Static Analysis

  1. Why are code conventions important
    • 80 of lifetime cost for software is maintenance
    • Hardly any software is maintained by original author
    • Improves readability for better understanding
  2. Convention examples
    • all private variables begin with _
    • Notation (camel case, hungarian, underscore)
    • Code indentation
  3. Code style checking tool examples
    • cpplint.py (C++)
    • vera++ (C++)
    • KWStyle (C++)
    • cxxchecker (C++)
    • StyleCop (.NET)
    • checkstyle (Java)
  4. What is static program analysis
    Analysis of software without running it
  5. What can static analysis be performed on?
    • Source code
    • Object code
  6. Names for the process of manually reading through code
    • Static analysis
    • Program comprehension/understanding
    • Code review
  7. Organizations that require static analysis
    • FDA for medical devices
    • Health and safety for nuclear reactor protection (UK)
  8. What do static analysis tools check for
    • Correctness
    • Library design
    • Naming conventions
    • Performance
    • Security
    • Internationalization and localization
  9. Static analyzer examples
    • Lint (C)
    • cppchck (C++)
    • FxCop (.NET)
    • FindBugs (Java)
    • PMP (Java)
    • Soot (Java)
Author
Ant
ID
353589
Card Set
Static Analysis
Description
stat
Updated