32,909,875 research outputs found
Static-Analysis-study/home: v1.0.0
<p><strong>Full Changelog</strong>: https://github.com/Static-Analysis-study/home/commits/v1.0.0</p>
STATIC CODE ANALYSIS
A lot of the defects that are present in a program are not visible to the compiler. Static code analysis is a way to find bugs and reduce the defects in a software application. This paper gives you an overview on static code analysis, well-known tools and the benefits of this practice.code, analysis
Going Beyond Counting First Authors in Author Co-citation Analysis
The present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Investigating Automatic Static Analysis Results to Identify Quality Problems: an Inductive Study
Background: Automatic static analysis (ASA) tools examine source code to discover "issues", i.e. code patterns that are symptoms of bad programming practices and that can lead to defective behavior. Studies in the literature have shown that these tools find defects earlier than other verification activities, but they produce a substantial number of false positive warnings. For this reason, an alternative approach is to use the set of ASA issues to identify defect prone files and components rather than focusing on the individual issues. Aim: We conducted an exploratory study to investigate whether ASA issues can be used as early indicators of faulty files and components and, for the first time, whether they point to a decay of specific software quality attributes, such as maintainability or functionality. Our aim is to understand the critical parameters and feasibility of such an approach to feed into future research on more specific quality and defect prediction models. Method: We analyzed an industrial C# web application using the Resharper ASA tool and explored if significant correlations exist in such a data set. Results: We found promising results when predicting defect-prone files. A set of specific Resharper categories are better indicators of faulty files than common software metrics or the collection of issues of all issue categories, and these categories correlate to different software quality attributes. Conclusions: Our advice for future research is to perform analysis on file rather component level and to evaluate the generalizability of categories. We also recommend using larger datasets as we learned that data sparseness can lead to challenges in the proposed analysis proces
Generation And Verification Of Software Robustness Properties Through Static Analysis
Increasing reliance on computers calls for the need of robust software especially in critical applications such as those used in military, hospital etc. Traditional software testing techniques focus on functionality and ignore stressful conditions and exception handling. Poor programming practices may lead to critical software robustness failures resulting in memory corruption, application crashes and file system failures. Such robustness failures can be detected by many static analysis tools. However the difficulty in using existing tools is that they require users to provide robustness properties which need to be checked. Currently these properties which require source code and interface level information are mostly manually specified. This work proposes an FSA Generator framework that automatically generates concrete properties. Users only need to specify high level generic properties in simple finite state machines. The framework converts these generic properties into concrete language specific properties using source code information from a pattern database and interface level information from an API specification database. The automated cost effective generation of concrete properties makes static analysis scalable and efficient. Experimental evaluation using the generated properties and a static checker has found numerous robustness bugs in more than ten open source packages
Dynamic analysis of high static low dynamic stiffness vibration isolation mounts
The high static low dynamic stiffness (HSLDS) concept is a design strategy for an anti-vibration mount that seeks to increase isolation by lowering the natural frequency of the mount, whilst maintaining the same static load bearing capacity. Previous studies have successfully analysed many features of the response by modelling the concept as a Duffing oscillator. This study extends the previous findings by characterising the HSLDS model in terms of two simple parameters. A fifth-order polynomial model allows us to explore the effects of these parameters. We analyse the steady-state response, showing that simple changes to the shape of the force displacement curve can have large effects on the amplitude and frequency of peak response, and can even lead to unbounded response at certain levels of excitation. Harmonics of the fundamental response are also analysed, and it is shown that they are unlikely to pose significant design limitations. Predictions compare well to simulation results
Appropriate Similarity Measures for Author Cocitation Analysis
We provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Call Graph Soundness in Android Static Analysis
peer reviewedStatic analysis is sound in theory, but an implementation may unsoundly fail to analyze all of a program's code. Any such omission is a serious threat to the validity of the tool's output. Our work is the first to measure the prevalence of these omissions. Previously, researchers and analysts did not know what is missed by static analysis, what sort of code is missed, or the reasons behind these omissions. To address this gap, we ran 13static analysis tools and a dynamic analysis on 1000 Android apps. Any method in the dynamic analysis but not in a static analysis is an unsoundness. Our findings include the following. (1) Apps built around external frameworks challenge static analyzers. On average, the 13 static analysis tools failed to capture 61% of the dynamically-executed methods. (2) A high level of precision in call graph construction is a synonym for a high level of unsoundness. (3) No existing approach significantly improves static analysis soundness. This includes those specifically tailored for a given mechanism, such as DroidRA to address reflection. It also includes systematic approaches, such as EdgeMiner, capturing all callbacks in the Android framework systematically. (4) Modeling entry point methods challenges call graph construction which jeopardizes soundness.U-AGR-7109 - C21/IS/16344458/REPROCESS/Klein - KLEIN JacquesU-AGR-7343 - C23/IS/18154263/Unlock - KLEIN Jacque
Ohio Retirement Study Council comparative performance study
Semiannual; -Apr. 17, 2002.; Description based on Jun. 20, 2000 issue; title from cover of PDF document (viewed Feb. 13, 2006).; Vol. for Oct. 10, 2001 - Apr. 17, 2002 prepared by Milliman USA.; Chronological designation based on date of publication.; Harvested from the web on 2/16/06Report for period ending Dec. 31, 1999
Providing Static Timing Anlaysis Support for an ARM7 Processor Platform
Scratchpad memory provides faster speed but smaller capacity than other memories do in embedded systems. It provides a visibly heterogeneous memory hierarchy rather than abstracting it as cache memory does. Unlike cache memory, program code and data can be allocated into the scratchpad memory as desired. This enables optimizing the performance in real-time embedded systems. Static timing analysis helps the optimization processes by providing microscopic information of the application program's timing information. Based on the WCET and BCET estimated by static timing analysis, the techniques using scratchpad memory may be enhanced.
This study aims to provide a method of static timing analysis for an ARM processor platform (ARM7TDMI). Basic analysis is performed relying on well-known program analysis graphs such as control flow graphs, call graphs, depth-first search trees, and post-dominance trees. During this basic analysis, loops and unstructured code are also identified, which make static timing analysis more difficult. A control dependence analysis is a convenient way to analyze the WCET and BCET, since it represents the hierarchical control structure of a program. By traversal of the control dependence graph, the WCET and BCET are estimated.
To confirm the feasibility of this study, a real target system and its development environment tool chains are developed and an existing application is ported. In addition, the static timing analysis framework of this study is implemented by the tool named ARMSAT. Experiments are performed in these all environments. The experimental results show that the actual execution times are bounded by the calculated analytical WCET and BCET bounds, although there are a few factors which interfere with computing the analytical execution times
- …
