Employing runtime data in static analysis
Název práce v češtině: | |
---|---|
Název v anglickém jazyce: | Employing runtime data in static analysis |
Akademický rok vypsání: | 2014/2015 |
Typ práce: | bakalářská práce |
Jazyk práce: | angličtina |
Ústav: | Katedra distribuovaných a spolehlivých systémů (32-KDSS) |
Vedoucí / školitel: | doc. RNDr. Jan Kofroň, Ph.D. |
Řešitel: | skrytý - zadáno a potvrzeno stud. odd. |
Datum přihlášení: | 20.11.2014 |
Datum zadání: | 21.11.2014 |
Datum potvrzení stud. oddělením: | 28.11.2014 |
Zásady pro vypracování |
Static program analysis often provides imprecise information. When attempting to compute precise information, it consumes a lot of resources (both time and memory). In both cases, the approach is practically not well usable.
The goal of the thesis is to design and implement methods employing runtime data in static analysis. This can significantly improve usability of static analysis in practice, even though the computed information may not be an over-approximation of the real program information any more, as usually assumed. A part of the work is also implementation of runtime data collection, which can be based on existing solutions, e.g., Go! Aspect-Oriented Framework[2]. The solution is to be implemented in the context of Weverca[1] -- a PHP security analyzer based on static analysis, and the results achieved should be demonstrated on example PHP applications. |
Seznam odborné literatury |
[1] Weverca - Web werification tool for PHP, http://d3s.mff.cuni.cz/projects/formal_methods/weverca/
[2] Go! Aspect-Oriented Framework, http://go.aopphp.com/ [3] PHP - Personal Home Pages, http://www.php.net [4] F. Nielson, H. R. Nielson, C. Hankin: Principles of Program Analysis, Springer-Verlag Berlin, 1998, isbn 3-540-65410-0 |