Paul Anderson

Design and implementation of a fine-grained software inspection tool

Although software inspection has led to improvements in software quality, many software systems continue to be deployed with unacceptable numbers of errors, even when software inspection is part of the development process. The difficulty of manually verifying that the software under inspection conforms to the rules is partly to blame. We describe the design and implementation of a tool designed to help alleviate this problem. The tool provides mechanisms for fine-grained inspection of software by exposing the results of sophisticated whole-program static analysis to the inspector. The tool computes many static-semantic representations of the program, including an accurate call graph and dependence graph. A whole-program pointer analysis is used to make sure that the representation is precise with respect to aliases induced by pointer usage. Views on the dependence graph and related representations are supported. Queries on the dependence graph allow an inspector to answer detailed questions about the semantics of the program. Facilities for openness and extensibility permit the tool to be integrated with many software development processes. The main challenge of the approach is to provide facilities to navigate and manage the enormous complexity of the dependence graph.

Tool support for fine-grained software inspection

Software inspection is a proven technique to improve quality and reduce costs. Detailed source code inspections are an important part of the formal inspection process, but they require a significant time investment. Research advances in static program analysis can reduce the inspection time required. By calculating answers to standard inspection questions, CodeSurfer frees experts to focus their efforts on more challenging inspection issues. CodeSurfer provides access to and answers queries about the system-dependence graph representation of programs, and can be integrated with other tools.

The CodeSurfer software understanding platform

CodeSurfer is a tool that provides a wide range of program understanding capabilities by exposing the results of a static-semantic analysis to the user in novel and interesting ways. The tool performs a number of whole-program analyses, including pointer analysis, and creates a system dependence graph for the program. The user can browse these dependences through the GUI in a manner akin to surfing the Web. An open architecture fosters the development of plug-ins that can extend the basic functionality. These include tools for reasoning about the paths through the program, and for software assurance.

Static analysis of medical device software using CodeSonar

Post-market investigators at the United States Food and Drug Administration may need to review medical device software to assess its integrity. They have to do this with little or no prior knowledge of the software. Historically, the only way to perform such a review has been to manually search the code for potential sources of error --- a process that is both tedious and error-prone. Static analysis tools can improve this process by providing a means for automated error detection. By using symbolic execution techniques to explore execution paths of the software, static analysis provides complete, or almost complete, coverage of the code, and helps detect potentially fatal errors that may not easily be detected through conventional testing methods. Using automated static analysis tools can help reduce the effort involved in analysis and provide a more accurate assessment of the software. In this paper, we discuss CodeSonar, a whole-program interprocedural static analysis tool for C/C++ programs, and illustrate how it was used to facilitate error detection during a post-market investigation.

COBWEB-2: structured specification of a wafer-scale supercomputer

Using an informal presentation of the specification techniques being used in COBWEB-2s design, this paper has described the machine and the principles of its operation.

Flow insensitive points-to sets

Abstract Pointer analysis is an important part of source code analysis. Many programs that manipulate source code take points-to sets as part of their input. Points-to related data collected from 27 mid-sized C programs (ranging in size from 1168 to 87,579 lines of code) is presented. The data shows the relative sizes and the complexities of computing points-to sets. Such data is useful in improving algorithms for the computation of points-to sets as well as algorithms that make use of this information in other operations.

90% Perspiration: Engineering Static Analysis Techniques for Industrial Applications

This article describes some of the engineering approaches that were taken during the development of GrammaTechs static-analysis technology that have taken it from a prototype system with poor performance and scalability and with very limited applicability, to a much-more general-purpose industrial-strength analysis infrastructure capable of operating on millions of lines of code. A wide variety of code bases are found in industry, and many extremes of usage exist, from code size through use of unusual, or non-standard features and dialects.Some of the problems associated with handling these code-bases are described, and the solutions that were used to address them, including some that were ultimately unsuccessful, are discussed.

CodeSurfer/Path Inspector

CodeSurfer is a powerful source code analysis and navigation tool for a range of languages, including C/C++ and x86 machine code. The Path Inspector is an add-on to CodeSurfer that allows a user to reason about paths through the program, and which can be used to find programming flaws.

The performance penalty of XML for program intermediate representations

XML has been proposed as a file format for representing program intermediate forms such as abstract syntax trees (ASTs), and dependence graphs. Although XML offers many advantages over custom binary representations of the same information, there is an associated performance cost. This paper reports on the results of experiments aimed at quantifying this cost. Two representations are studied: the abstract syntax tree, and the system dependence graph (SDG). The performance penalty for using XML is found to be very significant for ASTs, and crippling for the SDG. The tradeoff between the performance and flexibility is discussed.

Coding standards for high-confidence embedded systems

Adopting a coding standard can increase system reliability, safety, and security. Popular standards include Misra C, the JSF C++ rules, and Holzmannpsilas ten rules developed at JPL. Checking rules manually is tedious, so automated review is desirable. However, behind many rules lie hidden assumptions and potential complexity that makes comprehensive automation difficult. Three rules sets and the rationale behind them are discussed. Technologies for detecting violations are described. Recommendations for how to best apply these rules are given.