Controlling Software Complexity: The Business Case for Static Source Code Analysis

Today's software developers are challenged to deliver increasingly advanced applications on more and more stringent timetables; a challenge compounded by distributed or outsourced development teams, which make software more difficult to produce and manage. At the same time, customers are demanding higher-quality code—they are tired of the never-ending stream of patches and upgrades for software flaws.

The inconvenience of software flaws, the enormous pressures faced by developers, and high development costs could all be reduced by an improved testing infrastructure that enables earlier and more effective identification and removal of defects. This paper discusses such defects and their impact on overall quality, as well on business goals and challenges. It offers a solution in the form of Coverity's state-of-the-art static source code analysis technology, which finds critical defects and security vulnerabilities in C/C++ and Java source code.