Mitigating False Positive Static Analysis Warnings: Progress, Challenges, and Opportunities
Static analysis (SA) tools can generate useful static warnings to reveal the problematic code snippets in a software system without dynamically executing the corresponding source code. In the literature, static warnings are of paramount importance because they can easily indicate specific types of s...
Uloženo v:
| Vydáno v: | IEEE transactions on software engineering Ročník 49; číslo 12; s. 5154 - 5188 |
|---|---|
| Hlavní autoři: | , , , , , , , , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
New York
IEEE
01.12.2023
IEEE Computer Society |
| Témata: | |
| ISSN: | 0098-5589, 1939-3520 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Static analysis (SA) tools can generate useful static warnings to reveal the problematic code snippets in a software system without dynamically executing the corresponding source code. In the literature, static warnings are of paramount importance because they can easily indicate specific types of software defects in the early stage of a software development process, which accordingly reduces the maintenance costs by a substantial margin. Unfortunately, due to the conservative approximations of such SA tools, a large number of false positive (FP for short) warnings (i.e., they do not indicate real bugs) are generated, making these tools less effective. During the past two decades, therefore, many false positive mitigation (FPM for short) approaches have been proposed so that more accurate and critical warnings can be delivered to developers. This paper offers a detailed survey of research achievements on the topic of FPM. Given the collected 130 surveyed papers, we conduct a comprehensive investigation from five different perspectives. First, we reveal the research trends of this field. Second, we classify the existing FPM approaches into five different types and then present the concrete research progress. Third, we analyze the evaluation system applied to examine the performance of the proposed approaches in terms of studied SA tools, evaluation scenarios, performance indicators, and collected datasets, respectively. Fourth, we summarize the four types of empirical studies relating to SA warnings to exploit the insightful findings that are helpful to reduce FP warnings. Finally, we sum up 10 challenges unresolved in the literature from the aspects of systematicness, effectiveness, completeness, and practicability and outline possible research opportunities based on three emerging techniques in the future. |
|---|---|
| AbstractList | Static analysis (SA) tools can generate useful static warnings to reveal the problematic code snippets in a software system without dynamically executing the corresponding source code. In the literature, static warnings are of paramount importance because they can easily indicate specific types of software defects in the early stage of a software development process, which accordingly reduces the maintenance costs by a substantial margin. Unfortunately, due to the conservative approximations of such SA tools, a large number of false positive (FP for short) warnings (i.e., they do not indicate real bugs) are generated, making these tools less effective. During the past two decades, therefore, many false positive mitigation (FPM for short) approaches have been proposed so that more accurate and critical warnings can be delivered to developers. This paper offers a detailed survey of research achievements on the topic of FPM. Given the collected 