Abstract :
Just as seat belt use is widespread, static analysis should be part of ethical software development. Because security must be designed in, static analysis should occur early in software development to reduce vulnerabilities or, even better, provide feedback to educate software developers and reinforce good practices, minimizing vulnerable constructs ever getting in the code. Even as industry migrates to languages safer than unconstrained C, thus eliminating many possible weaknesses, static analysis can be even more useful to check annotations, guarantees, conditions, and specifications provided by developers.
Keywords :
program diagnostics; security of data; software development management; software development; software security; software vulnerability reduction; static analysis; Computer bugs; Computer security; Filtering; Human factors; Privacy; Programming; Quality assurance; Software measurement; Software quality; SAMATE; SATE; Software Assurance Metrics and Tool Evaluation; Static Analysis Tool Exposition; computer security; software assurance; software engineering; software quality; static analysis;