Eclipse has the potential to become a widely-used platform for implementation and dissemination of various static analyses for Java. In order to realize this potential, it is impo...
We study the effectiveness of garbage collection (GC) algorithms by measuring the time difference between the actual collection time of an object and the potential earliest collec...
We propose a new method to control memory resources by static analysis. For this, we introduce the notion of sup-interpretation which bounds from above the size of function outputs...
Abstract. We provide a static analysis (using both dataflow analysis and theorem proving) to allow state changes within specifications. This can be used for specification languages...
Michael Barnett, David A. Naumann, Wolfram Schulte...
Abstract. Static analyses calculate abstract states, and their logics validate properties of the abstract states. We place into perspective the variety of forwards, backwards, func...
Abstract. To understand the effect of code complexity on static analysis, thirty-five format string vulnerabilities were studied. We analyzed two code samples for each vulnerabilit...
—This paper seeks to answer fundamental questions about trade-offs between static and dynamic security analysis. It has been previously shown that flow-sensitive static informat...
This paper introduces a logic for a class of properties - in particular variable aliasing - used in static analysis of logic programs. The logic is shown to be sound, complete and ...
We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection...
David Wagner, Jeffrey S. Foster, Eric A. Brewer, A...