130 surveyed papers, we conduct a comprehensive investigation from five different perspectives. First, we reveal the research trends of this field. Second, we classify the existing FPM approaches into five different types and then present the concrete research progress. Third, we analyze the evaluation system applied to examine the performance of the proposed approaches in terms of studied SA tools, evaluation scenarios, performance indicators, and collected datasets, respectively. Fourth, we summarize the four types of empirical studies relating to SA warnings to exploit the insightful findings that are helpful to reduce FP warnings. Finally, we sum up 10 challenges unresolved in the literature from the aspects of systematicness, effectiveness, completeness, and practicability and outline possible research opportunities based on three emerging techniques in the future. |
| Author | Guo, Zhaoqiang Zhou, Yuming Li, Yanhui Liu, Shiran Tan, Tingting Chen, Lin Liu, Xutong Yang, Yibiao Lai, Wei Dong, Wei |
| Author_xml | – sequence: 1 givenname: Zhaoqiang orcidid: 0000-0001-8971-5755 surname: Guo fullname: Guo, Zhaoqiang email: gzq@smail.nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 2 givenname: Tingting orcidid: 0009-0003-5290-5653 surname: Tan fullname: Tan, Tingting email: tantingting.ttt@taobao.com organization: Beijing Bytedance Network Technology Company Ltd., Beijing, China – sequence: 3 givenname: Shiran orcidid: 0000-0003-3627-0881 surname: Liu fullname: Liu, Shiran email: shiranliu@smail.nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 4 givenname: Xutong orcidid: 0000-0002-3831-5505 surname: Liu fullname: Liu, Xutong email: xryu@smail.nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 5 givenname: Wei orcidid: 0000-0002-2147-3443 surname: Lai fullname: Lai, Wei email: DZ20330011@smail.nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 6 givenname: Yibiao orcidid: 0000-0003-1153-2013 surname: Yang fullname: Yang, Yibiao email: yangyibiao@nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 7 givenname: Yanhui orcidid: 0000-0003-2282-7175 surname: Li fullname: Li, Yanhui email: yanhuili@nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 8 givenname: Lin orcidid: 0000-0003-2352-2226 surname: Chen fullname: Chen, Lin email: lchen@nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China – sequence: 9 givenname: Wei orcidid: 0000-0002-8033-7943 surname: Dong fullname: Dong, Wei email: wdong@nudt.edu.cn organization: College of Computer Science, National University of Defense Technology, Changsha, Hunan, China – sequence: 10 givenname: Yuming orcidid: 0000-0002-4645-2526 surname: Zhou fullname: Zhou, Yuming email: zhouyuming@nju.edu.cn organization: State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China |
| BookMark | eNp9kDFPwzAQhS1UJNrCzsAQiZWUsx07MVtVtYBU1EotYmCIHMcJqYIT7BSp_x5H7YAYmO50996nuzdCA9MYjdA1hgnGIO63m_mEAKETSongPD5DQyyoCCkjMEBDAJGEjCXiAo2c2wEAi2M2RO8vVVeVsqtMGSxk7XSwbpwffetg0_mxCqZG1gdXueBNWuNl7iFY26a02rm7YPYh61qbUvtemjxYtW1ju73xBO0u0XnRI69OdYxeF_Pt7Clcrh6fZ9NlqIggXUgBEx4VQsU8K0QmI54pnBSQM4kTRRRjnMgCK4hykflFrBIe8TgiMQOda6BjdHvktrb52mvXpbtmb_3ZLiXCwwHjmHoVP6qUbZyzukhV1X_YmM7Kqk4xpH2QqQ8y7YNMT0F6I_wxtrb6lPbwn-XmaKm01r_kFBiLMP0B4BiANg |
| CODEN | IESEDJ |
| CitedBy_id | crossref_primary_10_1109_ACCESS_2024_3522094 crossref_primary_10_1145_3728929 crossref_primary_10_14500_aro_12082 crossref_primary_10_1145_3660781 crossref_primary_10_1145_3696352 crossref_primary_10_1111_exsy_70094 crossref_primary_10_1109_ACCESS_2024_3503493 |
