KR101996878B1 - Method for evaluating tool for analyzing program and apparatus thereof - Google Patents

Abstract

The present invention provides a method for evaluating a static analysis tool and an apparatus thereof. According to one embodiment of the present invention, provided is a tool evaluation apparatus for evaluating a static analysis tool, which comprises: a memory storing one or more template codes; and a control unit generating a test code based on the template code, and generating a benchmark set including at least one of the test code, a correct answer to the test code, and an incorrect answer to the test code.

Description

[0001] METHOD FOR EVALUATING TOOL ANALYZING PROGRAM AND APPARATUS THEREOF [0002]

The embodiments disclosed herein relate to a method and apparatus for evaluating a static analysis tool, and more particularly to a method and apparatus for evaluating a static analysis tool to improve the accuracy of a static analysis tool for detecting a weakness of a source code ≪ / RTI >

In software development, source code can have potential execution errors and security weaknesses. In particular, it is difficult to easily identify errors or weak points in the source code even if they are designed and developed according to the software development process and then tested. Therefore, static analysis has been proposed as a technique for more easily finding errors or weak points existing in the source code.

Static analysis refers to a technique that predicts program behavior by analyzing computer program source code without executing it. Static analysis is widely used as security and quality inspection tool of software.

The quality of the static analysis tool is becoming important, and how much static and false is less in the results of the static analysis tool is measured to measure the quality of the static analysis tool. The static analysis tool may detect the point of the code where the weakness occurs during actual execution, but may not detect it or may detect the point where the actual weak point does not occur. Detecting a point of a code where a weak point occurs during actual execution is called "spying", detecting a point of a code where a weak point occurs is called a "detect", and detecting a point where a weak point does not occur is detected as a weak point This is called "false positives", and it is good statistical analysis tool to have a small number of false positives and false positives in the detection results.

To this end, a 'benchmark set' for evaluating static analysis tools is proposed. Benchmark sets are constructed by collecting examples where weaknesses are detected, or by manually modifying test codes and writing them with correct / incorrect code . As described above, there are problems in that it is difficult to accurately evaluate a static analysis tool because it is difficult to create various examples according to the conventional technology for constituting a benchmark set.

Korean Patent Application No. 10-2010-0057732, which is a prior art document, discloses an apparatus and a system for integrally managing the plurality of static analysis tools in an environment using a plurality of program static analysis tools, Is not solving the problem.

Therefore, a technique for solving the above-described problems is required.

On the other hand, the background art described above is technical information acquired by the inventor for the derivation of the present invention or obtained in the derivation process of the present invention, and can not necessarily be a known technology disclosed to the general public before the application of the present invention .

The embodiments disclosed herein are aimed at providing a method and apparatus for evaluating static analysis tools.

The embodiments disclosed herein also aim to provide a method and apparatus for evaluating static analysis tools that can automatically generate test codes with correct / incorrect answers.

It is also an object of the presently disclosed embodiments to provide a method and apparatus for evaluating a static analysis tool capable of automatically generating test codes according to various programming language elements.

It is also an object of the present invention to provide a method and apparatus for evaluating a static analysis tool capable of automatically generating a plurality of test codes.

According to an embodiment of the present invention, there is provided a tool evaluation apparatus for evaluating a static analysis tool, comprising: a memory for storing at least one template code; and a test code generation unit for generating a test code based on the template code And a control unit for generating a benchmark set including at least one of the test code, the correct answer to the test code, and an incorrect answer to the test code.

According to another embodiment, there is provided a method for evaluating a static analysis tool of a tool evaluation apparatus, comprising the steps of: generating a test code based on a template code; and generating the test code, correct answer to the test code, Generating a set of benchmarks that includes at least one of:

According to yet another embodiment, there is provided a computer-readable medium having recorded thereon a program for performing a method for evaluating a static analysis tool, the method comprising: generating a test code based on a template code; Generating a set of benchmarks including at least one of a correct answer to the test code and an incorrect answer to the test code.

A computer program stored in a medium for performing a method for evaluating a static analysis tool, the method being performed by an evaluation apparatus of a static analysis tool, the method comprising: generating a test code based on a template code; Generating a set of benchmarks comprising at least one of a code, a correct answer to the test code and an incorrect answer to the test code.

According to any one of the above-mentioned problem solving means, a method and apparatus for evaluating a static analysis tool can be presented.

