Keeping It Simple: Agile Analysis

Writing reliable software is hard. No matter how determined we all are to avoid it, we do make mistakes and at a fairly predictable rate. What makes a software system reliable is not determined just by the care we take in planning and structuring a design but also by the methods we use in catching those pesky bugs that come along for the ride. For safety-critical code, the use of strong static source code analyzers has become an essential part of the development process. The best analyzers are based on solid theory and maintained by large teams of highly skilled developers. The tools can patiently trace through complex execution paths to reveal a range of subtle bugs, although, of course, only the types of bugs the tools have been trained on. The tools can be slow and costly, though, and the warnings they generate are sometimes difficult for humans to evaluate accurately.