Static Analysis & Verification

In a digitalized world (“software is eating the world”), software quality in general and software security in particular play a central role.

Enforcing high-quality, secure software requires powerful and intelligent methods of program analysis, which automatically detect problems, rule violations, and security vulnerabilities.

Recurring research themes include:

• trading precision versus correctness
• analyzing binary or obfuscated code
• building a unified knowledge base from a diverse set of analyzes
• learning patterns from existing code bases
• replacing expert knowledge
• preventing security vulnerabilities

Courses:

• Lecture: Program Analysis
• Project: Software Development Tools

Recent Papers:

• A Modular Soundness Theory for the Blackboard Analysis Architecture. S Keidel, D Helm, T Roth, M Mezini.
• Modular collaborative program analysis in OPAL. D Helm, F Kübler, M Reif, M Eichberg, M Mezini.
• A unified lattice model and framework for purity analyses. D Helm, F Kübler, M Eichberg, M Reif, M Mezini.
• AXA: Cross-Language Analysis through Integration of Single-Language Analyses. T Roth, J Näumann, D Helm, S Keidel, M Mezini.
• Unimocg: Modular Call-Graph Algorithms for Consistent Handling of Language Features. D Helm, T Roth, S Keidel, M Reif, M Mezini.
• Total recall? How good are static call graphs really? D Helm, S Keidel, A Kampkötter, J Düsing, T Roth, B Hermann, M Mezini.