For the efficient and effective use of automated static analysis of software systems it is crucial to know what kind of errors can be detected and how seriously a reported problem can or should be taken. In the study conducted for this paper we applied a widely used tool (
) for automated static analysis (ASA) to check C++ code fragments from student exercises. The goal of this research was to discover which types of defects can be identified by automated static analysis. In this paper we present our findings; furthermore the results from classifying the defects are set in relation to detection rules and severity levels provided by ASA, in order to derive insights for calibrating ASA tools in a specific application context.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten