Software Assurance

We are developing support for mixed analysis of source code and machine code where some of the program's functions are available in source code and others are available in machine code. The mixed-mode analysis provides many opportunities:

  • Leverage of source-level specifications. Many of CodeSonar's® checks are specified using fragments of C code. By developing a mixed mode analysis, we have been able to apply these source-level specification (e.g., do not close a file twice) to machine code.
  • Leverage of source-code models for improved machine-code analysis. Mixed-mode analysis also allows us to use source code stubs or models for important library calls. This may result in sharper results in the machine-code analysis.
  • Leverage of library analysis for improved source-code analysis. Conversely, mixed-mode analysis can be used to make source-code analysis more complete by analyzing the machine-code versions of libraries and the source-versions of the program's functions. (Source-code analysis is often incomplete because it cannot see into libraries that are linked only in binary form.)

    GrammaTech is working toward a version of CodeSonar that supports mixed-mode analysis of C/C++ and machine code for various instruction set architectures.


Areas | Products | Sponsors | Publications | News | Privacy Policy | About Us | Site Map
© 2007-2012, GrammaTech, Inc. All rights reserved. CodeSurfer and CodeSonar are registered trademarks of GrammaTech, Inc.