Source Code Analysis: Current and Future Trends & Challenges


Article Preview

The increasing complexity of software systems is making source code analysis a more economic option to automate the identification of defects, vulnerabilities and inefficiencies. This paper initially outlines the general anatomy of automatic source code analyzers, dimensions of analysis that can be performed with today’s state-of-the-art tools, various limitations of automatic source code analysis in the areas of programming language coverage, quantity of false positive claims, system architecture breakdowns and code/time complexity. The paper is concluded by presenting future tentative trends of source code analysis.



Edited by:

Nikita Martyushev and Anna Bogdan




A. Ponomarev et al., "Source Code Analysis: Current and Future Trends & Challenges", Key Engineering Materials, Vol. 685, pp. 877-880, 2016

Online since:

February 2016




[1] D. Binkley, Source Code Analysis: A Road Map, Future of Software Engineering, Minneapolis MN, 2007(104 – 119).

[2] Chung-Horng Lung, Agile software architecture recovery through existing solutions and design patterns, Proc. of 6th Int'l Conf. on Software Engineering and Applications (SEA), Boston, MA, Nov. 2002(539–545).

[3] Ghulam Rasool, and Nadim Asif, Software architecture recovery, World Academy of Science, Control, Quantum and Information Engineering 2007(4/34).

[4] James S. Collofello, Larry Cousins, Towards automatic software fault location through decision-to-decision path analysis, Proceedings of the National Computer Conference1987 (539).

[5] Mathew Schwartz, How to Reverse Engineering, 2011. Information on http: /www. computerworld. com/s/article/65532/Reverse_Engineering.

[6] Gert van der Merwe, Jan H.P. Eloff., Software source code, visual risk analysis: an example, Department of CS, Rand Afrikaans University, Johannesburg 2006, South Africa. 1998(17(3)/233-252).


[7] Penny Grubb, Armstrong A. Takang, Software Maintenance: Concepts and Practice, World Scientific Publishing Company, 2nd edition, September (2003).


[8] D. Cruz, P.R. Henriques and J.S. Pinto, Code analysis: past and present, Proceedings of the Third International Workshop on Foundations and Techniques for Open Source Software Certification (OpenCert 2009), University of Minhom.

[9] A. Chou, False positives over time: a problem in deploying static analysis tools coverity. Information on http: /www. cs. umd. edu/~pugh/BugWorkshop05/papers/34-chou. pdf.