Static Analysis

Static code analysis, data flow static analysis, code metrics analysis

Static analysis industry leader since 1994
Easily configured to check team/organization expectations
Prevent and expose defects via multiple analysis techniques
Find and fix issues rapidly, with minimal disruption
Integrated with unit testing, code review & more
Broad support for languages and regulations, including:
C/C++ | Java | .NET | FDA | safety-critical | security

Capabilities

Software Development Management

Runtime Error Detection

Memory Error Detection

Web Testing

Cloud, API & SOA Testing

Service Virtualization

Solutions

Safety-Critical / Embedded Devel.

Secure Application Development

Agile Project Management

Geographically-Distributed

Standards

Static Code Analysis: Prevent Defects

Parasoft Test's static analysis helps developers prevent and eliminate defects—using thousands of rules tuned to find code patterns that lead to reliability, performance, and security problems. Over 15 years of research and development have gone into fine-tuning Parasoft's rule set.

Monitor compliance:

Eliminate:

Security vulnerabilities
Crashes
Deadlocks
Erratic behavior
Performance degradation
more

Data Flow Static Analysis: Expose Runtime Defects

Parasoft Test's data flow static analysis lets you automatically detect runtime errors without having to run the code. This technology simulates test case execution and detects errors across multiple units, components, and files. The result is early and effortless detection of critical runtime defects (such as leaks, crashes, deadlocks, security vulnerabilities, etc.)—problems that might otherwise take weeks to find.

Code Metrics: Measure and Manage Complexity

To expose brittle or overly-complex code that could impede agility or reuse, Parasoft Test:

Calculates a customizable set of industry-standard metrics
Identifies specific pieces of code that exceed customizable thresholds

Making Static Analysis a Continuous, Sustainable Process

For static analysis to be practical, it must be seamlessly integrated into the team's workflow. In addition to supporting interactive desktop static analysis, Parasoft's infrastructure—which is preconfigured for continuous integration and testing—automatically:

Gets the latest code from source control.
Checks the code against the designated rules.
Figures out which developer caused each rule violation.
Distributes violation details to the responsible developer's IDE.

The developers can then review and respond to violations in a few minutes each morning. Parasoft Test's proven static analysis infrastructure and technologies are supported across a broad range of development environments for C, C++, Java, and .NET languages.

Beyond Static Analysis

Static analysis is a critical component of a comprehensive quality process...but it is just one component. The most effective quality processes involve a combination of test and analysis practices embedded throughout the SDLC.

That's why Parasoft Test's static code analysis technologies are fully integrated with a broad range of complementary capabilities ranging from peer review, to unit testing, to end-to-end functional and load testing, to service virtualization.

For organizations ready to take the next step towards ensuring that quality software is produced consistently and efficiently, Parasoft Concerto integrates policy-driven project management with Automated Defect Prevention and end-to-end QA testing. This ensures predictable project outcomes while driving unprecedented levels of productivity and application quality.

Static Code Analysis for C/C++, Java, .NET

For details on how specific Parasoft Test products implement static code analysis, see:

These comprehensive Development Testing products integrate static code analysis, with unit testing, code coverage analysis, runtime error detection, peer code analysis, traceability, and more.