Current call graph generation methods for ArkTS, a new programming language for OpenHarmony, exhibit precision limitations when supporting advanced static analysis tasks such as data flow analysis and vulnerability pattern detection, while the workflow of traditional JavaScript(JS)/TypeScript(TS) analysis tools fails to interpret ArkUI component tree semantics. The core technical bottleneck originates from the closure mechanisms inherent in TypeScript's dynamic language features and the interaction patterns involving OpenHarmony's framework APIs. Existing static analysis tools for ArkTS struggle to achieve effective tracking and precise deduction of object reference relationships, leading to topological fractures in call graph reachability and diminished analysis coverage. This technical limitation fundamentally constrains the implementation of advanced program analysis techniques. Therefore, in this paper, we propose a tool named ArkAnalyzer Pointer Analysis Kit (APAK), the first context-sensitive pointer analysis framework specifically designed for ArkTS. APAK addresses these challenges through a unique ArkTS heap object model and a highly extensible plugin architecture, ensuring future adaptability to the evolving OpenHarmony ecosystem. In the evaluation, we construct a dataset from 1,663 real-world applications in the OpenHarmony ecosystem to evaluate APAK, demonstrating APAK's superior performance over CHA/RTA approaches in critical metrics including valid edge coverage (e.g., a 7.1% reduction compared to CHA and a 34.2% increase over RTA). The improvement in edge coverage systematically reduces false positive rates from 20% to 2%, enabling future exploration of establishing more complex program analysis tools based on our framework. Our proposed APAK has been merged into the official static analysis framework ArkAnalyzer for OpenHarmony.

翻译：当前针对OpenHarmony新型编程语言ArkTS的调用图生成方法，在支持数据流分析和漏洞模式检测等高级静态分析任务时存在精度局限，而传统JavaScript(JS)/TypeScript(TS)分析工具的工作流程无法解析ArkUI组件树语义。该核心技术瓶颈源于TypeScript动态语言特性固有的闭包机制，以及涉及OpenHarmony框架API的交互模式。现有ArkTS静态分析工具难以实现对象引用关系的有效追踪与精确推导，导致调用图可达性出现拓扑断裂，并削弱了分析覆盖率。此技术限制从根本上制约了高级程序分析技术的实现。为此，本文提出名为ArkAnalyzer指针分析工具包(APAK)的系统，这是首个专为ArkTS设计的上下文敏感指针分析框架。APAK通过独特的ArkTS堆对象模型与高度可扩展的插件架构应对上述挑战，确保对未来持续演进的OpenHarmony生态系统的适应能力。在评估环节，我们从OpenHarmony生态的1,663个实际应用中构建数据集对APAK进行评测，结果表明APAK在有效边覆盖率等关键指标上优于CHA/RTA方法（例如较CHA降低7.1%，较RTA提升34.2%）。边覆盖率的提升将误报率从20%系统性地降低至2%，为未来基于本框架构建更复杂程序分析工具奠定了基础。我们提出的APAK已并入OpenHarmony官方静态分析框架ArkAnalyzer。