Abstract
Static program analysis has shown tremendous surge from basic compiler optimization technique to becoming a major role player in correctness and verification of software. Because of its rich theoretical background, static analysis is in a good position to help produce quality software. This paper provides an overview of the existing static analysis techniques and tools. Further, it gives a critique of static analysis approach over six attributes, namely precision, efficiency, coverage, modularity, scalability, and automation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aho, A., Sethi, R., Ullman, J.: Compilers: Principles, Techniques, Tools. Addison Wesley, Boston (1986)
Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. 1st edn, p. 452, Springer, Berlin. (1996) ISBN: 978-3-540-65410-0
Kirkov, R., Agre, G.: Source Code Analysis: An Overview. Cybernetics and Information Technologies, Bulgarian Academy of Sciences (2010)
Ball, T.: The concept of dynamic analysis. In: Proceedings of 7th ACM/SIGSOFT Conference on Foundations of Software Engineering (1999)
Binkley, D.: Source Code Analysis: A Road Map. Future of Software Engineering, pp. 15–30. Minneapolis, USA, 23–25 May 2007
Ernst, M.D.: Static and dynamic analysis: synergy and duality. In: Proceedings of the 5th ACM Workshop on Program Analysis for Software Tools and Engineering (2004)
Gosain, A., Sharma, G.A.: Survey of dynamic program analysis techniques and tools. In: Proceedings of 3rd International Conference on Frontiers in Intelligent Computing Theory and Applications, Bhubaneshwar, vol. 1, pp. 113–122 Nov (2014)
Bentonino, A.: Software testing research: achievements, challenges, dreams. Future Softw. Eng. (2007)
Emaneulsson, P., Nilson, U.: A comparative study of industrial static analysis tools. Electron. Notes Theor. Comput. Sci. 217, 5–21 (2008)
Brat, G., Venet, A.: Precise and scalable static program analysis of NASA flight software. In: IEEE Aerospace Conference, March (2005)
Jackson, D., Rinard, M.: Software analysis: a road map. IEEE Trans. Softw. Eng. (2000)
D’Silva, V., Kroenig, D., Weissenbacher, G.: A survey of automated techniques for formal software verification. IEEE Trans. CAD (2008)
Cifuentus, C.: BegBunch—benchmarking for C bug detection tools. DEFECTS (2009)
Pemdergrass, J.A., Lee, S.C., McDonnell, C.D.: Theory and practice of mechanized software. Johns Hopkins APL Technical Digest, 32(2) 2013
Kildall, G.A.: A unified approach to global program optimization. POPL (1973)
Kam, J.B., Ullman, J.D.: Global data flow analysis and iterative algorithms. J. ACM 23(1), 158–171 (1976)
Kennedy, K.A.: Survey of data flow analysis techniques. In: Muchnick, S., Jones, N. (eds.) Program Flow Analysis: Theory and Applications, pp. 5–54. Prentice-Hall, Englewood Cliffs (1981)
Bush, W.R., Pincus, J.D., Sielaff, D.J.: A static analyzer for finding dynamic programming errors. Softw. Pract. Experience 30(7), 775–802 (2000)
GrammaTech Inc. Overview of grammatech static analysis technology. White paper (2007)
Hovemeyer, D., Pugh, W.: Finding bugs is easy. http://www.cs.umd.edu/Ëœpugh/java/bugs/docs/findbugsPaper.pdf (2003)
Das, M., Lerner, S., Siegel, M.: ESP: path sensitive program verification in polynomial time. PLDI’02, Berlin (2002)
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of 6th ACM Symposium on Principles of Programming Languages. California, pp. 238–252, (1977)
Jones, N.D., Nielson, F.: Abstract Interpretation: A Semantics Based Tools for Program Analysis. Handbook of Logics in Computer Science, vol. 14. Oxford University Press, Oxford (1995)
Cousot, P.: Abstract Interpretation Based Formal Methods and Future Challenges. Lecture Notes in Computer Science#2000, pp. 138–156. Springer, Berlin (2001)
Cousot, P., Cousot, R., Feret, J., Mine, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of static analyzer: a comparison with astree. In: 1st Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE), June (2007)
Polyspace Verifier. http://www.polyspace.com
Aiken, A.: Introduction to set constraint-based program analysis. Sci. Comput. Program. 35, 79–111 (1999)
Gulwani, S., Shrivastava, S., Venkatraman, R.: Program analysis as constraint solving. PLDI, June (2008)
King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)
Floyd, R.: Assigning meanings to programs. In: Proceedings of Symposium on Applied Mathematics (1967)
Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM 12(10), 576–580 (1969)
Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: a theorem prover for program checking. www.hpl.hp.com/techreports/2003/HPL-2003-148.html‎
Tiwari, A., Gulwani, S.: Logical interpretation: static program analysis using theorem proving. In: Proceedings of Conference on Automated Deduction (2007)
Johnson, S.C.: Lint: A C program checker. Unix programmer’s manual, Computer Science Technical Report 65. AT & T Bell Laboratories (1978)
FlexeLint/PCLint. http://www.gimpel.com/html/lintinfo.htm
Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Softw. 19, 42–51 (2002)
JLint. http://artho.com/jlint
Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proceedings of ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 234–245 (2000)
PMD/Java. http://pmd.sourceforge.net
Klocwork. Klocwork K7. http://www.klocwork.com
Chelf, B., Chou, A.: Next generation of static analysis: Boolean satisfiability and path simulation-a perfect match. http://www.coverity.com/library/pdf/coverity_white_paper_SAT_next_Generation_Static_Analysis.pdf. Downloaded on Dec 2012
Ami, T.L., Sagiv, M.: TVLA-a system for implementing static analyses. In: Static Analysis Symposium (2000)
Foster, J.S.: Type qualifiers: lightweight specifications to improve software quality. Ph.D. thesis, UCB (2002)
Aiken, A., F¨ahndrich, M., Foster, J., Su, Z.: A toolkit for constructing type- and constraint-based program analyses. In: Proceedings of the 2nd International Workshop on Types in Compilation, LNCS #, vol. 1473, pp. 76–96, March (1998)
Kodumal, J., Aiken, A.: Banshee: a scalable constraint- based analysis toolkit. In: Proceedings of the 12th International Static Analysis Symposium, pp. 218–234 (2005)
Ami, T.L., Reps, T., Sagiv, M., Wilhelm, R.: Putting static analysis to work for verification: a case study. ISSTA (2000)
Cousot, P., Cousot, R.: Compositional separate modular static analysis of programs using abstract interpretation. In: Proceedings of 2nd International Conference on Advances in Infrastructure for E-Business, E-Science, E-Education on the Internet (2001)
Dillig, T.: A modular and symbolic approach to static program analysis. Ph.D. Dissertation, Department of Computer Science, Stanford University (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Gosain, A., Sharma, G. (2015). Static Analysis: A Survey of Techniques and Tools. In: Mandal, D., Kar, R., Das, S., Panigrahi, B. (eds) Intelligent Computing and Applications. Advances in Intelligent Systems and Computing, vol 343. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2268-2_59
Download citation
DOI: https://doi.org/10.1007/978-81-322-2268-2_59
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2267-5
Online ISBN: 978-81-322-2268-2
eBook Packages: EngineeringEngineering (R0)