.ie/id/eprint/5932

Actions (login required)

View Item View Item