In addition, embodiments disclosed herein may provide a method and apparatus for evaluating static analysis tools that can automatically generate test codes with correct / incorrect answers.

The embodiments disclosed herein may also provide a method and apparatus for evaluating static analysis tools capable of automatically generating test codes according to various programming language elements.

In addition, the embodiments disclosed in the present specification can suggest a method and apparatus for evaluating a static analysis tool capable of automatically generating a plurality of test codes.

The effects obtained in the disclosed embodiments are not limited to the effects mentioned above, and other effects not mentioned are obvious to those skilled in the art to which the embodiments disclosed from the following description belong It can be understood.

1 and 2 are block diagrams illustrating a tool evaluation apparatus according to an embodiment.
3 is an exemplary view for explaining a tool evaluating apparatus.
4 to 5 are flowcharts for explaining a tool evaluation method according to an embodiment.

Various embodiments are described in detail below with reference to the accompanying drawings. The embodiments described below may be modified and implemented in various different forms. In order to more clearly describe the features of the embodiments, detailed descriptions of known matters to those skilled in the art are omitted. In the drawings, parts not relating to the description of the embodiments are omitted, and like parts are denoted by similar reference numerals throughout the specification.

Throughout the specification, when a configuration is referred to as being "connected" to another configuration, it includes not only a case of being directly connected, but also a case of being connected with another configuration in between. In addition, when a configuration is referred to as "including ", it means that other configurations may be included, as well as other configurations, as long as there is no specially contradicted description.

Hereinafter, embodiments will be described in detail with reference to the accompanying drawings.

1 is a block diagram illustrating a tool evaluation apparatus for evaluating a static analysis tool according to an embodiment.

The tool evaluation apparatus 100 may generate a test code for evaluating a static analysis tool.

The tool evaluation apparatus 100 may be implemented as an electronic terminal in which an application is installed, or may be implemented in a server-client system, and the system may include an electronic terminal equipped with a client for interaction with a user.

The electronic terminal can be implemented as a computer, a portable terminal, a television, a wearable device, or the like, which can be connected to a remote server through a network N or to be connected to other terminals and servers. Here, the computer includes, for example, a notebook computer, a desktop computer, a laptop computer, and the like, each of which is equipped with a web browser (WEB Browser), and the portable terminal may be a wireless communication device , Personal Communication System (PCS), Personal Digital Cellular (PDC), Personal Handyphone System (PHS), Personal Digital Assistant (PDA), Global System for Mobile communications (GSM), International Mobile Telecommunication (IMT) (W-CDMA), Wibro (Wireless Broadband Internet), Smart Phone, Mobile WiMAX (Mobile Worldwide Interoperability for Microwave Access) (Handheld) based wireless communication device. In addition, the television may include an Internet Protocol Television (IPTV), an Internet television (TV), a terrestrial TV, a cable TV, and the like. Further, the wearable device is an information processing device of a type that can be directly worn on a human body, for example, a watch, a glasses, an accessory, a garment, shoes, and the like. The wearable device can be connected to a remote server via a network, Lt; / RTI >

The server may be implemented as a computing device capable of communicating with an electronic terminal equipped with a client for interacting with a user via a network, and may include a storage device capable of storing data or a third server (not shown) Data can be stored.

1, the tool evaluation apparatus 100 may include an input / output unit 110, a control unit 120, a communication unit 130, and a memory 140, as shown in FIG.

The input / output unit 110 may include an input unit for receiving an input from a user, and an output unit for displaying information such as a result of a task or a state of the tool evaluation apparatus 100. For example, the input / output unit 110 may include an operation panel for receiving user input and a display panel for displaying a screen.

In particular, the input unit may include devices capable of receiving various types of user input, such as a keyboard, a physical button, a touch screen, a camera or a microphone. Also, the output unit may include a display panel or a speaker. However, the present invention is not limited to this, and the input / output unit 110 may include various input / output support structures.

The control unit 120 controls the overall operation of the tool evaluation apparatus 100 and may include a processor such as a CPU. The control unit 120 may control other components included in the terminal 100 to perform an operation corresponding to the user input received through the input /

For example, the control unit 120 may execute a program stored in the memory 140, read a file stored in the memory 140, or store a new file in the memory 140. [

The controller 120 includes a code generator 210, an aggregator 220, and a quality estimator 230, which will be described below with reference to FIG.

