Browsing for security papers a few days back I found a very interesting
paper: "Securing Web Application Code by Static Analysis and Runtime
Protection." [1] Even though it's focused on the tools the writers of the
publication have developed (WebSSARI, which has not yet been released) it
makes a review of different approaches to automatic source code analysis
(type-based analysis, dataflow analysis, flow-sensitive type-based
analysis and static checking) and the soundness of these different methods.
There paper's references are also worthwhile reading (if you have the time)
One of this reference is Dawson Engler's "Using Programmer-Written Compiler
Extensions to Catch Security Holes" [2]. Which I'm about to start reading
right now, this professor has a number of papers in his webpage that are
quite interesting too!
Regards
Javier
[1] http://www.openwaves.net/webssari.htm
[2] http://www.stanford.edu/~engler/sp-ieee-02.ps
[3] http://www.stanford.edu/~engler/