The present invention relates to computer software analysis and testing.
The term “static analysis” as it relates to computer software typically refers to analysis of the instructions of a computer software application that does not rely on the run-time execution of the application. Static analysis of an application is said to be “sound” if it considers all possible application behavior relevant to the analysis. In one type of static analysis, known as data-flow analysis, a graph is determined of a computer software application's control flows, and information is gathered about the possible values of variables at various points within the application, where the graph is used to determine those parts of the application to which data assigned to a particular variable might flow.
It is well known that once an application has been statically analyzed, any changes subsequently made to the application instructions may affect the soundness of the analysis results. Thus, for example, if an application instruction is deleted, the soundness of the analysis results may be called into question if any data flows identified during the static analysis depended in any way on the deleted instruction. While reanalyzing an entire application each time changes are made to the application instructions assures continuously sound analysis results, the time and computational requirements of doing so may be great, especially for applications with large code bases.