Semantics-based static analysis requires a significant theoretical background before being able to design and implement a new analysis. Unfortunately, the development of even a toy static analyzer from scratch requires to implement an infrastructure (parser, control flow graphs representation, fixpoint algorithms, etc.) that is too demanding for bachelor and master students in computer science. This approach difficulty can condition the acquisition of skills on software verification which are of major importance for the design of secure systems. In this paper, we show how LiSA (Library for Static Analysis) can play a role in that respect. LiSA implements the basic infrastructure that allows a non-expert user to develop even simple analyses (e.g., dataflow and numerical non-relational domains) focusing only on the design of the appropriate representation of the property of interest and of the sound approximation of the program statements.
Static analysis for dummies: Experiencing LiSA / Ferrara, P.; Negrini, L.; Arceri, V.; Cortesi, A.. - (2021), pp. 1-6. ((Intervento presentato al convegno 10th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis, SOAP 2021, co-located with the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2021 tenutosi a can nel 2021 [10.1145/3460946.3464316].