| Cites_doi | 10.1007/11547662_21 10.4108/infoscale.2007.910 10.1145/3428301 10.1109/SANER.2018.8330195 10.1145/2566486.2568024 10.1145/1414004.1414013 10.1109/SANER.2016.63 10.1109/APSEC.2016.027 10.1145/1295014.1295042 10.1016/j.infsof.2009.10.004 10.1145/1810295.1810310 10.1145/3453483.3454085 10.1145/1831708.1831738 10.1109/SANER.2016.105 10.1007/978-3-540-77505-8_23 10.1109/IWESEP.2014.17 10.1145/3097983.3098061 10.1145/2483760.2483778 10.1016/j.entcs.2008.06.039 10.1109/ICPC.2019.00040 10.1049/ic.2011.0018 10.1109/MSR.2017.2 10.1145/2103656.2103662 10.1007/s42979-021-00566-z 10.1109/ACCESS.2022.3176865 10.1007/978-3-642-01702-5_8 10.1145/1176617.1176667 10.1145/3344948.3344951 10.1145/1287624.1287633 10.1109/ICSE.2013.6606613 10.1007/11547662_15 10.1109/CESSER-IP.2019.00015 10.1145/1646353.1646374 10.1109/COMPSAC.2011.91 10.1109/SER-IP.2017..20 10.1007/978-981-10-6385-5_42 10.1007/s10664-022-10122-9 10.1109/KSE56063.2022.9953786 10.1109/MC.2012.345 10.1109/SCAM51674.2020.00035 10.1109/ICST.2010.65 10.1109/LADC.2016.25 10.1109/MSR.2019.00049 10.1109/AICCSA.2018.8612819 10.1145/3037697.3037744 10.1007/s11390-020-0525-z 10.1109/ICSE.2017.54 10.1145/3095021 10.1145/3306446.3340828 10.1109/COMPSAC.2017.201 10.1007/978-3-319-12736-1_11 10.1145/3485275 10.1145/3194095.3194100 10.1145/1555860.1555864 10.1109/SCAM.2016.25 10.1109/ISSRE.2016.45 10.1007/978-3-319-92375-8_8 10.1109/SANER.2019.8667970 10.1109/ASE.2019.00011 10.1145/1985793.1985971 10.1109/ICSE.2007.32 10.1007/s12599-023-00795-x 10.1145/1542476.1542485 10.1007/978-3-030-26601-1_1 10.1109/ISSRE.2004.1 10.1109/ICSE.2013.6606642 10.1109/SCAM55253.2022.00031 10.1007/978-3-319-69459-7_7 10.1109/ICSME.2014.97 10.1016/j.cola.2020.100979 10.1007/978-3-540-74061-2_27 10.1007/s10664-021-09948-6 10.1109/WCRE.2012.37 10.1109/SCAM.2006.22 10.1145/1108792.1108798 10.1109/SCAM55253.2022.00029 10.1109/ICSE.2003.1201189 10.1109/ISSRE.2015.7381820 10.1109/COUFLESS.2015.10 10.1109/ICST.2009.21 10.1145/2491411.2494574 10.1109/COMPSAC.2012.22 10.1109/ICST.2019.00048 10.1007/s10723-020-09510-6 10.1007/s10664-019-09750-5 10.1109/APSEC.2012.97 10.1145/1251535.1251537 10.1109/LADC48089.2019.8995685 10.1109/HPCC/SmartCity/DSS.2018.00198 10.1109/ISSRE.2019.00040 10.1145/3290353 10.1145/3439961.3439987 10.1145/3106237.3106294 10.1109/ICSM.2013.89 10.1145/3239235.3239523 10.1145/3510003.3510098 10.1109/QRS-C.2017.110 10.1007/3-540-44898-5_16 10.1109/ICST.2009.45 10.1109/ICSECOMPANION.2007.16 10.1145/1368088.1368135 10.1145/1029894.1029909 10.1109/WCRE.2013.6671303 10.1007/s10664-020-09880-1 10.1109/TSE.2023.3234206 10.1145/3505243 10.1145/3088525.3088675 10.1109/IPDPS.2019.00086 10.1109/ICSE-SEIP52600.2021.00020 10.1145/1251535.1251536 10.1109/SANER.2015.7081826 10.1145/2499393.2499399 10.1145/3213846.3213850 10.1007/s00500-019-03942-3 10.1109/sbes.2015.23 10.1145/2597073.2597100 10.1016/j.eswa.2020.114134 10.1109/MICRO.2016.7783727 10.1002/spe.2287 10.1109/TPDS.2020.3036190 10.1109/MSR.2007.26 10.1109/ICST.2011.51 10.1007/978-3-030-87007-2_21 10.1007/978-3-319-19249-9_35 10.1007/s10664-022-10118-5 10.1109/SEW.2008.17 10.1145/3236024.3264599 10.1109/MALTESQUE.2017.7882012 10.1109/ICSME46990.2020.00022 10.1145/3524610.3527899 10.1109/tr.2021.3137314 10.1145/3510003.3510214 10.1109/EDCC.2018.00020 10.1109/ESEM.2007.11 10.1145/3238147.3238213 10.1016/j.infsof.2010.12.007 10.1109/AST52587.2021.00019 10.1109/ISSREW.2014.85 10.1145/3324916 10.1007/978-3-030-04272-1_1 10.1155/2021/6660830 10.1145/3188720 10.1109/MS.2008.130 10.1109/BigData.2018.8622456 10.1109/ASE.2008.29 10.1109/SCAM.2013.6648191 