Static Analysis - Tools for Improving Engineering Process
Static Analysis Tools
Static
program analysis is the analysis of computer software that is performed without
actually executing programs built from that software (analysis performed on
executing programs is known as dynamic analysis). In most cases the analysis is
performed on some version of the source code and in the other cases some form
of the object code. The term is usually applied to the analysis performed by an
automated tool, with human analysis being called program understanding, program
comprehension or code review.
Core
activities involved in Static analysis:
- N/A
Advantages:
- If there are anti-patterns in
your code, you can be warned about it.
- There are certain metrics
(such as McCabe's Cyclomatic Complexity) that tell useful things about
source code.
- You can also get great stuff
like call-graphs, and class diagrams from static analysis. Those are wonderful
if you are attacking a new code base
- Many classes of memory leaks
and common logic errors can be caught statically as well.
- It detects bugs (e.g. a
warning about an unused argument may indicate you used the wrong argument
in the method body).
- Understanding the guidelines
of static analysis tool is following helps you to become a better
developer
Features
of Static Analysis tools that need to be considered before picking it:
- N/A
Some
Popular Open Source Static Analysis Tools:
- FxCop (.NET)
- CheckStyle (Java)
- FindBugs (Java)
- PMD (Java)
- CPD - Copy / Paste Detector
(Java, JSP, C, C++, PHP)
List of
other static analysis tools -
Comments
Post a Comment