I decided to collect all the resources on static code analysis in one place. Surfing by the links you will learn what static code analysis is, what for it is used and what static analysis tools exist. You will read interesting articles and if you wish, you may join a group discussing the topic under consideration.
1. What is source code static analysis?
2. Articles on the subject of static source code analysis.
Coverity. A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World.
Parasoft. Static Analysis on Steroids: Parasoft BugDetective.
Walter W. Schilling, Jr. and Mansoor Alam. Integrate Static Analysis Into a Software Development Process.
Steven Lavenhar. Code Analysis.
Philip J. Guo and Dawson Engler. Linux Kernel Developer Responses to Static Analysis Bug Reports.
Sergei Sokolov. Bulletproofing C++ Code.
Dug Song. Static Code Analysis Using Google Code Search.
Get to Know the VSTS Native C/C++ Code Analyzer
Reviews of other articles.
3. Groups devoted to source code static analysis.
4. Twitters on the subject.
Program Verification Systems. @Code_Analysis.
Gimpel Software. @GimpelSoftware.
Vector Software. @VectorSoftware.
Coverity, Inc. @Coverity.
Research. Magic Quadrant for Static Application Security Testing.
Static analysis criticism. Mark Dixon. Top five reasons not to use static analysis.
The CERT Secure Coding Standard (C / C++).
Discussion. Do Static Source Code Analysis Tools Really Work?
6. Some of our own articles on Viva64.com site.
Collating prepared by Andrey Karpov.
My e-mail: karpov[del]@viva64.com
LinkedIn Profile. http://www.linkedin.com/pub/4/585/6a3
Product and Performance Information
Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.