IJWMT Vol. 2, No. 6, 8 Dec. 2012
Cover page and Table of Contents: PDF (size: 103KB)
Full Text (PDF, 103KB), PP.17-22
Views: 0 Downloads: 0
Software Quality Assurance, Defect Detection, Static Analysis
This paper mainly studies the method of static analysis techniques; discuss static analysis techniques status and progress, as well as the characteristics of static analysis.
Hua ZHANG,"Software Defect Detection-oriented Static Analysis Techniques", IJWMT, vol.2, no.6, pp.17-22, 2012. DOI: 10.5815/ijwmt.2012.06.03
[1]R. Hastings, B. Joyce. Purify: Fast Detection of Memory Leaks and Access Errors. Proc. Winter USENIX Conf., 158-185, 1992.
[2]N. Nethercote, J. Seward. Valgrind: A Program Supervision Framework. Proc. Third Workshop Runtime Verification, 2003.
[3]J. Condit et al.. CCured in the Real World. Proc. ACM SIGPLAN Conf. Programming Language Design and Implementation, 232-244, 2003
[4]D. Wagner et al.. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Proc. 7th Network and Distributed System Security Symp, Internet Soc.,. 3–17, 2000.
[5]J. Foster et al.. Flow-Sensitive Type Qualifiers. Proc. ACM Conf. Programming Language Design and Implementation (PLDI 02), ACM Press, pp. 1–12, 2002.
[6]K. Ashcraft, D. Engler. Using Programmer-Written Compiler Extensions to Catch Security Holes. Proc. IEEE Symp. Security and Privacy, IEEE CS Press, 131–147, 2002.
[7]H. Chen, D. Wagner. MOPS: An Infrastructure for Examining Security Properties of Software. Proc. 9th ACM Conf. Computer and Communications Security (CCS 02), ACM Press, 235–244, 2002
[8]D. Larochelle, D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. Proc. 10th Usenix Security Symp. (Usenix 01), Usenix Assoc., 177–189, 2001.
[9]D. Hovemeyer, W. PughDec. Finding Bugs is Easy. ACM SIGPLAN Notices. 39(12): 92-106, 2004
[10]D. Hovemeyer, J. Spacco, W. Pugh. The 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. 13-19, 2006.
[11]W. R. Bush, J. D. Pincus, D. J. Sielaff. A Static Analyzer for Finding Dynamic Programming Errors. Software—Practice & Experience, 30:775–802, 2000.
[12]T. Ball, S. K. Rajamani. The SLAM project: Debugging System Software via Static Analysis. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, Oregon, 1–3, 2002.
[13]P. Anderson, T. Reps, T. Teitelbaum. Design and Implementation of a Fine-Grained Software Inspection Tool . IEEE Transactions on Software Engineering. 29(8): 721-733, 2003.
[14]Cai Zhimin, Research and realization of software static analysis, NanJing University, Master Dissertation, 2002.(in Chinese)
[15]Z. Li, S. Lu, S. Myagmar, Y. Zhou. CP-Miner: Finding Copy-Paste and Related Bugs in Large-Scale Software Code. IEEE Transactions on Software Engineering. 32(3): 176-192, 2006.
[16]Z. Li, Y. Zhou. PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code. ACM SIGSOFT Software Engineering Notes. 30(5): 306-315, 2005.
[17]M. Young, R.N. Taylor. Rethinking the Taxonomy of Fault Detection Techniques. Proc. Int'l Conf. Software Eng., 53-62, 1989.
[18]J. Zheng et al.. On the Value of Static Analysis for Fault Detection in Software. IEEE Transactions on Software Engineering. 32 (4): 240-53, 2006.