Project: LiSA
A modular easy to use Library for Static Analysis aiming at multi-language analysisJava
As part of my PhD research project, I started the development of LiSA, together with the Software and System Verification group @ Ca’ Foscari University of Venice, Italy. LiSA (Library for Static Analysis) eases the creation and implementation of static analyzers based on the Abstract Interpretation theory. LiSA provides an analysis engine that works on a generic and extensible control flow graph representation of the program to analyze. Abstract interpreters in LiSA are built for analyzing such representation, providing a unique analysis infrastructure for all the analyzers that will rely on it.
Building an analyzer upon LiSA boils down to writing a parser for the language that one aims to analyze, translating the source code or the compiled code towardsthe control flow graph representation of LiSA. Then, simple checks iterating over the results provided by the semantic analyses of LiSA can be easily defined to translate semantic information into warnings that can be of value for the final user.
LiSA is distributed under the MIT license.
Related publications
- Automating ROS2 Security Policies Extraction through Static Analysis
- Sound Static Analysis for Microservices: Utopia? A preliminary experience with LiSA
- Towards a Sound Construction of EVM Bytecode Control-flow Graphs
- Teaching Through Practice: Advanced Static Analysis with LiSA
- Detection of Phantom Reads in Hyperledger Fabric
- Design and Implementation of Static Analyses for Tezos Smart Contracts
- LiSA: A Generic Framework for Multilanguage Static Analysis
- Information Flow Analysis for Detecting Non-Determinism in Blockchain
- Static Analysis of Data Transformations in Jupyter Notebooks
- MichelsonLiSA: A Static Analyzer for Tezos
- Ensuring Determinism in Blockchain Software with GoLiSA: An Industrial Experience Report
- Static analysis for dummies: experiencing LiSA
Related talks
- Teaching Through Practice: Advanced Static Analysis with LiSA
- Getting started with LiSA
- Quick and dirty development of static analyses with LiSA
- Static Analysis of Data Transformations in Jupyter Notebooks
- Using LiSA for analyzing an IoT network
- Multi‑language analysis with LiSA
- Modular Multi‑language analysis in LiSA