Dynamic program analysis
Dynamic program analysis is analysis of computer software that involves executing the program in question (as opposed to static program analysis, which does not). Dynamic program analysis includes familiar techniques from software engineering such as unit testing, debugging, and measuring code coverage, but also includes lesser-known techniques like program slicing and invariant inference. Dynamic program analysis is widely applied in security in the form of runtime memory error detection, fuzzing, dynamic symbolic execution, and taint tracking.
| Program execution |
|---|
| General concepts |
| Types of code |
| Compilation strategies |
| Notable runtimes |
|
| Notable compilers & toolchains |
|
For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to address the ranges of possible inputs and outputs. Software testing measures, such as code coverage, and tools such as mutation testing, are used to try to identify cases where testing is inadequate.
For dynamic analysis, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program. Unit tests, integration tests, system tests and acceptance tests are forms of dynamic testing.