Static Code Analysis

  • Check code for specific quality rules;

  • Identify safety and security vulnerabilities;

  • Identify “code smells”;

  • May be integrated in the development process, in IDEs, in the continuous delivery processes;

  • These are tools that ALL can and shall use!

Model program properties abstractly, and look for problems.

Tools come from program analysis.

  • Type inference, data flow analysis, theorem proving.

Usually on source code, can be on byte code or disassembly.

Strengths

  • Complete code coverage (in theory);

  • Potentially verify absence/report all instances of a whole class of bugs;

  • Catches different bugs than dynamic analysis;

  • Repeatable analysis.

Weaknesses

  • High false positive rates;

  • Many properties cannot be easily modeled;

  • Difficult to build;

  • Rarely have all source code in real systems (operating system, shared libraries, dynamic loading, etc.).

Last updated