Top

Published in:

2015 | OriginalPaper | Chapter

Static Analysis: A Survey of Techniques and Tools

Authors : Anjana Gosain, Ganga Sharma

Published in: Intelligent Computing and Applications

Publisher: Springer India

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Static program analysis has shown tremendous surge from basic compiler optimization technique to becoming a major role player in correctness and verification of software. Because of its rich theoretical background, static analysis is in a good position to help produce quality software. This paper provides an overview of the existing static analysis techniques and tools. Further, it gives a critique of static analysis approach over six attributes, namely precision, efficiency, coverage, modularity, scalability, and automation.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Multi-hop Secured Video Transmission Using Dual-channel Dual-path Routing Against Packet Copy Attack

next chapter A LabVIEW-Based Data Acquisition System in a Quarter Car Test Rig to Optimize Vehicle Suspension System

Aho, A., Sethi, R., Ullman, J.: Compilers: Principles, Techniques, Tools. Addison Wesley, Boston (1986)

Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. 1st edn, p. 452, Springer, Berlin. (1996) ISBN: 978-3-540-65410-0

Kirkov, R., Agre, G.: Source Code Analysis: An Overview. Cybernetics and Information Technologies, Bulgarian Academy of Sciences (2010)

Ball, T.: The concept of dynamic analysis. In: Proceedings of 7th ACM/SIGSOFT Conference on Foundations of Software Engineering (1999)

Binkley, D.: Source Code Analysis: A Road Map. Future of Software Engineering, pp. 15–30. Minneapolis, USA, 23–25 May 2007

Ernst, M.D.: Static and dynamic analysis: synergy and duality. In: Proceedings of the 5th ACM Workshop on Program Analysis for Software Tools and Engineering (2004)

Gosain, A., Sharma, G.A.: Survey of dynamic program analysis techniques and tools. In: Proceedings of 3rd International Conference on Frontiers in Intelligent Computing Theory and Applications, Bhubaneshwar, vol. 1, pp. 113–122 Nov (2014)

Bentonino, A.: Software testing research: achievements, challenges, dreams. Future Softw. Eng. (2007)

Emaneulsson, P., Nilson, U.: A comparative study of industrial static analysis tools. Electron. Notes Theor. Comput. Sci. 217, 5–21 (2008)

10.

Brat, G., Venet, A.: Precise and scalable static program analysis of NASA flight software. In: IEEE Aerospace Conference, March (2005)

11.

Jackson, D., Rinard, M.: Software analysis: a road map. IEEE Trans. Softw. Eng. (2000)

12.

D’Silva, V., Kroenig, D., Weissenbacher, G.: A survey of automated techniques for formal software verification. IEEE Trans. CAD (2008)

13.

Cifuentus, C.: BegBunch—benchmarking for C bug detection tools. DEFECTS (2009)

14.

Pemdergrass, J.A., Lee, S.C., McDonnell, C.D.: Theory and practice of mechanized software. Johns Hopkins APL Technical Digest, 32(2) 2013

15.

Kildall, G.A.: A unified approach to global program optimization. POPL (1973)

16.

Kam, J.B., Ullman, J.D.: Global data flow analysis and iterative algorithms. J. ACM 23(1), 158–171 (1976)CrossRefMATHMathSciNet

17.

Kennedy, K.A.: Survey of data flow analysis techniques. In: Muchnick, S., Jones, N. (eds.) Program Flow Analysis: Theory and Applications, pp. 5–54. Prentice-Hall, Englewood Cliffs (1981)

18.

Bush, W.R., Pincus, J.D., Sielaff, D.J.: A static analyzer for finding dynamic programming errors. Softw. Pract. Experience 30(7), 775–802 (2000)CrossRefMATH

19.

GrammaTech Inc. Overview of grammatech static analysis technology. White paper (2007)

20.

Hovemeyer, D., Pugh, W.: Finding bugs is easy. http://www.cs.umd.edu/˜pugh/java/bugs/docs/findbugsPaper.pdf (2003)

21.

