Swift is an open-source programming language and Apple’s recommended choice for development for their mobile operating system, iOS, and their desktop operating system, macOS. In August 2018, StatCounter estimates that iPhones and iPads comprise 20.38% of mobile devices across the world and macOS devices account for 12.64% of desktop machines. Therefore, the ability to conduct static analysis for Swift applications has significant impact on millions of users around the world. Although many static analysis frameworks exist for Android devices (e.g., FlowDroid, SCanDroid, and DroidInfer), there is a lack of comparable tools for Swift. Although LLVM and clang support some analyses, they are unsuitable for deeper analyses for Swift applications such as taint tracking. Moreover, most of the currently available tools for Swift (e.g., SwiftLint and Tailor) only help enforce Swift best practices.

In this talk, we will introduce SWAN, an open-source framework that allows robust static analyses of Swift applications using IBM’s T.J. Watson Libraries for Analysis (WALA). SWAN uses the well-established program analysis libraries in WALA to provide various analyses for Swift, including class hierarchy analysis, pointer analysis, call graph construction, and interprocedural dataflow analysis.