English
Related papers

Related papers: Static Analysis Deployment Pitfalls

200 papers

Today's small and medium-sized enterprises (SMEs) in the software industry are faced with major challenges. While having to work efficiently using limited resources they have to perform quality assurance on their code to avoid the risk of…

Software Engineering · Computer Science 2016-11-24 Mario Gleirscher , Dmitriy Golubitskiy , Maximilian Irlbeck , Stefan Wagner

Static analyses overwhelmingly trade precision for soundness and automation. For this reason, their use-cases are restricted to situations where imprecision isn't prohibitive. In this paper, we propose and specify a static analysis that…

Programming Languages · Computer Science 2026-02-10 Abdullah H. Rasheed

Static analysis is widely used for software assurance. However, static analysis tools can report an overwhelming number of warnings, many of which are false positives. Applying static analysis to a new version, a large number of warnings…

Software Engineering · Computer Science 2023-05-05 Xiuyuan Guo , Ashwin Kallingal Joshy , Benjamin Steenhoek , Wei Le , Lori Flynn

Static analysis tools are commonly used to detect defects before the code is released. Previous research has focused on their overall effectiveness and their ability to detect defects. However, little is known about the usage patterns of…

Software Engineering · Computer Science 2023-11-14 Georgios Liargkovas , Evangelia Panourgia , Diomidis Spinellis

Programs that process data that reside in files are widely used in varied domains, such as banking, healthcare, and web-traffic analysis. Precise static analysis of these programs in the context of software verification and transformation…

Programming Languages · Computer Science 2015-04-06 Raveendra Kumar Medicherla , Raghavan Komondoor , S. Narendran

Web services are becoming business-critical components, often deployed with critical software bugs that can be maliciously explored. Web vulnerability scanners allow the detection of security vulnerabilities in web services by stressing the…

Cryptography and Security · Computer Science 2022-12-26 Osejobe Ehichoya , Chinwuba Christian Nnaemeka

The execution behavior of a program often depends on external resources, such as program inputs or file contents, and so cannot be run in isolation. Nevertheless, software developers benefit from fast iteration loops where automated tools…

Machine Learning · Computer Science 2022-03-30 David Bieber , Rishab Goel , Daniel Zheng , Hugo Larochelle , Daniel Tarlow

Software organizations want to be able to base their decisions on the latest set of available data and the real-time analytics derived from them. In order to support "real-time enterprise" for software organizations and provide information…

Software Engineering · Computer Science 2018-08-17 Silverio Martínez-Fernández , Petar Jovanovic , Xavier Franch , Andreas Jedlitschka

This paper highlights the common pitfalls of overcomplicating the software architecture, development and delivery process by examining two enterprise level web application products built using Microsoft.Net framework. The aim of this paper…

Software Engineering · Computer Science 2016-07-14 Amol Patwardhan

Data science pipelines to train and evaluate models with machine learning may contain bugs just like any other code. Leakage between training and test data can lead to overestimating the model's accuracy during offline evaluations, possibly…

Software Engineering · Computer Science 2022-09-08 Chenyang Yang , Rachel A Brower-Sinning , Grace A. Lewis , Christian Kästner

Architecture recovery tools help software engineers obtain an overview of their software systems during all phases of the software development lifecycle. This is especially important for microservice applications because their distributed…

Static bug detection tools help developers detect problems in the code, including bad programming practices and potential defects. Recent efforts to integrate static bug detectors in modern software development workflows, such as in code…

Software Engineering · Computer Science 2024-01-24 Junjie Li , Jinqiu Yang

This article presents a theoretical summary of the source code static analysis, its definition, uses and applications, how static analysis is performed, their intermediate representation formats, models and most common analysis techniques,…

Software Engineering · Computer Science 2019-07-02 Joenio Marques da Costa

More and more distributed software systems are being developed and deployed today. Like other software, distributed software systems also need very strong quality assurance support. Distributed software is often very large/complex, has…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-03-08 Xiaoqin Fu

Detecting performance issues due to suboptimal code during the development process can be a daunting task, especially when it comes to localizing them after noticing performance degradation after deployment. Static analysis has the…

Software Engineering · Computer Science 2021-05-06 Aaron Beigelbeck , Maurício Aniche , Jürgen Cito

Context: Software metrics, as one form of static analyses, is a commonly used approach in software engineering in order to understand the state of a software system, in particular to identify potential areas prone to defects. Family-based…

Software Engineering · Computer Science 2021-10-13 Sascha El-Sharkawy , Adam Krafczyk , Klaus Schmid

Formally verified compilers and formally verified static analyzers are a solution to the problem that certain industries face when they have to demonstrate to authorities that the object code they run truly corresponds to its source code…

Logic in Computer Science · Computer Science 2024-07-12 David Monniaux

This paper describes how to adapt a static code analyzer to help novice programmers. Current analyzers have been built to give feedback to experienced programmers who build new applications or systems. The type of feedback and the type of…

Software Engineering · Computer Science 2017-10-03 Tim Blok , Ansgar Fehnker

In large programming classes, it takes a significant effort from teachers to evaluate exercises and provide detailed feedback. In systems programming, test cases are not sufficient to assess exercises, since concurrency and resource…

Computers and Society · Computer Science 2024-11-07 Roberto Natella

The demand for automated security analysis techniques, such as static analysis based security testing (SAST) tools continues to increase. To develop SASTs that are effectively leveraged by developers for finding vulnerabilities, researchers…

Cryptography and Security · Computer Science 2024-06-21 Amit Seal Ami , Kevin Moran , Denys Poshyvanyk , Adwait Nadkarni