Prof. Tevfik Bultan's new book: String Analysis for Software Verification and Security
Prof. Tevfik Bultan and his former Ph.D. students Fang Yu, Muath Alkhalaf and Abdulbaki Aydin have written a book titled "String Analysis for Software Verification and Security" which was published by Springer. The book discusses automated string-analysis techniques, focusing particularly on automata-based static string analysis. String manipulation is a crucial part of modern software systems; for example, it is used extensively in input validation and sanitization and in dynamic code and query generation. The goal of string-analysis techniques discussed in this book is to determine the set of values that string expressions can take during program execution. Like many other program-analysis problems, it is not possible to solve the string analysis problem precisely (i.e., it is not possible to precisely determine the set of string values that can reach a program point). However, one can compute over- or under-approximations of possible string values. If the approximations are precise enough, they can enable developers to demonstrate existence or absence of bugs in string manipulating code. String analysis has been an active research area in the last decade, resulting in a wide variety of string-analysis techniques. In the Preface to their book, Prof. Bultan and his co-authors state that: "We hope that this monograph can inspire and motivate more research in this area and accelerate the transition of string analysis research to practice."