Software Defect Detection-oriented Static Analysis Techniques

Full Text (PDF, 103KB), PP.17-22

Views: 0 Downloads: 0

Author(s)

Hua ZHANG 1,*

1. Weifang University, Weifang261061, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2012.06.03

Received: 8 Aug. 2012 / Revised: 19 Sep. 2012 / Accepted: 6 Nov. 2012 / Published: 8 Dec. 2012

Index Terms

Software Quality Assurance, Defect Detection, Static Analysis

Abstract

This paper mainly studies the method of static analysis techniques; discuss static analysis techniques status and progress, as well as the characteristics of static analysis.

Cite This Paper

Hua ZHANG,"Software Defect Detection-oriented Static Analysis Techniques", IJWMT, vol.2, no.6, pp.17-22, 2012. DOI: 10.5815/ijwmt.2012.06.03 

Reference

[1]R. Hastings, B. Joyce. Purify: Fast Detection of Memory Leaks and Access Errors. Proc. Winter USENIX Conf., 158-185, 1992.

[2]N. Nethercote, J. Seward. Valgrind: A Program Supervision Framework. Proc. Third Workshop Runtime Verification, 2003.

[3]J. Condit et al.. CCured in the Real World. Proc. ACM SIGPLAN Conf. Programming Language Design and Implementation, 232-244, 2003

[4]D. Wagner et al.. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Proc. 7th Network and Distributed System Security Symp, Internet Soc.,. 3–17, 2000.

[5]J. Foster et al.. Flow-Sensitive Type Qualifiers. Proc. ACM Conf. Programming Language Design and Implementation (PLDI 02), ACM Press, pp. 1–12, 2002.

[6]K. Ashcraft, D. Engler. Using Programmer-Written Compiler Extensions to Catch Security Holes. Proc. IEEE Symp. Security and Privacy, IEEE CS Press, 131–147, 2002.

[7]H. Chen, D. Wagner. MOPS: An Infrastructure for Examining Security Properties of Software. Proc. 9th ACM Conf. Computer and Communications Security (CCS 02), ACM Press, 235–244, 2002

[8]D. Larochelle, D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. Proc. 10th Usenix Security Symp. (Usenix 01), Usenix Assoc., 177–189, 2001.

[9]D. Hovemeyer, W. PughDec. Finding Bugs is Easy. ACM SIGPLAN Notices. 39(12): 92-106, 2004

[10]D. Hovemeyer, J. Spacco, W. Pugh. The 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. 13-19, 2006.

[11]W. R. Bush, J. D. Pincus, D. J. Sielaff. A Static Analyzer for Finding Dynamic Programming Errors. Software—Practice & Experience, 30:775–802, 2000.

[12]T. Ball, S. K. Rajamani. The SLAM project: Debugging System Software via Static Analysis. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, Oregon, 1–3, 2002.

[13]P. Anderson, T. Reps, T. Teitelbaum. Design and Implementation of a Fine-Grained Software Inspection Tool . IEEE Transactions on Software Engineering. 29(8): 721-733, 2003.

[14]Cai Zhimin, Research and realization of software static analysis, NanJing University, Master Dissertation, 2002.(in Chinese)

[15]Z. Li, S. Lu, S. Myagmar, Y. Zhou. CP-Miner: Finding Copy-Paste and Related Bugs in Large-Scale Software Code. IEEE Transactions on Software Engineering. 32(3): 176-192, 2006.

[16]Z. Li, Y. Zhou. PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code. ACM SIGSOFT Software Engineering Notes. 30(5): 306-315, 2005.

[17]M. Young, R.N. Taylor. Rethinking the Taxonomy of Fault Detection Techniques. Proc. Int'l Conf. Software Eng., 53-62, 1989.

[18]J. Zheng et al.. On the Value of Static Analysis for Fault Detection in Software. IEEE Transactions on Software Engineering. 32 (4): 240-53, 2006.