A mixed-initiative tool based on precise, scalable program analyses will be designed to aid a security analyst in checking software source code for large systems in multiple programming languages. Automated analyses will discover a class of well-known and common errors in code. It will find code that appears to be obfuscated and offer it to the security analyst for review. The security analyst will be able to designate key source entities for tracking, and the analysis tool will help him locate and understand the relevant code. The tool will build on DMS, an existing foundation for implementing multilingual source code analyses, for which existing langauge definitions already exist.
Keywords: Security Analysis, Multilingual, Software Engineering, Source Code, Interactive, Automated, Parallel.
