High Performance Static Analysis for Industry

被引：3

作者：

Bradley, Mark ^{[1
]}

Cassez, Franck ^{[1
]}

Fehnker, Ansgar ^{[1
]}

Given-Wilson, Thomas ^{[1
]}

Huuck, Ralf ^{[1
]}

机构：

[1] Univ New South Wales, Sydney, NSW, Australia

来源：

ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2012年 / 289卷

关键词：

Validation; verification; static analysis; model checking; tools; SAMATE; C/C++;

D O I：

10.1016/j.entcs.2012.11.002

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Static source code analysis for software bug detection has come a long way since its early beginnings as a compiler technology. However, with the introduction of more sophisticated algorithmic techniques, such as model checking and constraint solving, questions about performance are a major concern. In this work we present an empirical study of our industrial strength source code analysis tool Goanna that uses a model checking core for static analysis of C/C++ code. We present the core technology and abstraction mechanism with a focus on performance, as guided by experience from having analyzed millions of lines of code. In particular, we present results from our recent study within the NIST/DHS SAMATE program. The results show that, maybe surprisingly, formal verification techniques can be used successfully in practical industry applications scaling roughly linearly, even for millions of lines of code.

引用

页码：3 / 14

页数：12

共 10 条

[1] Aho AV, 1986, COMPILERS PRINCIPLES
[2] [Anonymous], 2011, REPORT 3 STATIC ANAL
[3] Baier C., 2008, REPRESENTATION MIND
[4] Benedikt M., 2002, ICDT 03, P79
[5] Clarke E, 2005, LECT NOTES COMPUT SC, V3440, P570
[6] Cousot P., 1981, Program flow analysis. Theory and applications, P303
[7] FEHNKER A, 2007, P TASE 2007
[8] Fehnker A, 2010, LECT NOTES COMPUT SC, V5930, P322, DOI 10.1007/978-3-642-11512-7_20
[9] Gawlitza T, 2007, LECT NOTES COMPUT SC, V4421, P300
[10] Holzmann G., 2002, P IDPT 2002 PAS CA U

← 1 →