Everything about C++ source code static analysis

Published:07/07/2011   Last Updated:07/07/2011

I decided to collect all the resources on static code analysis in one place. Surfing by the links you will learn what static code analysis is, what for it is used and what static analysis tools exist. You will read interesting articles and if you wish, you may join a group discussing the topic under consideration.

1. What is source code static analysis?

Wikipedia. Static program analysis.

Terminology on Viva64.com site. Static code analysis.

Hacker Report. Static Analysis Tools.

Wikipedia. List of tools for static code analysis.

2. Articles on the subject of static source code analysis.

Coverity. A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World.

Parasoft. Static Analysis on Steroids: Parasoft BugDetective.

Walter W. Schilling, Jr. and Mansoor Alam. Integrate Static Analysis Into a Software Development Process.

Steven Lavenhar. Code Analysis.

Philip J. Guo and Dawson Engler. Linux Kernel Developer Responses to Static Analysis Bug Reports.

Sergei Sokolov. Bulletproofing C++ Code.

Dug Song. Static Code Analysis Using Google Code Search.

Get to Know the VSTS Native C/C++ Code Analyzer

Reviews of other articles.

3. Groups devoted to source code static analysis.

LinkedIn. Static Code Analysis.

Reddit. Viva64.

Facebook. Source Code Analysis.

4. Twitters on the subject.

Program Verification Systems. @Code_Analysis.

Klocwork. @klocwork.

Fortify. @Fortify.

Veracode. @veracode.

Gimpel Software. @GimpelSoftware.

Parasoft. @Parasoft.

Vector Software. @VectorSoftware.

Coverity, Inc. @Coverity.

5. Miscellaneous.

Research. Magic Quadrant for Static Application Security Testing.

Static analysis criticism. Mark Dixon. Top five reasons not to use static analysis.

The CERT Secure Coding Standard (C / C++).

Discussion. Do Static Source Code Analysis Tools Really Work?

6. Some of our own articles on Viva64.com site.

Software code metrics.

PVS-Studio vs Chromium.

Comparing PVS-Studio and general static analysis in Visual Studio 2010

Static analysis of source code by the example of WinMerge

Static analysis and ROI

Collating prepared by Andrey Karpov.

My e-mail: karpov[del]@viva64.com

LinkedIn Profile. http://www.linkedin.com/pub/4/585/6a3

Product and Performance Information


Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.