ArkAnalyzer: The Static Analysis Framework for OpenHarmony

TL;DR

ArkAnalyzer is an open-source static analysis framework designed specifically for ArkTS, the programming language for OpenHarmony, enabling developers to detect and repair code issues efficiently.

Contribution

We designed and implemented ArkAnalyzer, the first dedicated static analysis framework for ArkTS, filling a critical gap for OpenHarmony app development.

Findings

ArkAnalyzer successfully detects common code smells and vulnerabilities.

The framework is publicly available for community use and extension.

It enhances code quality and security for OpenHarmony applications.

Abstract

ArkTS is a new programming language dedicated to developing apps for the emerging OpenHarmony mobile operating system. Like other programming languages constantly suffering from performance-related code smells or vulnerabilities, the ArkTS programming language will likely encounter the same problems. The solution given by our research community is to invent static analyzers, which are often implemented on top of a common static analysis framework, to detect and subsequently repair those issues automatically. Unfortunately, such an essential framework is not available for the OpenHarmony community yet. Existing program analysis methods have several problems when handling the ArkTS code. To bridge the gap, we design and implement a framework named ArkAnalyzer and make it publicly available as an open-source project. Our ArkAnalyzer addresses the aforementioned problems and has already integrated a number of fundamental static analysis functions that are ready to be reused by developers to implement OpenHarmony