7 March in Kista

This seminar is free of charge

Request more information

Joakim Nilsson
+46 (0) 40 59 22 08
joakim.nilsson@nohau.se

Machine Learning for Finding Programming Defects and Anomalies

Static analysis tools are useful for finding serious programming defects and security vulnerabilities in source and binary code. Most static analysis checkers work by searching the code for known patterns or conditions that will cause the program to fail, or that indicate violations of programming standards.

The set of defects that such tools can find is thus limited to problems anticipated by the tool designer. Some tools can automatically determine new properties to check simply by deducing what is common practice, assuming that common practice is likely correct, and then looking for parts of the code that deviate from that practice in significant ways, on the assumption that such deviant code is incorrect.

This approach has previously been applied only to the scope of the body of code under analysis, but the ever-increasing volume of open source, combined with advances in machine learning, means that it is now possible to deduce common practice from very large software collections. This technique is particularly useful for finding anomalies in API usage, especially for popular operating system interfaces or open source libraries.

This talk will describe how the technique works and will show how it was able to find several previously unknown bugs in high-profile software systems. It will demonstrate how software developers can use these machine learning techniques to find defects that are otherwise very difficult to anticipate.

At this event, Paul will also show an extended demo of the CodeSonar analysis tool.

As a bonus, you will also get an overview how to use binary analysis to examine third-party code without access to its source code. Over the last few years, third-party code has moved from a minor factor in software development to a dominant force in the industry. As a result of this outsourcing, the behaviors of significant parts of applications are actually hidden from most of today’s popular code analysis tools.


Presenter: Paul Anderson

VP of Engineering

Paul is the leader of GrammaTech’s product engineering team.

Paul has worked for GrammaTech for 24 years. He started as a software engineer working on language-sensitive editor technology, before leading the conception and development of both CodeSurfer and CodeSonar. During that time, Paul conducted research into a variety of software engineering tools and techniques, including program understanding and software visualization.

Prior to joining GrammaTech, Paul was a lecturer at City University in London, England. He retains connections to the academic world as a member of the program committees for several software engineering research conferences.

Paul has a PhD in computer science from City University, and a BSc from King’s College, University of London. He lives in Ithaca with his wife and two children.


Where & when

Kista, Sweden: Thursday 7 March
at: 08:30-11:30

Address: Kista Science Tower, Färögatan 33, Kista

GrammaTech – Software Assurance and Cyber-Security Solutions

Please contact us for more information!

Don't wait, call us now!