English

Static Analysis Deployment Pitfalls

Software Engineering 2022-03-01 v1 Logic in Computer Science
Authors: Flash Sheridan
View on arXiv PDF

Abstract

Organizational, political, and configuration mistakes in the deployment of a static source code analysis tool within a software development organization can result in most of the value of the tool being lost, even while apparently meeting management goals. A list of pitfalls encountered as a static analysis consultant is presented, with discussion of techniques for avoiding or mitigating them. This is part of a work in progress, tentatively entitled "Handbook of Static Analysis Deployment."

Keywords

software engineering flaky test detection program analysis

Cite

@article{arxiv.2202.13026,
  title  = {Static Analysis Deployment Pitfalls},
  author = {Flash Sheridan},
  journal= {arXiv preprint arXiv:2202.13026},
  year   = {2022}
}

Related papers

View all related →
Software Engineering · Computer Science
Deploying Static Analysis
Flash Sheridan
2022-02-25
Software Engineering · Computer Science
The Cost and Benefits of Static Analysis During Development
William R. Nichols
2020-03-09
Software Engineering · Computer Science
Practical Challenges with Spreadsheet Auditing Tools
Daniel Kulesz, Jan-Peter Ostberg
2014-01-30
Software Engineering · Computer Science
A Static Analysis Platform for Investigating Security Trends in Repositories
Tim Sonnekalb, Christopher-Tobias Knaust, Bernd Gruner, Clemens-Alexander Brust +4
2023-04-05
Software Engineering · Computer Science
Static Analyzers and Potential Future Research Directions for Scala: An Overview
Eljose E Sajan, Yunpeng Zhang, Liang-Chieh Cheng
2019-05-14
Artificial Intelligence · Computer Science
A Smart and Defensive Human-Machine Approach to Code Analysis
Fitzroy D. Nembhard, Marco M. Carvalho
2021-08-27
Software Engineering · Computer Science
Evaluation of Static Analysis Tools for Finding Vulnerabilities in Java and C/C++ Source Code
Rahma Mahmood, Qusay H. Mahmoud
2018-05-25
Software Engineering · Computer Science
Debugging Static Analysis
Lisa Nguyen Quang Do, Stefan Krüger, Patrick Hill, Karim Ali +1
2018-01-16
Software Engineering · Computer Science
Self-adaptive static analysis
Eric Bodden
2017-10-23
Software Engineering · Computer Science
Static Analysis of Infrastructure as Code: a Survey
Michele Chiari, Michele De Pascalis, Matteo Pradella
2022-06-22
Programming Languages · Computer Science
The pitfalls of verifying floating-point computations
David Monniaux
2025-10-20
Software Engineering · Computer Science
Static analysis tools in the era of cloud-native systems
Tomas Cerny, Davide Taibi
2022-05-18
Software Engineering · Computer Science
On the combination of static analysis for software security assessment -- a case study of an open-source e-government project
Anh Nguyen-Duc, Manh Viet Do, Quan Luong Hong, Kiem Nguyen Khac
2021-03-25
Programming Languages · Computer Science
Customizing Static Analysis using Codesearch
Avi Hayoun, Veselin Raychev, Jack Hair
2024-04-22
Programming Languages · Computer Science
Synthesizing Program-Specific Static Analyses
Colin S. Gordon
2018-10-17
Software Engineering · Computer Science
Static Security Vulnerability Scanning of Proprietary and Open-Source Software: An Adaptable Process with Variants and Results
James J. Cusick
2025-09-23
Cryptography and Security · Computer Science
Learning Algorithms in Static Analysis of Web Applications
Akash Nagaraj, Bishesh Sinha, Mukund Sood, Yash Mathur +2
2022-10-17
Programming Languages · Computer Science
Naturalistic Static Program Analysis
Mohammad Mehdi Pourhashem Kallehbasti, Mohammad Ghafari
2023-01-13
Cryptography and Security · Computer Science
Many Tools, Few Exploitable Vulnerabilities: A Survey of 246 Static Code Analyzers for Security
Kevin Hermann, Sven Peldszus, Thorsten Berger
2026-02-23
Software Engineering · Computer Science
Static Code Analysis of Multilanguage Software Systems
Anas Shatnawi, Hafedh Mili, Manel Abdellatif, Yann-Gaël Guéhéneuc +4
2019-06-04
Software Engineering · Computer Science
On the Benefit of Automated Static Analysis for Small and Medium-Sized Software Enterprises
Mario Gleirscher, Dmitriy Golubitskiy, Maximilian Irlbeck, Stefan Wagner
2016-11-24
Programming Languages · Computer Science
Static Analysis Under Non-Deterministic Program Assumptions
Abdullah H. Rasheed
2026-02-10
Software Engineering · Computer Science
A Study of Static Warning Cascading Tools (Experience Paper)
Xiuyuan Guo, Ashwin Kallingal Joshy, Benjamin Steenhoek, Wei Le +1
2023-05-05
Software Engineering · Computer Science
Quieting the Static: A Study of Static Analysis Alert Suppressions
Georgios Liargkovas, Evangelia Panourgia, Diomidis Spinellis
2023-11-14
Programming Languages · Computer Science
Static Analysis of File-Processing Programs using File Format Specifications
Raveendra Kumar Medicherla, Raghavan Komondoor, S. Narendran
2015-04-06