Our Customers

Blog

02.09.2010 Feeling the new Intel Parallel Studio XE 2011 beta
So I've gotten to try the C++ compiler included into Intel Parallel Studio XE 2011 beta at last.»

30.08.2010 Five days for fixing a two-character error, or a myth of almighty technologies aiding software development
In this blog, you may often read posts about how this or that software tool or software development technology helps make fewer errors, find them faster and correct them easier.»

30.08.2010 d'Artagnan and Internet, or working on the problem of bad links
Friends, it is high time we stopped considering links only in the context of their number and buying/ selling and counting PR of the site they are laid out on.»

Articles

22.07.2010 Using PVS-Studio with continuous integration systems
This article illustrates techniques required to employ the use of PVS-Studio static code analyzer together with continuous integration systems.»

06.07.2010 Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defects in 64-bit programs
In the article, we will compare three mechanisms of code analysis from the viewpoint of detecting 64-bit errors: the Visual C++ 2010 compiler, the Code Analysis for C/C++ component included into Visual Studio 2010 and Viva64 analyzer included into PVS-Studio 3.60.»

29.06.2010 A Collection of Examples of 64-bit Errors in Real Programs
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages.»

News

16.08.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.62 »

22.07.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.61»

10.06.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.60. »

Terminology

Main » Terminology

Print version

Static code analysis

Static code analysis. A methodology of detecting errors in program code based on the programmer's reviewing the code marked by the analyzer in those places where potential errors may occur. In other words the static analysis tool detects in the program text the places containing or likely to contain errors, subject to errors or possessing bad formatting. Such code sections are to be considered by the programmer and he can decide whether to modify this program section or not. Static analyzers can be both of general purpose (for example, Microsoft PREFast, Gimpel PC-Lint, Parasoft C++Test) and specialized for searching certain error classes (for example, Chord for verifying parallel Java programs). Static analysis tools are usually rather expensive, they demand knowledge in using them and have rather complicated subsystems of setting and suppressing false messages. That's why static analyzers are usually used by companies with high development culture and mature software development processes. In return of complicated usage, static code analyzers allow developers to detect a lot of errors on the early steps of developing program code. Using static analysis methodology also disciplines programmers and helps control young employees' work.

The main advantage of static code analyzers use lies in the possibility of considerable cost saving of defects elimination in a program. The earlier an error is determined, the lower is the cost of its correction. Thus, according to the facts given in the book "Code Complete" by McConnell, correction of an error at the testing stage is ten times more expensive than its correction at the construction (coding) stage:

Figure 1. Average cost of defects correction depending on their time of writing and detection (data for the table taken from the book "Code Complete" by C. McConnell).

Static analysis tools allow to detect a large number of errors at the construction stage, and this considerably reduces the cost of the whole project development.

Our company, "Program Verification Systems", is engaged in the creation of solutions in the sphere of verification and static code analysis. The main program product of our company, PVS-Studio, is a static code analyzer for testing up-to-date and resource-intensive applications. The analyzer allows to diagnose the errors typical of 64-bit and parallel solutions, to help with applications optimization, and improve their security.

Besides, our company provides the following services on the basis of the available experience and projects in the sphere of code analysis:

specialized code analyzers creation;
application porting to 64-bit systems;
code optimization and paralleling;
program code quality assurance.

You can find more details about the possible variants of cooperation in the section "Services".

References

Wikipedia "Static code analysis"
Wikipedia "List of tools for static code analysis"
Steve McConnell, "Code Complete, 2nd Edition" Microsoft Press, Paperback, 2nd edition, Published June 2004, 914 pages, ISBN: 0-7356-1967-0.
By Walter W. Schilling, Jr. and Mansoor Alam. "Integrate static analysis into a software development process".

© 2008 - 2010, OOO "Program Verification Systems"
300027, Russia, Tula, P.O. Box 1800. Office: Russia, Tula, Kutuzova 100-73