Semantics-based static analysis requires a significant theoretical background before being able to design and implement a new analysis. Unfortunately, the development of even a toy static analyzer from scratch requires to implement an infrastructure (parser, control flow graphs representation, fixpoint algorithms, etc.) that is too demanding for bachelor and master students in computer science. This approach difficulty can condition the acquisition of skills on software verification which are of major importance for the design of secure systems. In this paper, we show how LiSA (Library for Static Analysis) can play a role in that respect. LiSA implements the basic infrastructure that allows a non-expert user to develop even simple analyses (e.g., dataflow and numerical non-relational domains) focusing only on the design of the appropriate representation of the property of interest and of the sound approximation of the program statements.
[1]
James C. King,et al.
Symbolic execution and program testing
,
1976,
CACM.
[2]
Patrick Cousot,et al.
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
,
1977,
POPL.
[3]
Agostino Cortesi,et al.
A suite of abstract domains for static analysis of string values
,
2015,
Softw. Pract. Exp..
[4]
Flemming Nielson,et al.
Principles of Program Analysis
,
1999,
Springer Berlin Heidelberg.
[5]
Manuel Fähndrich,et al.
Pentagons: a weakly relational abstract domain for the efficient validation of array accesses
,
2008,
SAC '08.
[6]
Pietro Ferrara.
A generic framework for heap and value analyses of object-oriented programming languages
,
2016,
Theor. Comput. Sci..