Review Efforts Reduction by Partitioning of Static Analysis Warnings

被引：0

作者：

Muske, Tukaram B. ^{[1
]}

Baid, Ankit ^{[1
]}

Sanas, Tushar ^{[1
]}

机构：

[1] TRDDC, Pune 411013, MH, India

来源：

2013 IEEE 13TH INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION (SCAM) | 2013年

关键词：

Static Analysis; Data Flow Analysis; Analysis Warnings; Review of Warnings; False Positives;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Static analysis has been successfully employed in software verification, however the number of generated warnings and cost incurred in their manual review is a major concern. In this paper we present a novel idea to reduce manual review efforts by identifying redundancy in this review process. We propose two partitioning techniques to identify redundant warnings - 1) partitioning of the warnings with each partition having one leader warning such that if the leader is a false positive, so are all the warnings in its partition which need not be reviewed and 2) further partitioning the leader warnings based on similarity of the modification points of variables referred to in their expressions. The second technique makes the review process faster by identifying further redundancies and it also makes the reviewing of a warning easier due to the associated information of modification points. Empirical results obtained with these grouping techniques indicate that, on an average, 60% of warnings are redundant in the review context and skipping their review would lead to a reduction of 50-60% in manual review efforts.

引用

页码：106 / 115

页数：10

共 50 条

[31] PARTITIONING OF LOGIC GRAPHS - A THEORETICAL ANALYSIS OF PIN REDUCTION
HITCHCOC.RB
IEEE COMPUTER GROUP NEWS, 1970, 3 (03): : 64 - &
[32] Validating Static Warnings via Testing Code Fragments
Joshy, Ashwin Kallingal
Chen, Xueyuan
Steenhoek, Benjamin
Le, Wei
ISSTA '21: PROCEEDINGS OF THE 30TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, 2021, : 540 - 552
[33] Understanding static code warnings: An incremental AI approach
Yang, Xueqi
Yu, Zhe
Wang, Junjie
Menzies, Tim
EXPERT SYSTEMS WITH APPLICATIONS, 2021, 167
[34] A Better Approach to Track the Evolution of Static Code Warnings
Li, Junjie
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2021), 2021, : 135 - 137
[35] Static analysis of modularity of β-reduction in the hyperbalanced λ-calculus
Kennaway, R
Khasidashvili, Z
Piperno, A
REWRITING TECHNIQUES AND APPLICATIONS, 2002, 2378 : 51 - 65
[36] Model Based Analysis of Trunk Exoskeleton for Human Efforts Reduction
Panero, Elisa
Muscolo, Giovanni Gerardo
Pastorelli, Stefano
Gastaldi, Laura
ADVANCES IN SERVICE AND INDUSTRIAL ROBOTICS, 2020, 980 : 410 - 418
[37] Program Partitioning Based on Static Call Graph Analysis for Privilege Separation
Trapp, Markus
Rossberg, Michael
Schaefer, Guenter
2015 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATION (ISCC), 2015, : 613 - 618
[38] WARNINGSGURU: Integrating Statistical Bug Models with Static Analysis to Provide Timely and Specific Bug Warnings
Querel, Louis-Philippe
Rigby, Peter C.
ESEC/FSE'18: PROCEEDINGS OF THE 2018 26TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, 2018, : 892 - 895
[39] Identifying Security Relevant Warnings from Static Code Analysis Tools through Code Tainting
Baca, Dejan
FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 386 - 390
[40] Multi-cluster visualization and live reporting of Static Analysis Security Testing (SAST) warnings
Pathak, Abhishek
Sivakumar, Kaarthik
Haque, Mazhar
Ganesan, Prasanna
2019 IEEE SECURE DEVELOPMENT (SECDEV 2019), 2019, : 145 - 145

← 1 2 3 4 5 →