Earlier this month over at FTPOnline.com, David Falkenstein posted a blog - “I’m not in denial, I’m in a hurry” on static code analysis. There are several testing techniques for conducting code reviews, but his message is pretty clear-cut: static analysis tools are extremely effective in discovering bad practices and metrics about our code.

Another valuable reference on this subject is a video over at Google Tech Talks - “Using Static Analysis for Software Defect Detection” where Bill Pugh discusses the FindBugs™ tool and how to incorporate it into your development process.

It’s important to note that static analysis alone is not a silver bullet solution. It is, however, a great addition to the QA toolbox and an effective complement to managing the quality of software. Keep in mind, (as I’ve said before), automated and manual code analysis methods are most effective when used in conjunction with each other - there is no replacement for a little human intellect.