Saturday, 6 July 2013

Dynamic Analysis vs. Static Analysis

Dynamic analysis is the testing and evaluation of an application during runtime.
Static analysis is the testing and evaluation of an application by examining the code without executing the application.
Many software defects that cause memory and threading errors can be detected both dynamically and statically. The two approaches are complementary because no single approach can find every error.
The primary advantage of dynamic analysis: It reveals subtle defects or vulnerabilities whose cause is too complex to be discovered by static analysis. Dynamic analysis can play a role in security assurance, but its primary goal is finding and debugging errors.
The primary advantage of static analysis: It examines all possible execution paths and variable values, not just those invoked during execution. Thus static analysis can reveal errors that may not manifest themselves until weeks, months or years after release. This aspect of static analysis is especially valuable in security assurance, because security attacks often exercise an application in unforeseen and untested ways.
Intel® Inspector generates dynamic analysis results to help you find and fix memory and threading errors. You can also use the Intel Inspector to visualize and manage static analysis results created by Intel® compilers in various Intel studio products.


Post a Comment