中文摘要：

随着软件应用范围的不断扩大，尤其是数据库软件和Web软件的广泛应用，字符串变量在软件程序中扮演的角色日益重要．一与此同时，针对字符串变量的程序分析技术——字符串分析，也取得了长足的发展，并在软件工程中的很多领域中得到了成功的应用．字符串分析的基本应用模式是首先使用字符串值分析获得字符串变量的所有可能取值，然后使用字符串约束求解判断这些变量的取值是否满足一定约束，从而对程序进行正确性验证．为了使得字符串分析能够应用在安全分析和软件维护应用中，研究人员对字符串分析进行了扩展，进一步分析字符串变量的数据来源．综述了字符串分析技术的研究进展，提出了字符串分析的问题构型，介绍了这一领域现在的主要研究内容：字符串值分析、字符串约束求解、字符串数据来源分析以及字符串分析在软件工程中的应用．

英文摘要：

With the ubiquitous software application, especially the wide usage of database applications and Web applications, strings have become a more important role in the software programs. At the same time, the program analysis techniques that consider the specialty of strings have been developed, and have been applied to various areas in software engineering. Usually, string value analysis is applied to acquire the possible values of a given string variable. Next, a constraint solver is applied to check whether the values satisfy predefined specifications, so that the correctness of the given string variable can be checked. To further apply string analysis to some security analysis and software maintenance problems, the string analysis is further improved to analyze the possible data origins of a given string variable. This paper presents a survey on string analysis, which mainly introduces the string value analysis, string constraint solving, string data origin analysis, and the applications of string analysis in software engineering.