To see all articles of ISTQB-ISEB Foundation guide, see here:

Software Testing-ISTQB ISEB Foundation Guide

Like reviews, static analysis looks for defects without executing the code. However, unlike reviews static analysis is carried out once the code has been written. Its objective is to find defects in software source code and software models.

Source code is any series of statements written in some human-readable computer programming language that can then be converted to equivalent computer executable code—it is normally generated by the developer.

A software model is an image of the final solution developed using techniques such as Unified Modeling Language (UML); it is normally generated by a software designer.

Static analysis can find defects that are hard to find during test execution by analysing the program code, e.g. instructions to the computer can be in the form of control flow graphs (how control passes between modules) and data flows (ensuring data is identified and correctly used).

The value of static analysis is:

  • Early detection of defects prior to test execution. As with reviews, the earlier the defect is found, the cheaper and easier it is to fix.
  • Early warning about suspicious aspects of the code or design, by the calculation of metrics, such as a high-complexity measure. If code is too complex it can be more prone to error or less dependent on the focus given to the code by developers. If they understand that the code has to be complex then they are more likely to check and double check that it is correct; however, if it is unexpectedly complex there is a higher chance that there will be a defect in it.
  • Identification of defects not easily found by dynamic testing, such as development standard breaches as well as detecting dependencies and inconsistencies in software models, such as links or interfaces that were either incorrect or unknown before static analysis was carried out.
  • Improved maintainability of code and design. By carrying out static analysis, defects will be removed that would otherwise have increased the amount of maintenance required after ‘go live’. It can also recognize complex code that if corrected will make the code more understandable and therefore easier to maintain.
  • Prevention of defects. By identifying the defect early in the life cycle it is a lot easier to identify why it was there in the first place (root cause analysis) than during test execution, thus providing information on possible process improvement that could be made to prevent the same defect appearing again.
Typical defects discovered by static analysis tools include:
  • Referencing a variable with an undefined value, e.g. using a variable as part of a calculation before the variable has been given a value.
  • Inconsistent interface between modules and components, e.g. module X requests three values from module Y, which has only two outputs.
  • Variables that are never used. This is not strictly an error, but if a programmer declares a variable in a program and does not use it, there is a chance that some intended part of the program has inadvertently been omitted,
  • Unreachable (dead) code. This means lines of code that cannot be executed because the logic of the program does not provide any path in which that code is included.
  • Programming standards violations, e.g. if the standard is to add comments only at the end of the piece of code, but there are notes throughout the code, this would be a violation of standards.
  • Security vulnerabilities, e.g. password structures that are not secure.
  • Syntax violations of code and software models, e.g. incorrect use of the programming or modelling language.
Static analysis tools add the greatest value when used during component and integration testing. This will normally involve their use by developers to check against predefined rules or development standards, and by designers during software modelling.

A static analysis tool runs automatically and reports all defects it identifies, some of which may be insignificant and require little or no work to correct, whilst others could be critical and need urgent correction. These defects therefore require strong management to ensure that the full benefit is obtained from using the tool in the first place.

Software compilers are computer programs (or a set of programs) that translate codes written in one computer language (the source language) into another computer language (the target language). As part of the compile process certain static analysis can be undertaken that will identify some defects and provide the calculation of software metrics.

You may follow the complete series of Static Testing articles here:

Background to Static Techniques
Software Testing Reviews Test Process
Static Analysis By Tools

To see all articles of ISTQB-ISEB Foundation guide, see here:

Software Testing-ISTQB ISEB Foundation Guide