10.1109/SANER.2017.7884656 10.1109/MSR.2019.00014 10.1145/2184512.2184604 10.1109/TSE.2018.2884955 10.1016/j.jss.2020.110671 10.1007/978-3-030-34175-6_7 10.1109/TSE.2006.38 10.1109/ARES.2010.108 10.1145/2786805.2786851 10.1016/j.jss.2020.110585 10.1145/3377811.3380361 10.1109/ICST.2019.00036 10.1145/1348250.1348254 10.1145/1349332.1349339 10.1109/ICSE-SEIP.2019.00014 10.1145/2568225.2568269 10.1109/COMPSAC.2006.55 10.1145/1062455.1062558 10.1007/11575467_23 10.1145/2245276.2231980 10.1145/3314058.3317295 10.1109/SCAM.2010.20 10.1145/1858996.1859013 10.1109/EDCC.2015.20 10.1145/3494521 10.1145/2660267.2660339 10.1016/j.jss.2019.110427 10.1109/TSE.2018.2876256 10.1109/ICSE.2012.6227210 10.1145/2889160.2889227 10.1145/3302424.3303972 10.1109/APSEC.2014.81 10.1109/APSEC.2013.33 10.1007/978-3-642-45293-2_6 |
| ContentType | Journal Article |
| Copyright | Copyright IEEE Computer Society 2023 |
| Copyright_xml | – notice: Copyright IEEE Computer Society 2023 |
| DBID | 97E RIA RIE AAYXX CITATION JQ2 K9. |
| DOI | 10.1109/TSE.2023.3329667 |
| DatabaseName | IEEE All-Society Periodicals Package (ASPP) 2005–Present IEEE All-Society Periodicals Package (ASPP) 1998–Present IEEE Electronic Library (IEL) CrossRef ProQuest Computer Science Collection ProQuest Health & Medical Complete (Alumni) |
| DatabaseTitle | CrossRef ProQuest Health & Medical Complete (Alumni) ProQuest Computer Science Collection |
| DatabaseTitleList | ProQuest Health & Medical Complete (Alumni) |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 1939-3520 |
| EndPage | 5188 |
| ExternalDocumentID | 10_1109_TSE_2023_3329667 10305541 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Natural Science Foundation of Jiangsu Province grantid: SBK2023022696 funderid: 10.13039/501100004608 – fundername: National Key Research and Development Program of China grantid: 2022YFB4501903 – fundername: Natural Science Foundation of China grantid: 62172205; 62072194; 62172202; 62272221; 62032019 funderid: 10.13039/501100001809 |
| GroupedDBID | --Z -DZ -~X .4S .DC 0R~ 29I 3EH 4.4 5GY 5VS 6IK 7WY 7X7 85S 88E 88I 8FE 8FG 8FI 8FJ 8FL 8G5 8R4 8R5 97E 9M8 AAJGR AARMG AASAJ AAWTH ABAZT ABFSI ABJCF ABPPZ ABQJQ ABUWG ABVLG ACGFO ACGOD ACIWK ACNCT ADBBV AENEX AETIX AFKRA AGQYO AGSQL AHBIQ AI. AIBXA AKJIK AKQYR ALLEH ALMA_UNASSIGNED_HOLDINGS ARAPS ARCSS ASUFR ATWAV AZQEC BEFXN BENPR BEZIV BFFAM BGLVJ BGNUA BKEBE BKOMP BPEOZ BPHCQ BVXVI CCPQU CS3 DU5 DWQXO E.L EBS EDO EJD FRNLG FYUFA GNUQQ GROUPED_ABI_INFORM_RESEARCH GUQSH HCIFZ HMCUK HZ~ H~9 I-F IBMZZ ICLAB IEDLZ IFIPE IFJZH IPLJI ITG ITH JAVBF K60 K6V K6~ K7- L6V LAI M0C M1P M1Q M2O M2P M43 M7S MS~ O9- OCL OHT P2P P62 PHGZM PHGZT PJZUB PPXIY PQBIZ PQBZA PQGLB PQQKQ PROAC PSQYO PTHSS PUEGO Q2X RIA RIE RNI RNS RXW RZB S10 TAE TN5 TWZ UHB UKHRP UPT UQL VH1 WH7 XOL YYP YZZ ZCG AAYXX AFFHD CITATION JQ2 K9. |
| ID | FETCH-LOGICAL-c292t-301264f9c76bf9ba46bc18f0d5a18c2c5562af1c04d9b18f7c8646742750ede03 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 12 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001125287400012&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 0098-5589 |
| IngestDate | Sun Nov 30 05:07:31 EST 2025 Sat Nov 29 03:10:27 EST 2025 Tue Nov 18 22:26:32 EST 2025 Wed Aug 27 02:24:51 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 12 |
| Language | English |
