南大 软件分析 1

why we need Static Analysis

  1. Program Reliability: null pointer dereference , memory leak
  2. Program Securiy: private information leak,injection attack
  3. Compiler Optimization: dead code leimination, code motion
  4. Program Understanding: IDA call hierarchy, type indication

国内团队

  1. 源伞
  2. 华为代码实验室
  3. 中科天齐
  4. 鸿渐
  5. 开源网安
  6. 默安

人才较为短缺

静态分析及其短缺 Static analysis people are urgenly needed!

不要浮躁,多独立思考

Define Static Analysis

  1. 在运行程序P之前知道P的行为

Sound True Complete

Rice's Theorem

  1. 没有办法给Non-trival Properties 涉及的问题一个extract answer
  2. Perfect static analysis 不存在 Sound And Complete 不存在
  3. Useful static analysis 存在 Compromise soundness(false negatives) OR Compromise completeness(false positives)
  4. Most compromising completeness:Sound but not fully-precise static analysis

一句话把握静态分析:Brid's Eye View

ensure(or get close to) soundness, while making good trade-offs between analysis preision and analysis speed 把握速度和精准的平衡

Conclude Static Analysis

Abstraction + Over-approximation

  1. 将具体数值抽象为 + - O unknow undefined
  2. Transfer Functions: 怎么计算Abstract value

Control Flows

课表

  1. Introduction
  2. Intermediate Representation
  3. Data Flow Analysis - Applications
  4. Data Flow Analysis - Foundations(1)
  5. Data Flow Analysis - Foundations(2)
  6. Inter-procedural Analysis
  7. CFL-Reachability and IFDS IFDS非常难
  8. Soundness and Soundiness 分析反射,分析跨语言调用
  9. Pointer Analysis - Foundations(1)
  10. Pointer Analysis - Foundations(2)
  11. Pointer Analysis - Context Sensitivity
  12. Modern Pointer Analysis
  13. Static Analysis for Security
  14. Datalog-Based Analysis
  15. Abstract Interpretation
  16. Course Summary

实验

  1. Constant Propagation
  2. Dead Code Elimination
  3. Class Hierarchy Analysis
  4. Pointer Analysis
  5. Context-Sensitive Pointer Analysis

非常感兴趣或者很强的编程能力

  1. 直接上门交流
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容