HiveBrain v1.2.0
Get Started
← Back to all entries
patternMinor

Getting started with Program Analysis

Submitted by: @import:stackexchange-cs··
0
Viewed 0 times
startedwithanalysisprogramgetting

Problem

I'm looking for resources on getting started with program analysis.

The only book I've found on the topic is the Nielson & Nielson book.

Other than that, it seems like there are only "compiler" books where "program analysis" would be a chapter, or something along those lines.

Do people know of any other resources?

Solution

Unfortunately there aren't many textbooks on the topic. I think the best way to learn program analysis today is to survey different courses that are available, play with a few implementations and then look at a few research papers for your specific needs. What follows is a very small sampling of what's out there. Since you specifically mentioned compiler-oriented analyses were easy to find, I will not cover such material below.

Web-based resources
These are articles that emphasise the use of static analysis outside a compilation context.

-
A Reverse Engineering Reddit discussion on program analysis has many useful links.

-
Mozilla Wiki on abstract interpretation.

-
Deploying Static Analysis, a Dr. Dobbs article by Flash Sheridan

-
A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World, Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, Dawson Engler in Communications of the ACM.

University courses on program analysis

  • Anders Møller at Arhus University teaches a course that covers object-oriented and web technology.



  • Bor-Yuh Evan Chang at University of Colorado Boulder has a foundational course that involves an OCaml implementation and a graduate course.



  • Ben Hardekopf at the University of California Santa Barbara used to have a great set of assignments, but they are no longer available online. Some students who took his course seem to have made a Python implementation available.



  • Markus Müller-Olm has a graduate course on analysis of Android.



  • Reinhard Wilhelm at the University of Sarbruecken teaches a graduate course that covers static analysis applications such as timing analysis, cache behaviour prediction, and some shape analysis.



  • Sumit Gulwani from MSR taught a nice course on statically estimating resource consumption of programs (time/memory) at the Oregon Summer School on Programming Languages.



  • Koushik Sen at the University of California at Berkeley teaches a course that focuses on bug finding and whose topics cover concolic execution and software model checking.



  • Jeffrey Foster at the University of Maryland teaches a course that covers type systems, model checking, alias analysis and a lot of the other usual material.



  • Patrick Cousot spent a year at MIT and taught a comprehensive, foundational course on abstract interpretation. The assignments include an OCaml implementation which go from concrete collecting semantics to some algorithmically non-trivial ideas.



  • A graduate course on abstract interpretation taught by some leaders in the field is a good place to catch up on even more theory.



  • Patrick Cousot taught a short course on abstract interpretation at the Oregon Summer School on Programming Languages in 2009.



Tools to play with

I am not listing a lot of research tools here. There are many of those but I have tried to list a few that you can download and play with to understand the area better.

-
Interproc is a very educational tool to play with to learn about numerical static analysis.

-
The Apron Numeric Abstraction library if you are really into numeric analysis.

-
Slayer is a shape analysis tool from Microsoft Research.

-
jStar is an analyzer for Java that is based on separation logic.

-
Microsoft Research has numerous groups developing numerous tools, many of which are available for download or have web-demos. I cannot list everything here and suggest you play with them.

There is a lot more, but that's probably enough to keep you busy for a while.

Context

StackExchange Computer Science Q#10696, answer score: 8

Revisions (0)

No revisions yet.