CAREER: Improving the Practicality of Configurable Static Analysis Tools through Analysis, Testing, Refinement and Adaptation

职业：通过分析、测试、细化和适应提高可配置静态分析工具的实用性

• 批准号: 2047682
• 负责人: Shiyi Wei
• 金额: $ 45.88万
• 依托单位: University of Texas at Dallas
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-06-15 至 2026-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2047682&HistoricalAwards=false
• 关键词: CAREER; Improving; Practicality; Configurable; Static

Due to the scale and complexity of modern software, critical errors, such as security vulnerabilities, are hard to discover. In the past few decades, researchers and practitioners have invented many static-analysis algorithms for bug detection and program verification. To take advantage of the theoretical advances, static-analysis algorithms are often implemented as configuration options in static-analysis tools. For example, taint-analysis tools for Android apps incorporate different algorithms, underlying frameworks, and programming styles to support language features that complicate the detection of critical security vulnerabilities. These configuration options allow developers and users to tune the tool behavior to achieve the right balance between precision, soundness, and performance. However, the unique challenges of the large and complex configuration space in configurable static-analysis tools have prevented them from being broadly adopted in practice. Improving configurable static-analysis tools will lead to higher software quality, a potentially large societal impact.This project proposes to improve the maintainability, correctness, usability, and performance of the configurable static-analysis tools through configuration analysis, testing, evaluation, refinement and adaptation. The project will initially focus on the configurable taint-analysis tools for Android apps to address the following specific research goals. First, unspecified relationships between configuration options, which makes it difficult to tune the tools’ configurations, will be identified and analyzed. The result will be presented to users via a unified configuration-aware user interface. Second, configurable static-analysis tools will be better tested and evaluated via test-case generation and benchmark collection. Third, a human-in-the-loop iterative-refinement process will be designed to explore the configuration space and classify the results to significantly reduce the manual efforts needed in this process. Fourth, learning-based adaptive analysis will be developed to selectively apply analysis algorithms at fine granularity to produce practical results. The practical impact of the research will be evaluated in terms of the tools’ capabilities of detecting real-world vulnerabilities. Once the key research problems are addressed in Android taint-analysis tools, the project will generalize the research to configurable static-analysis tools for different programming languages. The project will significantly improve the state-of-the-art of configurable static-analysis tools and result in their broader adoption in practice.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

由于现代软件的规模和复杂性，诸如安全漏洞之类的严重错误很难被发现。在过去的几十年里，研究人员和从业者发明了许多用于错误检测和程序验证的静态分析算法。随着理论的进步，静态分析算法通常作为静态分析工具中的配置选项来实现，例如，Android 应用程序的污点分析工具包含不同的算法、底层框架和编程风格，以支持使关键检测复杂化的语言功能。这些配置选项。允许开发人员和用户调整工具行为，以实现精度、稳健性和性能之间的适当平衡。然而，可配置静态分析工具中庞大而复杂的配置空间的独特挑战阻碍了它们在实践中得到广泛采用。改进可配置静态分析工具将带来更高的软件质量，潜在的巨大社会影响。本文提出了通过配置分析、测试、评估、细化和改进可配置静态分析工具的可维护性、正确性、可用性和性能的项目。该项目最初将重点关注 Android 应用程序的可配置污点分析工具，以解决以下具体研究目标：首先，将识别和分析配置选项之间的未指定关系，这使得调整工具的配置变得困难。结果将通过统一的配置感知用户界面呈现给用户，第三，可配置的静态分析工具将通过测试用例生成和基准测试收集得到更好的测试和评估。细化第四，将开发基于学习的自适应分析，以选择性地应用细粒度的分析来产生实际的算法结果。一旦 Android 污点分析工具中的关键研究问题得到解决，该项目将根据工具检测现实世界漏洞的能力来评估研究成果，并将研究推广到适用于不同编程语言的可配置静态分析工具。 .该项目将显着提高最先进的可配置静态分析工具，并使其在实践中得到更广泛的采用。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

ECSTATIC: Automatic Configuration-Aware Testing and Debugging of Static Analysis Tools

• DOI: 10.1145/3597926.3604918
• 发表时间: 2023-07
• 期刊: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis
• 作者: Austin Mordahl;Dakota Soles;Miao Miao-Miao;Zenong Zhang;Shiyi Wei

The impact of tool configuration spaces on the evaluation of configurable taint analysis for Android

• DOI: 10.1145/3460319.3464823
• 发表时间: 2021-07
• 期刊: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis
• 作者: Austin Mordahl;Shiyi Wei

Fuzzing Configurations of Program Options

• DOI: 10.1145/3580597
• 发表时间: 2023-02
• 期刊: ACM Transactions on Software Engineering and Methodology
• 影响因子: 4.4
• 作者: Zenong Zhang;George Klees;E. Wang;M. Hicks;Shiyi Wei

ECSTATIC: An Extensible Framework for Testing and Debugging Configurable Static Analysis

• DOI: 10.1109/icse48619.2023.00056
• 发表时间: 2023-05
• 期刊: 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)
• 作者: Austin Mordahl;Zenong Zhang;Dakota Soles;Shiyi Wei