Review efforts reduction by partitioning of static analysis warnings

2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2013-10-28 DOI:10.1109/SCAM.2013.6648191

Tukaram Muske, Ankit Baid, Tushar Sanas

{"title":"Review efforts reduction by partitioning of static analysis warnings","authors":"Tukaram Muske, Ankit Baid, Tushar Sanas","doi":"10.1109/SCAM.2013.6648191","DOIUrl":null,"url":null,"abstract":"Static analysis has been successfully employed in software verification, however the number of generated warnings and cost incurred in their manual review is a major concern. In this paper we present a novel idea to reduce manual review efforts by identifying redundancy in this review process. We propose two partitioning techniques to identify redundant warnings - 1) partitioning of the warnings with each partition having one leader warning such that if the leader is a false positive, so are all the warnings in its partition which need not be reviewed and 2) further partitioning the leader warnings based on similarity of the modification points of variables referred to in their expressions. The second technique makes the review process faster by identifying further redundancies and it also makes the reviewing of a warning easier due to the associated information of modification points. Empirical results obtained with these grouping techniques indicate that, on an average, 60% of warnings are redundant in the review context and skipping their review would lead to a reduction of 50-60% in manual review efforts.","PeriodicalId":170882,"journal":{"name":"2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCAM.2013.6648191","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

Abstract

Static analysis has been successfully employed in software verification, however the number of generated warnings and cost incurred in their manual review is a major concern. In this paper we present a novel idea to reduce manual review efforts by identifying redundancy in this review process. We propose two partitioning techniques to identify redundant warnings - 1) partitioning of the warnings with each partition having one leader warning such that if the leader is a false positive, so are all the warnings in its partition which need not be reviewed and 2) further partitioning the leader warnings based on similarity of the modification points of variables referred to in their expressions. The second technique makes the review process faster by identifying further redundancies and it also makes the reviewing of a warning easier due to the associated information of modification points. Empirical results obtained with these grouping techniques indicate that, on an average, 60% of warnings are redundant in the review context and skipping their review would lead to a reduction of 50-60% in manual review efforts.

查看原文本刊更多论文

通过划分静态分析警告来减少评审工作量

静态分析已经成功地应用于软件验证中，然而，在它们的手动审查中产生的警告的数量和成本是一个主要问题。本文提出了一种通过识别评审过程中的冗余来减少人工评审工作量的新方法。为了识别冗余警告，我们提出了两种划分技术:1)对警告进行划分，每个分区有一个leader警告，如果leader是假阳性，那么该分区中的所有警告都是假阳性，不需要审查;2)根据其表达式中引用的变量修改点的相似性进一步划分leader警告。第二种技术通过识别进一步的冗余使审查过程更快，并且由于修改点的相关信息，它还使审查警告更容易。使用这些分组技术获得的经验结果表明，平均而言，60%的警告在审查上下文中是冗余的，跳过它们的审查将导致人工审查工作减少50-60%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM)

自引率

0.00%

发文量