Static analyzer Svace for finding defects in a source program code

被引：15

作者：

Ivannikov, V. P. ^{[1
]}

Belevantsev, A. A. ^{[1
]}

Borodin, A. E. ^{[1
]}

Ignatiev, V. N. ^{[1
]}

Zhurikhin, D. M. ^{[1
]}

Avetisyan, A. I. ^{[1
]}

机构：

[1] Russian Acad Sci, Inst Syst Programming, Moscow 109004, Russia

来源：

PROGRAMMING AND COMPUTER SOFTWARE | 2014年 / 40卷 / 05期

关键词：

static analysis; data-flow analysis; vulnerabilities; interprocedural analysis; annotation-based analysis;

D O I：

10.1134/S0361768814050041

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This paper describes Svace, a tool for static program analysis developed at the Institute for Systems Programming, Russian Academy of Sciences. This tool allows one to find defects and potential vulnerabilities in the source program code written in C/C++ languages. The main features of the tool are simplicity of use, wide variety of supported types of warnings, scalability up to programs of millions of code lines, and acceptable quality of analysis (30-80% of true positive warnings).

引用

页码：265 / 275

页数：11

共 50 条

[1] Static analyzer Svace for finding defects in a source program code
V. P. Ivannikov
A. A. Belevantsev
A. E. Borodin
V. N. Ignatiev
D. M. Zhurikhin
A. I. Avetisyan
Programming and Computer Software, 2014, 40 : 265 - 275
[2] Multi-level Static Analysis for Finding Error Patterns and Defects in Source Code
Belevantsev, Andrey
Avetisyan, Arutyun
PERSPECTIVES OF SYSTEM INFORMATICS, PSI 2017, 2018, 10742 : 28 - 42
[3] Measuring and Evaluating Source Code Logs Using Static Code Analyzer
Shen, Gang
Luo, Fan
Hong, Gang
TRANSDISCIPLINARY LIFECYCLE ANALYSIS OF SYSTEMS, 2015, 2 : 214 - 223
[4] STATIC ANALYSIS OF PROGRAM SOURCE CODE USING EDSA
VANEK, LI
CULP, MN
CONFERENCE ON SOFTWARE MAINTENANCE - 1989, PROCEEDINGS, 1989, : 192 - 199
[5] The Approach to Finding Errors in Program Code Based on Static Analysis Methodology
Novikov, Alexander S.
Ivutin, Alexey N.
Troshina, Anna G.
Vasiliev, Sergey N.
2017 6TH MEDITERRANEAN CONFERENCE ON EMBEDDED COMPUTING (MECO), 2017, : 437 - 440
[6] Cobra - An Interactive Static Code Analyzer
Holzmann, Gerard
PROCEEDINGS OF THE 2017 32ND IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE'17), 2017, : 1 - 1
[7] Static analyzer for finding dynamic programming errors
Bush, William R.
Pincus, Jonathan D.
Sielaff, David J.
Software - Practice and Experience, 2000, 30 (07) : 775 - 802
[8] A static analyzer for finding dynamic programming errors
Bush, WR
Pincus, JD
Sielaff, DJ
SOFTWARE-PRACTICE & EXPERIENCE, 2000, 30 (07): : 775 - 802
[9] Static virtualization of C source code
Jansen, Sam
McGregor, Anthony
SOFTWARE-PRACTICE & EXPERIENCE, 2008, 38 (04): : 397 - 416
[10] Study of defects in a program code in Python
I. E. Bronshteyn
Programming and Computer Software, 2013, 39 : 279 - 284

← 1 2 3 4 5 →