The emergence of quantum computing raises the question of how to identify (security-relevant) programming errors during development. However, current static code analysis tools fail to model information specific to quantum computing. In this paper, we identify this information and propose to extend classical code analysis tools accordingly. Among such tools, we identify the Code Property Graph to be very well suited for this task as it can be easily extended with quantum computing specific information. For our proof of concept, we implemented a tool which includes information from the quantum world in the graph and demonstrate its ability to analyze source code written in Qiskit and OpenQASM. Our tool brings together the information from the classical and quantum world, enabling analysis across both domains. By combining all relevant information into a single detailed analysis, this powerful tool can facilitate tackling future quantum source code analysis challenges.

翻译：量子计算的兴起提出了如何在开发过程中识别（与安全相关的）编程错误的问题。然而，当前的静态代码分析工具未能建模量子计算特有的信息。在本文中，我们识别了这些信息，并提议相应扩展经典代码分析工具。在这些工具中，我们发现代码属性图非常适合此任务，因为它可以轻松扩展以包含量子计算特有信息。为验证概念，我们实现了一个工具，该工具将量子领域的信息纳入图中，并展示了其分析用Qiskit和OpenQASM编写的源代码的能力。我们的工具融合了经典与量子领域的信息，实现了跨两个领域的分析。通过将所有相关信息整合到一次详细分析中，这一强大工具有助于应对未来量子源代码分析的挑战。