The communication unit 130 can perform wired / wireless communication with another device or a network. To this end, the communication unit 130 may include a communication module supporting at least one of various wired / wireless communication methods. For example, the communication module may be implemented in the form of a chipset.

The wireless communication supported by the communication unit 130 may be Wi-Fi (Wireless Fidelity), Wi-Fi Direct, Bluetooth, UWB (Ultra Wide Band), NFC (Near Field Communication), or the like. The wired communication supported by the communication unit 130 may be, for example, USB or High Definition Multimedia Interface (HDMI).

Various types of data such as files, applications, programs, and the like can be installed and stored in the memory 140. [ The control unit 120 may access the data stored in the memory 140 and use the data or store the new data in the memory 140. [ Also, the control unit 120 may execute a program installed in the memory 140. [ Referring to FIG. 1, a program for performing a tool evaluation method may be installed in the memory 140.

In the memory 140, at least one of a weak point table, a schema table, and a code table may be stored.

According to one embodiment, upon receiving an input requesting evaluation of a static analysis tool from a user through the input / output unit 110, the control unit 120 executes a program stored in the memory 140 to perform evaluation of the static analysis tool do.

2 is a block diagram showing the control unit 120 shown in FIG.

The control unit 120 may include a code generation unit 210.

In addition, the control unit 120 may further include an aggregation generation unit 220 and a quality evaluation unit 230.

The set generation unit 220 may generate a set of benchmarks including at least one of a test code generated by the code generation unit 210, a correct answer to the test code, and an incorrect answer to the test code.

The quality evaluation unit 230 executes the static analysis tool based on the benchmark set and detects at least one of a hit and a false that is detected by the static analysis tool.

For example, the quality evaluation unit 230 executes a static analysis tool for a test code belonging to a benchmark set, and detects a hit or a false detection of the static analysis tool based on the detected correct answer or wrong answer.

The quality evaluation unit 230 can evaluate the quality of the static analysis tool based on the number of detected or missed detections and can also give a score according to the evaluation. According to one embodiment, the quality evaluating unit 230 may evaluate the static analysis tool as a better static analysis tool as the detection result is smaller.

Meanwhile, the code generation unit 210 may generate a test code for applying the static analysis tool.

According to one embodiment, the code generation unit 210 may generate a test code based on the template code.

Here, 'template code' means source code including 'code variable', and can be determined according to a schema to be described later. 'Code variable' means code that can have weaknesses.

For example, the template code shown in Table 1 below is a code for detecting a security weakness called command injection, and includes a code variable written in the form of $ {...}.

[Table 1]

According to one embodiment, the code generation unit 210 can search for a code variable in the template code, and generate the 'intermediate code' by replacing the found code variable with the replacement code.

For the template code described in Table 1, the code generator 210 can search for '$ {source}' and '$ {control}' as code variables.

The code generation unit 210 can generate a test code by replacing the code variable with an alternative code.

For example, each of the code variables listed in Table 1 implements the replacement code corresponding to each of the code variables as a replacement table, as described in Table 2 below.

[Table 2]

Therefore, the code generation unit 210 can generate the intermediate code by referring to the substitution code of Table 2 for the code variable in Table 1, and thereby obtain the final test code as described in Table 3 below.

However, since the code variable may exist in the intermediate code when the intermediate code is generated, the code generation unit 210 searches for the code variable in the intermediate code until the code variable does not exist in the intermediate code, , And such repetition can continue until there are no code variables in the replacement code. The code generation unit 210 can finally determine the intermediate code having no code variable as the test code.

As shown in the following Table 3, the code generation unit 210 can detect a code variable '$ {control}' in a first-order substituted code code, and as a result of substituting the code variable, Lt; / RTI > Similarly, the code generation unit 210 detecting the code variable '$ {bad_move}' in the secondary intermediate code can generate the intermediate code by replacing the code variable with the replacement code, The intermediate code can be determined as the final test code.

[Table 3]

On the other hand, there may be a plurality of replacement codes corresponding to the code variable. That is, the code table can be configured so that there are a plurality of substitution codes corresponding to the code variable, so that alternative codes can exist so that one code variable can express several cases. Therefore, if a plurality of replacement codes corresponding to one code variable exist, test codes for various programming language elements can be systematically generated through a combination of a plurality of replacement codes.

