A Framework for Combining and Ranking Static Analysis Tool Findings Based on Tool Performance Statistics

被引:11
|
作者
Xypolytos, Achilleas [1 ,2 ]
Xu, Haiyun [1 ]
Vieira, Barbara [1 ]
Ali-Eldin, Amr M. T. [2 ,3 ]
机构
[1] Software Improvement Grp, Amstelpl 1, NL-1096 HA Amsterdam, Netherlands
[2] Leiden Univ, Leiden Inst Adv Comp Sci, POB 9512, NL-2300 RA Leiden, Netherlands
[3] Mansoura Univ, Comp & Syst Dept, Fac Engn, Mansoura, Egypt
来源
2017 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C) | 2017年
关键词
D O I
10.1109/QRS-C.2017.110
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper proposes a conceptual, performance-based ranking framework that prioritises the output of multiple Static Analysis Tools, to improve the tool effectiveness and usefulness. The framework weights the performance of Static Analysis Tools per defect type and cross-validates the findings between different Static Analysis Tools' reports. An initial validation shows the potential benefits of the proposed framework.
引用
收藏
页码:595 / 596
页数:2
相关论文
共 50 条
  • [41] A Static Code Analysis Tool for Control System Software
    Nair, Sreeja
    Jetley, Raoul
    Nair, Anil
    Hauck-Stattelmann, Stefan
    2015 22ND INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION, AND REENGINEERING (SANER), 2015, : 459 - 463
  • [42] SharpChecker: Static analysis tool for C# programs
    Koshelev, V. K.
    Ignatiev, V. N.
    Borzilov, A. I.
    Belevantsev, A. A.
    PROGRAMMING AND COMPUTER SOFTWARE, 2017, 43 (04) : 268 - 276
  • [43] SharpChecker: Static analysis tool for C# programs
    V. K. Koshelev
    V. N. Ignatiev
    A. I. Borzilov
    A. A. Belevantsev
    Programming and Computer Software, 2017, 43 : 268 - 276
  • [44] A Static Microcode Analysis Tool for Programmable Load Drivers
    Dariz, Luca
    Ruggeri, Massimiliano
    Selvatici, Michele
    2015 IEEE 15TH INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION (SCAM), 2015, : 265 - 270
  • [45] A tool for static and dynamic model extraction and impact analysis
    Bodhuin, T
    Tortorella, M
    Ninth European Conference on Software Maintenance and Reengineering, Proceedings, 2005, : 193 - 193
  • [46] Searching for Taint Vulnerabilities with Svace Static Analysis Tool
    Borodin, A. E.
    Goremykin, A., V
    Vartanov, S. P.
    Belevantsev, A. A.
    PROGRAMMING AND COMPUTER SOFTWARE, 2021, 47 (06) : 466 - 481
  • [47] Static analysis tool supporting C program testing
    Jixie Kexue Yu Jishu, 5 (813):
  • [48] Searching for Taint Vulnerabilities with Svace Static Analysis Tool
    A. E. Borodin
    A. V. Goremykin
    S. P. Vartanov
    A. A. Belevantsev
    Programming and Computer Software, 2021, 47 : 466 - 481
  • [49] Government Communication as a Policy Tool: A Framework for Analysis
    Howlett, Michael
    CANADIAN POLITICAL SCIENCE REVIEW, 2009, 3 (02): : 23 - 37
  • [50] A Description of a Web-Based Educational Tool for Understanding the PICO Framework in Evidence-Based Practice With a Citation Ranking System
    Larue, Elizabeth M.
    Draus, Peter
    Klem, Mary Lou
    CIN-COMPUTERS INFORMATICS NURSING, 2009, 27 (01) : 44 - 49
12345