 - Static analysis, also called static code analysis, is a
method of computer program debugging that is done by examining the code
without executing the program. The process provides an understanding of
the code structure, and can help to ensure that the code adheres to
industry standards. Automated tools can assist programmers and
developers in carrying out static analysis. The process of scrutinizing
code by visual inspection alone (by looking at a printout, for
example), without the assistance of automated tools, is sometimes
called program understanding or program comprehension.
The principal advantage of static analysis is the fact that it
can reveal errors that do not manifest themselves until a disaster
occurs weeks, months or years after release. Nevertheless, static
analysis is only a first step in a comprehensive software
quality-control regime. After static analysis has been done, dynamic
analysis is often performed in an effort to uncover subtle defects or
vulnerabilities. In computer terminology, static means fixed, while
dynamic means capable of action and/or change. Dynamic analysis
involves the testing and evaluation of a program based on execution.
Static and dynamic analysis, considered together, are sometimes
referred to as glass-box testing.
 |
Learn more about .NET Framework application testing and security |
| .NET 3.0 Roadshow: An introduction to Windows CardSpace: At Dr. Dobbs' .NET 3.0 Roadshow, Michele Leroux Bustamante offered a look inside Microsoft's new identity metasystem, in which users create "cards" containing personal information. |
| Five Windows Vista security tips .NET developers should know: Windows Vista introduces numerous security measures, from BitLocker to CardSpace to the User Account Control. Here are five security tips .NET developers should keep in mind. |
| Ajax security holes and how to fill them: Along with improvements in UI and client-side programming, Ajax brings security issues. Here three experts identify Ajax security shortcomings and how to address them. |
| Putting privacy on the developers' front burner: Microsoft's privacy guidelines for developing software, Web sites and services are looking to advance the discussion of best practices for programmers. |
| Advanced Windows Debugging Book Chapter and Podcast: This book excerpt and podcast offers information that will help you to master some of the most powerful debugging tools, including NTSD, CDB, WinDbg, KD, and ADPlus. |
| Nick Allen's tips for developing SOA for .NET: Windows Communication Foundation (WCF) is SOA for MS and Nicholas Allen's blog tells developers how to make it work. |
| LAST UPDATED: |
08 Nov 2006
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
|
Show me everything on 
