16,672 Hits in 7.5 sec

Improving software quality with static analysis

Jeffrey S. Foster, Michael W. Hicks, William Pugh
2007 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering - PASTE '07  
We believe that releasing source code is important for accelerating the pace of research results software quality, and just as importantly allows feedback from the wider community.  ...  These tools scan software for bug patterns or show that the software is free from a particular class of defects. There are two themes common to our different projects: 1.  ...  We are working at Maryland within the context of a large software research group, with strengths in software engineering and humancomputer interaction.  ... 
doi:10.1145/1251535.1251549 dblp:conf/paste/FosterHP07 fatcat:b5dysdutlnfxnanydrbq2znb2i

Static Analyzers and Potential Future Research Directions for Scala: An Overview [article]

Eljose E Sajan, Yunpeng Zhang, Liang-Chieh Cheng
2019 arXiv   pre-print
Static analyzers typically highlight possible defects within the 'static' source code and thus does not require the source code to be compiled or executed.  ...  These enable the programmers to detect possible errors and security defects present in the current code base within the implementation phase of the development cycle, rather than relying on a standalone  ...  Warnings have a medium severity level and denote defects in the given code that will lead to compile time or run time errors in most cases.  ... 
arXiv:1905.04752v1 fatcat:zg34ztb5bvgarhdneaoneqa7le

A Hybrid Approach to Detecting Security Defects in Programs

Lian Yu, Jun Zhou, Yue Yi, Jianchu Fan, Qianxiang Wang
2009 2009 Ninth International Conference on Quality Software  
1 Static analysis works well at checking defects that clearly map to source code constructs.  ...  Model checking can find defects of deadlocks and routing loops that are not easily detected by static analysis, but faces the problem of state explosion.  ...  Roughly half of all security defects are introduced at the source code level [1] , and coding errors are a critical problem.  ... 
doi:10.1109/qsic.2009.10 dblp:conf/qsic/YuZYFW09 fatcat:icciggxvijhszavgdwb5k362lu

Clustering static analysis defect reports to reduce maintenance costs

Zachary P. Fry, Westley
2013 2013 20th Working Conference on Reverse Engineering (WCRE)  
Static analysis tools facilitate software maintenance by automatically identifying bugs in source code. However, for large systems, these tools often produce an overwhelming number of defect reports.  ...  We evaluate our technique using 8,948 defect reports produced by the Coverity Static Analysis and FindBugs tools in both C and Java programs totaling over 14 million lines of code.  ...  ACKNOWLEDGMENTS The authors are sincerely indebted to Andy Chou of Coverity for initial ideas, guidance, and technical support.  ... 
doi:10.1109/wcre.2013.6671303 dblp:conf/wcre/FryW13 fatcat:rzccesx5kbcexmrk7eiqsnyiyy

Behavioural Analysis of an I2C Linux Driver [chapter]

Dragan Bošnački, Aad Mathijssen, Yaroslav S. Usenko
2009 Lecture Notes in Computer Science  
We also applied UNO on the instrumented source code and were able to find the same errors. These defects were confirmed by the developers.  ...  We present an analysis of the behaviour of an I 2 C Linux driver, by means of model checking with the mCRL2 toolset and static analysis with UNO.  ...  Acknowledgements We thank Serguei Roubtsov for his help with the instrumentation of the source code, and Mark van den Brand and Harold Weffers for their feedback on previous versions of the text.  ... 
doi:10.1007/978-3-642-04570-7_18 fatcat:4t65knzgmzedvp3vg7p4ggdyv4

On the Benefit of Automated Static Analysis for Small and Medium-Sized Software Enterprises [chapter]

Mario Gleirscher, Dmitriy Golubitskiy, Maximilian Irlbeck, Stefan Wagner
2012 Lecture Notes in Business Information Processing  
We report on our experience in analysing five projects from and with SMEs by three different static analysis techniques: code clone detection, bug pattern detection and architecture conformance analysis  ...  Automated static analysis can reduce this risk because it promises little effort for running an analysis.  ...  We thank all involved companies for their reproach-less collaboration and assistance.  ... 
doi:10.1007/978-3-642-27213-4_3 fatcat:cc4qol6y4bf75phtjfngqtsmfa

Towards a framework and a benchmark for testing tools for multi-threaded programs

Yaniv Eytani, Klaus Havelund, Scott D. Stoller, Shmuel Ur
2007 Concurrency and Computation  
Multi-threaded code is becoming very common, both on the server side, and very recently for personal computers as well.  ...  We outline a road map for combining the research within the different disciplines of testing multi-threaded programs and on evaluating the quality of this research. We have three main goals.  ...  Second, static analysis can be used by itself for verification and defect detection.  ... 
doi:10.1002/cpe.1068 fatcat:gmmoltfou5cgdhlholt5zthqom

An Extensible Open-Source Compiler Infrastructure for Testing [chapter]

Dan Quinlan, Shmuel Ur, Richard Vuduc
2006 Lecture Notes in Computer Science  
Testing forms a critical part of the development process for large-scale software, and there is growing need for automated tools that can read, represent, analyze, and transform the application's source  ...  We emphasize the particular aspects of ROSE, such as support for the general analysis of whole programs, that are particularly well-suited to the testing research community and the scale of the problems  ...  Bug pattern analysis The goal in a bug pattern analysis is to find potential bugs by specifying a "pattern" (e.g., a syntactic template) of code to be identified within the program source of interest,  ... 
doi:10.1007/11678779_9 fatcat:z3rj2wecm5g2jktnkr3cmcrvnq

