Static Analysis: C Code Error Checking for Reliable and Secure Programming
نویسندگان
چکیده
common programming and security flaws using static analysis of the C source code. These flaws may be serious errors or simple ones caused by programmer's carelessness and most of them may not be detected by the compilers. Manual reviewing of code for errors may take a lot of time especially if the code is big and it will also be very expensive, also simple flaws maybe overlooked .In this paper we present our techniques for automated error checking of C source code using static analysis.
منابع مشابه
Sol: a Veriiable Synchronous Language for Reactive Systems
SOL (Secure Operations Language) is a synchronous programming language for implementing reactive systems. The utility of SOL hinges upon the fact that it is a secure language, i.e., most programs in SOL are amenable to fully automated static analysis techniques, such as automatic theorem proving using decision procedures or model checking. Among the unique features of SOL is the ability to expr...
متن کاملSOL: A Verifiable Synchronous Language for Reactive Systems
SOL (Secure Operations Language) is a synchronous programming language for implementing reactive systems. The utility of SOL hinges upon the fact that it is a secure language, i.e., most programs in SOL are amenable to fully automated static analysis techniques, such as automatic theorem proving using decision procedures or model checking. Among the unique features of SOL is the ability to expr...
متن کاملStatic Source Code Checking for User-defined Properties
Only a small fraction of the output generated by typical static analysis tools tends to reveal serious software defects. There are two main causes for this phenomenon. The first is that the typical static analyzer casts its nets too broadly, reporting everything reportable, rather than what is likely to be a true bug. The second cause is that most static analyzers can check the code for only a ...
متن کاملSymbiotic 4: Beyond Reachability - (Competition Contribution)
The fourth version of Symbiotic brings a brand new instrumentation part, which can now instrument the analyzed program with code pieces checking various specification properties. As a consequence, Symbiotic 4 participates for the first time also in categories focused on memory safety. Further, we have ported both Symbiotic and Klee to llvm 3.8 and added new features to the slicer which is now m...
متن کاملResearch Overview
Modern systems built for the desktop, the web, and the cloud are increasingly being developed in several languages, share code and data with multiple parties of varying levels of authority and trust, and run in environments split across client and server. My goal is to design programming language tools — including type systems, program analysis, dynamic instrumentation, and integrated developme...
متن کامل