Static analyzers offer a lot of capability. They could easily go a lot further.
At the recent Embedded Systems Conference in Silicon Valley I had the chance to talk to several vendors of static analyzers. These are the tools that evaluate your program to find potential runtime problems, like variables going out of bounds or dereferences of null pointers [read more].
There are few key points here. First, the author mention that static analyzer for embedded is still new and there are still works need to be done in this area especially it is yet to achieve its full capability. Secondly, he mention the limitations or issues related to static analyzer. That was indeed have been carried over for the past decades starting early 90s. There are more than a dozen technique used by static analyzer ranging from as simple as lexical analysis to complex implementation of abstract interpretation. More than 40 tools, open source or commercial version, had been develop based on the 12 techniques. It is yet to produce any significant result in finding errors or problem in the source code.
At the recent Embedded Systems Conference in Silicon Valley I had the chance to talk to several vendors of static analyzers. These are the tools that evaluate your program to find potential runtime problems, like variables going out of bounds or dereferences of null pointers [read more].
There are few key points here. First, the author mention that static analyzer for embedded is still new and there are still works need to be done in this area especially it is yet to achieve its full capability. Secondly, he mention the limitations or issues related to static analyzer. That was indeed have been carried over for the past decades starting early 90s. There are more than a dozen technique used by static analyzer ranging from as simple as lexical analysis to complex implementation of abstract interpretation. More than 40 tools, open source or commercial version, had been develop based on the 12 techniques. It is yet to produce any significant result in finding errors or problem in the source code.