Nikola Valerjev, Green Hills Software
(July 05, 2014)
Numerous studies have shown increases in software code reliability and developer efficiency through the use of static source analysis. There is no dispute that there are large benefits to be gained for most organizations.
One problem is that there are no standards that specify what static source analysis means, or what types of defects it should be detecting. Several government agencies, including Department Of Homeland Security, National Institute of Standards and Technology, and FDA have been trying to develop a set of guidelines and recommendations to specify exactly that, but there has been no clear solution as of yet.
One of the fundamental issues has been the difficulty in defining what defects need to be detected and at what rates. However, that doesn’t take away from the fact that static source analysis has been proven as an extremely effective way to solve many issues that software developers are faced with.
With so many choices and no standards, a new problem arises: How do you pick a static analysis tool that is right for your organization?
Click here to read more ...