Scribd
Upload
31 views17 pages

A9 Sqa

Uploaded by

ASUR
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views17 pages

A9 Sqa

Uploaded by

ASUR
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 17

Study of Static Analysis Methods

Research Project - TYIT Group-A9

Student’s Name Roll Number


Hardik Kangane 741
Nishant Kasbekar 742

Gaurav Kaspate 743

Jagruti Katpara 744

Shivani Kayasth 745


What Is Static Analysis?

➢ Static analysis is best described as a method of


debugging by automatically examining source
code before a program is run.
➢ Static code analysis is performed early in
development, before software testing begins.

➢ For organizations practicing DevOps, static code


analysis takes place during the “Create” phase.
Medium. Com
Why to do Static Analysis?
Static analysis is generally good at finding coding
issues such as:
➢ Programming errors
➢ Coding standard violations

➢ Undefined values

➢ Syntax violations

➢ Security vulnerabilities Perforce.com


How Static Code Analysis Works ?

1) Write the Code


2) Run a Static Code Analyzer
3) Review the Results
4) Fix What Needs to Be Fixed
5) Move On to Testing

Verifysoft.com
Types of Static Analysis Methods

Control analysis Data Analysis Fault/failure analysis Interface analysis


Control analysis Method

➢ It focuses on the control flow


in a calling structure.
➢ For example, a control flow
could be a process, function,
method or in a subroutine.

Javatpoint.com
Data Analysis Method

It makes sure defined data is


properly used while also
making sure data objects are
properly operating.

G2. COM
Fault/failure analysis Method

It analyzes faults and


failures in model
components.

Fixsoftware. com
Interface analysis Method

It verifies simulations to
check the code and makes
sure the interface fits into
the model and simulation.

Geekforgeeks.com
Types of Static Analysis Tools
How does a Static Analysis tool work?

➢ There needs to be source code to test the quality of it.


➢ Make use of static analysis tools and run a static
code analyzer.
➢ Review the flagged sections that don’t meet the
prescribed ruleset. This may include false positives or
even expected deviations.
➢ Coders address the critical errors first then address
lesser issues.
➢ Progress to the testing phase.

Parasoft.Com
Benefits of Static Analysis Tools

➢ The best static code analysis tools offer speed, depth,


and accuracy.
➢ It can find weaknesses in the code at the exact
location.
➢ Automated tools can provide mitigation
recommendations, reducing the research time.
➢ It permits weaknesses to be found earlier in the
development life cycle, reducing the cost to fix.

Pvs-studio. Com
Drawbacks of Static Analysis Tools:-

➢ Automated tools do not support all programming languages.


➢ Automated tools produce false positives and false negative.
➢ Automated tools only as good as the rules they are using to
scan with.
➢ It does not find vulnerabilities introduced in the runtime
environment.
Conclusion:-

➢ Static Analysis can be a valuable tool in error detection in the process of software
development.
➢ Great for enforcing code standards.
➢ Although integration may be challenging,they provide substantial cost and time
savings
➢ Comes down to which tool is the best fit for you.
References:-

➔ https://www.perforce.com/blog
➔ https://www.geeksforgeeks.org
➔ https://www.securecodewarrior.com
➔ https://gcn.com
Thank you…😊

You might also like