Detecting software defects in telecom applications through lightweight static analysis: A war story

Abstract. In safety-critical and high-reliability systems, software development and maintenance are costly endeavors. The cost can be reduced if software er-rors can be identied through automatic tools such as program analyzers and compile-time software checkers. To this effect, this paper describes the architec-ture and implementation of a software tool that uses lightweight static analysis to detect discrepancies (i.e., software defects such as exception-raising code or hid-den failures) in large commercial telecom applications written in Erlang. Our tool, starting from virtual machine bytecode, discovers, tracks, and propagates type in-formation which is often implicit in Erlang programs, and reports warnings when a variety of type errors and other software discrepancies are identied. Since the analysis currently starts from bytecode, it is completely automatic and does not rely on any user annotations. Moreover, it is effective in identifying software de-fects even in cases where source code is not available, and more specically in legacy software which is often employed in high-reliability systems in operation, such as telecom switches. We have applied our tool to a handful of real-world applications, each consisting of several hundred thousand lines of code, and de-scribe our experiences and the effectiveness of our techniques