MEDIC: A static analysis framework for equivalent mutant identification

Although many dynamic solvers are available for planar mechanisms, there is no readily accessible static solver that can be used in analysis of planar mechanisms with elastic components which achieve motion utilizing deformation of elastic members. New simulation tools are necessary to better understand the compliant mechanisms and to increase their usage in daily life. This framework was developed to fill this gap in planar mechanism design and analysis. The framework was written in MATLAB and is capable of kinematic and static analysis of planar mechanisms with compliant joints or links. Detailed information on implementation of the code is presented and is followed by the capabilities of the framework. Finally, the simulation results were compared with the Adams software to test the validity of the framework.

Download Full-text

A Static Analysis Framework For Detecting SQL Injection Vulnerabilities

31st Annual International Computer Software and Applications Conference - Vol. 2 - (COMPSAC 2007) ◽

10.1109/compsac.2007.43 ◽

2007 ◽

Cited By ~ 35

Author(s):

Xiang Fu ◽

Xin Lu ◽

Boris Peltsverger ◽

Shijun Chen ◽

Kai Qian ◽

...

Keyword(s):

Static Analysis ◽

Analysis Framework ◽

Sql Injection

Download Full-text

CODE-CHANGE IMPACT ANALYSIS USING COUNTERFACTUALS: THEORY AND IMPLEMENTATION

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194013500460 ◽

2013 ◽

Vol 23 (10) ◽

pp. 1459-1486

Author(s):

MANUEL PERALTA ◽

SUPRATIK MUKHOPADHYAY

Keyword(s):

Static Analysis ◽

Theorem Proving ◽

Program Analysis ◽

Impact Analysis ◽

Source Code ◽

Analysis Framework ◽

Change Impact Analysis ◽

Code Change ◽

Change Impact ◽

Automated Tool

This article shows a novel program analysis framework based on Lewis' theory of counterfactuals. Using this framework we are capable of performing change-impact static analysis on a program's source code. In other words, we are able to prove the properties induced by changes to a given program before applying these changes. Our contribution is two-fold; we show how to use Lewis' logic of counterfactuals to prove that proposed changes to a program preserve its correctness. We report the development of an automated tool based on resolution and theorem proving for performing code change-impact analysis.

Download Full-text

Towards a Flaw Function Heuristic Vulnerability Static Analysis Framework for Executable File

2011 Seventh International Conference on Mobile Ad-hoc and Sensor Networks ◽

10.1109/msn.2011.81 ◽

2011 ◽

Author(s):

Qiang Liu ◽

Hua Chen ◽

Yan Wen ◽

Xiang Li

Keyword(s):

Static Analysis ◽

Analysis Framework ◽

Executable File

Download Full-text

S3ntinel: An Extensible Static Analysis Framework for Android Applications

2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA) ◽

10.1109/iccubea.2018.8697714 ◽

2018 ◽

Author(s):

Shreyans Doshi ◽

Irfan Siddavatam

Keyword(s):

Static Analysis ◽

Analysis Framework ◽

Android Applications

Download Full-text

HybriDroid: static analysis framework for Android hybrid applications

Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering - ASE 2016 ◽

10.1145/2970276.2970368 ◽

2016 ◽

Cited By ~ 14

Author(s):

Sungho Lee ◽

Julian Dolby ◽

Sukyoung Ryu

Keyword(s):

Static Analysis ◽

Analysis Framework

Download Full-text

ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis

Cybersecurity ◽

10.1186/s42400-020-00058-2 ◽

2020 ◽

Vol 3 (1) ◽

Author(s):

Lili Xu ◽

Mingjie Xu ◽

Feng Li ◽

Wei Huo

Keyword(s):

Static Analysis ◽

Software Security ◽

False Positives ◽

Buffer Overflow ◽

Prototype System ◽

Light Weight ◽

Analysis Framework ◽

Smt Solver ◽

Call Graph ◽

Weight Method

Abstract The Integer-Overflow-to-Buffer-Overflow (IO2BO) vulnerability has been widely exploited by attackers to cause severe damages to computer systems. Automatically identifying this kind of vulnerability is critical for software security. Despite many works have been done to mitigate integer overflow, existing tools either report large number of false positives or introduce unacceptable time consumption. To address this problem, in this article we present a static analysis framework. It first constructs an inter-procedural call graph and utilizes taint analysis to accurately identify potential IO2BO vulnerabilities. Then it uses a light-weight method to further filter out false positives. Specifically, it generates constraints representing the conditions under which a potential IO2BO vulnerability can be triggered, and feeds the constraints to SMT solver to decide their satisfiability. We have implemented a prototype system ELAID based on LLVM, and evaluated it on 228 programs of the NIST’s SAMATE Juliet test suite and 14 known IO2BO vulnerabilities in real world. The experiment results show that our system can effectively and efficiently detect all known IO2BO vulnerabilities.

Download Full-text