Use of the Klocwork Static Analysis Tool at Motorola - Experience report
Abstract
This paper describes the relevance and benefits due to the use of static analysis technique as an important helper to guarantee software quality. It presents the experience gained in working with a static analysis tool usage, called Klocwork, integrated into Motorola development environment.
Keywords:
Analysis Tool, Klocwork, Experience Reporting
References
Feiman, J. and MacDonald, N. (2007a), “Static Application Security Testing: Vendors and Products, Part1”, Doc ID: G00149354, January, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
Feiman, J. and MacDonald, N. (2007b), “Static Application Security Testing: Vendors and Products, Part3”, Doc ID: G00150687, August, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
Gordon, I. (2006) “Automated Source Code Analysis: Reduce Customer and QA Defects to Save Time and Money!”, September, available at: http://www.nohau.se/images/pdf/Test-roadshow-nohau-klocwork.pdf. (último acesso: 10 de março de 2008)
Graff, M. G. and Van Wyk, K. R. (2003) “Secure Coding: Principles and Practices”. Cambridge, MA: O'Reilly.
Institute of Electrical and Electronics Engineers. (1990) “IEEE Standard Computer Dictionary: A Compilation of IEEE Standard Computer Glossaries”. New York, NY.
Klocwork, Inc. (1996) http://www.klocwork.com.
MacDonald, N. and Feiman, J. (2007), “Static Application Security Testing: Vendors and Products, Part2”, Doc ID: G00150657, August, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
McCabe, T. J. and Watson, A. H. (1994) “Software Complexity.” Crosstalk, Journal of Defense Software Engineering 7, p. 5-9.
Motorola, Inc. (1947) http://www.motorola.com.
Pemmaraju, K (1998) “The Quest for Software Quality” http://www.cigital.com/papers/download/sil-india-dec98-kp.doc (último acesso: 10 de março de 2008).
Regehr, J.(2004a) “Using Static Analysis to Bound Stack Depth”, October, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
Regehr J.(2004b) “Say no to stack overflow.” Embedded Systems Programming, 17(10), October.
Teixeira, M. et al. (2007) “Avaliação de Ferramentas de Análise Estática de Código para Detecção de Vulnerabilidades.”, disponível em: http://www.di.fc.ul.pt/sobre/documentos/tech-reports/07-29.pdf. (último acesso: 10 de março de 2008)
Feiman, J. and MacDonald, N. (2007b), “Static Application Security Testing: Vendors and Products, Part3”, Doc ID: G00150687, August, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
Gordon, I. (2006) “Automated Source Code Analysis: Reduce Customer and QA Defects to Save Time and Money!”, September, available at: http://www.nohau.se/images/pdf/Test-roadshow-nohau-klocwork.pdf. (último acesso: 10 de março de 2008)
Graff, M. G. and Van Wyk, K. R. (2003) “Secure Coding: Principles and Practices”. Cambridge, MA: O'Reilly.
Institute of Electrical and Electronics Engineers. (1990) “IEEE Standard Computer Dictionary: A Compilation of IEEE Standard Computer Glossaries”. New York, NY.
Klocwork, Inc. (1996) http://www.klocwork.com.
MacDonald, N. and Feiman, J. (2007), “Static Application Security Testing: Vendors and Products, Part2”, Doc ID: G00150657, August, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
McCabe, T. J. and Watson, A. H. (1994) “Software Complexity.” Crosstalk, Journal of Defense Software Engineering 7, p. 5-9.
Motorola, Inc. (1947) http://www.motorola.com.
Pemmaraju, K (1998) “The Quest for Software Quality” http://www.cigital.com/papers/download/sil-india-dec98-kp.doc (último acesso: 10 de março de 2008).
Regehr, J.(2004a) “Using Static Analysis to Bound Stack Depth”, October, available at: http://www.gartner.com. (último acesso: 10 de março de 2008)
Regehr J.(2004b) “Say no to stack overflow.” Embedded Systems Programming, 17(10), October.
Teixeira, M. et al. (2007) “Avaliação de Ferramentas de Análise Estática de Código para Detecção de Vulnerabilidades.”, disponível em: http://www.di.fc.ul.pt/sobre/documentos/tech-reports/07-29.pdf. (último acesso: 10 de março de 2008)
Published
2008-06-02
How to Cite
REIS, Rachel C. D.; PRADO, Denise P.; FERNANDES, Maria G. S. M..
Use of the Klocwork Static Analysis Tool at Motorola - Experience report. In: BRAZILIAN SOFTWARE QUALITY SYMPOSIUM (SBQS), 7. , 2008, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2008
.
p. 397-403.
DOI: https://doi.org/10.5753/sbqs.2008.15560.
