source code analysis

Source code analysis is the automated testing of source code for the purpose of debugging a computer program or application before it is distributed or sold. Source code consists of statements created with a text editor or visual programming tool and then saved in a file. The source code is the most permanent form of a program, even though the program may later be modified, improved or upgraded.

Source code analysis can be either static or dynamic. In static analysis, debugging is done by examining the code without actually executing the program. This can reveal errors at an early stage in program development, often eliminating the need for multiple revisions later. After static analysis has been done, dynamic analysis is performed in an effort to uncover more subtle defects or vulnerabilities. Dynamic analysis consists of real-time program testing.

A major advantage of this method is the fact that it does not require developers to make educated guesses at situations likely to produce errors. Other advantages include eliminating unnecessary program components and ensuring that the program under test is compatible with other programs likely to be run concurrently.

Read more about source code analysis: - Jon Udell describes several methods of source code analysis. - GrammaTech offers source code analyzers for C/C++ and Ada. - BuildSecurityIn has published several papers and references relevant to source code analysis in security applications.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Continuous integration meets application performance management As continuous integration gains popularity, the notion of continuous performance management also gains credence. Inherent Quality Simplicity, Section V: The Evolution Those interested in seriously pursuing quality in software will find inspiration in "Inherent Quality Simplicity." Read this free book excerpt for... Outside-in Software Development: A Practical Approach to Building Successful Stakeholder-based Products -- Chapter 1, Introducing Outside-in Development A software development approach that redefines who stakeholders really are, outside-in development (OID) encourages teams to work together to benefit...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary build tool  (SearchSoftwareQuality.com) A build tool is a programming utility that automates a software build task, such as ensuring that the proper source code files are compiled and that... development environment  (SearchSoftwareQuality.com) In computer program and software product development, the development environment is the set of processes and programming tools used to create the...