| License | https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html https://doi.org/10.15223/policy-029 https://doi.org/10.15223/policy-037 |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c292t-301264f9c76bf9ba46bc18f0d5a18c2c5562af1c04d9b18f7c8646742750ede03 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0002-8033-7943 0000-0001-8971-5755 0000-0003-2352-2226 0009-0003-5290-5653 0000-0003-3627-0881 0000-0002-3831-5505 0000-0003-1153-2013 0000-0002-4645-2526 0000-0003-2282-7175 0000-0002-2147-3443 |
| PQID | 2901201173 |
| PQPubID | 21418 |
| PageCount | 35 |
| ParticipantIDs | crossref_citationtrail_10_1109_TSE_2023_3329667 ieee_primary_10305541 proquest_journals_2901201173 crossref_primary_10_1109_TSE_2023_3329667 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-12-01 |
| PublicationDateYYYYMMDD | 2023-12-01 |
| PublicationDate_xml | – month: 12 year: 2023 text: 2023-12-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationPlace | New York |
| PublicationPlace_xml | – name: New York |
| PublicationTitle | IEEE transactions on software engineering |
| PublicationTitleAbbrev | TSE |
| PublicationYear | 2023 |
| Publisher | IEEE IEEE Computer Society |
| Publisher_xml | – name: IEEE – name: IEEE Computer Society |
| References | ref57 ref56 ref59 ref58 ref53 ref52 ref55 ref168 ref54 Heckman (ref126) 2006 ref169 ref170 ref177 ref178 ref51 ref175 ref50 ref176 ref173 ref174 ref171 ref172 ref46 ref45 ref48 ref47 ref42 ref41 ref44 ref179 ref43 ref8 ref180 ref7 ref9 ref4 ref3 ref6 ref5 ref100 Yuksel (ref61) 2014 ref101 ref40 ref186 ref184 ref185 ref182 ref183 ref35 ref34 ref37 ref36 ref31 ref148 ref30 ref149 ref33 ref146 ref32 ref147 ref39 ref38 Nguyen (ref141) 2017 ref155 ref156 ref153 ref154 ref151 ref152 ref150 ref24 ref23 ref26 ref25 ref20 ref159 ref22 ref157 ref21 ref158 ref28 ref27 ref29 ref166 ref167 ref164 ref165 ref162 ref163 ref160 ref161 ref13 ref12 ref15 ref128 ref14 ref129 ref97 ref96 ref127 ref11 ref99 ref124 ref10 ref98 ref125 ref17 ref16 ref19 ref18 ref93 ref133 ref92 ref134 ref95 ref131 ref94 ref132 ref130 ref91 ref90 ref89 ref139 ref86 ref137 ref85 ref138 ref88 ref135 ref87 ref136 ref82 ref144 ref81 ref145 ref84 ref142 ref83 ref143 ref140 ref80 ref79 ref108 ref78 ref109 ref106 ref107 ref75 ref104 ref74 ref105 ref77 ref102 ref76 ref103 ref2 ref1 ref71 ref111 ref70 ref112 ref73 ref72 ref110 ref68 ref119 ref67 ref117 ref69 ref118 ref64 ref115 ref63 ref116 ref66 ref113 ref65 ref114 Muske (ref49) 2013 ref60 ref123 ref62 ref120 ref121 |
| References_xml | – ident: ref4 doi: 10.1007/11547662_21 – ident: ref15 doi: 10.4108/infoscale.2007.910 – ident: ref142 doi: 10.1145/3428301 – ident: ref92 doi: 10.1109/SANER.2018.8330195 – ident: ref54 doi: 10.1145/2566486.2568024 – ident: ref21 doi: 10.1145/1414004.1414013 – ident: ref72 doi: 10.1109/SANER.2016.63 – ident: ref69 doi: 10.1109/APSEC.2016.027 – ident: ref17 doi: 10.1145/1295014.1295042 – ident: ref30 doi: 10.1016/j.infsof.2009.10.004 – ident: ref32 doi: 10.1145/1810295.1810310 – ident: ref130 doi: 10.1145/3453483.3454085 – ident: ref134 doi: 10.1145/1831708.1831738 – ident: ref139 doi: 10.1109/SANER.2016.105 – ident: ref8 doi: 10.1007/978-3-540-77505-8_23 – ident: ref52 doi: 10.1109/IWESEP.2014.17 – ident: ref154 doi: 10.1145/3097983.3098061 – ident: ref47 doi: 10.1145/2483760.2483778 – ident: ref20 doi: 10.1016/j.entcs.2008.06.039 – ident: ref102 doi: 10.1109/ICPC.2019.00040 – ident: ref36 doi: 10.1049/ic.2011.0018 – ident: ref83 doi: 10.1109/MSR.2017.2 – ident: ref40 doi: 10.1145/2103656.2103662 – ident: ref153 doi: 10.1007/s42979-021-00566-z – ident: ref172 doi: 10.1109/ACCESS.2022.3176865 – ident: ref23 doi: 10.1007/978-3-642-01702-5_8 – ident: ref127 doi: 10.1145/1176617.1176667 – ident: ref182 doi: 10.1145/3344948.3344951 – ident: ref13 doi: 