Master Thesis - The Costs and Benefits of Acting on Program Analysis Results
- Scheelevägen, Lund, Sweden
- Legal Entity: Robert Bosch AB
Welcome to a world, where your ideas lead to something big. Welcome to Bosch!
Do you want beneficial technologies being shaped by your ideas? Whether in the areas of mobility solutions, consumer goods, industrial technology or energy and building technology – with us, you will have the chance to improve quality of life all across the globe. In Lund we develop products for automotive, ebike and IoT, Lund is a software center within Bosch and we are around 180 engineers working with different products for tomorrow´s automotive industry. Welcome to Bosch!
Program analyzers aim to assist software developers by finding issues in their code. However, over the last couple of years an increasing number of studies have found several usability issues with these tools concerning false positives, incomprehensible results, too many results, and bad workflow integration. One approach to deal with the usability issues with program analysis, is to collect usability feedback and let
maintainers of the system adapt analyzers. Tricorder, Shipshape, and Tricium are meta-analyzer systems which themselves do not analyze code, but operate on a meta-analyzer level; they provide an infrastructure for running analyzers, support integrating the results of the analyzers, and collect feedback in order to help analyzer authors make improvements. Recently a meta-analyzer system called MEAN (MEta ANalyzer) has been implemented and released as open-source. It is designed to be tool-stack agnostic to facilitate integration at other companies.
Proposed solution and scope of the master thesis project
The preliminary structure of the project is made up of three parts:
a. Study an initial phase inspecting the current use of program analysis tools at Bosch. Compile a list of the tools used at Bosch Lund within different groups. This should be followed by an investigation of how MEAN could be integrated into the tool stack at Bosch.
b. Design a design and implementation phase where the main aim is to deploy the existing analysis results at Bosch via the MEAN system and gather data on what developers find useful. A study of the use of program analysis results via MEAN is to be followed.
c. Evaluation an evaluation phase conducting a user study with software architects, where the developed prototype is evaluated and compared to current practice.
This is a 2 person’s master thesis. The location is at Bosch office in Lund and it is preferred that the students are doing the master thesis at Bosch office so the Bosch team can support.
Tricium - Tricorder for Chromium: https://bit.ly/tricium-early-design
Why Don’t Software Developers Use Static Analysis Tools to Find Bugs?: https://bit.ly/3dSoMgj