Automated Repair of Static Analysis Alerts

Abstract

Problem: Static analysis (SA) tools produce many alerts on C/C++ code, many of which are false positives. Solution: Automatically repair 80 percent or more of each type of SA alerts in a way that both preserves soundness, and makes the alert disappear when the code is reanalyzed. Approach: Choose 3 (later 10) categories of alerts to repair, build a tool to repair alerts, and verify it can fix >80 percent of alerts in each category.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2023
Accession Number
AD1210401

Entities

People

  • David Svoboda

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Coding
  • Computer Programming
  • Computer Programs
  • Department Of Defense
  • Engineering
  • Engineers
  • Environment
  • Governments
  • Information Systems
  • Lessons Learned
  • Materials
  • Pipelines
  • Platforms
  • Security
  • Software Development
  • Software Testing
  • Space Force

Fields of Study

  • Computer science

Readers

  • Logistics and Supply Chain Management.
  • Mathematics or Statistics
  • Team-Based Human-Centered Cognitive Task Decision Making and Information Performance.