Publications

From WalaWiki

List of publications that rely on the WALA infrastructure, or its precursor DOMO:

2009

1. Refactoring for Reentrancy. Jan Wloka, Manu Sridharan, and Frank Tip. To appear in The Seventh Joint Meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2009).
2. The Complexity of Andersen's Analysis in Practice, Manu Sridharan and Stephen J. Fink. To appear in The 16th International Static Analysis Symposium (SAS 2009).
3. Snugglebug: A Powerful Approach to Weakest Preconditions. Satish Chandra, Stephen Fink, and Manu Sridharan. Accepted for Publication in Proceedings of Programming Languages Design and Implementation (PLDI 2009), Dublin, Ireland, June 2009.
4. TAJ: Effective Taint Analysis of Web Applications, Omer Tripp, Marco Pistoia, Stephen Fink, Manu Sridharan, Omri Weisman. Accepted for Publication in Proceedings of Programming Languages Design and Implementation (PLDI 2009), Dublin, Ireland, June 2009.
5. Safe-Commit Analysis to Facilitate Team Software Development, Jan Wloka, Barbara G. Ryder, Frank Tip and Xiaoxia Ren. To Appear in Proceedings of International Conference on Software Engineering (ICSE 2009), Vancouver, Canada, May 2009.
6. Modular String-Sensitive Permission Analysis with Demand-Driven Precision, Emmanuel Geay, Marco Pistoia, Takaaki Tateishi, Barbara Ryder, Julian Dolby, Accepted for Publication in Proceedings of International Conference on Software Engineering (ICSE 2009), Vancouver, BC, Canada, May 2009.
7. Compile-Time Analysis and Specialization of Clocks in Concurrent Programs, Nalini Vasudevan, Olivier Tardieu, Julian Dolby, Stephen A. Edwards, International Conference on Compiler Construction (CC 09), 22-29 March 2009, York, United Kingdom
8. Finding Concurrency-Related Bugs Using Random Isolation, Nicholas Kidd, Thomas W. Reps, Julian Dolby, Mandana Vaziri, In Verification, Model Checking, and Abstract Interpretation, 10th International Conference (VMCAI 2009), Savannah, GA, USA, January 18-20, 2009.
   
   2008
   
   
9. Verifying Dereference Safety via Expanding-Scope Analysis, Alexey Loginov, Eran Yahav, Satish Chandra, Stephen Fink, Noam Rinetzky, Mangala Gowri, In Proceedings of the ACM SIGSOFT 2008 International Symposium on Software Testing and Analysis (ISSTA 2008)
10. A Scalable Technique for Characterizing the Usage of Temporaries in Framework-intensive Java Applications, Bruno Dufour, Barbara G. Ryder, Gary Sevitsky, Foundations of Software Engineering (FSE), Atlanta, GA, USA, 2008.
11. Effective Blame for Information-Flow Violations, Dave King, Trent Jaeger, Somesh Jha, Sanjit A. Seshia, Foundations of Software Engineering (FSE), Atlanta, GA, USA, 2008.
12. Type inference for locality analysis of distributed data structures, Satish Chandra, Vijay Saraswat, Vivek Sarkar, Ras Bodik, Proceedings of the 13th ACM SIGPLAN Symposium on Principles and practice of parallel programming, 2008.
13. Static Specification Mining Using Automata-Based Abstractions, Sharon Shoham, Eran Yahav, Stephen Fink, and Marco Pistoia, IEEE Transactions on Software Engineering,Volume 34, Issue 5 (September 2008),Pages 651-666.
14. Effective Typestate Verification in the Presence of Aliasing, Stephen Fink, Eran Yahav, G. Ramalingam, Nurit Dor, and Emmanuel Geay, ACM Transactions on Software Engineering and Metholodgy, Volume 17,Issue 2,2008.
15. The CLOSER: automating resource management in Java, Isil Dillig, Thomas Dillig, Eran Yahav, Satish Chandra, Proceedings of the 7th international symposium on Memory management, 2008.
16. Generating Precise and Concise Procedure Summaries, Greta Yorsh, Eran Yahav, and Satish Chandra. Accepted to ACM Symposium on Principles of Programming Languages, (POPL 2008)
17. ReBA: Refactoring-aware Binary Adaptation of Evolving Libraries, Danny Dig, Stas Negara, Vibhu Mohindra, Ralph Johnson, Proceedings of International Conference on Software Engineering (ICSE'08), Leipzig - May 2008.
    