Comparing static bug finders and statistical prediction

Foyzur Rahman, Sameer Khatri, Earl T. Barr, Premkumar Devanbu
2014 Proceedings of the 36th International Conference on Software Engineering - ICSE 2014  
Static analysis seeks to find defects using algorithms that process well-defined semantic abstractions of code.  ...  The all-important goal of delivering better software at lower cost has led to a vital, enduring quest for ways to find and remove defects efficiently and accurately.  ...  bug-finding and statistical defect prediction Static Bug-Finding (SBF): These approaches range from simple code pattern-matching techniques to rigorous static analyses that process carefully designed  ... 
doi:10.1145/2568225.2568269 dblp:conf/icse/RahmanKBD14 fatcat:npu7xfc6nrbhdavgnfnfbmwhne

To what extent could we detect field defects? an empirical study of false negatives in static bug finding tools

Ferdian Thung, Lucia, David Lo, Lingxiao Jiang, Foyzur Rahman, Premkumar T. Devanbu
2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering - ASE 2012  
These tools are designed to find programming errors; but, do they in fact help prevent actual defects that occur in the field and reported by users?  ...  Software defects can cause much loss. Static bug-finding tools are believed to help detect and remove defects.  ...  We appreciate very much the valuable comments from anonymous reviewers and our shepherd Andreas Zeller for improving this paper.  ... 
doi:10.1145/2351676.2351685 dblp:conf/kbse/ThungLLJRD12 fatcat:3wk347vaurbhvajqdnubcra6uu

To what extent could we detect field defects? An extended empirical study of false negatives in static bug-finding tools

Ferdian Thung, Lucia, David Lo, Lingxiao Jiang, Foyzur Rahman, Premkumar T. Devanbu
2014 Automated Software Engineering : An International Journal  
Software defects can cause much loss. Static bug-finding tools are designed to detect and remove software defects and believed to be effective.  ...  reported and fixed defects extracted from three open source programs (Lucene, Rhino, and AspectJ).  ...  We also appreciate very much the valuable comments from anonymous reviewers and our shepherd Andreas Zeller for earlier versions of this paper.  ... 
doi:10.1007/s10515-014-0169-8 fatcat:dubtx2qcvzdjfotzpcld6j32re

Data Mining and Machine Learning for Software Engineering [chapter]

Elife Ozturk Kiyak
2020 Data Mining - Methods, Applications and Systems [Working Title]  
Software engineering is one of the most utilizable research areas for data mining. Developers have attempted to improve software quality by mining and analyzing software data.  ...  Various data mining and machine learning studies have been conducted to deal with software engineering tasks such as defect prediction, effort estimation, etc.  ...  / To predict the time to next LR, LMS, MLP, RBF, Static NVD, CPE, CVSS CC, RMSE, RRSE regression vulnerability SMO [65] Text mining Analysis of source code as text RBF, SVM Static K9 email client for the  ... 
doi:10.5772/intechopen.91448 fatcat:t4sqbohfdzhrdnj643sbkasiqq

Introduction of static quality analysis in small- and medium-sized software enterprises: experiences from technology transfer

Mario Gleirscher, Dmitriy Golubitskiy, Maximilian Irlbeck, Stefan Wagner
2013 Software quality journal  
Our aim was to evaluate the results static analysis can provide for SMEs as well as the problems that occur when introducing and using static analysis in SMEs.  ...  By means of the analyses, we could detect multiple defects in production code.  ...  The authors owe sincere gratitude to Klaus Lochmann for his advice and support in issues related to quality models.  ... 
doi:10.1007/s11219-013-9217-z fatcat:lt5ztaxhyjb4hnpnofqdi7s5z4

Detecting Software Defects in Telecom Applications Through Lightweight Static Analysis: A War Story [chapter]

Tobias Lindahl, Konstantinos Sagonas
2004 Lecture Notes in Computer Science  
Moreover, it is effective in identifying software defects even in cases where source code is not available, and more specifically in legacy software which is often employed in high-reliability systems  ...  To this effect, this paper describes the architecture and implementation of a software tool that uses lightweight static analysis to detect discrepancies (i.e., software defects such as exception-raising  ...  We thank Ulf Wiger and Hans Nilsson from the AXD301 team at Ericsson, Kenneth Lundin from the Erlang/OTP team, and Sean Hinde from T-Mobile for their help in analyzing the code from commercial applications  ... 
doi:10.1007/978-3-540-30477-7_7 fatcat:4in5ymfrsjdjrpzbw3yfbgdete

An Artificial Intelligence (AI) Defect Detection Technology Based on Software Behavior Decision Tree

Xiang-zhou CHEN, Hui-xia DING, Jie ZHANG, Yang WANG, Geng ZHANG, Ya-nan WANG
2018 DEStech Transactions on Computer Science and Engineering  
At present, artificial intelligence (AI) defect detection adoptes machine learning technology to realize code scanning and semantic analysis on software defects.  ...  The traditional machine learning technology for software defect detection is generally based on algorithms such as BP neural network model, Naïve-Bayes model, and fingerprint identification model, etc.  ...  Static Modeling Static analysis model uses static analysis technology to analyze the normal behavior pattern of building a program with source code or binary.  ... 
doi:10.12783/dtcse/ccnt2018/24685 fatcat:jdu5ehvoknfyhftvlvfvlkwogi
« Previous Showing results 1 — 15 out of 16,672 results