InfoQ

.NET Static Analysis and Parasoft dotTEST

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Design-Reuse

Using static analysis to detect coding errors in open source security-critical server applications

Editor’s Note: Excerpted from their book Embedded Systems Security, the authors go through an analysis of three popular, security-critical open source applications - Apache, OpenSSL, and sendmail – ...
Embedded

Defense in depth: Reducing embedded software bugs using static analysis and coding rules

Software bugs are notoriously difficult to eradicate. Traditional quality assurance techniques like testing and software inspections (sometimes called code reviews) find serious bugs, but too many ...
Electronic Design

What's the Difference Between Sound and Unsound Static Analysis?

Static analysis has established itself as a "must-have" for the verification of critical software. Notably, it can find problems that are hard to uncover by testing, such as concurrency issues and ...
CSOonline

Source Code Analysis Tools: How to Choose and Use Them

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? More on code analysis tools and software security Source code ...
Electronic Design

Applying Exhaustive Static Analysis to Automotive Software Testing

How exhaustive static analysis overcomes the limitations of traditional tests and static-analysis tools. How exhaustive static analysis identifies a buffer overflow by using code samples. How hardware ...