Survey of approaches for handling static analysis alarms

Tukaram Muske, A. Serebrenik

    Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

    52 Citaten (Scopus)

    Samenvatting

    Static analysis tools have showcased their importance and usefulness in automated detection of code anomalies and defects. However, the large number of alarms reported and cost incurred in their manual inspections have been the major concerns with the usage of static analysis tools. Existing studies addressing these concerns differ greatly in their approaches to handle the alarms, varying from automatic postprocessing of alarms, supporting the tool-users during manual inspections of the alarms, to designing of light-weight static analysis tools. A comprehensive study of approaches for handling alarms is, however, not found. In this paper, we review 79 alarms handling studies collected through a systematic literature search and classify the approaches proposed into seven categories. The literature search is performed by combining the keywords-based database search and snowballing. Our review is intended to provide an overview of various alarms handling approaches, their merits and shortcomings, and different techniques used in their implementations. Our findings include that the categorized alarms handling approaches are complementary and they can be combined together in different ways. The categorized approaches and techniques employed in them can help the designers and developers of static analysis tools to make informed choices.
    Originele taal-2Engels
    Titel2016 IEEE 16th International Working Conference on Source Code Analysis and Manipulation (SCAM)
    Plaats van productiePiscataway
    UitgeverijInstitute of Electrical and Electronics Engineers
    Pagina's157-166
    ISBN van elektronische versie978-1-5090-3848-0
    DOI's
    StatusGepubliceerd - 2016
    Evenement2016 International Working Conference on Source Code Analysis and manupilation (SCAM), October 2-3, 2016, Raleigh, - Raleigh, NC, Verenigde Staten van Amerika
    Duur: 2 okt. 20163 okt. 2016

    Congres

    Congres2016 International Working Conference on Source Code Analysis and manupilation (SCAM), October 2-3, 2016, Raleigh,
    Verkorte titelSCAM'16
    Land/RegioVerenigde Staten van Amerika
    StadRaleigh, NC
    Periode2/10/163/10/16

    Vingerafdruk

    Duik in de onderzoeksthema's van 'Survey of approaches for handling static analysis alarms'. Samen vormen ze een unieke vingerafdruk.

    Citeer dit