David Svoboda

David Svoboda is a software security engineer at the CERT Division of the Software Engineering Institute. He co-authored or contributed to four books, including The SEI CERT C Coding Standard and The CERT Oracle Secure Coding Standard for Java. He also maintains the SEI CERT Coding Standards wiki and has taught Secure Coding in C, C++, and Java all over the world to various groups in the military, government, and banking industries.

Svoboda is also involved in the ISO C standard group (ISO/IEC/JTC1/SC22/WG14) and the Safety Critical Rust Consortium.

Software Engineering Institute

AI-Powered Memory Safety with the Pointer Ownership Model

December 3, 2025 • Blog Post

Automated Code Repair for C/C++ Static Analysis

September 29, 2025 • Technical Report

Design of Enhanced Pointer Ownership Model for C

September 29, 2025 • Technical Report

Updating Risk Assessment in the CERT Secure Coding Standard

April 23, 2025 • Podcast

Detection and Repair: The Cost of Remediation

March 3, 2025 • Blog Post

Automated Code Repair for C/C++ Static Analysis

September 29, 2025 • Technical Report

Design of Enhanced Pointer Ownership Model for C

September 29, 2025 • Technical Report

LLVM Intermediate Representation for Code Weakness Identification

July 8, 2022 • White Paper

Integration of Automated Static Analysis Alert Classification and Prioritization with Auditing Tools: Special Focus on SCALe

May 13, 2019 • Technical Report

SCALe Analysis of JasPer Codebase

April 1, 2015 • White Paper

AI-Powered Memory Safety with the Pointer Ownership Model

December 3, 2025 • Blog Post

Detection and Repair: The Cost of Remediation

March 3, 2025 • Blog Post

Redemption: A Prototype for Automated Repair of Static Analysis Alerts

June 10, 2024 • Blog Post

What Recent Vulnerabilities Mean to Rust

April 29, 2024 • Blog Post

Rust Vulnerability Analysis and Maturity Challenges

January 23, 2023 • Blog Post

Updating Risk Assessment in the CERT Secure Coding Standard

April 23, 2025 • Podcast

Safeguarding Against Recent Vulnerabilities Related to Rust

June 28, 2024 • Podcast

Automated Repair of Static Analysis Alerts

May 31, 2024 • Podcast

Understanding Vulnerability Analysis in the Rust Programming Language

June 6, 2023 • Podcast

Software Security in Rust

March 21, 2023 • Podcast

Redemption Tool Demo: View Difference Between Original Code and Repaired Code (Manual Review)

October 25, 2024 • Video

Redemption Demo: Use Microsoft Visual Studio Code to View Redemption Repairs: Ignore, Accept, Revert

October 23, 2024 • Video

Redemption Tool Demo Video: Separate Environments for Code Compilation and Code Repair

October 8, 2024 • Video

Will Rust Solve Software Security?

July 25, 2023 • Webcast

SEI Cyber Minute: SCALe

February 6, 2018 • Video