DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click HERE
to register or log in.
Mining Program Source Code for Improving Software Quality
Final rept. 8 Sep 2008-7 Sep 2012
NORTH CAROLINA STATE UNIV AT RALEIGH
Pagination or Media Count:
While the last decade has witnessed great advances in assuring high software quality through static verification against software hazards and unexpected behavior, the field has pretty much focused on statically verifying software applications against common properties to detect common programming problems such as incorrect usage of memory pointers. But most quality issues such as correctness, security, and robustness violations are caused by the incorrect usage of application programming interfaces APIs. Although API properties or behaviors can be formally specified and statically verified against software applications by the current state-of-the-art static verification tools, these API properties or behaviors are often not documented by the developers, partly due to two major hindrances in practice manually specifying a large number of properties or behaviors for static verification is often 1 inaccurate or incomplete, and 2 cumbersome and prohibitively expensive. This project develops new approaches that mine program source code for API properties, which are used to conduct static verification on the software application under analysis to detect defects around APIs.
APPROVED FOR PUBLIC RELEASE