Web applications built on numerous layers of frameworks are in wide usage by the commercial and research communities, and present a challenge to existing analysis techniques. Purely static analyses suffer problems of insufficient scalability and/or insufficient precision for answering behavioral questions. Purely dynamic analyses introduce too much overhead in production systems, or are too limited in the information gathered. Further, while existing dynamic performance analyses focus on control flow, the main purpose of these web applications is to manipulate data. This proposal addresses these weaknesses by blending static and dynamic analyses in new ways that avoid these problems and support tools for framework-intensive applications. The intellectual challenge is to advance the state-of-the-art in program analysis by developing analyses of practical cost and of sufficient precision to scale up to industrial-strength framework-intensive software.
The research will address two specific sub goals: (i) the design of and experimentation with blended analyses that identify performance problems in framework-based applications, (e.g., excessive use of temporary data structures), and (ii) the development of a blended analysis to refine current access control analyses for framework-intensive software.