Static Code Analysis
Static Code Analysis analyses software without executing the program (the analysis performed on executing programs is called dynamic analysis).
The term "static analysis" is usually applied to the code analysis performed by an automated tool. Checking code by humans without tools are called code review
. Like in reviews, the objective of static code analysis is to uncover defects or error prone parts in a source code.
Static Code Analysis checks also for compliance to conventions and coding standards
rules and for code complexity.
There is a growing use of static analysis for testing safety-critical software like medical software. The U.S. Food and Drug Administration (FDA) has recommended the use of static code analysis in order to improve software quality.
Static Analysis is complementary to dynamic analysis: Static analysis vs. dynamic testing - No competition!
(for C, C++, Java and C#)
Code Complexity Measurement Tool for C and C++
Code Complexity Measurement Tool for Java
Static Checks and Metrics (C, C++, Java)