10.1145/1287624.1287633 – ident: ref46 doi: 10.1109/ICSE.2013.6606613 – ident: ref3 doi: 10.1007/11547662_15 – ident: ref104 doi: 10.1109/CESSER-IP.2019.00015 – ident: ref133 doi: 10.1145/1646353.1646374 – ident: ref33 doi: 10.1109/COMPSAC.2011.91 – ident: ref79 doi: 10.1109/SER-IP.2017..20 – ident: ref160 doi: 10.1007/978-981-10-6385-5_42 – ident: ref184 doi: 10.1007/s10664-022-10122-9 – ident: ref175 doi: 10.1109/KSE56063.2022.9953786 – ident: ref180 doi: 10.1109/MC.2012.345 – ident: ref110 doi: 10.1109/SCAM51674.2020.00035 – start-page: 1 volume-title: Proc. 17th Int. Symp. Softw. Rel. Eng. (ISSRE) year: 2006 ident: ref126 article-title: Automated adaptive ranking and filtering of static analysis alerts – ident: ref152 doi: 10.1109/ICST.2010.65 – ident: ref70 doi: 10.1109/LADC.2016.25 – ident: ref97 doi: 10.1109/MSR.2019.00049 – ident: ref84 doi: 10.1109/AICCSA.2018.8612819 – ident: ref137 doi: 10.1145/3037697.3037744 – ident: ref109 doi: 10.1007/s11390-020-0525-z – ident: ref76 doi: 10.1109/ICSE.2017.54 – ident: ref77 doi: 10.1145/3095021 – ident: ref106 doi: 10.1145/3306446.3340828 – ident: ref82 doi: 10.1109/COMPSAC.2017.201 – ident: ref59 doi: 10.1007/978-3-319-12736-1_11 – ident: ref138 doi: 10.1145/3485275 – ident: ref86 doi: 10.1145/3194095.3194100 – ident: ref25 doi: 10.1145/1555860.1555864 – ident: ref121 doi: 10.1109/SCAM.2016.25 – ident: ref71 doi: 10.1109/ISSRE.2016.45 – ident: ref90 doi: 10.1007/978-3-319-92375-8_8 – ident: ref143 doi: 10.1109/SANER.2019.8667970 – ident: ref183 doi: 10.1109/ASE.2019.00011 – ident: ref34 doi: 10.1145/1985793.1985971 – ident: ref164 doi: 10.1109/ICSE.2007.32 – ident: ref186 doi: 10.1007/s12599-023-00795-x – ident: ref26 doi: 10.1145/1542476.1542485 – ident: ref96 doi: 10.1007/978-3-030-26601-1_1 – ident: ref124 doi: 10.1109/ISSRE.2004.1 – start-page: 1 volume-title: Proc. 17th Int. Conf. Inf. Fusion (FUSION) year: 2014 ident: ref61 article-title: Trust-based fusion of classifiers for static code analysis – ident: ref136 doi: 10.1109/ICSE.2013.6606642 – ident: ref177 doi: 10.1109/SCAM55253.2022.00031 – ident: ref75 doi: 10.1007/978-3-319-69459-7_7 – ident: ref56 doi: 10.1109/ICSME.2014.97 – ident: ref155 doi: 10.1016/j.cola.2020.100979 – ident: ref18 doi: 10.1007/978-3-540-74061-2_27 – ident: ref118 doi: 10.1007/s10664-021-09948-6 – ident: ref37 doi: 10.1109/WCRE.2012.37 – ident: ref7 doi: 10.1109/SCAM.2006.22 – ident: ref167 doi: 10.1145/1108792.1108798 – ident: ref176 doi: 10.1109/SCAM55253.2022.00029 – ident: ref179 doi: 10.1109/ICSE.2003.1201189 – ident: ref65 doi: 10.1109/ISSRE.2015.7381820 – ident: ref169 doi: 10.1109/COUFLESS.2015.10 – ident: ref28 doi: 10.1109/ICST.2009.21 – start-page: 13 volume-title: Proc. 5th Int. Conf. Adv. Syst. Testing Validation Lifecycle (VALID) year: 2013 ident: ref49 article-title: Efficient elimination of false positives using bounded model checking – ident: ref135 doi: 10.1145/2491411.2494574 – ident: ref41 doi: 10.1109/COMPSAC.2012.22 – ident: ref101 doi: 10.1109/ICST.2019.00048 – ident: ref161 doi: 10.1007/s10723-020-09510-6 – ident: ref111 doi: 10.1007/s10664-019-09750-5 – ident: ref39 doi: 10.1109/APSEC.2012.97 – ident: ref12 doi: 10.1145/1251535.1251537 – ident: ref105 doi: 10.1109/LADC48089.2019.8995685 – ident: ref156 doi: 10.1109/HPCC/SmartCity/DSS.2018.00198 – ident: ref98 doi: 10.1109/ISSRE.2019.00040 – ident: ref158 doi: 10.1145/3290353 – ident: ref108 doi: 10.1145/3439961.3439987 – ident: ref80 doi: 10.1145/3106237.3106294 – ident: ref50 doi: 10.1109/ICSM.2013.89 – ident: ref93 doi: 10.1145/3239235.3239523 – ident: ref174 doi: 10.1145/3510003.3510098 – ident: ref81 doi: 10.1109/QRS-C.2017.110 – ident: ref1 doi: 10.1007/3-540-44898-5_16 – ident: ref27 doi: 10.1109/ICST.2009.45 – ident: ref10 doi: 10.1109/ICSECOMPANION.2007.16 – ident: ref24 doi: 10.1145/1368088.1368135 – ident: ref2 doi: 10.1145/1029894.1029909 – ident: ref44 doi: 10.1109/WCRE.2013.6671303 – ident: ref145 doi: 10.1007/s10664-020-09880-1 – ident: ref178 doi: 10.1109/TSE.2023.3234206 – ident: ref151 doi: 10.1145/3505243 – ident: ref78 doi: 10.1145/3088525.3088675 – ident: ref140 doi: 10.1109/IPDPS.2019.00086 – ident: ref119 doi: 10.1109/ICSE-SEIP52600.2021.00020 – ident: ref9 doi: 10.1145/1251535.1251536 – ident: ref66 doi: 10.1109/SANER.2015.7081826 – ident: ref45 doi: 10.1145/2499393.2499399 – ident: ref88 doi: 10.1145/3213846.3213850 – ident: ref112 doi: 10.1007/s00500-019-03942-3 – ident: ref62 doi: 10.1109/sbes.2015.23 – start-page: 307 volume-title: Proc. 26th ACM SIGSOFT Int. Symp. Softw. Testing Anal. (ISSTA) year: 2017 ident: ref141 article-title: Just-in-time static analysis – ident: ref53 doi: 10.1145/2597073.2597100 – ident: ref117 doi: 10.1016/j.eswa.2020.114134 – ident: ref159 doi: 10.1109/MICRO.2016.7783727 – ident: ref68 doi: 10.1002/spe.2287 – ident: ref123 doi: 10.1109/TPDS.2020.3036190 – ident: ref14 doi: 10.1109/MSR.2007.26 – ident: ref35 doi: 10.1109/ICST.2011.51 – ident: ref116 doi: 10.1007/978-3-030-87007-2_21 – ident: ref63 doi: 10.1007/978-3-319-19249-9_35 – ident: ref185 doi: 10.1007/s10664-022-10118-5 – ident: ref131 doi: 10.1109/SEW.2008.17 – ident: ref89 doi: 10.1145/3236024.3264599 – ident: ref170 doi: 10.1109/MALTESQUE.2017.7882012 – ident: ref146 doi: 10.1109/ICSME46990.2020.00022 – ident: ref150 doi: 10.1145/3524610.3527899 – ident: ref162 doi: 10.1109/tr.2021.3137314 – ident: ref173 doi: 10.1145/3510003.3510214 – ident: ref171 doi: 10.1109/EDCC.2018.00020 – ident: ref16 doi: 10.1109/ESEM.2007.11 – ident: ref87 doi: 10.1145/3238147.3238213 – ident: ref120 doi: 10.1016/j.infsof.2010.12.007 – ident: ref114 doi: 10.1109/AST52587.2021.00019 – ident: ref55 doi: 10.1109/ISSREW.2014.85 – ident: ref165 doi: 10.1145/3324916 – ident: ref94 doi: 10.1007/978-3-030-04272-1_1 – ident: ref157 doi: 10.1155/2021/6660830 – ident: ref91 doi: 10.1145/3188720 – ident: ref132 doi: 10.1109/MS.2008.130 – ident: ref85 doi: 10.1109/BigData.2018.8622456 – ident: ref22 doi: 10.1109/ASE.2008.29 – ident: ref48 doi: 10.1109/SCAM.2013.6648191 – ident: ref74 doi: 10.1109/SANER.2017.7884656 – ident: ref144 doi: 10.1109/MSR.2019.00014 – ident: ref42 doi: 10.1145/2184512.2184604 – ident: ref115 doi: 10.1109/TSE.2018.2884955 – ident: ref147 doi: 10.1016/j.jss.2020.110671 – ident: ref103 doi: 10.1007/978-3-030-34175-6_7 – ident: ref128 doi: 10.1109/TSE.2006.38 – ident: ref29 doi: 10.1109/ARES.2010.108 – ident: ref64 doi: 10.1145/2786805.2786851 – ident: ref113 doi: 10.1016/j.jss.2020.110585 – ident: ref148 doi: 10.1145/3377811.3380361 – ident: ref100 doi: 10.1109/ICST.2019.00036 – ident: ref19 doi: 10.1145/1348250.1348254 – ident: ref11 doi: 10.1145/1349332.1349339 – ident: ref107 doi: 10.1109/ICSE-SEIP.2019.00014 – ident: ref57 doi: 10.1145/2568225.2568269 – ident: ref6 doi: 10.1109/COMPSAC.2006.55 – ident: ref125 doi: 10.1145/1062455.1062558 – ident: ref5 doi: 10.1007/11575467_23 – ident: ref38 doi: 10.1145/2245276.2231980 – ident: ref99 doi: 10.1145/3314058.3317295 – ident: ref168 doi: 10.1109/SCAM.2010.20 – ident: ref31 doi: 10.1145/1858996.1859013 – ident: ref67 doi: 10.1109/EDCC.2015.20 – ident: ref166 doi: 10.1145/3494521 – ident: ref58 doi: 10.1145/2660267.2660339 – ident: ref95 doi: 10.1016/j.jss.2019.110427 – ident: ref149 doi: 10.1109/TSE.2018.2876256 – ident: ref163 doi: 10.1109/ICSE.2012.6227210 – ident: ref73 doi: 10.1145/2889160.2889227 – ident: ref129 doi: 10.1145/3302424.3303972 – ident: ref60 doi: 10.1109/APSEC.2014.81 – ident: ref51 doi: 10.1109/APSEC.2013.33 – ident: ref43 doi: 10.1007/978-3-642-45293-2_6 |