For example, as shown in Table 4 below, there may be two alternative codes for each of the code variables in Table 1 and thus four test codes may be generated. Table 3 shows one test code, whereas Table 4 shows that four test codes can be derived to generate test codes that use various programming language elements.

[Table 4]

Static analysis tools, for example, are good at detecting code that does not use arrays, but using arrays alone can lead to poor detection. In addition, static analysis tools, for example, have a method for allocating memory in C language such as malloc, calloc function, etc. When using malloc, the tool can detect well, and when using calloc, the tool may not detect it well. The code generating unit 210 can generate the test codes variously as described above to more accurately determine the detection performance of the static analysis tool.

On the other hand, the code generation unit 210 can detect whether there is a category matching the code variable. At this time, 'category' is condition information that serves as a selection criterion among substitute codes matching code variables.

Therefore, if there is a category matching the code variable, the code generating unit 210 may select an alternative code matching the code variable based on the category, and generate a test code based on the selected replacement code.

That is, the code generation unit 210 may select only the replacement code having the predetermined category among the replacement codes matching the code variable, and generate the test code based on the selected replacement code.

As shown in Table 5 below, there is a category-matching alternative code. For example, if the category of 'str_external' is selected, the replacement code of the first and second tables of Table 5 is changed to the code variable 'source' And there is no category for the remaining code variables. According to the template code in Table 1, two alternative codes are generated by the code variable 'source', two replacement codes are generated by 'control', and 'bad_move' There is one alternative code, so a total of four test codes can be generated. Accordingly, alternative codes can be created in various combinations and the combinations can be selected.

[Table 5]

 Meanwhile, one pattern to be generated is called a 'schema'. The 'schema' may have a code table corresponding to the template code and the template code.

That is, as shown in Table 6. The schema 'default' can have three template codes, and each template code has a matching code table. Also, the schema 'no_complextity' can have one template code, and the template code is 'basic.c' and has the same code as 'basic.c' of 'default' or a code table different from 'default'.

[Table 6]

Accordingly, the code generation unit 210 can determine the template code according to the schema matching the weak point, and generate the test code based on the code table corresponding to the template code.

If there are a plurality of template codes corresponding to the schema, the code generation unit 210 generates a test code based on the selected template code by selecting an arbitrary template code among a plurality of template codes, You can generate test code.

The code generation unit 210 can generate a test code based on a schema corresponding to the weak point when a predetermined weak point is selected by the user.

As shown in the following Table 7, the schemas are matched according to weak points, and the categories are matched according to the schema. Accordingly, the code generation unit 210 can generate a test code based on the template code and the category corresponding to the schema.

[Table 7]

At this time, a table for generating a test code may be stored in the memory 140, and 'weak point table', 'schema table', and 'code table' may be stored.

The weakness table can be stored by matching the schema and the category corresponding to the weakness. Also, the 'schema table' can store and store the template codes and code tables to be used for each schema. Also, the 'code table' may store replacement codes corresponding to the code variables, and the categories may be further matched.

3 is an exemplary diagram for explaining a tool evaluation apparatus and is a diagram for explaining a table for operation of the tool evaluation apparatus.

As shown in FIG. 3, there may be one or more schemas matching the weakness table 310, and there may be at least one schema table 320 matching the schemes.

Each schema table 320 has a matching code table 330 and the code table 330 includes a global 331, a control 332, data 333, a source 333, 334, and a sink 335. In one embodiment, The global table defines weak initialization code. The control table defines a code template that applies control complexity. The data table defines a code template that applies data complexity. The cause point table defines the cause point code, and the point of origin table defines the point code of occurrence.

As a result, the code generating unit 210 determines a schema and a category corresponding to the weak point when acquiring a request for detecting a weak point from the user, and refers to the code table based on the template code corresponding to the category and the schema You can generate test code.

4 and 5 are flowcharts for explaining a method for evaluating a static analysis tool according to an embodiment.

The tool evaluation method according to the embodiment shown in Figs. 4 and 5 includes the steps of time-series processing in the tool evaluation apparatus 100 shown in Figs. 1 and 2. Therefore, even when omitted from the following description, the above description of the tool evaluation apparatus 100 shown in Figs. 1 and 2 can also be applied to the tool evaluation method according to the embodiment shown in Figs. 4 and 5 .

