A report on a survey and study of static analysis users
DEFECTS '08 Proceedings of the 2008 workshop on Defects in large software systems
Effective interprocedural resource leak detection
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Towards improved security criteria for certification of electronic health record systems
Proceedings of the 2010 ICSE Workshop on Software Engineering in Health Care
Making defect-finding tools work for you
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Proceedings of the 19th international symposium on Software testing and analysis
Linux kernel developer responses to static analysis bug reports
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Automatic construction of an effective training set for prioritizing static analysis warnings
Proceedings of the IEEE/ACM international conference on Automated software engineering
Information and Software Technology
The case for software evolution
Proceedings of the FSE/SDP workshop on Future of software engineering research
Localizing defects in multithreaded programs by mining dynamic call graphs
TAIC PART'10 Proceedings of the 5th international academic and industrial conference on Testing - practice and research techniques
Software-defect localisation by mining dataflow-enabled call graphs
ECML PKDD'10 Proceedings of the 2010 European conference on Machine learning and knowledge discovery in databases: Part I
Experiences documenting and preserving software constraints using aspects
Proceedings of the tenth international conference on Aspect-oriented software development companion
Empirical Software Engineering
A study on improving static analysis tools: why are we not using them?
Proceedings of the 34th International Conference on Software Engineering
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Automated detection of non-termination and nullpointerexceptions for Java Bytecode
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Validating software metrics: A spectrum of philosophies
ACM Transactions on Software Engineering and Methodology (TOSEM)
Model-Based static code analysis for MATLAB models
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Software—Practice & Experience
Interprocedural path-sensitive resource leaks detection for C programs
Proceedings of the Fourth Asia-Pacific Symposium on Internetware
Applying enhanced fault localization technology to Monte Carlo simulations
Proceedings of the Winter Simulation Conference
Does bug prediction support human developers? findings from a google case study
Proceedings of the 2013 International Conference on Software Engineering
Why don't software developers use static analysis tools to find bugs?
Proceedings of the 2013 International Conference on Software Engineering
Extensible intraprocedural flow analysis at the abstract syntax tree level
Science of Computer Programming
Hi-index | 0.00 |
Static analysis examines code in the absence of input data and without running the code. It can detect potential security violations (SQL injection), runtime errors (dereferencing a null pointer) and logical inconsistencies (a conditional test that can't possibly be true). Although a rich body of literature exists on algorithms and analytical frameworks used by such tools, reports describing experiences in industry are much harder to come by. The authors describe FindBugs, an open source static-analysis tool for Java, and experiences using it in production settings. FindBugs evaluates what kinds of defects can be effectively detected with relatively simple techniques and helps developers understand how to incorporate such tools into software development.