CERN Computing Seminar
Sonar: Exploring static analysis with Open Source solutions
by ,
→
Europe/Zurich
Zoom (CERN)
Zoom
CERN
Description
From developers to developers, let's explore together how do we find issues (code smells, bugs, vulnerabilities) in code using static analysis. In this presentation we will discuss the various techniques behind the many free and open-source Sonar language analyzers and products, from a purely technical angle, and answer the following questions:
- What are the difficulties to understand a programming language?
- What can we find with static analysis, and how?
- What other techniques can we leverage on top of it to improve performance and/or precision? (for instance: “Context-Sensitive Path-Sensitive Dataflow Analysis”, “REGEX Automata Generation”, “Cross-Language Analysis”)
- And ultimately, once we found some (or tons of) issues, what should be the proper approach to fix them?
Computing Seminars