Study on Evaluation Method of Software Testing Tools for Static Analysis
Whether the software runs reliably will directly affect the reliable operation of the system,and there is an urgent need to have means to guarantee software quality.Static analysis has been widely used in the field of software testing due to its features such as fully automatic operation,earlier implementation,no need to execute code,etc.It has become an important means to guaran-tee software quality.Testing tools can greatly improve the efficiency of software testing.At present,there are many software testing tools for static analysis,different tools have different characteristics and defect detection capabilities,and all of them have not low false positive rate and false negative rate,how to evaluate and select the testing tool has become an urgent problem to be solved.Based on the benchmark test set of CWE,and the five evaluation metrics of precision,recall,F1,CWE coverage and Overall-Score,the evaluation process of software testing tools for static analysis is elaborated.A case study was conducted using three open-source software static analysis tools,CppCheck,TscanCode,and Flawfinder,which provides guidance and reference for the evaluation and selection of software static analysis tools.
software testingstatic analysis toolautomation control softwareevaluationrecall
万方数据
维普
