An Empirical Assessment of Repositioning of Static Analysis Alarms

Niloofar Mansoor, Tukaram Muske, Alexander Serebrenik, Bonita Sharif

Onderzoeksoutput: Bijdrage aan congresPaperAcademic

Samenvatting

Static analysis tools typically generate a large number of alarms that require manual inspection. In prior work, repositioning of alarms is proposed to (1) merge multiple similar alarms together and replace them by a fewer alarms, and (2) report alarms as close as possible to the causes for their generation. The premise is that the proposed merging and reporting of alarms will reduce the manual inspection effort. However, this premise has not been evaluated.

To evaluate the premise, this paper presents an empirical study on the proposed merging and reporting of static alarms. The study is conducted using static analysis alarms generated on C programs, where the alarms are representative of the merging Vs non-merging and repositioning Vs non-repositioning situations in real-life code. The study is performed as within-subjects via Qualtrics. Developers were asked to manually inspect and determine whether assertions added corresponding to the alarms hold. Additionally, two cognitive tests (mental rotation and operation span) are also conducted to determine relationship in performance.

The empirical evaluation results indicate that, in contrast to the expectations, the merging and repositioning of alarms (1) does not reduce manual inspection effort or does not improve accuracy of the inspection results, and (2) sometimes have a negative impact. A closer look at the results suggest that the study results are inconclusive and a more detailed study needs to be performed to evaluate the premise.
Originele taal-2Engels
Pagina's219-229
StatusGepubliceerd - 3 okt. 2022
EvenementInternational Working Conference on Source Code Analysis & Manipulation - Limassol, Cyprus
Duur: 3 okt. 20224 okt. 2022
Congresnummer: 22
https://www.ieee-scam.org/2022/

Congres

CongresInternational Working Conference on Source Code Analysis & Manipulation
Verkorte titelSCAM
Land/RegioCyprus
StadLimassol
Periode3/10/224/10/22
Internet adres

Vingerafdruk

Duik in de onderzoeksthema's van 'An Empirical Assessment of Repositioning of Static Analysis Alarms'. Samen vormen ze een unieke vingerafdruk.

Citeer dit