| SSID | ssj0005775 ssib053395008 |
| Score | 2.4845707 |
| Snippet | Static analysis (SA) tools can generate useful static warnings to reveal the problematic code snippets in a software system without dynamically executing the... |
| SourceID | proquest crossref ieee |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 5154 |
| SubjectTerms | Codes Computer bugs defects Empirical analysis false positives Maintenance costs Performance evaluation Software Software development Software quality software quality assurance Source code Static analysis static analysis tools Static warnings Surveys |
| Title | Mitigating False Positive Static Analysis Warnings: Progress, Challenges, and Opportunities |
| URI | https://ieeexplore.ieee.org/document/10305541 https://www.proquest.com/docview/2901201173 |
| Volume | 49 |
| WOSCitedRecordID | wos001125287400012&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVIEE databaseName: IEEE Electronic Library (IEL) customDbUrl: eissn: 1939-3520 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0005775 issn: 0098-5589 databaseCode: RIE dateStart: 19750101 isFulltext: true titleUrlDefault: https://ieeexplore.ieee.org/ providerName: IEEE |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3NS8MwFA86PHhxfuJ0Sg5eBLulzdI03mRseNA5cOLAQ2lfExlIN_b195uXtn4gCt4CTULJS15-Sd77_Qi5SAOEFVniiQhJtVNj_SAABlOZINQMuNFOteRODgbReKyGZbK6y4XRWrvgM93ConvLz6awwquytu8IrTBNfVPKsEjW-oznkFJUBJlCRKp6k2SqPXrstVAmvMV5YOG9_LYHOVGVH57YbS_9-j9_bJfslDiS3hSG3yMbOt8n9UqjgZZL9oC83E8KFo38lfbtVNN06MK01poizpwArWhJ6HNxSbK4pkMM2rIu8Ip2K60VW07yjD7MEK-vcsfDekie-r1R99YrBRU8CFSw9OxitvjHKJBhalSadMIU_MiwTCR-BAEIC4YS4wPrZCq1HyREIaqRIAe8zjTjR6SWT3N9TKg9WPLEVyKLfGMtbB0DDzkzwKQCJrRukHY1xDGUbOMoevEWu1MHU7E1SoxGiUujNMjlR4tZwbTxR91DNMKXesX4N0izMmNcrsVFjC_FCHMkP_ml2SnZxt6LKJUmqS3nK31GtmC9nCzm526avQPzVM7k |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1bS8MwFA4yBX1xXiZOp-bBF8FtadM0jW8yNiZuc-DEgQ-lTRMZSDd2-_3mpK0XRMG3QBNScpKTL8k534fQZewCrEiiOguAVDvWxg9KCcFU2vUVkVQrq1rS44NBMB6LYZ6sbnNhlFI2-Ew1oGjf8pOpXMFVWdOxhFaQpr7JPM8lWbrWZ0QH56ygyGQsEMWrJBHN0WO7AULhDUpdA_D5t13Iyqr88MV2g-mU__lre2g3R5L4NjP9PtpQ6QEqFyoNOF-0h-ilP8l4NNJX3DGTTeGhDdRaKwxIcyJxQUyCn7NrksUNHkLYlnGC17hVqK2YcpQm-GEGiH2VWibWCnrqtEetbj2XVKhLV7jLulnOBgFpIbkfaxFHnh9LJ9AkYZETSFcyA4ci7UjiJSI2H7gMfNAjARZ4lShCj1ApnabqGGFztKSRI1gSONrY2LgG6lOiJeFCEqZUFTWLIQ5lzjcOshdvoT13EBEao4RglDA3ShVdfbSYZVwbf9StgBG-1MvGv4pqhRnDfDUuQngrBqDD6ckvzS7QdnfU74W9u8H9KdqBnrKYlRoqLecrdYa25Ho5WczP7ZR7B-DO0is |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Mitigating+False+Positive+Static+Analysis+Warnings%3A+Progress%2C+Challenges%2C+and+Opportunities&rft.jtitle=IEEE+transactions+on+software+engineering&rft.au=Guo%2C+Zhaoqiang&rft.au=Tan%2C+Tingting&rft.au=Liu%2C+Shiran&rft.au=Liu%2C+Xutong&rft.date=2023-12-01&rft.issn=0098-5589&rft.eissn=1939-3520&rft.volume=49&rft.issue=12&rft.spage=5154&rft.epage=5188&rft_id=info:doi/10.1109%2FTSE.2023.3329667&rft.externalDBID=n%2Fa&rft.externalDocID=10_1109_TSE_2023_3329667 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0098-5589&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0098-5589&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0098-5589&client=summon |