Comparison of static code analysis tools

Matti Mantere, Ilkka Uusitalo, Juha Röning

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

20 Citations (Scopus)


In this paper we compare three static code analysis tools. The tools represent three different approaches in the field of static analysis: Fortify SCA is a non-annotation based heuristic analyzer, Splint represents an annotation based heuristic analyzer, and Frama-C an annotation based correct analyzer. The tools are compared by analysing their performance when checking a demonstration code with intentionally implemented errors.
Original languageEnglish
Title of host publication2009 Third International Conference on Emerging Security Information, Systems and Technologies (SECURWARE). Athens, Glyfada, Greece, 18 - 23 June 2009
Place of PublicationPiscataway
PublisherIEEE Institute of Electrical and Electronic Engineers
ISBN (Print)978-0-7695-3668-2
Publication statusPublished - 2009
MoE publication typeA4 Article in a conference publication

Publication series

SeriesInternational Conference on Emerging Security Information, Systems and Technologies


  • Static code analysis
  • code auditing


Dive into the research topics of 'Comparison of static code analysis tools'. Together they form a unique fingerprint.

Cite this