Comparison of Static Code Analysis Tools

2009 Third International Conference on Emerging Security Information, Systems and Technologies Pub Date : 2009-06-18 DOI:10.1109/SECURWARE.2009.10

Matti Mantere, Ilkka Uusitalo, J. Röning

引用次数: 27

Abstract

In this paper we compare three static code analysis tools. The tools represent three different approaches in the field of static analysis: Fortify SCA is a non-annotation based heuristic analyzer, Splint represents an annotation based heuristic analyzer, and Frama-C an annotation based correct analyzer. The tools are compared by analysing their performance when checking a demonstration code with intentionally implemented errors.

查看原文本刊更多论文

静态代码分析工具的比较

本文比较了三种静态代码分析工具。这些工具代表了静态分析领域的三种不同方法:Fortify SCA是一种非基于注释的启发式分析器，Splint是一种基于注释的启发式分析器，Frama-C是一种基于注释的正确分析器。当检查带有故意实现的错误的演示代码时，通过分析它们的性能来比较这些工具。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2009 Third International Conference on Emerging Security Information, Systems and Technologies

自引率

0.00%

发文量