SootUp is a modern reimplementation of the widely used Soot framework for static code analysis. While Soot has been instrumental in advancing program analysis research for over two decades, its legacy architecture has begun to show limitations in meeting the demands of modern research and development. SootUp addresses these challenges by offering a redesigned, modular architecture and an intuitive API that simplifies the development of custom static analyses.

This tutorial provides a hands-on introduction to SootUp, guiding participants through its key features, design choices, and improvements over Soot. Through a combination of conceptual overviews and live, interactive exercises led by the instructors, attendees will actively engage in constructing call graphs, code property graphs, and implementing intra- and inter-procedural analyses using SootUp. Participants will leave with a solid understanding of how to incorporate SootUp into their own static analysis workflows or how to establish one in the first place.

This tutorial builds on successful prior offerings, including a session at PLDI 2024 and a series of SootUp Hackathons hosted at Paderborn University, which have together reached over 100 participants.