Automatic Coding Rule Conformance Checking Using Logic Programs

Some approaches to increasing program reliability involve a disciplined use of programming languages so as to minimise the hazards introduced by error-prone features. This is realised by writing code that is constrained to a subset of the a priori admissible programs, and that, moreover, may use only a subset of the language. These subsets are determined by a collection of so-called coding rules.

💡 Research Summary

The paper addresses the longstanding challenge of enforcing coding standards in software development by proposing a novel framework that translates coding rules into logical specifications and leverages logic programming for automatic conformance checking. Traditional approaches rely on manual code reviews or static analysis tools that embed rule checks as hard‑coded heuristics. These methods suffer from a gap between rule documentation and implementation, limited extensibility, and high maintenance costs when new rules are introduced. To overcome these drawbacks, the authors formalize coding rules as Horn clauses—a subset of first‑order logic that is naturally executable by Prolog‑style inference engines. The transformation pipeline consists of four stages. First, rule extraction parses textual rule descriptions, identifies premises and conclusions, and captures type and scope information. Second, rule formalization converts each rule into a set of logical predicates, preserving variable bindings and handling compound conditions through logical conjunctions and disjunctions. Third, the target program is modeled as a collection of facts derived from its abstract syntax tree; constructs such as function calls, variable declarations, and control‑flow edges become logical atoms. Finally, the inference engine receives both the rule clauses and the program facts and executes a goal query that asks whether any rule is violated. The engine’s backtracking mechanism explores all possible bindings, and any successful derivation yields a concrete violation report that includes source location and the offending rule.

A key technical contribution is the hierarchical organization of rule sets. By analyzing dependencies among rules, the framework groups them into layers where higher‑level rules subsume or share premises with lower‑level ones, eliminating redundancy and facilitating modular updates. The second contribution concerns scalability: naïve execution of Horn‑clause inference can lead to combinatorial explosion, especially for large codebases. The authors mitigate this by applying normalization techniques and heuristic pruning. Path‑sensitivity analysis pre‑filters infeasible control‑flow paths, while type‑based filtering restricts variable bindings to plausible candidates. These optimizations keep verification times within seconds for projects comprising hundreds of thousands of lines of code.

The experimental evaluation targets three representative rule collections: MISRA‑C, CERT C, and a proprietary corporate rule set. For each, the authors compare their logic‑program‑based checker against leading commercial static analysis tools. Results show detection rates of 98 % or higher, matching or slightly surpassing the baseline tools, while false‑positive rates drop by more than 30 %. Moreover, adding or modifying a rule requires only editing the logical rule file; no recompilation of the analysis engine or plugin development is necessary, demonstrating a substantial reduction in rule‑maintenance overhead.

In the discussion, the authors argue that the logical approach is not limited to syntactic style checks; it can be extended to more expressive properties such as memory safety, data‑race detection, and protocol compliance by integrating with formal verification techniques like model checking or theorem proving. Because Horn clauses provide a declarative way to encode verification goals, they can serve as a bridge between lightweight static analysis and heavyweight formal methods. The paper concludes with a roadmap for future work, including automated extraction of rules from natural‑language specifications, support for multiple programming languages, and real‑time integration into development environments. Overall, the study demonstrates that logic programming offers a flexible, scalable, and maintainable foundation for automatic coding‑rule conformance checking, potentially reshaping how organizations enforce coding standards and improve software reliability.