The emergence of quantum computing raises the question of how to identify (security-relevant) programming errors during development. However, current static code analysis tools fail to model information specific to quantum computing. In this paper, we identify this information and propose to extend classical code analysis tools accordingly. Among such tools, we identify the Code Property Graph to be very well suited for this task as it can be easily extended with quantum computing specific information. For our proof of concept, we implemented a tool which includes information from the quantum world in the graph and demonstrate its ability to analyze source code written in Qiskit and OpenQASM. Our tool brings together the information from the classical and quantum world, enabling analysis across both domains. By combining all relevant information into a single detailed analysis, this powerful tool can facilitate tackling future quantum source code analysis challenges.

翻译：量子计算的兴起提出了一个问题：如何在开发过程中识别（与安全相关的）编程错误。然而，当前的静态代码分析工具无法对量子计算特有的信息进行建模。在本文中，我们识别了这些信息，并提议相应扩展经典代码分析工具。在这些工具中，我们认为代码属性图非常适合此任务，因为它可以轻松扩展以包含量子计算特有的信息。为验证概念，我们实现了一个工具，该工具将量子领域的信息纳入图中，并展示了其分析用Qiskit和OpenQASM编写的源代码的能力。我们的工具融合了经典与量子领域的信息，实现了跨两个领域的分析。通过将所有相关信息整合到单一、详细的分析中，这一强大工具能够助力应对未来的量子源代码分析挑战。