Final Thesis: Evaluating the Impact of Alias Representations on Static Data-Flow Analysis in C/C++
Jetzt bewerbenStellenbeschreibung
Welcome to the Fraunhofer Institute for Mechatronic Design IEM!
At the »Zukunftsmeile« in Paderborn, Germany, we conduct practical research to develop innovative solutions for mechanical and plant engineering, the automotive industry and related sectors. The focus is on intelligent products, production systems, services and software applications.
Static analysis is an important tool for finding bugs and security vulnerabilities in software. However, static analyses are known for reporting many false positives or fail to report real bugs (false negatives).
Precise data-flow analyses make use of the analysis results from different helper analyses, e.g., call-graph analysis, alias analysis, or type-hierarchy analysis. Therefore, the performance and precision of the analysis results depends on the performance and precision of the helper-analyses' results. Hence, it is crucial to integrate helper analysis and client analysis in a way that does not artificially loose performance or precision. Especially for alias analysis integration, there are several problems: Often, alias analyses provide a binary predicate as interface, whereas a client analysis usually requires sets of aliasing pointers. The reconstruction of these alias sets from a binary alias predicate is non-trivial while being fast and retaining precision.
The goal of this thesis is two-fold:
1. Improving the precision of PhASAR's alias sets by taking non-transitivity of alias information into account
2. Improving the performance of PhASAR's taint analysis by clustering sets of aliasing pointers
What you will do
- Implementing a variant of PhASAR's alias set implementation that takes non-transitivity of alias information into account
- Developing and implementing a clustering algorithm for aliasing pointers
- Integrate the clusters into PhASAR's taint analysis
- Empirically evaluate the impact of the above modifications on performance and precision of a concrete taint analysis
What you bring to the table
- Studies in Computer Science, or equivalent
- Good C++ knowledge
- Basic knowledge in static program analysis
- Completed the course “Designing Code Analyses for Large Scale Software Systems” or equivalent [optional]
What you can expect
- We take a strong team culture with flat hierarchies for granted. That means: high regard and trust
- Professional supervision and expert support in the preparation of your research project/ thesis
- Insight into current business challenges
- Flexible working from home to combine studies and work in the best possible way
This position is also available on a part-time basis. We value and promote the diversity of our employees' skills and therefore welcome all applications - regardless of age, gender, nationality, ethnic and social origin, religion, ideology, disability, sexual orientation and identity. Severely disabled persons are given preference in the event of equal suitability.
With its focus on developing key technologies that are vital for the future and enabling the commercial utilization of this work by business and industry, Fraunhofer plays a central role in the innovation process. As a pioneer and catalyst for groundbreaking developments and scientific excellence, Fraunhofer helps shape society now and in the future.
Interested? Apply online now. We look forward to getting to know you!
Questions about this position will be answered by:
Mr. Fabian Schiebel
Fraunhofer-Institut für Entwurfstechnik Mechatronik IEM
Zukunftsmeile 1| 33102 Paderborn
Phone: +495251 5465-460
Web:
Requisition Number: 73525