The Julia Static Analyzer for Java']Java

被引:20
|
作者
Spoto, Fausto [1 ,2 ]
机构
[1] Univ Verona, Dipartimento Informat, Verona, Italy
[2] Julia Srl, Verona, Italy
来源
STATIC ANALYSIS, (SAS 2016) | 2016年 / 9837卷
关键词
TERMINATION ANALYZER; COMPILATION;
D O I
10.1007/978-3-662-53413-7_3
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The Julia static analyzer applies abstract interpretation to the analysis and verification of Java bytecode. It is the result of 13 years of engineering effort based on theoretical research on denotational and constraint-based static analysis through abstract interpretation. Julia is a library for static analysis, over which many checkers have been built, that verify the absence of a large set of typical errors of software: among them are null-pointer accesses, non-termination, wrong synchronization and injection threats to security. This article recaps the history of Julia, describes the technology under the hood of the tool, reports lessons learned from the market, current limitations and future work.
引用
收藏
页码:39 / 57
页数:19
相关论文
共 50 条
  • [41] Boolean Formulas for the Static Identification of Injection Attacks in Java']Java
    Ernst, Michael D.
    Lovato, Alberto
    Macedonio, Damiano
    Spiridon, Ciprian
    Spoto, Fausto
    LOGIC FOR PROGRAMMING, ARTIFICIAL INTELLIGENCE, AND REASONING, (LPAR-20 2015), 2015, 9450 : 130 - 145
  • [42] Finding security vulnerabilities in Java']Java applications with static analysis
    Livshits, VB
    Lam, MS
    USENIX ASSOCIATION PROCEEDINGS OF THE 14TH USENIX SECURITY SYMPOSIUM, 2005, : 271 - 286
  • [43] Effective Static Analysis to Find Concurrency Bugs In Java']Java
    Da Luo, Zhi
    Hillis, Linda
    Das, Raja
    Qi, Yao
    2010 10TH IEEE INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION, 2010, : 135 - 144
  • [44] Diagnosing java']java programs with static abstractions of data structures
    Chen, R
    Koeb, D
    Wotawa, F
    INTELLIGENT INFORMATION PROCESSING II, 2005, 163 : 369 - 372
  • [45] A static Java']Java birthmark based on operand stack behaviors
    Park, Heewan
    Lim, Hyun-il
    Choi, Seokwoo
    Han, Taisook
    PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON INFORMATION SECURITY AND ASSURANCE, 2008, : 133 - 136
  • [46] Visualization of permission checks in Java']Java using static analysis
    Kim, Yoonkyung
    Chang, Byeong-Mo
    INFORMATION SECURITY APPLICATIONS, 2006, 4298 : 133 - +
  • [47] Static Analysis of Dynamic Database Usage in Java']Java Systems
    Meurice, Loup
    Nagy, Csaba
    Cleve, Anthony
    ADVANCED INFORMATION SYSTEMS ENGINEERING (CAISE 2016), 2016, 9694 : 491 - 506
  • [48] Investigating Static Analysis Errors in Student Java']Java Programs
    Edwards, Stephen H.
    Kandru, Nischel
    Rajagopal, Mukund B. M.
    PROCEEDINGS OF THE 2017 ACM CONFERENCE ON INTERNATIONAL COMPUTING EDUCATION RESEARCH (ICER 17), 2017, : 65 - 73
  • [49] Visualization of exception propagation for Java']Java using static analysis
    Chang, BM
    Jo, JW
    Her, SH
    SCAM 2002: SECOND IEEE INTERNATIONAL WORKSHOP ON SOURCE CODE ANALYSIS MANIPULATION, PROCEEDINGS, 2002, : 173 - 182
  • [50] A Static Java']Java Birthmark Based on Control Flow Edges
    Lim, Hyun-il
    Park, Heewan
    Choi, Seokwoo
    Han, Taisook
    2009 IEEE 33RD INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE, VOLS 1 AND 2, 2009, : 413 - 420
12345