Presentation is loading. Please wait.

Presentation is loading. Please wait.

How Static Code Analysis can change your life (for the better) Technical overview May 2008.

Published byAnis Austin Modified over 9 years ago

Similar presentations

Presentation on theme: "How Static Code Analysis can change your life (for the better) Technical overview May 2008."— Presentation transcript:

1 How Static Code Analysis can change your life (for the better) Technical overview May 2008

2 Why Static Code Analysis is good Code Review is necessary and good! Static Code Analysis is a fancy name for automated Code Review Static Code Analysis is necessary and good!

3 What are major goals of code review? Possible goals Code compliance to company wide standard Identify (potential) bugs in code Identify design and implementation problems Peer education

4 Static Code Analysis is code review tool! Usually performed after the coding finished (after compilation, after integration build) Serves same goals as code review Excellent for enforcing compliance to standards Helps to eliminate certain bugs Helps to identify certain design/implementation flaws Provides certain educational value

5 SCA vs. peer code review “Goodness”

6 SCA to the rescue!

7 SCA – how it is done? For unmanaged code – source code is examined For managed code – MSIL is examined Different tools – different approaches On compiled code after assembly is built On compiled code during development Traditional - on raw code (text)

8 SCA with Microsoft tools FxCop (free) Visual Studio Team System 2005 Visual Studio Team System 2008 VSTS with Team Foundation Server

9 Demo FxCop 1.36 VSTS 2008 code analysis VSTS 2008 code metrics VSTS 2008 w/TFS: check-in policy VSTS 2008 w/TFS: Team Build

10 Custom SCA rules Not officially supported Complicated Yet Possible

11 Visual Studio 10 (Rosario) Based on Phoenix project Supported extensibility Similar framework for unmanaged/managed analysis Rulesets support (better management story) Data flow analysis

12 Static code analysis – why not? We already do code reviews Way too many rules Not clear what rules to use We must have different rules Too many violations to fix Who’s going to fix the violations? Hindrance to creativity Yet another bureaucratic invention

13 Implementing static code analysis Identifying appropriate rules Handling backlog Setting up the process Educating the team Staying agile!

14 Other tools of interest in SCA space SCA tools NDepend (www.ndepend.com)www.ndepend.com ReSharper (www.jetbrains.com)www.jetbrains.com CodeIt.Right (www.submain.com)www.submain.com Code Auditor (www.ssw.com.au)www.ssw.com.au Misc Simian (www.redhillconsulting.com.au)www.redhillconsulting.com.au Microsoft Line Of Code Counter Microsoft Framework Design Studio

15 Read of interest FxCop blog (blogs.msdn.com/fxcop)blogs.msdn.com/fxcop Nicole Calinoiu (msmvps.com/blogs/calinoiu)msmvps.com/blogs/calinoiu Partick Smacchia blog ( codebetter.com/blogs/patricksmacchia ) codebetter.com/blogs/patricksmacchia Krzysztof Cwalina blog (blogs.msdn.com/kcwalina)blogs.msdn.com/kcwalina MSDN Magazine: Security code review http://msdn.microsoft.com/en-us/magazine/cc163312.aspx

16 Questions? (if time allows) Email (eugenez@attrice.info)eugenez@attrice.info Blog (teamfoundation.blogspot.com)teamfoundation.blogspot.com

Download ppt "How Static Code Analysis can change your life (for the better) Technical overview May 2008."

Similar presentations

A Taste of Visual Studio 2005 David Grey. Introduction In this session we will introduce Visual Studio 2005 and its features and examine those features.

A Taste of Visual Studio 2005 David Grey. Introduction In this session we will introduce Visual Studio 2005 and its features and examine those features.
Top 10 User Mistakes with Static Analysis Sate IV March 2012.

Top 10 User Mistakes with Static Analysis Sate IV March 2012.
.NET 4.0 Code Contacts .NET 4.0 Code Contracts About Me James Newton-King Developer at Intergen Blog:

.NET 4.0 Code Contacts .NET 4.0 Code Contracts About Me James Newton-King Developer at Intergen Blog:
Tools for Agile Development: A Developer’s Perspective Mike Linnen Blog:

Tools for Agile Development: A Developer’s Perspective Mike Linnen Blog:
Agile development By Sam Chamberlain. First a bit of history..

Agile development By Sam Chamberlain. First a bit of history..
Visual Studio Team System (VSTS). Richard Hundhausen Author of software development books Microsoft Regional Director Microsoft MVP (VSTS) MCT, MCSD,

Visual Studio Team System (VSTS). Richard Hundhausen Author of software development books Microsoft Regional Director Microsoft MVP (VSTS) MCT, MCSD,
Changing role of a tester in an agile world

Changing role of a tester in an agile world
CS 1400 Using Microsoft Visual Studio 2005 if you don’t have the appropriate appendix.

CS 1400 Using Microsoft Visual Studio 2005 if you don’t have the appropriate appendix.
Visual Studio 2005 Team System: Software Project Management Hans Verbeeck

Visual Studio 2005 Team System: Software Project Management Hans Verbeeck
© conchango 2006 www.conchango.com Scrum for Team System.

© conchango Scrum for Team System.
Software Development using SCRUM for Visual Team System Sascha P. Corti Developer Evangelist Microsoft Switzerland GmbH

Software Development using SCRUM for Visual Team System Sascha P. Corti Developer Evangelist Microsoft Switzerland GmbH
T EAM F OUNDATION S ERVER IN D EVELOPMENT Kambiz Saremi.

T EAM F OUNDATION S ERVER IN D EVELOPMENT Kambiz Saremi.
Implementing Team Foundation Server in the Enterprise: Guide to a Successful Implementation Jeff Levinson Solutions Architect The Boeing Company DEV343.

Implementing Team Foundation Server in the Enterprise: Guide to a Successful Implementation Jeff Levinson Solutions Architect The Boeing Company DEV343.
1 Adopting Visual Studio Team System Bindia Hallauer Product Management, Visual Studio Team System Microsoft Corporation.

1 Adopting Visual Studio Team System Bindia Hallauer Product Management, Visual Studio Team System Microsoft Corporation.
Introduction to SharePoint Development with VS2010 Paul Yuknewicz Lead Program Manager

Introduction to SharePoint Development with VS2010 Paul Yuknewicz Lead Program Manager
S ECURITY T OOLS F OR S OFTWARE D EVELOPMENT F X C OP 10.0 David Angulo Rubio.

S ECURITY T OOLS F OR S OFTWARE D EVELOPMENT F X C OP 10.0 David Angulo Rubio.
Cooking with Visual Studio Team System 1 A Recipe for Team Foundation Server.

Cooking with Visual Studio Team System 1 A Recipe for Team Foundation Server.
Creating Business Workflow Using SharePoint Designer 2007 Presented by Tarek Ghazali IT Technical Specialist Microsoft SQL Server MVP Microsoft SQL Server.

Creating Business Workflow Using SharePoint Designer 2007 Presented by Tarek Ghazali IT Technical Specialist Microsoft SQL Server MVP Microsoft SQL Server.
Michael Burnside Blog: Software Quality Assurance, Quality Engineering, and Web and Mobile Test.

Michael Burnside Blog: Software Quality Assurance, Quality Engineering, and Web and Mobile Test.
DELIVERON CONSULTING SERVICES Getting Agile with Team Foundation Server 2010.

DELIVERON CONSULTING SERVICES Getting Agile with Team Foundation Server 2010.

Similar presentations

Ads by Google