Das, M., Lerner, S., Siegel, M.: ESP: path sensitive program verification in polynomial time. PLDI’02, Berlin (2002)

22.

Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of 6th ACM Symposium on Principles of Programming Languages. California, pp. 238–252, (1977)

23.

Jones, N.D., Nielson, F.: Abstract Interpretation: A Semantics Based Tools for Program Analysis. Handbook of Logics in Computer Science, vol. 14. Oxford University Press, Oxford (1995)

24.

Cousot, P.: Abstract Interpretation Based Formal Methods and Future Challenges. Lecture Notes in Computer Science#2000, pp. 138–156. Springer, Berlin (2001)

25.

Cousot, P., Cousot, R., Feret, J., Mine, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of static analyzer: a comparison with astree. In: 1st Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE), June (2007)

26.

Polyspace Verifier. http://www.polyspace.com

27.

Aiken, A.: Introduction to set constraint-based program analysis. Sci. Comput. Program. 35, 79–111 (1999)

28.

Gulwani, S., Shrivastava, S., Venkatraman, R.: Program analysis as constraint solving. PLDI, June (2008)

29.

King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)

30.

Floyd, R.: Assigning meanings to programs. In: Proceedings of Symposium on Applied Mathematics (1967)

31.

Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM 12(10), 576–580 (1969)CrossRefMATH

32.

Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: a theorem prover for program checking. www.hpl.hp.com/techreports/2003/HPL-2003-148.html‎

33.

Tiwari, A., Gulwani, S.: Logical interpretation: static program analysis using theorem proving. In: Proceedings of Conference on Automated Deduction (2007)

34.

Johnson, S.C.: Lint: A C program checker. Unix programmer’s manual, Computer Science Technical Report 65. AT & T Bell Laboratories (1978)

35.

FlexeLint/PCLint. http://www.gimpel.com/html/lintinfo.htm

36.

Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Softw. 19, 42–51 (2002)CrossRef

37.

JLint. http://artho.com/jlint

38.

Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proceedings of ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 234–245 (2000)

39.

PMD/Java. http://pmd.sourceforge.net

40.

Klocwork. Klocwork K7. http://www.klocwork.com

41.

Chelf, B., Chou, A.: Next generation of static analysis: Boolean satisfiability and path simulation-a perfect match. http://www.coverity.com/library/pdf/coverity_white_paper_SAT_next_Generation_Static_Analysis.pdf. Downloaded on Dec 2012

42.

Ami, T.L., Sagiv, M.: TVLA-a system for implementing static analyses. In: Static Analysis Symposium (2000)

43.

Foster, J.S.: Type qualifiers: lightweight specifications to improve software quality. Ph.D. thesis, UCB (2002)

44.

Aiken, A., F¨ahndrich, M., Foster, J., Su, Z.: A toolkit for constructing type- and constraint-based program analyses. In: Proceedings of the 2nd International Workshop on Types in Compilation, LNCS #, vol. 1473, pp. 76–96, March (1998)

45.

Kodumal, J., Aiken, A.: Banshee: a scalable constraint- based analysis toolkit. In: Proceedings of the 12th International Static Analysis Symposium, pp. 218–234 (2005)

46.

Ami, T.L., Reps, T., Sagiv, M., Wilhelm, R.: Putting static analysis to work for verification: a case study. ISSTA (2000)

47.

Cousot, P., Cousot, R.: Compositional separate modular static analysis of programs using abstract interpretation. In: Proceedings of 2nd International Conference on Advances in Infrastructure for E-Business, E-Science, E-Education on the Internet (2001)

48.

Dillig, T.: A modular and symbolic approach to static program analysis. Ph.D. Dissertation, Department of Computer Science, Stanford University (2011)

Title: Static Analysis: A Survey of Techniques and Tools
Authors: Anjana Gosain
Ganga Sharma
Publisher: Springer India
Book: Intelligent Computing and Applications
Print ISBN: 978-81-322-2267-5

Electronic ISBN: 978-81-322-2268-2

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-81-322-2268-2_59

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner