Employing runtime data in static analysis
| Thesis title in Czech: | |
|---|---|
| Thesis title in English: | Employing runtime data in static analysis |
| Academic year of topic announcement: | 2014/2015 |
| Thesis type: | Bachelor's thesis |
| Thesis language: | angličtina |
| Department: | Department of Distributed and Dependable Systems (32-KDSS) |
| Supervisor: | doc. RNDr. Jan Kofroň, Ph.D. |
| Author: | hidden - assigned and confirmed by the Study Dept. |
| Date of registration: | 20.11.2014 |
| Date of assignment: | 21.11.2014 |
| Confirmed by Study dept. on: | 28.11.2014 |
| Guidelines |
| Static program analysis often provides imprecise information. When attempting to compute precise information, it consumes a lot of resources (both time and memory). In both cases, the approach is practically not well usable.
The goal of the thesis is to design and implement methods employing runtime data in static analysis. This can significantly improve usability of static analysis in practice, even though the computed information may not be an over-approximation of the real program information any more, as usually assumed. A part of the work is also implementation of runtime data collection, which can be based on existing solutions, e.g., Go! Aspect-Oriented Framework[2]. The solution is to be implemented in the context of Weverca[1] -- a PHP security analyzer based on static analysis, and the results achieved should be demonstrated on example PHP applications. |
| References |
| [1] Weverca - Web werification tool for PHP, http://d3s.mff.cuni.cz/projects/formal_methods/weverca/
[2] Go! Aspect-Oriented Framework, http://go.aopphp.com/ [3] PHP - Personal Home Pages, http://www.php.net [4] F. Nielson, H. R. Nielson, C. Hankin: Principles of Program Analysis, Springer-Verlag Berlin, 1998, isbn 3-540-65410-0 |