Extending abstract interpretation to dependency analysis of database applications

A Jana, R Halder, KV Abhishekh… - IEEE Transactions …, 2018 - ieeexplore.ieee.org
A Jana, R Halder, KV Abhishekh, SD Ganni, A Cortesi
IEEE Transactions on Software Engineering, 2018ieeexplore.ieee.org
Dependency information (data-and/or control-dependencies) among program variables and
program statements is playing crucial roles in a wide range of software-engineering
activities, eg, program slicing, information flow security analysis, debugging, code-
optimization, code-reuse, code-understanding. Most existing dependency analyzers focus
on mainstream languages and they do not support database applications embedding
queries and data-manipulation commands. The first extension to the languages for relational …
Dependency information (data- and/or control-dependencies) among program variables and program statements is playing crucial roles in a wide range of software-engineering activities, e.g., program slicing, information flow security analysis, debugging, code-optimization, code-reuse, code-understanding. Most existing dependency analyzers focus on mainstream languages and they do not support database applications embedding queries and data-manipulation commands. The first extension to the languages for relational database management systems, proposed by Willmor et al. in 2004, suffers from the lack of precision in the analysis primarily due to its syntax-based computation and flow insensitivity. Since then no significant contribution is found in this research direction. This paper extends the Abstract Interpretation framework for static dependency analysis of database applications, providing a semantics-based computation tunable with respect to precision. More specifically, we instantiate dependency computation by using various relational and non-relational abstract domains, yielding to a detailed comparative analysis with respect to precision and efficiency. Finally, we present a prototype , a sem antics-based D atabase D ependency A nalyzer integrated with various abstract domains, and we present experimental evaluation results to establish the effectiveness of our approach. We show an improvement of the precision on an average of 6 percent in the interval, 11 percent in the octagon, 21 percent in the polyhedra and 7 percent in the powerset of intervals abstract domains, as compared to their syntax-based counterpart, for the chosen set of Java Server Page (JSP)-based open-source database-driven web applications as part of the GotoCode project.
ieeexplore.ieee.org
以上显示的是最相近的搜索结果。 查看全部搜索结果