Software Engineering Radio - the podcast for professional software developers16 Kesä 2007

Episode 59: Static Code Analysis

This episode is a discussion with Jonathan Aldrich (Assistant Professor at CMU) about static analysis. The discussion covered theory as well as practice and tools. We started with an explanation of what static analysis actually is, which kinds of errors it can find and how it is different from testing and reviews. The core challenge of such an analysis tool is to understand the semantics of the program and reduce its possible state space to make it analysable - in effect reconstructing the programmer's intent from the code. The user can "help" the tool with this challenge by using suitable annotations; also, languages could do a better job of being analysable. The conceptual discussion was concluded by looking at the principles of static analysis (termination, soundness. precision) and how this approach relates to model analysis. The second more practical part started out with a discussion of how Microsoft successfully uses static analysis in their Windows development. We then discussed some of the tools available; these include Findbugs, Coverity, Codesonar, Clockwork, Fortify, Polyspace and Codesurfer. To conclude the discussion of tools, we discussed the commonalities and differences with architecture visualization tools as well as metrics and heuristics. Part three of the discussion briefly looked at how to introduce static analysis tools into an organization's development process and tool chain. We concluded the discussion by looking at situations where static analysis does not work, as well as at the FLUID research project at CMU.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(726)

Episode 133: Continuous Integration with Chris Read

In this episode Markus discusses with Chris Read basics and some advanced topics in the space of continuous integration. We cover concepts, some tools, as well as a number of best practices.

26 Huhti 200950min

Episode 132: Top 10 Architecture Mistakes with Eoin Woods

This is a discussion with Eoin Woods about his collection of top 10 software architecture mistakes. Looking at things that don't work is always a good way to learn what you should actually do.

16 Huhti 200947min

Episode 131: Adrenaline Junkies with Tom DeMarco and Peter Hruschka

Recording Venue: OOP Guest(s): Tom DeMarco and Peter Hruschka This episode is an interview with Tom DeMarco and Peter Hruschka about the new book of the Altantic Systems Guild: Adrenaline Junkies and...

6 Huhti 200948min

Episode 130: Code Visualization with Michele Lanza

This episode is a discussion about code and metrics visualization with Michele Lanza. Michele invented the Code Cities idea about which he talks in this episode.

27 Maalis 200932min

Episode 129: F# with Luke Hoban

This episode is a discussion about F# with Microsoft's F# program manager Luke Hoban.

17 Maalis 200925min

Episode 128: Web App Security with Bruce Sams

The majority of hacker attacks (70 %) are directed at weaknesses that are the result of problems in the implementation and/or architecture of the application. This session shows how you can protect yo...

7 Maalis 200959min

Episode 127: Usability with Joachim Machate

This episode is an introduction to user interface design with Joachim Machate of UID. We talk about the importance of user interface design, about its relationship to the overall software engineering ...

25 Helmi 200950min

Episode 126: Jetbrains MPS with Konstantin Solomatov

In this episode we take a brief look at Jetbrains' Meta Programming System, a language workbench for creating external DSLs or for extending existing languages (such as Java). In a brief telephone dis...

15 Helmi 200917min