Future trends of static code analysis
Where: Espoo (Finland)
Join for free
Combining Static and Dynamic Analysis
Static analysis tools are useful for finding serious programming defects and security vulnerabilities in source and binary code.
These tools inevitably report some false positives, or bugs that are highly unlikely to manifest as real problems in deployed code. Consequently, results must be inspected by a human to determine whether they warrant action, and most tools provide program understanding features to make this easier.
This inspection process, known as warning triage, can be much more effective if it is guided by information from dynamic analyses such as code coverage, crash analysis, and performance profiling. For example, a static analysis report of a resource leak that occurs on a path that has not been tested is more likely to be a real undiscovered bug than one that occurs in code that has been tested much more comprehensively.
Furthermore, the results of static analysis tools can be used to guide testing too. For example, a developer can save a great deal of effort if the static analysis can prove that it is fundamentally impossible to achieve full condition coverage.
This talk describes how the results of static analyses and dynamic analyses can be fused to allow developers to get more value from both processes, and produce higher quality software more efficiently.
Under the Hood of Advanced Static Analysis
Advanced static analysis tools are now widely accepted as essential tools to help software engineers develop high quality code. They are effective because they are designed to be capable of exploring all possible executions of a program, so can examine vastly more program states than can be covered by traditional testing.
The number of possible program states is extraordinarily large even for very simple programs, so the tools must use sophisticated analysis techniques if they are to work on real-world programs. These techniques are designed in a way that allows a user to make a three-way tradeoff between performance, precision, and recall. Static analysis users can increase the value they get from these tools if they have a good understanding of how to tune the tools to strike the right balance between these factors.
In this talk I will first describe some of the principles of advanced static analysis including flow-, context-, and path-sensitivity, and will discuss some of the innovative algorithms that the tools use to achieve scalability to multiple millions of lines of code.
I will show how static analysis users can change tool parameters to help them get the most out of their tool. Finally I will show how give some examples of how an end user can customize these tools in order to find domain-specific properties.
Dr. Paul Anderson bio.
Dr. Paul Anderson is VP of Engineering at GrammaTech, where he is responsible for GrammaTech’s full product portfolio, leading both product management and engineering.
In this role, Dr. Anderson is actively involved with industry regulatory requirements and software best practices for which static analysis techniques, via source or binary analysis, can be used to find and eliminate software defects that impact quality and security.