CSCE 689: Fundamentals of Software Analysis

Spring 2018 -- Jeff Huang

  • Location: THOM 107A
  • Time: TR 3:55p-5:10p
  • Credits: 3
  • Instructor: Jeff Huang
  • Office: HRBB 416
  • Office Hours: By appointment
Course Schedule

Assignments and Project

  • [25/04] Final Exam: May 7th, 1-3pm, THOM 107A.
  • [01/23] Please go to Google Classroom for all class activities.
  • [01/23] Project proposal due date changed to Feb 5th.
  • [01/16] Welcome to CSCE 689! See course overview slides.

Course Description

The goal of this course is to introduce how various analysis techniques can be used to manage the quality of a software application. Students will acquire fundamental knowledge of program abstraction, features, verification, testing, debugging, concurrency, reliability, security, and fault detection. The course will also discuss how to carry out the empirical experimentation for program analysis. Wherever applicable, concepts will be complemented by tools developed in academia and industry. This enables students to understand the maturity and limitations of various analysis techniques.

For details, please go to the Course Schedule page and the Course Readings page.

Course Goal

The intent of this course is to offer the in-depth introduction to graduate students on a wide range of software analysis concepts and techniques. The topics can be explored at different levels of depths depending on the interests of the class. The content of the course is roughly divided into two general themes: program representation and program analysis. Following the first theme, we study different abstractions, representations, and interpretations of a software program itself. Following the second, we study how analysis techniques and algorithms can help interpret the runtime meaning of the program and, in turn, help us monitor and improve the quality of the software programs.

If you are interested in doing research in the area of software analysis, this course can help you get started; if you are currently involved in research in other areas such as operating system, networking, security, and database, this course can help you apply the techniques learned in this course to your research area.

Workload and Evaluation

This course will have homework assignments, paper readings and presentations, a final exam and a final project. The following grading policy will be used:

90-100: A
80-89: B
70-79: C
60-69: D
<60: F

Class participation: 10%
Paper review and presentation: 10%
Assignment: 15%
Final exam: 15%
Final project: 50%

Late Policy: Late submission will have 2% penalty for each hour after the due time.


We'll have three homework assignments. These assignments will help you understand some basic principles of program analysis. Checkout more details at Assignment and Project.

Paper Presentation

We will discuss a few important research papers selected from top programming language, software engineering, and computer systems conferences. For each paper, one student will be the designated presenter and start off the discussions. Each presentation should be within 20 minutes to cover the following key points of the paper:

Everyone is expected to read all papers that will be discussed and participate actively in the discussions. Course participants will be able to indicate their preferences for papers that they want to present, and an effort will be made to respect everyone's preferences.

You are required to write a short summary for each paper you read. The summary can include:

The summaries are to be done individually and each summary is due before the midnight prior to the corresponding lecture (submit on Google Classroom).


The final project is the key of this course. It is essentially a mini research project that may involve building a new system, designing a new algorithm, improving an existing technique, applying an existing technique to a new domain, or performing a large case study. You are encouraged to come up with a topic of your own, which I'll help refine; alternatively, you can choose one of the projects I suggest. You must work on your project individually. The tentative timeline of the project is as follows:


There are no formal prerequisites, but it will help to have some background in programming languages, compilers, software engineering, and/or operating systems in general; and program analysis, parallel/concurrent programming, and/or software reliability in particular.


The enrollment is open to PhD and MS students. If you are an undergraduate and would like to take the course, please email the instructor for special permission.


All relevant materials will be made available online. See Course Syllabus.

There is no required textbook, but the following two books are recommended:

  • Nielson, Nielson, and Hankin. Principles of Program Analysis (PPA). ISBN 3- 540-65410-0. Published by Springer, 2005
  • Alfred V. Aho. Monica S. Lam. Ravi Sethi. Jeffrey D. Ullman. "Dragon Book" -- Compilers: Principles, Techniques, and Tools (2nd Edition). ISBN-13: 978-0321486813. Published by Addison-Wesley, 2006.
  • Ethics & Academic Integrity

    We will study/discuss threats and attacks in the class/lab. You should be fully aware of ethics when studying these techniques. If in any context you are not sure about where to draw the line, come talk to me first.

    "An Aggie does not lie, cheat, or steal or tolerate those who do." For additional information, please visit:

    Upon accepting admission to Texas A&M University, a student immediately assumes a commitment to uphold the Honor Code, to accept responsibility for learning, and to follow the philosophy and rules of the Honor System. Students will be required to state their commitment on examinations, research papers, and other academic work. Ignorance of the rules does not exclude any member of the TAMU community from the requirements or the processes of the Honor System.

    Americans with Disabilities Act (ADA) Statement

    The Americans with Disabilities Act (ADA) is a federal anti-discrimination statute that provides comprehensive civil rights protection for persons with disabilities. Among other things, this legislation requires that all students with disabilities be guaranteed a learning environment that provides for reasonable accommodation of their disabilities. If you believe you have a disability requiring an accommodation, please contact Disability Services, in Cain Hall, Room B118, or call 845-1637. For additional information visit

    Tentative schedule

    Week Date Topic Readings Speakers
    1 01/16 Overview Dr. Huang
    01/18 Static and Dynamic Analyses Coverity, AddressSanitizer, Static and Dynamic analysis Dr. Huang
    2 01/23 Syntax, Grammar, Parsing Dragon book (Ch 4-5) Dr. Huang
    01/25 Program Analysis Frameworks Soot, WALA, LLVM, Pin Dr. Huang
    3 01/30 Data-flow Analysis PPA (Ch 2) Dr. Huang
    4 02/06 Proposal Presentation
    02/08 Pointer Analysis Points-to Tutorial Dr. Huang
    5 02/13 Call Graph Construction Call Graph Tutorial Dr. Huang
    02/15 Symbolic Execution Symbolic Execution: Three Decades Later, KLEE Dr. Huang
    6 02/20 Taint Analysis Dynamic Taint Analysis and Forward Symbolic Execution Dr. Huang
    02/22 Concurrency Concurrency bug study Dr. Huang
    7 02/27 Paper Presentation FastTrack Jianan
    03/01 RaceFuzzer, Sequential-Consistency Huiqing, Luna
    8 03/06 DART, Automatic Exploit Generation Yangyong, Aniket
    03/08 DataCollider, Data Flow Integrity Brad, Jiayi
    9 03/13 Spring Break
    10 03/20 Project Progress Report Action time!
    11 03/27 Paper Presentation Object-Sensitivity, Compiler Bug Finding Yanze, Mengnan
    03/29 Delta Debugging, Statistical Debugging Zhiqiu, Sid
    12 04/03 Veritesting, Spectre Peiming, Yash
    04/05 Project Week Happy hacking!
    13 04/10
    14 04/17 Final Project Presentation Exciting project demos! Aniket, Yangyong, Brad
    04/19 Luna, Peiming
    15 04/24 Sid, Zhiqiu, Yanze, Jiayi
    04/26 Huiqing, Yash, Jianan, Mengnan
    16 05/01 Course review