Episode 59: Static Code Analysis
Software Engineering Radio - the podcast for professional software developers16 Kesä 2007

Episode 59: Static Code Analysis

This episode is a discussion with Jonathan Aldrich (Assistant Professor at CMU) about static analysis. The discussion covered theory as well as practice and tools. We started with an explanation of what static analysis actually is, which kinds of errors it can find and how it is different from testing and reviews. The core challenge of such an analysis tool is to understand the semantics of the program and reduce its possible state space to make it analysable - in effect reconstructing the programmer's intent from the code. The user can "help" the tool with this challenge by using suitable annotations; also, languages could do a better job of being analysable. The conceptual discussion was concluded by looking at the principles of static analysis (termination, soundness. precision) and how this approach relates to model analysis. The second more practical part started out with a discussion of how Microsoft successfully uses static analysis in their Windows development. We then discussed some of the tools available; these include Findbugs, Coverity, Codesonar, Clockwork, Fortify, Polyspace and Codesurfer. To conclude the discussion of tools, we discussed the commonalities and differences with architecture visualization tools as well as metrics and heuristics. Part three of the discussion briefly looked at how to introduce static analysis tools into an organization's development process and tool chain. We concluded the discussion by looking at situations where static analysis does not work, as well as at the FLUID research project at CMU.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(726)

SE Radio 681: Qian Li on DBOS Durable Execution/Serverless Computing Platform

SE Radio 681: Qian Li on DBOS Durable Execution/Serverless Computing Platform

Qian Li of DBOS, a durable execution platform born from research by the creators of Postgres and Spark, speaks with host Kanchan Shringi about building durable, observable, and scalable software syste...

13 Elo 202552min

SE Radio 680: Luke Hinds on Privacy and Security of AI Coding Assistants

SE Radio 680: Luke Hinds on Privacy and Security of AI Coding Assistants

Luke Hinds, CTO of Stacklok and creator of Sigstore, speaks with SE Radio's Brijesh Ammanath about the privacy and security concerns of using AI coding agents. They discuss how the increased use of AI...

7 Elo 202545min

SE Radio 679: Wesley Beary on API Design

SE Radio 679: Wesley Beary on API Design

Wesley Beary of Anchor speaks with host Sam Taggart about designing APIs with a particular emphasis on user experience. Wesley discusses what it means to be an "API connoisseur"— paying attention to w...

30 Heinä 202547min

SE Radio 678: Chris Love on Kubernetes Security

SE Radio 678: Chris Love on Kubernetes Security

Chris Love, co-author of the book Core Kubernetes, joins host Robert Blumen for a conversation about kubernetes security. Chris identifies the node layer, secrets management, the network layer, contai...

23 Heinä 202554min

SE Radio 677: Jacob Visovatti and Conner Goodrum on Testing ML Models for Enterprise Products

SE Radio 677: Jacob Visovatti and Conner Goodrum on Testing ML Models for Enterprise Products

Jacob Visovatti and Conner Goodrum of Deepgram speak with host Kanchan Shringi about testing ML models for enterprise use and why it's critical for product reliability and quality. They discuss the ch...

15 Heinä 20251h

SE Radio 676: Samuel Colvin on the Pydantic Ecosystem

SE Radio 676: Samuel Colvin on the Pydantic Ecosystem

Samuel Colvin, the CEO and founder of Pydantic, speaks with host Gregory M. Kapfhammer about the ecosystem of Pydantic's Python frameworks, including Pydantic, Pydantic AI, and Pydantic Logfire. Along...

10 Heinä 20251h 2min

SE Radio 675: Brian Demers on Observability into the Toolchain

SE Radio 675: Brian Demers on Observability into the Toolchain

Brian Demers, Developer Advocate at Gradle, speaks with host Giovanni Asproni about the importance of having observability in the toolchain. Such information about build times, compiler warnings, test...

1 Heinä 202547min

SE Radio 674: Vilhelm von Ehrenheim on Autonomous Testing

SE Radio 674: Vilhelm von Ehrenheim on Autonomous Testing

Vilhelm von Ehrenheim, co-founder and chief AI officer of QA.tech, speaks with SE Radio's Brijesh Ammanath about autonomous testing. The discussion starts by covering the fundamentals, and how testing...

25 Kesä 202549min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
adhd-podi
rss-rahamania
rss-laadukasta-ensihoitoa
rss-vapaudu-voimaasi
kesken
psykologia
rss-liian-kuuma-peruna
rss-narsisti
rss-niinku-asia-on
rss-arkea-ja-aurinkoa-podcast-espanjasta
rss-hereilla
dreamtalk
rss-keskeneraiset-aidit
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-duodecim-lehti
rss-valo-minussa-2
rss-tfa-8020-podcast