Approaches for improving handling of static analysis findings
Static code analysis tools are often used in embedded software development to improve the quality and security of embedded systems. Nowadays, many static analysis tools can do deep semantic analysis to find meaningful and critical defects in software. Some can also be used to ensure the software follows specific coding standards relevant to embedded software development, such as MISRA C, MISRA C++, or AUTOSAR C++14.
A static analysis tool can generate many findings, and some of these might be false alarms (i.e. false positives) due to the undecidability of static analysis or the trade-off between precision of analysis and optimization for performance and scalability. To help users handle findings, static analysis tools could be augmented by post-processing analyses, examples of which are ranking alarms that are most likely true defects first or clustering defects into similarity groups to reduce the inspection efforts. Other approaches exist as well, and they are useful to reduce the overall manual effort of reviewing the findings.
This paper presents a brief survey of the state of the art for approaches for improving handling of static analysis findings along with results of the authors’ experiments in a static analysis tool. A discussion of approaches that can be used in safety-critical embedded systems versus non-safety-critical ones is also presented.