Cobra: a light-weight tool for static and dynamic program analysis

  • Gerard J. HolzmannEmail author
Original Paper


Static source code analysis tools have become indispensable for the development of reliable software applications. The best analyzers can reveal subtle flaws in a code base, but they can also be slow. In part this is due to the collection of detailed information about the possible data and control flow of an application to support the broadest possible range of analyses. For larger code bases it is not unusual that even the best of breed static analyzers can take an hour or more to complete an analysis. In this paper we describe a framework for a much faster, but more light-weight type of static analysis that can support interactive use for standard types of queries. The Cobra tool we designed for this purpose can scale to explore millions of lines of code interactively. The tool is mostly language agnostic, and can therefore easily be configured to resolve even dynamic program analysis queries.


Static analysis Source code analysis Lightweight tools Token expression matching Dynamic analysis Runtime verification 



This research was carried out at the Jet Propulsion Laboratory, California Institute of Technology, under a contract with the National Aeronautics and Space Administration.


  1. 1.
    Havelund K (2015) Rule-based runtime verification revisited. Int J Softw Tools Technol Transf 17(2):143–170CrossRefGoogle Scholar
  2. 2.
    Holzmann GJ (2016) Tiny tools. IEEE Software, pp 24–28Google Scholar
  3. 3.
  4. 4.
    Overview of static analyzers.

Copyright information

© Springer-Verlag London 2016

Authors and Affiliations

  1. 1.NASA Jet Propulsion LaboratoryCalifornia Institute of TechnologyPasadenaUSA

Personalised recommendations