Static analyses are tools that extract information of computer programs without executing them. Static analyses have a wide range of applications in integrated development environments (IDEs), compilers, and continuous integration (CI) servers. For example, static analyses in IDEs are used to detect bugs and security vulnerabilities, whereas in compilers they are used for type checking and optimizations.
This course gives an overview of the fundamental concepts of static analyses. In particular, we will discuss the trade-off between performance, precision, and correctness of static analyses. Furthermore, you will learn about different types of analyses, such as control-flow, data-flow, points-to, purity, and immutability analyses. Lastly, the course presents several analyses frameworks, such as the monotone framework, big-step abstract interpreters, and IFDS/IDE.
The accompanying exercises practice new analysis concepts by applying them to example programs and extending and designing new static analyses.
Although this course as self-contained, we assume good familiarity with the concepts of programming languages, such as assignments, loops, exception handling, objects, and anonymous functions.
Furthermore, the students should be familiar with basic university-level math and logic.