    2007
    
    
18. Reducing Unnecessary Conservativeness in Access Rights Analysis with String Analysis.Koganeyama, M., Tabuchi, N., and Tateishi, T. 2007. In Proceedings of the 14th Asia-Pacific Software Engineering Conference (December 04 - 07, 2007). APSEC.
19. Filtering out methods you wish you hadn't navigated.Ying, A. T. and Tarr, P. L. 2007. In Proceedings of the 2007 OOPSLA Workshop on Eclipse Technology Exchange (Montreal, Quebec, Canada, October 21 - 21, 2007). eclipse '07.
20. Static Specification Mining Using Automata-Based Abstractions.Sharon Shoham, Eran Yahav, Stephen J. Fink, and Marco Pistoia. In Proceedings of the ACM SIGSOFT 2007 International Symposium on Software Testing and Analysis (ISSTA 2007), London, United Kingdom, July 2007. ACM Press.
21. Blended Analysis for Performance Understanding in Framework-Based Systems. Bruno Dufour, Barbara Ryder, Gary Sevitsky. International Symposium on Software Testing and Analysis (ISSTA), London, UK, 2007
22. Finding Bugs Efficiently with a SAT Solver, Julian Dolby, Mandana Vaziri, and Frank Tip, in Proceedings of the 6th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2007)
23. Thin Slicing. Manu Sridharan, Stephen J. Fink, and Rastislav Bodik. In Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation (PLDI 2007), San Diego, CA, June 2007.
24. When Role Models Have Flaws: Static Validation of Enterprise Security Policies. Marco Pistoia, Stephen J. Fink, Robert J. Flynn, and Eran Yahav. In Proceedings of the 29th International Conference on Software Engineering (ICSE 2007), Minneapolis, MN, May 2007.
25. A Survey of Static Analysis Methods for Identifying Security Vulnerabilities in Software Systems. Marco Pistoia, Satish Chandra, Stephen Fink, and Eran Yahav. IBM Systems Journal, volume 46, number 2, Armonk, NY, USA, May 2007. International Business Machines Corporation.
26. Mashup Component Isolation via server-side analysis and instrumentation. K. Vikram and Michael Steiner. In Web 2.0 Security & Privacy Workshop. IEEE Computer Society, Technical Committee on Security and Privacy, 2007
    
    2006
    
    
27. Effective Typestate Verification in the Presence of Aliasing, Stephen Fink, Eran Yahav, Nurit Dor, Ramalingam, and Emmanuel Geay. In Proceedings of the ACM SIGSOFT 2006 International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, USA, July 2006. ACM Press.
28. Role-Based Access Control Consistency Validation, Paolina Centonze, Gleb Naumovich, Stephen Fink, and Marco Pistoia. In Proceedings of the ACM SIGSOFT 2006 International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, USA, July 2006. ACM Press.
29. The Case for Analysis Preserving Language Transformation Xiaolan Zhang, Larry Koved, Marco Pistoia, Sam Weber, Trent Jaeger, Guillaume Marceau, and Liangzhao Zeng. In Proceedings of the ACM SIGSOFT 2006 International Symposium on Software Testing and Analysis (ISSTA 2006), Portland, ME, USA, July 2006. ACM Press.
30. Associating Synchronization Constraints with Data in an Object-Oriented Language Mandana Vaziri, Frank Tip, and Julian Dolby. In Proceedings of the Thirty-Third Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '06), (Charleston, SC, January 2006).
31. Scalable and Flexible Error Detection, Emmanuel Geay, Eran Yahav, and Stephen Fink. PEPM 06 tools track, January 2006.
    
    2005
    
    
32. Deriving Object Typestates in the Presence of Inter-Object References. Mangala Gowri Nanda, Christian Grothoff and Satish Chandra. In Proceedings of the 19th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2005), October 2005.
33. Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection Marco Pistoia, Robert J. Flynn, Larry Koved, and Vugranam C. Sreedhar. In Proceedings of the 19th European Conference on Object-Oriented Programming (ECOOP 2005), pages 362-386, Glasgow, Scotland, UK, July 2005. Springer-Verlag.
34. Static Analysis for J2EE Role-Based Access Control Policy Validation Paolina Centonze. Master of Science degree thesis. Polytechnic University, Brooklyn, NY, May 2005.
    
    2004
    
    
35. Semi-Automatic J2EE Transaction Configuration, S. Fink, J. Dolby, and L. Colby, IBM Research Report RC23326, 2004.