Incremental Support of Static Analysis Code in VisuFlow

Master Thesis

Thesis description:

In order to resolve security flaws in applications, organizations must be able to identify the broadest possible array of potentially exploitable vulnerabilities. One of the primary methods to accomplish this is static analysis. Writing an analysis is hard, as it requires thorough knowledge about both the code to be analyzed and the code of the analysis.

To support analysis writers, we have developed VisuFlow, a framework that helps writing and debugging static analyses in the Eclipse IDE. In this framework, the user has access to the analysis code, the target code (the code that is being analyzed), and graph representations of the analysis. Static analyses can take a long time to fully terminate: minutes to hours to days according to the size of the analyzed code. To support analysis writers in their IDE, we cannot afford to re-run the entire analysis at each change in the analysis code. Incremental analysis accelerates the analysis process, by only recomputing the parts that changed.

In this thesis, you will be introducing incremental support to the VisuFlow framework so that changes to the analysis code are reflected immediately in the UI. You will implement your changes on top of VisuFlow and evaluate their efficiency.


    • Good understanding of the Java language.
    • Experience with software design and efficient programming.
    • Prior knowledge of Eclipse plugin development is helpful, but not required.
    • Prior knowledge of static analysis is helpful, but not required.


    The thesis will be written in English.

    Learning outcomes:

    • Assimilate and apply knowledge from relevant literature.
    • Plan, implement and document an independent project.
    • Eclipse plugin development.
    • UI design.
    • Basics of data-flow analysis.


    Lisa Nguyen (

    Stefan Krüger (