The tool evaluation apparatus 100 may generate a test code based on the template code (S410).

The tool evaluation apparatus 100 can search for a code variable in the template code and generate an intermediate code based on the replacement code corresponding to the detected code variable. At this time, the tool evaluation apparatus 100 can continuously search the code variable until there is no code variable in the intermediate code, and generate the intermediate code by replacing the detected code variable with the replacement code. The tool evaluation apparatus 100 can repeat the above process until there is no code variable in the intermediate code and can determine the intermediate code as the test code if there is no code variable in the intermediate code.

The tool evaluation apparatus 100 can generate a plurality of test codes each of which is substituted with a plurality of replacement codes so as to match the plurality of replacement codes if a plurality of replacement codes matching the code variable exist.

The tool evaluation apparatus 100 may also select an alternative code that matches the code variable based on the category if there is a category matching the code variable, and may generate the test code based on the selected replacement code.

The tool evaluation apparatus 100 may generate a benchmark set that includes at least one of a test code generated according to the above, a correct answer to the test code, and an incorrect answer to the test code at operation S420.

On the other hand, as shown in FIG. 5, the tool evaluation apparatus 100 can generate a test code to evaluate the static analysis tool. Here, steps S410 to S420 in FIG. 5 are the same as those described in step S410 and step S420 in FIG.

The tool evaluation apparatus 100 can select a weak point (S510). At this time, the tool evaluation apparatus 100 can receive a weak point from the user and can process the weak point as a selected weak point. The tool evaluation apparatus 100 may also optionally select weaknesses for accurate evaluation of static analysis tools.

The tool evaluation apparatus 100 can select a template code corresponding to the weak point (S520).

At this time, the tool evaluation apparatus 100 can select the category together with the template code corresponding to the weak point.

The tool evaluation apparatus 100 may generate a test code based on the template code (S410), and the tool evaluation apparatus 100 may generate a test code based on the generated test code, a correct answer to the test code, and a wrong answer to the test code A set can be generated (S420).

The tool evaluation apparatus 100 may then evaluate the static analysis tool based on the benchmark set (S530).

That is, the tool evaluation apparatus 100 can execute the static analysis tool based on the benchmark set and detect at least one of a hit and a false that is detected by the static analysis tool.

Then, the tool evaluation apparatus 100 can evaluate the quality of the static analysis tool based on the number of detected slips or false positives, and can also give a score according to the evaluation.

The term " part " used in the above embodiments means a hardware component such as a software or a field programmable gate array (FPGA) or an ASIC, and the 'part' performs certain roles. However, 'part' is not meant to be limited to software or hardware. &Quot; to " may be configured to reside on an addressable storage medium and may be configured to play one or more processors. Thus, by way of example, 'parts' may refer to components such as software components, object-oriented software components, class components and task components, and processes, functions, , Subroutines, segments of program patent code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables.

The functions provided within the components and components may be combined with a smaller number of components and components or separated from additional components and components.

In addition, the components and components may be implemented to play back one or more CPUs in a device or a secure multimedia card.

The tool evaluation method according to one embodiment may also be implemented in the form of a computer-readable medium for storing instructions and data executable by a computer. At this time, the command and data may be stored in the form of program code, and when executed by the processor, a predetermined program module may be generated to perform a predetermined operation. In addition, the computer-readable medium can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. The computer-readable medium can also be a computer storage medium, which can be volatile and non-volatile, implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, For example, computer recording media may include magnetic storage media such as HDDs and SSDs, optical recording media such as CD, DVD and Blu-ray discs, or other types of media accessible via a network. May be the memory included in the server.

Further, the tool evaluation method according to the embodiment may be implemented as a computer program (or a computer program product) including instructions executable by a computer. A computer program includes programmable machine instructions that are processed by a processor and can be implemented in a high-level programming language, an object-oriented programming language, an assembly language, or a machine language . The computer program may also be recorded on a computer readable recording medium of a type (e.g., memory, hard disk, magnetic / optical medium or solid-state drive).

Thus, the tool evaluation method according to the embodiment can be implemented by the computer program as described above being executed by the computing device. The computing device may include a processor, a memory, a storage device, a high-speed interface connected to the memory and a high-speed expansion port, and a low-speed interface connected to the low-speed bus and the storage device. Each of these components is connected to each other using a variety of buses and can be mounted on a common motherboard or mounted in any other suitable manner.

