SubsidieMeestersSelf-Optimizing Static Program Analysis
SOSA aims to revolutionize static program analysis by creating self-adaptive analyses that optimize performance and precision, enhancing software security and developer efficiency.
Projectdetails
Introduction
Software systems pervade our personal and professional lives, yet their insecurity threatens our society. To assure that software systems are dependable and secure, one must reason about their code. Static program analysis enables such reasoning.
Importance of Static Program Analysis
It can be applied to individual software components, and it can show not only the presence but also prove the absence of bugs and vulnerabilities. Yet, to be useful to software developers, static analyses must be adapted to the context in which they are used.
Challenges with Current Static Analyses
Studies show that poorly adapted analyses slow down rather than assist development. They report large sets of false warnings that distract developers from actual bugs, which the analyses often miss. Additionally, they often run so long that results are reported when they are already outdated.
Research Hypothesis of SOSA
SOSA’s main research hypothesis is that one can generate precise and efficient static analyses of software systems by making static analysis self-aware and self-optimizing.
Groundbreaking Paradigm Shift
With SOSA, a static analysis conducts analyses and optimizations not just of programs but of itself. This is a groundbreaking paradigm shift: no previous research has regarded complex program analyses themselves as the primary object of automated analysis and optimization.
Self-Adaptive Analyses
SOSA will introduce, for the first time, static analyses whose execution is not pre-defined by their creators but is inherently self-adaptive. As a result, analyses automatically adapt themselves to yield a performance/precision tradeoff that is optimal with respect to how the analysis is deployed and which program it analyzes.
Benefits of SOSA
With SOSA, static analyses will report true and relevant warnings at minimal analysis time without requiring manual optimizations by end users. SOSA will boost progress in the field of program-analysis research, mapping the landscape of static-analysis optimizations and how and where they are best applied.
Conclusion
By enabling software developers to optimally deploy static analyses with ease, SOSA will help secure millions of software systems.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 2.500.000 |
| Totale projectbegroting | € 2.500.000 |
Tijdlijn
| Startdatum | 1-11-2024 |
| Einddatum | 31-10-2029 |
| Subsidiejaar | 2024 |
Partners & Locaties
Projectpartners
- UNIVERSITAET PADERBORNpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Resilient and Sustainable Software SecurityThe RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements. | ERC Consolid... | € 1.998.851 | 2023 | Details |
efficient Syntactic Analysis for Large-scale Sentiment AnalysisSALSA aims to democratize sentiment analysis for small businesses by developing an accurate, cost-effective, AI-based engine that utilizes syntax-guided methods on consumer-grade hardware. | ERC Proof of... | € 150.000 | 2023 | Details |
Advanced Software Tools for JavaScript DevelopersPAWTOOLS aims to commercialize novel program analysis techniques for JavaScript, enhancing security and stability in software development by automating library dependency management. | ERC Proof of... | € 150.000 | 2022 | Details |
Change Impact Analysis, Root Cause Analysis, and AI-based Repair for Safe and Secure Software EvolutionFORTE aims to enhance software development by integrating AI for automated code repair and analysis, enabling developers to confidently implement changes without introducing new issues. | ERC Proof of... | € 150.000 | 2024 | Details |
Testing Program Analyzers Ad AbsurdumMirandaTesting aims to develop a systematic methodology for testing program analyzers to detect critical bugs, enhancing software reliability in safety-critical applications. | ERC Starting... | € 1.499.991 | 2023 | Details |
Resilient and Sustainable Software Security
The RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements.
efficient Syntactic Analysis for Large-scale Sentiment Analysis
SALSA aims to democratize sentiment analysis for small businesses by developing an accurate, cost-effective, AI-based engine that utilizes syntax-guided methods on consumer-grade hardware.
Advanced Software Tools for JavaScript Developers
PAWTOOLS aims to commercialize novel program analysis techniques for JavaScript, enhancing security and stability in software development by automating library dependency management.
Change Impact Analysis, Root Cause Analysis, and AI-based Repair for Safe and Secure Software Evolution
FORTE aims to enhance software development by integrating AI for automated code repair and analysis, enabling developers to confidently implement changes without introducing new issues.
Testing Program Analyzers Ad Absurdum
MirandaTesting aims to develop a systematic methodology for testing program analyzers to detect critical bugs, enhancing software reliability in safety-critical applications.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Integrated Safety for Deeply Embedded Systems Software (ISAFE)Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling. | Mkb-innovati... | € 160.200 | 2016 | Details |
Situational Awareness Software (SAS)Het Situational Awareness Software-project verbetert de detectie van onveiligheden met machine learning, waardoor politieteams proactief kunnen handelen en de veiligheid in Nederland toeneemt, met aandacht voor privacy en toegankelijkheid. | Mkb-innovati... | € 238.140 | 2021 | Details |
Validatie van interpretaties door rijhulpsystemenV-Tron onderzoekt de haalbaarheid van softwarematige validatie van rijhulpsystemen om verkeersveiligheid en betrouwbaarheid te verbeteren. | Mkb-innovati... | € 20.000 | 2020 | Details |
Haalbaarheid VitaliteitsauditsOperaSana ontwikkelt een geautomatiseerde digitale audit voor HR- en Arbo-processen om de effectiviteit van vitaliteitsmaatregelen objectief te meten. | Mkb-innovati... | € 20.000 | 2023 | Details |
Integrated Safety for Deeply Embedded Systems Software (ISAFE)
Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling.
Situational Awareness Software (SAS)
Het Situational Awareness Software-project verbetert de detectie van onveiligheden met machine learning, waardoor politieteams proactief kunnen handelen en de veiligheid in Nederland toeneemt, met aandacht voor privacy en toegankelijkheid.
Validatie van interpretaties door rijhulpsystemen
V-Tron onderzoekt de haalbaarheid van softwarematige validatie van rijhulpsystemen om verkeersveiligheid en betrouwbaarheid te verbeteren.
Haalbaarheid Vitaliteitsaudits
OperaSana ontwikkelt een geautomatiseerde digitale audit voor HR- en Arbo-processen om de effectiviteit van vitaliteitsmaatregelen objectief te meten.