English
Related papers

Related papers: Sawja: Static Analysis Workshop for Java

200 papers

JISA is a software library, written in Java, aimed at providing an easy, flexible and standardised means of creating experimental control software for physical sciences researchers. Specifically, with an emphasis on enabling measurement…

Instrumentation and Detectors · Physics 2023-08-28 William Alexander Wood , Thomas Marsh , Henning Sirringhaus

Static Code Analysis (SCA) tools, while invaluable for identifying potential coding problems, functional bugs, or vulnerabilities, often generate an overwhelming number of warnings, many of which are non-actionable. This overload of alerts…

Software Engineering · Computer Science 2025-11-14 Dávid Kószó , Tamás Aladics , Rudolf Ferenc , Péter Hegedűs

The introduction of lambdas in Java 8 completes the slate of statically-typed, mainstream languages with both object-oriented and functional features. The main motivation for lambdas in Java has been to facilitate stream-based declarative…

Programming Languages · Computer Science 2014-07-15 Aggelos Biboudis , Nick Palladinos , Yannis Smaragdakis

Static Application Security Testing (SAST) tools are integral to modern software development, yet their adoption is undermined by excessive false positives that weaken developer trust and demand costly manual triage. We present ZeroFalse, a…

The Java virtual machine and the .NET common language runtime feature an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in "eager" form, and show that it is…

Programming Languages · Computer Science 2013-09-23 Anindya Banerjee , David A. Naumann

We introduce a fully automated static analysis that takes a sequential Java bytecode program P as input and attempts to prove that there exists an infinite execution of P. The technique consists in compiling P into a constraint logic…

Programming Languages · Computer Science 2014-01-22 Étienne Payet , Fred Mesnard , Fausto Spoto

When analyzing programs, large libraries pose significant challenges to static points-to analysis. A popular solution is to have a human analyst provide points-to specifications that summarize relevant behaviors of library code, which can…

Programming Languages · Computer Science 2018-05-23 Osbert Bastani , Rahul Sharma , Alex Aiken , Percy Liang

Software quality is critical in modern software engineering, especially in large and evolving codebases. This study analyzes the evolution of software quality metrics in five successive versions of the open-source Java testing framework…

Software Engineering · Computer Science 2025-05-30 Venkata Sai Sravya Sambaturu

OpenJML is a tool for checking code and specifications of Java programs. We describe our experience building the tool on the foundation of JML, OpenJDK and Eclipse, as well as on many advances in specification-based software verification.…

Software Engineering · Computer Science 2014-04-29 David R. Cok

We develop a formal perspective on how regular expression matching works in Java, a popular representative of the category of regex-directed matching engines. In particular, we define an automata model which captures all the aspects needed…

Formal Languages and Automata Theory · Computer Science 2014-05-23 Martin Berglund , Frank Drewes , Brink van der Merwe

JaTeCS is an open source Java library that supports research on automatic text categorization and other related problems, such as ordinal regression and quantification, which are of special interest in opinion mining applications. It covers…

Computation and Language · Computer Science 2017-06-22 Andrea Esuli , Tiziano Fagni , Alejandro Moreo Fernandez

Software obfuscation or obscuring a software is an approach to defeat the practice of reverse engineering a software for using its functionality illegally in the development of another software. Java applications are more amenable to…

Cryptography and Security · Computer Science 2009-04-23 Praveen Sivadasan , P Sojan Lal

Verifiers that can prove programs correct against their full functional specification require, for programs with loops, additional annotations in the form of loop invariants---propeties that hold for every iteration of a loop. We show that…

Software Engineering · Computer Science 2016-02-09 Juan P. Galeotti , Carlo A. Furia , Eva May , Gordon Fraser , Andreas Zeller

The design and implementation of precise static analyzers for significant fragments of modern imperative languages like C, C++, Java and Python is a challenging problem. In this paper, we consider a core imperative language that has several…

Programming Languages · Computer Science 2007-06-28 Roberto Bagnara , Patricia M. Hill , Andrea Pescetti , Enea Zaffanella

This paper elaborates the use of static source code analysis in the context of data protection. The topic is important for software engineering in order for software developers to improve the protection of personal data during software…

Software Engineering · Computer Science 2020-03-24 Kalle Hjerppe , Jukka Ruohonen , Ville Leppänen

The mass production of complex software has made it impossible to manually test it for security vulnerabilities. Automated security testing tools come in a variety of flavors, function at various stages of software development, and target…

Software Engineering · Computer Science 2023-01-18 Yan Wu , Jingyi Su , David D. Moran , Chris D. Near

Large language models (LLMs) are becoming more advanced and widespread and have shown their applicability to various domains, including cybersecurity. Static malware analysis is one of the most important tasks in cybersecurity; however, it…

Cryptography and Security · Computer Science 2024-11-25 Shota Fujii , Rei Yamagishi

Behavioural models are a valuable tool for software verification, testing, monitoring, publishing etc. However, they are rarely provided by the software developers and have to be extracted either from the source or from the compiled code.…

Software Engineering · Computer Science 2023-11-09 Larisa Safina , Simon Bliudze

In recent years, dynamic languages, such as JavaScript or Python, have been increasingly used in a wide range of fields and applications. Their tricky and misunderstood behaviors pose a hard challenge for static analysis of these…

Programming Languages · Computer Science 2019-08-21 Vincenzo Arceri , Isabella Mastroeni

Python is one of the most popular programming languages; as such, projects written in Python involve an increasing number of diverse security vulnerabilities. However, existing state-of-the-art analysis tools for Python only support a few…

Software Engineering · Computer Science 2026-01-22 Yoann Marquer , Domenico Bianculli , Lionel C. Briand