CERN Computing Seminar

Sonar: Exploring static analysis with Open Source solutions

by Michael Gumowski, Arseniy Zaostrovnykh (Sonar)

Zoom (CERN)




From developers to developers, let's explore together how do we find issues (code smells, bugs, vulnerabilities) in code using static analysis. In this presentation we will discuss the various techniques behind the many free and open-source Sonar language analyzers and products, from a purely technical angle, and answer the following questions:

  • What are the difficulties to understand a programming language?
  • What can we find with static analysis, and how?
  • What other techniques can we leverage on top of it to improve performance and/or precision? (for instance: “Context-Sensitive Path-Sensitive Dataflow Analysis”, “REGEX Automata Generation”, “Cross-Language Analysis”)
  • And ultimately, once we found some (or tons of) issues, what should be the proper approach to fix them?
Computing Seminars
Zoom Meeting ID
Miguel Marquina
Useful links
Join via phone
Zoom URL