Static Analysis Tools

Software Engineering
1.0x

Static Analysis Tools

Created 3 years ago

Duration 0:04:43
lesson view count 111
Select the file type you wish to download
Slide Content
  1. Static Analysis Tools

    Slide 1 - Static Analysis Tools

    • Emerson Murphy-Hill
  2. A Comparison of Bug Finding Tools for Java

    Slide 2 - A Comparison of Bug Finding Tools for Java

    • Bug pattern detection
    • PMD
    • FindBugs
    • JLint
    • Theorem proving [involves annotation]
    • ESC/Java 2
    • Model checking [involves annotation]
    • Bandera
    • Result: little overlap in the warning generated by the tools & no correlation between the warning count and the tool  always be a need for multiple separate tools
  3. [Rutar et al.]

    Slide 3 - [Rutar et al.]

  4. FindBugs

    Slide 4 - FindBugs

    • 400+ bug pattern detectors
    • Single-threaded correctness issue
    • Thread/synchronization correctness issue
    • Performance issue
    • Security and vulnerability to malicious untrusted code
    • [Hovermeyer/Pugh]
  5. References

    Slide 5 - References

    • Chess, Brian and McGraw, G. Static Analysis for Security, IEEE Security & Privacy, Nov/Dec 2004.
    • Hovermeyer, David and Pugh, William, Finding Bugs is Easy, OOPSLA 2004
    • Rutar, N., Almazan, C., and Foster, J., A Comparison of Bug Finding Tools for Java, ISSRE 2004.
    • http://findbugs.sourceforge.net/
    • http://findbugs.sourceforge.net/manual/eclipse.html