Where the processor may process instructions within the computing device, such as to display graphical information to provide a graphical user interface (GUI) on an external input, output device, such as a display connected to a high speed interface And commands stored in memory or storage devices. As another example, multiple processors and / or multiple busses may be used with multiple memory and memory types as appropriate. The processor may also be implemented as a chipset comprised of chips comprising multiple independent analog and / or digital processors.

The memory also stores information within the computing device. In one example, the memory may comprise volatile memory units or a collection thereof. In another example, the memory may be comprised of non-volatile memory units or a collection thereof. The memory may also be another type of computer readable medium such as, for example, a magnetic or optical disk.

And the storage device can provide a large amount of storage space to the computing device. The storage device may be a computer readable medium or a configuration including such a medium and may include, for example, devices in a SAN (Storage Area Network) or other configurations, and may be a floppy disk device, a hard disk device, Or a tape device, flash memory, or other similar semiconductor memory device or device array.

It will be apparent to those skilled in the art that the above-described embodiments are for illustrative purposes only and that those skilled in the art will readily understand that other embodiments can be readily modified without departing from the spirit or essential characteristics of the embodiments described above You will understand. It is therefore to be understood that the above-described embodiments are to be considered in all respects only as illustrative and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

It is to be understood that the scope of the present invention is defined by the appended claims rather than the foregoing description and should be construed as including all changes and modifications that come within the meaning and range of equivalency of the claims, .

100: tool evaluation device
110: input / output unit 120:
130: communication unit 140: memory

Claims (16)

A tool evaluation device for evaluating a static analysis tool,
Memory for storing one or more template codes; And
Generating a test code based on the template code, and generating a set of benchmarks including at least one of the test code, the correct answer to the test code, and an incorrect answer to the test code
Wherein,
Searching for a code variable in the template code, and generating an intermediate code based on an alternative code corresponding to the searched code variable. The method according to claim 1,
Wherein,
And evaluating the quality of the static analysis tool by applying a static analysis tool to the benchmark set. delete The method according to claim 1,
Wherein,
A static analysis tool that searches the code variable until there is no code variable in the intermediate code and additionally generates intermediate code and determines the generated intermediate code as the test code if there is no code variable in the generated intermediate code Evaluation device. The method according to claim 1,
Wherein,
And generates a plurality of replacement test codes each of which is substituted with a plurality of replacement codes so as to match the plurality of replacement codes if a plurality of replacement codes matching the code variable exist. The method according to claim 1,
Wherein,
Selecting an alternative code matching the code variable based on a category matched to the code variable, and generating the test code based on the selected replacement code. The method according to claim 1,
Wherein,
Wherein the template code is selected based on the schema information selected based on the weakness. A method for evaluating a static analysis tool by a tool evaluation apparatus,
Generating a test code based on the template code; And
Generating a set of benchmarks comprising at least one of the test code, a correct answer to the test code, and an incorrect answer to the test code,
Wherein the generating the test code comprises:
Searching a code variable in the template code; And
And generating an intermediate code based on an alternative code corresponding to the searched code variable. 9. The method of claim 8,
Further comprising evaluating the quality of the static analysis tool by applying a static analysis tool to the set of benchmarks. delete 9. The method of claim 8,
Wherein the generating the test code comprises:
Repeating the steps of searching for the code variable and generating the intermediate code until there is no code variable in the intermediate code; And
And if the code parameter is not present in the generated intermediate code, determining the generated intermediate code as the test code. 9. The method of claim 8,
Wherein the generating the test code comprises:
And generating a plurality of replacement test codes each of which is replaced with a plurality of replacement codes so as to match the plurality of replacement codes if a plurality of replacement codes matching the code variable are present. 9. The method of claim 8,
Wherein the generating the test code comprises:
Selecting an alternative code that matches the code variable based on a category matching the code variable; And
And generating the test code based on the selected replacement code. 9. The method of claim 8,
Before the step of generating the test code,
Further comprising the step of selecting a template code based on the selected schema information based on weaknesses. A computer-readable recording medium on which a program for performing the method according to claim 8 is recorded. A computer program stored in a medium for performing the method of claim 8 performed by an evaluation device of a static analysis tool.

Images