Software Analysis Overview

Questions and Answers

What syntax is required at the end of statements in Java?

Comma

Colon

Semicolon (correct)

Period

How does Java handle variable types at compile time?

Types are known only at runtime

Types must be declared explicitly (correct)

Types are inferred randomly

Types can change after declaration

What is a characteristic of dynamic typing as seen in Python?

Types are determined at compile time

Types are defined explicitly by the user

Types cannot change once declared

Types are inferred during runtime (correct)

Which of the following is a primitive type in Java?

Char

What type of error does static checking find before the program runs?

Syntax errors

Which of the following is an example of dynamic checking?

Invalid method arguments

What is NOT a characteristic of Java's variable types?

Types can change dynamically

Which of these statements regarding the scope of block statements in Java is true?

Requires braces to define blocks

What is the primary difference between static and dynamic software analysis?

Static analysis analyzes program without execution.

What can dynamic software analysis help identify that static analysis might miss?

Potential bugs during program execution.

What does the control flow graph represent in static software analysis?

The structure of the program based on intermediate representation.

What is a limitation of both static and dynamic checking?

They can miss bugs that were not anticipated.

Which testing method includes analyzing the program's structure?

Structural testing.

Why is completeness abandoned in static software analysis?

To simplify the control flow graph.

What characterizes explicit data flow in software programs?

Information is copied or used directly in operations.

Which of the following statements is true regarding testing methods?

Behavioral testing assesses a program's functionality based on specifications.

What will be the value of variable 'c' after the statement 'c -= 3' in the first example?

9

What can be inferred from the variable 'b' in the second example if 'a' is deduced to be 0?

b will be 0

In which scenario does implicit information flow occur based on the examples provided?

When the program's behavior indicates a certain value of 'a'

What will happen in the first line of the last example if 'a' is less than 0?

An exception will be thrown

In the third example, what is the purpose of the while loop?

To execute 'doSomething()' infinitely if 'a' is negative

What is the expected behavior when the value of 'a' changes from negative to non-negative in the third example?

The loop exits and the program continues

Which statement about implicit data flow is correct based on the examples?

It can be deduced from program executions and variable behaviors

In the second example, what is the significance of the value returned from 'getValue()'?

It determines if 'b' is set to 1 or 0

Study Notes

Software Analysis

• Software analysis aims to identify unintended behaviors, even if a program is technically correct. It considers contextual information.
• Static analysis examines the source code without running the program.
• Dynamic analysis executes the program to analyze its behavior.

Static Analysis

• The program needs translation into an intermediate representation.
• A control flow graph is built from the representation, but the intermediate representation doesn't include all possible program states.

Dynamic Analysis

• A control flow graph can quickly become complex.
• Dynamic analysis executes the program with different inputs to track the values of variables.

Explicit Information Flow

• Explicit flow occurs when information is copied or used in direct operations, like assigning a value.
• Consider example involving integer variables, assignments & calculations.

Implicit Information Flow

• Implicit flow is deduced from program behavior or variable values.
• If the program terminates, it might be possible to deduce the sign of a variable.
• The execution time can also convey information, even if the program ultimately finishes.
• An exception thrown reveals information about variables.

Java vs. Python

• Java uses static typing, meaning variable types are known at compile time.
• Python is dynamically typed, with type determination occurring at runtime.
• Java requires semicolons at statement endings and uses curly braces around code blocks.
• In Java, operators can be infix (between operands), prefix (before an operand), or postfix (after an operand).

Types in Java

• Java supports primitive types like boolean, byte, short, int, long, float, double, and char.
• Operations on these types are functions.
• Operators and methods work on objects.
• There are pre-defined functions in Java.

Description

Explore the fundamental concepts of software analysis, including static and dynamic analysis, and the distinction between explicit and implicit information flow. This quiz covers essential techniques for evaluating program behavior and understanding control flow graphs.