IT conferences and meetings on programming languages see a growing number of speakers talking about static code analysis. Although this field is quite specific, there is still a number of interesting discussions to be found here to help programmers understand the methods, ways of use, and specifics of static code analysis. In this article, we have collected a number of videos on static analysis whose easy style of presentation makes them useful and interesting to a wide audience of both skilled and novice programmers.

What is Static Analysis?




Author: Matt Might

Static analyzers allow programmers to bound and predict the behavior of software without running it. Once used exclusively for program optimization, they have rapidly risen in prominence for areas like software security and automatic parallelization. The author takes you on a tour of the landscape of static analysis through the lens of abstract interpretation.

Static code analysis used for code clean up





Author: PVS-Studio team

The report gives information about ways to detect bugs, methodology of static analysis, correct and incorrect use of analysis tools. The author also provides myths about static analysis that may lead to erroneous understanding among the developers. The presentation shows errors in Open Source projects, detected by such tools as ReSharper, PVS-Studio, Visual Studio SCA.

Static Code Analysis: Scan All Your Code For Bugs


https://youtu.be/Heor8BVa4A0

Author: Jared DeMott

The author discusses static code analysis and how it is used in bug elimination. The talk covers a discussion of pattern matching, procedural, data flow, and statistical analysis, and also includes examples of common software vulnerabilities such as memory corruption, buffer overflow and over reads, script injection, XSS and CSRF, command injection, and misconfigurations.

More read at the link - https://www.viva64.com/en/b/0501/