doi: 10.17586/2226-1494-2026-26-3-565-573


Domain-specific code analysis approach

D. V. Koznov


Read the full article  ';
Article in Russian

For citation:
Koznov D.V. Domain-specific code analysis approach. Scientific and Technical Journal of Information Technologies, Mechanicsand Optics, 2026, vol. 26, no. 3, pp. 565–573(in Russian).doi: 10.17586/2226-1494-2026-26-3-565-573


Abstract
Modern companies that incorporate complex software systems as part of their market products are increasingly seeking technological independence in the development and maintenance of these systems. Such companies typically manage very large codebases, often comprising millions of lines of code. Testing, maintaining, and transforming these codebases requires multi-functional analysis and development tools, which cannot simply be obtained off the shelf. This is largely due to the inherent difficulty of many fundamental program analysis problems — indeed, several of these problems are formally undecidable (for example, pointer analysis and garbage collection for C programs). At the same time, large industrial codebases often use only a limited subset of the features available in their respective programming languages. Consequently, program analysis problems that are undecidable in the general case may become tractable for these restricted, domain-specific subsets. This observation creates opportunities for specialized approaches. This article proposes an approach for developing domain-specific program analysis solutions tailored to particular large industrial codebases. Such solutions are in high demand for tasks including fuzzing, symbolic execution, automated test generation, static analysis, code transformation and optimization, and vulnerability detection. The development of such custom domain-specific analysis tools becomes feasible because code-owning companies typically possess substantial engineering resources. These resources can be leveraged in combination with open-source frameworks and ecosystems such as Eclipse, Low Level Virtual Machine, and Microsoft Visual Studio Code. Furthermore, the economic impact is often significant: effective analysis solutions lead to substantial cost savings and quality improvements, which justifies the investment in specialized tool development. The proposed method consists of the following key stages: problem and idea analysis, solution design, requirements development, implementation, testing and validation, deployment and transfer. A central element of this method is the development of code templates that define the subset of the basic programming language used within the codebase. These templates provide a formal foundation for analysis and constrain the variability that tools must support. Notably, requirements development, tool implementation, and validation proceed in parallel, with testing tightly integrated into the development process. Using this method, several tools have been successfully developed, including a static analysis tool for C applications tailored for fuzzing, a clone detection and refactoring tool for a large network device software codebase, and other domain-specific solutions. Each project typically involved between one and three developers and lasted one to two years. While effective, the proposed method is resource-intensive. Analysis of completed projects shows that when a fully specified technical assignment is available from the outset, the required resources for implementing program analysis solutions can be reduced by several times. However, the strength of the method lies in situations where no detailed technical specification can be produced in advance. In such cases, the method enables iterative elicitation of requirements, reducing the risk of developing tools that do not meet real project needs.

Keywords: code analysis, static analysis, large codebases, domain-specific approach, development process model

