Better Software - July/August 2008 - (Page 37)

stands for Software Testing Analysis & Review. It is an acronym for the types of activities that we in the software quality field perform. However, in many organizations, the analysis activity is often overlooked, and that’s too bad because analysis is a powerful tool in the quality arsenal. Static code analysis is computer software analysis that is performed without actually executing that software. (Analysis performed on executing software is known as dynamic analysis.) In most cases, static analysis is performed on the source code. In recent years, the importance of computer security has created an expanded demand for automated tools that can analyze source code for security vulnerabilities and coding defects that could be exploited. Many security vulnerabilities are caused by questionable coding practices—for instance, using an input variable as a loop index without first checking that its value is within a valid range. Contemporary static analysis tools are able to analyze source code with a much lower false-positive rate (claiming code is defective when it is not) than previous lintstyle detector tools. Because they examine only small portions of the source code at a time, lint-detector tools typically have falsepositive rates of 50 percent or higher. The leading contemporary automated static analyzer (ASA) tools claim—and our experience to date has shown—false positive rates under 20 percent. These tools achieve this by parsing the source code in a way similar to compilers, creating a syntax tree and database of the entire program’s code, which is then analyzed against rules or models. The ASA tools then create a report of suspected defects in the code. www.StickyMinds.com JULY/AUGUST 2008 BETTER SOFTWARE M any of this magazine’s readers are familiar with the STAREAST and STARWEST conferences. Here is a trivia question for you—what does STAR stand for? Give up? It 37 http://www.StickyMinds.com Table of Contents for the Digital Edition of Better Software - July/August 2008Better Software - July/August 2008ContentsMark Your CalendarContributorsTechnically SpeakingeLightenmentCode CraftTest ConnectionManagement ChroniclesHow To Fail with AgileA Galaxy of PatternsGive Your Defects Some StaticProduct Announcements10 Things You Might Not Know About …The Last WordAd IndexSQE STARWEST ConferenceBetter Software - July/August 2008Better Software - July/August 2008 - Better Software - July/August 2008 (Page Cover1)Better Software - July/August 2008 - Better Software - July/August 2008 (Page Cover2)Better Software - July/August 2008 - Better Software - July/August 2008 (Page 1)Better Software - July/August 2008 - Better Software - July/August 2008 (Page 2)Better Software - July/August 2008 - Contents (Page 3)Better Software - July/August 2008 - Mark Your Calendar (Page 4)Better Software - July/August 2008 - Mark Your Calendar (Page 5)Better Software - July/August 2008 - Contributors (Page 6)Better Software - July/August 2008 - Contributors (Page 7)Better Software - July/August 2008 - Contributors (Page 8)Better Software - July/August 2008 - Technically Speaking (Page 9)Better Software - July/August 2008 - Technically Speaking (Page 10)Better Software - July/August 2008 - Technically Speaking (Page 11)Better Software - July/August 2008 - eLightenment (Page 12)Better Software - July/August 2008 - eLightenment (Page 13)Better Software - July/August 2008 - eLightenment (Page 14)Better Software - July/August 2008 - eLightenment (Page 15)Better Software - July/August 2008 - Code Craft (Page 16)Better Software - July/August 2008 - Code Craft (Page 17)Better Software - July/August 2008 - Code Craft (Page 18)Better Software - July/August 2008 - Code Craft (Page 19)Better Software - July/August 2008 - Test Connection (Page 20)Better Software - July/August 2008 - Test Connection (Page 21)Better Software - July/August 2008 - Management Chronicles (Page 22)Better Software - July/August 2008 - Management Chronicles (Page 23)Better Software - July/August 2008 - How To Fail with Agile (Page 24)Better Software - July/August 2008 - How To Fail with Agile (Page 25)Better Software - July/August 2008 - How To Fail with Agile (Page 26)Better Software - July/August 2008 - How To Fail with Agile (Page 27)Better Software - July/August 2008 - How To Fail with Agile (Page 28)Better Software - July/August 2008 - How To Fail with Agile (Page 29)Better Software - July/August 2008 - A Galaxy of Patterns (Page 30)Better Software - July/August 2008 - A Galaxy of Patterns (Page 31)Better Software - July/August 2008 - A Galaxy of Patterns (Page 32)Better Software - July/August 2008 - A Galaxy of Patterns (Page 33)Better Software - July/August 2008 - A Galaxy of Patterns (Page 34)Better Software - July/August 2008 - A Galaxy of Patterns (Page 35)Better Software - July/August 2008 - Give Your Defects Some Static (Page 36)Better Software - July/August 2008 - Give Your Defects Some Static (Page 37)Better Software - July/August 2008 - Give Your Defects Some Static (Page 38)Better Software - July/August 2008 - Give Your Defects Some Static (Page 39)Better Software - July/August 2008 - Give Your Defects Some Static (Page 40)Better Software - July/August 2008 - Give Your Defects Some Static (Page 41)Better Software - July/August 2008 - Give Your Defects Some Static (Page 42)Better Software - July/August 2008 - Product Announcements (Page 43)Better Software - July/August 2008 - Product Announcements (Page 44)Better Software - July/August 2008 - Product Announcements (Page 45)Better Software - July/August 2008 - 10 Things You Might Not Know About … (Page 46)Better Software - July/August 2008 - The Last Word (Page 47)Better Software - July/August 2008 - Ad Index (Page 48)Better Software - July/August 2008 - Ad Index (Page Cover3)Better Software - July/August 2008 - Ad Index (Page Cover4)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW1)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW2)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW3)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW4)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW5)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW6)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW7)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW8)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW9)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW10)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW11)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW12)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW13)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW14)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW15)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW16)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW17)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW18)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW19)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW20)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW21)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW22)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW23)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW24)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW25)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW26)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW27)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW28)http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_1109http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0909http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0709http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0509http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0409http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0309http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0109http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1208http://www.nxtbook.com/nxtbooks/sqe/stf_spring08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1108_v2http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1108http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1008http://www.nxtbook.com/nxtbooks/sqe/agile08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0908http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0708http://www.nxtbook.com/nxtbooks/sqe/sw08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0608http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0408http://www.nxtbook.com/nxtbooks/sqe/bettersoftware-confexpo08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0308http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0108http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1207http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1107http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1007http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0907http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0807http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0607http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0507http://www.nxtbookMEDIA.com

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.