“…• Verify Constraint or Pattern (VCP) without using models. This category of WAVD methods [9,23,54,55,57,59,62,67,72,75,82,83,91,94,105,109,110,115,118,119,121,126,130,151,152] begins by identifying constraints, patterns, or policies related to a specific vulnerability from source code, execution trace, or user inputs and then checks or monitors violations of the constraints to detect vulnerabilities or attacks. Unlike VCPM, the VCP approaches do not generate and use models in the process of constraint and pattern verification.…”