References
1. ArutyunyanM.S. Static Analysis of the Source and Executable Code Based on Code Clone Detection: dissertation for the degree of candidate of technical sciences. Moscow, ISP RAS, 2025, 133 p. (in Russian)
2. Ali M., Hussain S., Ashraf M., Paracha K. Addressing software related issues on legacy systems – a review. International Journal of Scientific & Technology Research, 2020. vol. 9, no. 3, pp. 3738–3742.
3. Boulychev D., Koznov D., Terekhov A.A. On project-specific languages and their application in reengineering. Proc of the 6th European Conference on Software Maintenance and Reengineering, 2002, pp. 177–185. doi: 10.1109/csmr.2002.995802
4. Koznov D.V., Olkhovich L.B. Visual project languages. Systems programming. 2005, vol. 1, pp. 148–167. (in Russian)
5. BelevantsevA.A. Multi-level Static Analysis of the Source Code to Ensure Program Quality: dissertation for the degree of doctoral dissertation in physics and mathematics. Moscow, ISP RAS,2018, 229 p. (in Russian)
6. Gosain A., Sharma G. Static analysis: A survey of techniques and tools. Advances in Intelligent Systems and Computing, 2015, vol. 343, pp. 581–591. doi: 10.1007/978-81-322-2268-2_59
7. Muchnick S. Advanced Compiler Design Implementation. Morgan Kaufmann, 1997, 888 p.
8. Negm E., Makady S., Salah A. Survey on domain specific languages implementation aspects. International Journal of Advanced Computer Science and Applications, 2019, vol. 10, no. 11, doi: 10.14569/ijacsa.2019.0101183
9. Berezun D., Boulytchev D. Precise garbage collection for C++ with a non-cooperative compiler. Proc. of the 10th Central and Eastern European Software Engineering Conference in Russia, 2014, pp. 15. doi: 10.1145/2687233.2687244
10. BronsteinI.E. Type deduction for Python. Proceedings of the Institute for System Programming of the RAS, 2013, vol. 24, pp. 161–190. (in Russian)
11. Fowler M. Domain-Specific Languagens. Addison-Wesley Professional, 2010, 640 p.
12. Wang J., Huang Y., Wang S., Wang Q. An approach to detecting bugs in pattern-based bug detectors. arXiv, 2021. arXiv:2109.02245. doi: 10.48550/arXiv.2109.02245
13. Mey J., Kühn T., Schöne R., Aßmann U. Reusing static analysis across different domain-specific languages using reference attribute grammars. arXiv, 2020. arXiv:2002.06187. doi: 10.48550/arXiv.2002.06187
14. Zhang X., Zhou Y., Tan S.H. Efficient pattern-based static analysis approach via regular-expression rules. Proc. of the IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023, pp. 132–143. doi: 10.1109/saner56733.2023.00022
15. Mendonça D.S., Kalinowski M. Towards practical reuse of custom static analysis rules for defect localization. Proc. of the 19th Brazilian Symposium on Software Quality, 2020, pp. 1–10. doi: 10.1145/3439961.3439985
16. Li Z, Liu Z., Wong W.K., Ma P., Wang S. Evaluating C/C++ vulnerability detectability of query-based static application security testing tools. IEEE Transactions on Dependable and Secure Computing, 2024, vol. 21, no. 5, pp. 4600–4618. doi: 10.1109/tdsc.2024.3354789
17. Koznov D.V. Methodology and Tools for Domain-specific Modeling: dissertation for the degree of doctor of technical sciences. St. Petersburg, SPbU, 2016, 430 p. (in Russian)
18. TerekhovA.N., BryksinT.A., LitvinovYu.V. QReal: Aplatformforvisual, domain-specificmodelingмоделирования. ProgrammnayaIngeneria, 2013, no. 6, pp. 11–19.(in Russian)
19. Kelly S., Tolvanen J.-P. Domain-Specific Modeling: Enabling Full Code Generation. John Wiley & Sons, 2008, 444 p.
20. Wiegers K. Software Requirements. Microsoft Press, 1999, 350 p.
21. LipaevV.V. Large software systems testing for conformance requirements. Biznes-Informatika, 2008, no. 2 (4), pp. 16–24. (in Russian)
22. Rong X., Yadavally A., Nguyen T.N. Large Language Model-aided partial program dependence analysis. Proc. of the IEEE/ACM 48th International Conference on Software Engineering (ICSE ’26), 2026.
23. Yang C., Chen J., Lin B., Wang Z., Zhou J. Advancing code coverage: incorporating program analysis with Large Language Models. ACM Transactions on Software Engineering and Methodology (TOSEM), 2026, vol. 35, no. 5, pp. 1–31. doi: 10.1145/3748505
24. Blinn A., Li X., Kim J.H., Omar C. Statically contextualizing Large Language Models with typed holes. Proc. of the ACM on Programming Languages, 2024, vol. 8, no. OOPSLA2. pp. 468–498. doi: 10.1145/3689728
25. Venkatesh A.P.S., Sabu S., Mir A.M., Reis S., Bodden E. The emergence of Large Language Models in static analysis: a first look through micro-benchmarks. Proc. of the IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, 2024, pp. 35–39. doi: 10.1145/3650105.3652288
26. Sun W., Miao Y., Li Y., Zhang H., Fang C., Liu Y., et al. Source code summarization in the era of Large Language Models. Proc. of the IEEE/ACM 47th International Conference on Software Engineering (ICSE), 2025, pp. 1882–1894. doi: 10.1109/ICSE55347.2025.00034


Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
Copyright 2001-2026 ©
Scientific and Technical Journal
of Information Technologies, Mechanics and Optics.

Яндекс.Метрика