Bertrand STIVALET

About me

I'm currently working as ICT Security Expert for the International Committee of the Red Cross (ICRC) in Geneva. Before accepting this new challenge, I have been performing Penetration Testing for 2 years in Switzerland. I also worked 5 years for the National Institute of Standards and Technology (NIST) where I was conducting researches on how source code security analyzers react facing a large range of vulnerabilities with different complexities (see Publications section below). I was part o the SAMATE Team where my role consisted of studying tools' strengths and weaknesses in order to help improving the current state of the static code analysis field. I graduated in 2011 from TELECOM Nancy, a leading engineering school at the University of Lorraine in France for a Master's degree in Computer Science with a minor in networking and security.

Websites

• Bertrand STIVALET http://www.stivalet.ch
• Github https://github.com/stivalet
• LinkedIn https://www.linkedin.com/in/bertrandstivalet
• NIST publications http://www.nist.gov/publication-portal.cfm
• Research Gate https://www.researchgate.net/profile/Bertrand_Stivalet
• Google Scholar https://scholar.google.com/
• OWASP profile https://www.owasp.org/index.php/User:Stivalet

Publications

Awards

• Best Paper Award - IEEE International Conference on Software Testing, Verification and Validation (ICST) 2016, April 2016
  Large Scale Generation of Complex and Faulty PHP Test Cases
  Bertrand Stivalet,Elizabeth Fong

Papers

• SATE V Report: Ten Years of Static Analysis Tool Expositions, October 2018
  Aurelien M. Delaitre, Bertrand C. Stivalet, Paul E. Black, Vadim Okun, Terry S. Cohen, Athos Ribeiro
  
• Large Scale Generation of Complex and Faulty PHP Test Cases, April 2016
  Bertrand Stivalet, Elizabeth Fong
  International Conference on Software Testing, Verification and Validation (ICST'16), Chicago, IL
  *BEST PAPER AWARD for the ICST16 TOOL DEMO TRACK*

• Evaluating Bug Finders - Test and Measurement of Static Code Analyzers, May 2015
  Aurelien Delaitre, Bertrand Stivalet, Elizabeth Fong, Vadim Okun
  Complex faUlts and Failures in LargE Software Systems (COUFLESS'15), Firenze, Italy

• A Hybrid CPU-GPU System for Stitching of Large Scale Optical Microscopy Images, March 2013
  Walid Keyrouz, Bertrand Stivalet, Timothy Blattner, Shujia Zhou, Joe Chalfoun, Mary Brady
  GPU Technology Conference 2013, San Jose, CA

• Initiating Mobile Software Development - Lessons Learned From a 12-Month Project, 2011
  Frederic de Vaulx, Paul Khouri Saba, Marcus Newrock, Bertrand Stivalet
  NIST Interagency/Internal Report (NISTIR)

Presentations

• Large Scale Generation of Complex and Faulty PHP Test Cases, April 2016
  International Conference on Software Testing, Verification and Validation (ICST'16), Chicago, IL

• Evaluating Bug Finders - Test and Measurement of Static Code Analyzers, May 2015
  Complex faUlts and Failures in LargE Software Systems (COUFLESS'15), Firenze, Italy

• CVE-Selected Analysis Results, March 2014
  Static Analysis Tool Exposition (SATE) V Workshop, Gaithersburg, MD, USA

Contact

• Firstname . Lastname @gmail.com
  
• b_stivalet@Twitter
• about.me/bertrandstivalet