Startseite > Fachgruppen > Softwaretechnik > Lehre > Designing code analyses for large-scale software systems (DECA) SS2018

Designing code analyses for large-scale software systems (DECA) SS2018


25.04.2018: The lecture on 26.04.2018 will take place at the main campus, room P5 2.03.

13.04.2018: Students under the old Prüfungsordnung will not take part in the written exam. Instead, they should schedule an oral exam in which they will be evaluated on the lectures until the 21.06 lecture (incl.), in accordance with the university regulations. All students (old and new Prüfungsordnung) have to hand in all four labs and their acceptance to the exam will depend on whether they scored >=50% on the labs.

09.04.2018: The first lecture and the first two exercise sessions will take place at the main campus, room P 5 2.03.

Course number and language


The teaching language will be English. Questions in German will be permitted.

Registering and communicating

To attend the course, you have to register in the PAUL system as a participant.

To ask questions, please use the discussion forum in KOALA, so that others can benefit from the answers as well.

If needed, we will also send updates through KOALA circulars.

Time and Place

Lectures: Thu 14:00-16:00 in F1.110

Exercises / Labs : Fri 08:00-11:00 in F1.110

The first lecture and the first two labs will take place at the university: P5 2.03

A preliminary schedule is available here.

Bring your laptops to the lab sessions.


Static code analysis has the goal of finding programming mistakes automatically, by searching for suspicious anti-patterns in a program’s code. This course will explain how to design static code analyses that are inter-procedural, i.e., consider the whole program, across procedure boundaries. Designing such analyses is challenging, as they need to handle millions of program statements efficiently and precisely. Example applications are drawn from the area of IT security. 

Course structure

Each week, two hours will be dedicated to the lecture, and three hours will be dedicated to concrete exercise classes and graded programming labs.

In the exercise sessions, you will be able to apply the notions seen during the lecture into more concrete topics, preparing you to present your knowledge (with respect to the final exam).

The goal of the programming labs is to allow you to create concrete program analyses, solving open problems on the current topic, and deepening your knowledge and understanding of the notions seen in the lecture and exercise sessions. The lab assignments will mostly be done at home, using the scheduled lab hours to answer questions on the ongoing lab.

If you have questions to the organisation of the course, the topic, the exercises, or the labs, or if you get stuck when solving the exercises or labs, please use the forum in KOALA. We try to answer on a regular basis and as soon as possible.


Graded labs:

    • During the semester, you will have to hand in four graded labs.
    • Each lab has to be handed in through KOALA, at 08:00 am, on its due date. The dates can be found here.
    • The labs will be done in groups of four.
    • Late labs will not be accepted.
    • Plagiarism will result on a 0 grade for the lab.

    Final exam:

    At the end of the course, you will have the opportunity to register for the written exam based on your lab grade:

    • If you scored below 50%, you cannot register to the exam.
    • If you scored 50% or more, you can register to the exam.
    • If you scored 70% or more, you will receive a bonus of 0.3 on your final grade.
    • If you scored 90% or more, you will receive a bonus of 0.7 on your final grade.

    This semester, the exam will exceptionally be in a written format. Students under the old Prüfungsordnung will not take part in the written exam. Instead, they will need to register for an oral exam.


    The course Software Analysis is a recommended but not required prerequisite. A mature understanding of the Java programming language and object-oriented programming will be helpful.


    Topics covered include:

    • Intra-procedural data-flow analysis
    • Call-graph construction algorithms
    • Context-insensitive inter-procedural data-flow analysis
    • Context-sensitivity using the call-strings approach
    • Value-based contexts
    • Context-sensitivity using the functional approach
    • Efficiently solving distributed problems in the IFDS and IDE frameworks
    • Current challenges in inter-procedural static program analysis

    Throughout the course and the exercice sessions, we will discuss applications to software security.

    Learning outcomes

    After having attended this course, students will have learned…

    • how to make educated design decisions when designing automated code analysis for large-scale software systems,
    • which algorithms have which properties when using them to implement static code-analyses,
    • how to design real–world code analyses for practical problem cases from the area of IT security
    • how to interpret important terminology such as context, flow, field and object sensitivity
    • how to evaluate and explain the important limitations of static code analysis
    • which typical security code analyses exist (OWASP Top 10 etc.) and how they relate to the analysis frameworks explained in the course.

    Recommended reading material

    We will not be able to provide a script for this course. We will provide powerpoint slides where available, but will develop some concepts also on the blackboard. Students are highly encouraged to take their own copies during their lecture.

    A lot of the material is also covered in the following books and papers, however, those publications present the material in a more complex manner than in the lectures, which is why they should mostly be used for deeper personal study.