Proceedings of ISP RAS

Using static analysis for finding security vulnerabilities and critical errors in source code.

Arutyun Avetisyan, Andrey Belevantsev, Alexey Borodin, Vladimir Nesov.


Static analysis is a popular way of finding given patterns in source or binary code (e.g., coding style errors, violations of project guidelines of using specific libraries or language features, critical errors, security vulnerabilities, malicious code). In this paper we review the static analysis tool developed in ISP RAS for finding critical errors and security vulnerabilities in C/C++ source code. The tool uses interprocedural unsound dataflow analysis and allows performing fully automatic analysis resulting in 40-80% true positive rate which is on par with the best commercial tools in this area.


static analysis, dataflow analysis, range analysis, interprocedural analysis, security vulnerability


Proceedings of the Institute for System Programming, vol. 21, 2011, pp. 23-38.

ISSN 2220-6426 (Online), ISSN 2079-8156 (Print).

Full text of the paper in pdf (in Russian) Back to the contents of the volume