Issue No. 03 - May-June (2012 vol. 10)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.30
Cristina Cifuentes , Oracle Labs
Nathan Keynes , Oracle Labs
Lian Li , Oracle Labs
Nathan Hawes , Oracle Labs
Manuel Valdiviezo , Oracle Labs
The Parfait static-code-analysis tool started as a research project at Sun Labs (now Oracle Labs) to address runtime and precision shortcomings of C and C++ static-code-analysis tools. After developers started to see and verify the research outcomes, they made further requests to ensure the tool would be easy to use and integrate. This helped transition Parfait from a research artifact to a developer tool. Developers use Parfait daily to prevent the introduction of defects into code bases and to report defects in existing code. Several organizations at Oracle have integrated it into build processes.
static code analysis, bug checking, program analysis, experience report, Project Parfait, Parfait Server, computer security
N. Keynes, M. Valdiviezo, L. Li, C. Cifuentes and N. Hawes, "Transitioning Parfait into a Development Tool," in IEEE Security & Privacy, vol. 10, no. , pp. 16-23, 2012.