Program Analysis for Modern Software
Our goal
is to develop
static and dynamic program analyses that target the complexity
of modern software systems.
This work is funded by an NSF
CAREER grant,
by another NSF grant, by an IBM Software Quality Innovation Award, and by an IBM Eclipse Innovation Award.
The long-term research agenda of this work is to develop rigorous,
powerful, and efficient algorithms and tools for software analysis and
testing, leading to higher-quality software systems.
Several significant challenges exist for
this effort:
- Dealing with Complexity
- Our current work considers
program analysis for challenging aspects of modern software, including
inefficiencies due to bloat and leaks [TOSEM14, PhD14, CGO14-2, TOSEM13, ECOOP12, ICSE12, WODA12, PhD11, PLDI11, FOSER10, PLDI10-1, PLDI10-2, PLDI09, ICSE08],
dynamic language features [SCAM11, PhD09, JASE09, SCAM07],
long-running applications [FSE07],
and
aspect orientation
[AOSD08,
ICSE07].
The latest efforts are focused on performance
problems created by run-time bloat (more details here).
- Scalability and Precision
- Static analysis researchers are
on a never-ending quest to come up with analyses that can process
larger programs, or that can achieve higher precision. Our work on
scalability and precision has been focused on several important
analyses for C and Java software (e.g., analysis of pointers and side
effects)
[ISSTA11,
ECOOP09,
ISSTA08,
TOSEM05,
JASE04,
SCAM02,
ISSTA02,
OOPSLA01,
PLDI00].
- Beyond Whole-Program Dataflow Analysis [currently inactive]
- The traditional model of
whole-program dataflow analysis is
poorly suited for modern software
systems. We have developed
a model of component-level dataflow analysis
which
addresses several of the fundamental
limitations of whole-program
analysis [CC08, PhD07, CC06, CBSE05, PhD02, FSE99] and is used
as a foundational framework
for a number of new software analyses
[SOAP12,
ISSTA11,
CC08, PhD07,
TSE04,
ICSM04,
ICSE03,
CC01] (more details here).
- Distributed Software [currently inactive]
- We developed a variety of static
analyses for Java applications that use the remote method invocation
(RMI) mechanism. Such applications present numerous new challenges to
static analysis researchers. We have successfully designed and
implemented a general points-to analysis and side-effect analysis for
RMI-based Java applications [PhD07, TSE06,
ICSM05].
We have also worked on
dynamic analysis of Enterprise Java applications [PhD08,
WODA07].
main page