Evaluate software codeSelection of a modern static analysis tool
Software is playing an increasingly important role in production. The quality of the code is crucial for production processes, which is why attention should already be paid to defects and malfunctions during development. Modern static analysis tools can help, but there are a few things to consider when selecting them.
Page [3 of 3]
 | | | Image 3 of 3 | | | |
The figure on the coverage of Juliet CWE Top 25 (2011), for example, lists the CWE IDs (Common Weakness Enumeration) and indicates whether they are covered by tests in the Juliet C/C++ and Java test suites. It is immediately apparent that the test suite does not completely cover the important CWEs (Top 25) - and this applies to many test suites. © Parasoft