skip to main content
research-article
Free access

Designing UIs for static-analysis tools

Published: 24 January 2022 Publication History

Abstract

Evaluating tool design guidelines with SWAN.

References

[1]
Anderson, P. Static analysis results: a format and a protocol: SARIF & SASP. GrammaTech Blog, 2018; https://blogs.grammatech.com/static-analysis-results-a-format-and-a-protocol-sarif-sasp.
[2]
Apple Developer. Xcode, 2021; https://developer.apple.com/xcode/.
[3]
Apple iOS Team. iOS 14, 2014; https://www.apple.com/ca/ios/.
[4]
Apple macOS Team. macOS Big Sur, 2001; https://www.apple.com/ca/macos/mojave/.
[5]
Arzt, S. et al. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In Proceedings of the 35th ACM SIGPLAN Conf. Programming Language Design and Implementation, 2014, 259--269
[6]
Ayewah, N., Pugh, W., Hovemeyer, D., Morgenthaler, J. D., Penix, J. Using static analysis to find bugs. IEEE Software 25, 5 (2008), 22--29
[7]
Ayewah, N., Pugh, W. A report on a survey and study of static analysis users. In Proceedings of the 2008 Workshop on Defects in Large Softw. Systems
[8]
Azim, T., Neamtiu, J. Targeted and depth-first exploration for systematic testing of Android apps. In Proceedings of the 2013 ACM SIGPLAN Conf. Object-Oriented Programming Systems, Languages and Applications. A.L. Hosking, P.Th. Eugster, and C.V. Lopes, Eds, 641--660
[9]
Bessey, A. et al. A few billion lines of code later: Using static analysis to find bugs in the real world. Commun. 53, 2 (Feb. 2010), 66--75
[10]
Chowdhury, I., Zulkernine, M. Can complexity coupling, and cohesion metrics be used as early indicators of vulnerabilities? In Proceedings of the ACM 2010 Symposium on Applied Computing, 1963--1969
[11]
Christakis, M., Bird, C. What developers want and need from program analysis: an empirical study. In Proceedings of the 31st IEEE/ACM Intern. Conf. Automated Softw. Engineering, 2016, 332--343
[12]
12, Huang, W., Dong, Y., Milanova, A., Dolby, J. Scalable and precise taint analysis for Android. In Proceedings of the 2015 Intern. Symp. on Softw. Testing and Analysis. M. Young and T. Xi, Eds, 106--117
[13]
Johnson, B., Song, Y., Murphy-Hill, E., Bowdidge, R. Why don't software developers use static analysis tools to find bugs? In Proceedings of the Intern. Conf. Softw. Engineering, 2013, 672--681
[14]
Kersten, M., Murphy, G.C. Using task context to improve programmer productivity. In Proceedings of the 14th ACM SIGSOFT Intern. Symp. Foundations of Softw. Engineering, 2006; 1--11
[15]
Lewis, C., Lin, Z., Sadowski, C., Zhu, X., Ou, R., Whitehead, E.J. Does bug prediction support human developers? Findings from a Google case study. In Proceedings of the 35th Intern. Con. on Softw. Engineering, 2013, 372--381. IEEE
[16]
LLVM Developer Group. The LLVM compiler infrastructure, 2003; https://llvm.org/.
[17]
LLVM Developer Group. Clang: A C language family front end for LLVM, 2007; https://clang.llvm.org/.
[18]
Nguyen Quang Do, L. User-centered tool design for data-flow analysis. Ph.D. dissertation. Paderborn University, 2019
[19]
Nguyen Quang Do, L., Ali, K., Livshits, B., Bodden, E., Smith, J., Murphy-Hill, E.R. Just-in-time static analysis. In Proceedings of the 26th ACM SIGSOFT Intern. Symp. Softw. Testing and Analysis. 2017, 307--317
[20]
Nguyen Quang Do, L., Wright, J. R., Ali, K. Why do software developers use static analysis tools? A user-centered study of developer needs and motivations. IEEE Trans. Softw. Engineering (June 24, 2020). IEEE; https://ieeexplore.ieee.org/document/9124719.
[21]
StatCounter GlobalStats. Desktop operating system market share worldwide, 2019; https://gs.statcounter.com/os-market-share/desktop/worldwide/#monthly-201901-201912.
[22]
StatCounter GlobalStats. Mobile operating system market share worldwide, 2019; https://gs.statcounter.com/os-market-share/mobile/worldwide/#monthly-201901-201912.
[23]
Swift. The Swift Programming Language, 2015; https://swift.org/.
[24]
SwiftLint. A tool to enforce Swift style and conventions. GitHub, 2015; https://github.com/realm/SwiftLint.
[25]
Tailor. Cross-platform static analyzer and linter for Swift. GitHub, 2015; https://github.com/sleekbyte/tailor.
[26]
Tiganov, D., Cho, J., Ali, K., Dolby, J. SWAN: A static analysis framework for Swift. In Proceedings of the 28th ACM Joint Meeting on European Softw. Engineering Conf. and Symp. on the Foundations of Software Engineering, 2020, 1640--1644
[27]
Vassallo, C., Panichella, S., Palomba, F., Proksch, S., Zaidman, A., Gall, H.C. Context is king: the developer perspective on the usage of static analysis tools. In IEEE 25th Intern. Conf. Softw. Analysis, Evolution and Reengineering. 2018, 38--49
[28]
Visual Studio. Visual Studio Code---Code editing. Redefined, 2015; https://code.visualstudio.com.

Cited By

View all
  • (2024)Abstract Debuggers: Exploring Program Behaviors using Static Analysis ResultsProceedings of the 2024 ACM SIGPLAN International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software10.1145/3689492.3690053(130-146)Online publication date: 17-Oct-2024
  • (2023)How to Find Actionable Static Analysis Warnings: A Case Study With FindBugsIEEE Transactions on Software Engineering10.1109/TSE.2023.323420649:4(2856-2872)Online publication date: 1-Apr-2023
  • (2022)Efficiency Investigation of BT-Object Based Partial Evaluation of Interpreters Written in the Java Object-Oriented LanguageProgram Systems: Theory and ApplicationsПрограммные системы: теория и приложения10.25209/2079-3316-2022-13-4-111-13713:4(111-137)Online publication date: 2022

Recommendations

Comments

Information & Contributors

Information

Published In

cover image Communications of the ACM
Communications of the ACM  Volume 65, Issue 2
February 2022
110 pages
ISSN:0001-0782
EISSN:1557-7317
DOI:10.1145/3514042
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 January 2022
Published in CACM Volume 65, Issue 2

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article
  • Popular
  • Refereed

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)482
  • Downloads (Last 6 weeks)71
Reflects downloads up to 17 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Abstract Debuggers: Exploring Program Behaviors using Static Analysis ResultsProceedings of the 2024 ACM SIGPLAN International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software10.1145/3689492.3690053(130-146)Online publication date: 17-Oct-2024
  • (2023)How to Find Actionable Static Analysis Warnings: A Case Study With FindBugsIEEE Transactions on Software Engineering10.1109/TSE.2023.323420649:4(2856-2872)Online publication date: 1-Apr-2023
  • (2022)Efficiency Investigation of BT-Object Based Partial Evaluation of Interpreters Written in the Java Object-Oriented LanguageProgram Systems: Theory and ApplicationsПрограммные системы: теория и приложения10.25209/2079-3316-2022-13-4-111-13713:4(111-137)Online publication date: 2022

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Full Access

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media