Program Analysis

OVERVIEW

  • All software contains bugs, i.e., implementation errors in the code. Many of these errors can be detected statically, at compile-time, before running the program; other only at runtime. Ideally, in order for compile-time analysis to happen, the analysis needs to be fast, so that developers can use it during their development cycle, as other types of development tools.

    The Program Analysis team focuses on developing scalable and precise analyses for finding or preventing bugs and vulnerabilities, as well as to enhance developer productivity.

    For the last years, the focus of the team has been on static analysis techniques as applied to finding bugs in large (millions of lines of code) C/C++ source code. New scalable analyses were developed in the areas of symbolic analysis, dataflow analysis, points-to analysis, taint analysis and model-based analysis, and were integrated in the Parfait static code analysis tool.

PUBLICATIONS

 

JAVA VULNERABILITY DETECTION

The Java vulnerability detection project aims at detecting vulnerabilities in the Java platform, by use of static and hybrid techniques. Of interest are both, Java-centric vulnerabilities, and cross-language vulnerabilities due to use of the Java Native Interface (JNI).

Parfait's analyses and source language support are extended to perform static analysis to detect these vulnerabilities. Further subprojects, including a Datalog project and a symbolic execution project, look into more sophisticated analyses and techniques to cover a greater range of issues.

MEMORY SAFE C

The Memory-Safe C project aims at detecting violations of various memory safety constraints at compile time and at runtime. Such constraints include buffer overflows and the use of stale pointer values. The project aims at building a helpful framework to support the software development process of large, industrial-strength applications.

A static analyser uses elaborate type analysis over the global flow of pointer value definitions, to detect as many constraint violations as possible. Those pointer value uses that cannot be examined well enough statically, are instrumented with runtime checks that implement a memory-safe execution sandbox. Further checks at runtime will then detect constraint violations during the execution of the application. Memory-safety violations are flagged for the developer to investigate.

PRODUCTIVITY TOOLS

The Productivity Tools project looks into enhancing developer productivity by creating tools to facilitate code comprehension tasks in large code bases.  

The project targets both experienced and inexperienced developers using techniques from the program analysis, software visualisation and user interface fields. The focus of this work is its application to commonly used languages, such as C/C++ and Java.

Oracle 1-800-633-0738