PLDI

Typestate analyses determine whether a program's use of a given API obeys this API's usage constraints in the sense that the right methods are called on the right objects in the right order. Previously, we and others have described approaches that ...

Implementations of static analyses are usually tailored toward a single goal to be efficient, hampering reusability and adaptability of the components of an analysis. To solve these issues, we propose to implement static analyses as highly-configurable ...

Slicing is a powerful technique that can help a developer to understand how the interaction of different parts of a program causes a specific outcome. Dynamic slicing uses runtime information to compute a precise slice for a given execution. However, ...

Points-to analysis that scales to large programs is still an open area of research and there are several trade-offs between speed and precision. In this paper, we report advances in achieving extremely fast and scalable analysis for field-sensitive ...

One approach to defending against malicious Android applications has been to analyze them to detect potential information leaks. This paper describes a new static taint analysis for Android that combines and augments the FlowDroid and Epicc analyses to ...

Some program-analysis frameworks have been around for a long time, with Soot alone having been around for more than one decade. Over the years, demand on such frameworks have changed drastically, stressing the flexibility of frameworks such as Soot to ...

Program analyses developed over the last three decades have demonstrated the ability to prove non-trivial properties of real-world programs. This ability in turn has applications to emerging software challenges in security, software-defined networking, ...