Title :
Predicting accurate and actionable static analysis warnings
Author :
Ruthruff, Joseph R. ; Penix, John ; Morgenthaler, J. David ; Elbaum, Sebastian ; Rothermel, Gregg
Author_Institution :
Univ. of Nebraska-Lincoln, Lincoln, NE, USA
Abstract :
Static analysis tools report software defects that may or may not be detected by other verification methods. Two challenges complicating the adoption of these tools are spurious false positive warnings and legitimate warnings that are not acted on. This paper reports automated support to help address these challenges using logistic regression models that predict the foregoing types of warnings from signals in the warnings and implicated code. Because examining many potential signaling factors in large software development settings can be expensive, we use a screening methodology to quickly discard factors with low predictive power and cost-effectively build predictive models. Our empirical evaluation indicates that these models can achieve high accuracy in predicting accurate and actionable static analysis warnings, and suggests that the models are competitive with alternative models built without screening.
Keywords :
formal verification; program diagnostics; regression analysis; software tools; legitimate warnings; logistic regression models; potential signaling factors; screening methodology; software defects; software development settings; spurious false positive warnings; static analysis tools; static analysis warnings; verification methods; Accuracy; Logistics; Permission; Power system reliability; Predictive models; Programming; Regression analysis; Software quality; Software tools; Statistical analysis; experimental program analysis; logistic regression analysis; screening; software quality; static analysis tools;
Conference_Titel :
Software Engineering, 2008. ICSE '08. ACM/IEEE 30th International Conference on
Conference_Location :
Leipzig
Print_ISBN :
978-1-4244-4486-1
Electronic_ISBN :
0270-5257
DOI :
10.1145/1368088.1368135
