Content deleted Content added
→Formal methods: nuil reference analysis |
m Open access bot: url-access updated in citation with #oabot. |
||
Line 1:
{{Short description|Analysis of computer programs without executing them}}
{{Software development process}}
In [[computer science]], '''static program analysis''' (also known as '''static analysis''' or '''static simulation''') is the [[program analysis|analysis]] of computer programs performed without executing them, in contrast with [[dynamic program analysis]], which is performed on programs during their execution in the integrated environment.<ref>{{cite journal |archive-url=https://web.archive.org/web/20110927010304/http://www.ida.liu.se/~TDDC90/papers/industrial95.pdf |archive-date=2011-09-27 | title=Industrial Perspective on Static Analysis. |journal=Software Engineering Journal |date=Mar 1995 |pages=69–75 |last1=Wichmann |first1=B. A. |first2=A. A. |last2=Canning |first3=D. L. |last3=Clutterbuck |first4=L. A. |last4=Winsbarrow |first5=N. J. |last5=Ward |first6=D. W. R. |last6=Marsh |volume=10 |issue=2 |doi=10.1049/sej.1995.0010 |url=http://www.ida.liu.se/~TDDC90/papers/industrial95.pdf}}</ref><ref>{{Cite journal|last1=Egele|first1=Manuel|last2=Scholte|first2=Theodoor|last3=Kirda|first3=Engin|last4=Kruegel|first4=Christopher|date=2008-03-05|title=A survey on automated dynamic malware-analysis techniques and tools|url=https://doi.org/10.1145/2089125.2089126|journal=ACM Computing Surveys|volume=44|issue=2|pages=6:1–6:42|doi=10.1145/2089125.2089126| s2cid=1863333 |issn=0360-0300|url-access=subscription}}</ref>
The term is usually applied to analysis performed by an automated tool, with human analysis typically being called "program understanding", [[program comprehension]], or [[code review]]. In the last of these, [[software inspection]] and [[software walkthrough]]s are also used. In most cases the analysis is performed on some version of a program's [[source code]], and, in other cases, on some form of its [[object code]].
== Rationale ==
The sophistication of the analysis performed by tools varies from those that only consider the behaviour of individual statements and declarations,<ref>{{Cite journal|last1=Khatiwada|first1=Saket|last2=Tushev|first2=Miroslav|last3=Mahmoud|first3=Anas|date=2018-01-01|title=Just enough semantics: An information theoretic approach for IR-based software bug localization|url=https://linkinghub.elsevier.com/retrieve/pii/S0950584916302269|journal=Information and Software Technology|language=en|volume=93|pages=45–57|doi=10.1016/j.infsof.2017.08.012|url-access=subscription}}</ref> to those that include the complete [[source code]] of a program in their analysis. The uses of the information obtained from the analysis vary from highlighting possible coding errors (e.g., the [[lint programming tool|lint]] tool) to [[formal methods]] that mathematically prove properties about a given program (e.g., its behaviour matches that of its specification).
[[Software metric]]s and [[reverse engineering]] can be described as forms of static analysis. Deriving software metrics and static analysis are increasingly deployed together, especially in creation of embedded systems, by defining so-called ''software quality objectives''.<ref>[http://web1.see.asso.fr/erts2010/Site/0ANDGY78/Fichier/PAPIERS%20ERTS%202010/ERTS2010_0035_final.pdf "Software Quality Objectives for Source Code"] {{webarchive|url=https://web.archive.org/web/20150604203133/http://web1.see.asso.fr/erts2010/Site/0ANDGY78/Fichier/PAPIERS%20ERTS%202010/ERTS2010_0035_final.pdf |date=2015-06-04 }} (PDF). ''Proceedings: Embedded Real Time Software and Systems 2010 Conference'', ERTS2010.org, Toulouse, France: Patrick Briand, Martin Brochet, Thierry Cambois, Emmanuel Coutenceau, Olivier Guetta, Daniel Mainberte, Frederic Mondot, Patrick Munier, Loic Noury, Philippe Spozio, Frederic Retailleau.</ref>
Line 57:
== Remediation ==
Static analyzers produce warnings. For certain types of warnings, it is possible to design and implement [[Automatic bug fixing|automated remediation]] techniques. For example, Logozzo and Ball have proposed automated remediations for C# ''cccheck''.<ref>{{Cite journal |last1=Logozzo |first1=Francesco |last2=Ball |first2=Thomas |date=2012-11-15 |title=Modular and verified automatic program repair |url=http://dx.doi.org/10.1145/2398857.2384626 |journal=ACM SIGPLAN Notices |volume=47 |issue=10 |pages=133–146 |doi=10.1145/2398857.2384626 |issn=0362-1340|url-access=subscription }}</ref>
== See also ==
| |||