Program Analysis for Modern Software Features
This is an umbrella project aiming at a variety of techniques for
making static and dynamic program analyses more usable and useful for
the complex systems that exist in real-world software development.
This effort includes both theoretical work (e.g., dataflow frameworks
for analysis of large-scale software) and tool building (e.g.,
analysis implementations capable of analyzing thousands of classes
with acceptable cost and precision). The different sub-projects are
summarized below. For all references, please see the PRESTO list of
publications. Some of this work is funded by a 5-year NSF
CAREER grant,
by a recent 3-year NSF grant, by an IBM Software Quality Innovation Award, and by an IBM Eclipse Innovation Award.
The long-term research agenda of this work is to enable the use of
static and dynamic analyses in real-world software tools, with the
ultimate goal of helping software developers and testers to do their
work faster and better. Several significant challenges exist for
this effort:
- Beyond whole-program analysis: The traditional model of
whole-program dataflow analysis is poorly suited for modern software
systems. We have developed and successfully used a model of component-level dataflow analysis which
addresses several of the fundamental limitations of whole-program
analysis.
- Challenging software features: Our current work considers other
challenging aspects of modern software including
bloated applications [PhD11, PLDI11, FOSER10, PLDI10-1, PLDI10-2, PLDI09, ICSE08],
long-running applications [FSE07],
run-time adaptation through dynamic language features [SCAM11, PhD09, JASE09, SCAM07], and
aspect orientation
[AOSD08,
ICSE07].
The latest efforts are focused on analyzing various performance problems created by run-time bloat (more details here).
- Scalability and precision: Static analysis researchers are
on a never-ending quest to come up with analyses that can process
larger programs, or that can achieve higher precision. Our work on
scalability and precision has been focused on several important
analyses for C and Java software (e.g., analysis of pointers and side
effects)
[ISSTA11,
ECOOP09,
ISSTA08,
TOSEM05,
JASE04,
SCAM02,
ISSTA02,
OOPSLA01,
PLDI00].
However, we believe that the "arms race" for improving
whole-program analyses is not sustainable, and instead the focus
should be on modular analyses (e.g., component-level analyses).
- Distributed software: [currently inactive] We developed a variety of static
analyses for Java applications that use the remote method invocation
(RMI) mechanism. Such applications present numerous new challenges to
static analysis researchers. We have successfully designed and
implemented a general points-to analysis and side-effect analysis for
RMI-based Java applications [PhD07, TSE06,
ICSM05].
We have also worked on
dynamic analysis of Enterprise Java applications [PhD08,
WODA07].
main page