Comparison of Static Code Analysis Tools

被引：11

作者：

Mantere, Matti ^{[1
]}

Uusitalo, Ilkka ^{[1
]}

Roning, Juha ^{[2
]}

机构：

[1] VTT Tech Res Ctr Finland, Kaitovayla 1, Oulu, Finland

[2] Univ Oulu, OUSPG Oulu Univ Secure Programming Grp, Oulu, Finland

来源：

2009 THIRD INTERNATIONAL CONFERENCE ON EMERGING SECURITY INFORMATION, SYSTEMS, AND TECHNOLOGIES | 2009年

关键词：

D O I：

10.1109/SECURWARE.2009.10

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper we compare three static code analysis tools. The tools represent three different approaches in the field of static analysis: Fortify SCA is a non-annotation based heuristic analyzer Splint represents an annotation based heuristic analyzer, and Frama-C an annotation based correct analyzer The tools are compared by analysing their performance when checking a demonstration code with intentionally implemented errors.

引用

页码：15 / +

页数：2

共 50 条

[1] Analysis of the Tools for Static Code Analysis
Nikolic, Danilo
Stefanovic, Darko
Dakic, Dusanka
Sladojevic, Srdan
Ristic, Sonja
[J]. 2021 20TH INTERNATIONAL SYMPOSIUM INFOTEH-JAHORINA (INFOTEH), 2020,
[2] Probing into Code Analysis Tools A Comparison of C# Supporting Static Code Analyzers
Shaukat, Rida
Shahoor, Arooba
Urooj, Aniqa
[J]. PROCEEDINGS OF 2018 15TH INTERNATIONAL BHURBAN CONFERENCE ON APPLIED SCIENCES AND TECHNOLOGY (IBCAST), 2018, : 455 - 464
[3] Difficult XSS Code Patterns for Static Code Analysis Tools
Schuckert, Felix
Katt, Basel
Langweg, Hanno
[J]. COMPUTER SECURITY: ESORICS 2019 INTERNATIONAL WORKSHOPS, IOSEC, MSTEC, AND FINSEC, 2020, 11981 : 123 - 139
[4] Using code reviews to automatically configure static analysis tools
Zampetti, Fiorella
Mudbhari, Saghan
Arnaoudova, Venera
Di Penta, Massimiliano
Panichella, Sebastiano
Antoniol, Giuliano
[J]. EMPIRICAL SOFTWARE ENGINEERING, 2022, 27 (01)
[5] Would Static Analysis Tools Help Developers with Code Reviews?
Panichella, Sebastiano
Arnaoudova, Venera
Di Penta, Massimiliano
Antoniol, Giuliano
[J]. 2015 22ND INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION, AND REENGINEERING (SANER), 2015, : 161 - 170
[6] Using code reviews to automatically configure static analysis tools
Fiorella Zampetti
Saghan Mudbhari
Venera Arnaoudova
Massimiliano Di Penta
Sebastiano Panichella
Giuliano Antoniol
[J]. Empirical Software Engineering, 2022, 27
[7] Comparative Analysis of Open-Source Tools for Conducting Static Code Analysis
Kuszczynski, Kajetan
Walkowski, Michal
[J]. SENSORS, 2023, 23 (18)
[8] Evaluating Python Static Code Analysis Tools Using FAIR Principles
Hassan, Hassan Bapeer
Sarhan, Qusay Idrees
Beszédes, Árpád
[J]. IEEE Access, 2024, 12 : 173647 - 173659
[9] ON THE APPLICATION OF STATIC CODE ANALYSIS TOOLS IN THE SERBIAN IT INDUSTRY: AN EMPIRICAL STUDY
Komosar, Aleksa
Kijanovic, Sara
Mandic, Vladimir
Nikolic, Danilo
Vuckovic, Teodora
[J]. Proceedings of the 17th IADIS International Conference Information Systems 2024, IS 2024, 2024, : 53 - 60
[10] Comparative Study on Static Code Analysis Tools for C/C plus
Fatima, Anum
Bibi, Shazia
Hanif, Rida
[J]. PROCEEDINGS OF 2018 15TH INTERNATIONAL BHURBAN CONFERENCE ON APPLIED SCIENCES AND TECHNOLOGY (IBCAST), 2018, : 465 - 469

← 1 2 3 4 5 →