| Home | Table of Contents | Please view with Internet Explorer (version 5.00 or higher) and enable scripting. For reasons, see Browsing This Web Site. |
The thesis here at the “Geoff Chappell, Software Analyst” website is that software can feasibly be subjected to a process analogous to literary criticism. Much as a literary critic may read the text of a novel sufficiently closely to discern weaknesses in the plot or to make out in-jokes contrived for the special enjoyment of the author’s friends, so may a software analyst study the instructions of a program sufficiently closely to spot errors in the code and to learn of features that the program’s manufacturer does not disclose.
We are all familiar with the work of literary critics. Most of us are comfortable with it, though authors and their publishers are sometimes less so. Most of us do not need, and ordinarily would not want, that the critic should be helped by the author. Yet with software, the craft of analysis is so undeveloped that even among experts in computer science, only very few expect that useful analysis is practicable, or even possible, without help from the manufacturer and specifically without access to the source code.
This notion that the source code is all-important has become especially well established at the hands of those who promote open-source licensing. I say that whatever the merits of publishing software with or without its source code, we can and ought do better at developing techniques for examining software without needing the source code. The community is failed while the industry sells its wares but denies the buyers any realistic means of independent inspection. Do we tolerate this for anything else but software?
The aim at this site is to show that practicable techniques are at least within reach, albeit as one man’s lone demonstration.
In principle, a given aspect of a program’s behaviour should be discoverable to any desired accuracy by studying to sufficient depth the set of instructions that constitute the program’s binary code. Analysis conducted according to this principle is essentially an exercise in deducing how the computer would behave if executing the program.
Note the subjunctives. The analytic techniques sought here have no need for access to whatever source code was used to produce the program. Neither is any assistance needed from the software’s manufacturer. Indeed, it is not necessary even to run the software—not until the analysis produces predictions to be tested by experiments.
Direct benefits of this sort of analysis flow to three broad groups: