Parasoft
Search

Static Analysis for Java

Static code analysis, data flow static analysis, code metrics analysis

  • Enterprise-grade solution—market leader since 1997
  • Targets Google Android, Spring, Hibernate, Eclipse plug-ins, TDD, JSF, Struts, JDBC, EJBs, JSPs, servlets, mobile, more
  • Exposes reliability, security, performance & concurrency problems
  • Supports Eclipse, RAD
  • Includes code review, unit testing, coverage analysis & runtime error detection as well as static analysis
  • Broad static analysis support, including:
  • C/C++ | Java | .NET | FDA | safety-critical | security
Evaluation More Info eKit
Free Trial More Info Download eKit
Capabilities
Static Analysis
Unit Testing
Code Review
Coverage Analysis
Software Development Management
Runtime Error Detection
Memory Error Detection
Web Testing
Cloud, API & SOA Testing
Traceability
Load Testing
Manual Testing
Build Management
Service Virtualization
Solutions
Safety-Critical / Embedded Devel.
FDA / Medical Device
Automotive
Avionics
Compliance
Secure Application Development
Agile Project Management
Geographically-Distributed
ALM
Development Testing
Standards
DO-178B/C
JSF
FDA
IEC 62304
ISO 26262 & ASIL
IEC 61508 & SIL
MISRA
Ellemtel
Custom/other

Parasoft's core static analysis capability provides the industry's most extensive support for Java development.

The following are selected examples of items in each category. These are not comprehensive list. If you have questions about an item that is not listed, please contact Parasoft to see if support is available

Defects*

  • Security vulnerabilities
  • Exceptions
  • Resource & memory leaks
  • Threads & synchronization
  • Deadlocks & race conditions
  • Unused & duplicate code
  • Performance degradation
  • Initialization
  • API Usage & Implementation
  • Logical Errors
  • Serialization
 

Templates*

  • Security (OWASP/PCI/CWE/SANS/NIST/more)
  • Thread Safe Programming
  • Critical Rules
  • Sun Code Conventions
  • Code Smells (TDD)
  • Core J2EE Patterns (Alur, Cupri, Marks)
  • Effective Java (Bloch)
  • Elements of Java Style (Ambler)
  • Writing Robust Java Code (Ambysoft)
  • TDD
 

Technologies*

  • Android
  • Eclipse Plugins
  • Hibernate
  • JDBC
  • JSF
  • JSP
  • Mobile
  • Property files
  • Servlets
  • Spring
  • Struts

IDEs

  • Eclipse
  • Rational Application Developer
 

Operating Systems

  • Windows
  • Linux
  • Solaris
  • Mac
 

Build Systems

  • Ant
  • Maven
  • CruiseControl
  • Hudson

Static Code Analysis Rules*

  • Override 'Object.equals()' and 'Object.hashCode()' together
  • Close JDBC connections in 'finally' blocks
  • Close IO resources in 'finally' blocks
  • Avoid calling 'equals(null)'
  • Avoid infinite recursive method calls
  • Avoid modifying fixed size collections
  • Avoid out of range comparisons
  • Do not call 'equals' methods that always return false
  • Do not use 'URL' objects in collections or maps
  • Ensure overriding method name does not have a typo
  • Call 'wait' only inside a loop that checks a condition
  • Manually synchronize on 'synchronized' collections when iterating
  • Avoid dead stores on local variables
 

Data Flow Rules*

  • Avoid dereferencing before checking for null
  • Ensure resources are deallocated
  • Do not modify a collection while iterating over it

Metrics*

  • Cyclomatic Complexity
  • Essential Complexity
  • Maintainability Index
 

Source Control

  • AccuRev
  • CVS
  • ClearCase
  • Perforce
  • Serena Dimensions
  • StarTeam
  • Subversion
  • Synergy/CM
  • Visual Source Safe
* These are samples—not a comprehensive list. To see if a specific need is supported, contact Parasoft.
Copyright © 1996-2013 Parasoft   T: 888-305-0041   E: info@parasoft.com      [Site Map]     Privacy Policy