The invention relates generally to detection of erroneous source code. In particular, the invention relates to techniques to discover and identify flaws in source code and consequently software products.
Computers are instructed to execute various commands using code written in higher level languages. The code is compiled into machine language based on its architecture by mapping the instruction syntax into binary operations to produce an executable code, which is then run on the computer's processor. Conventional techniques for source code diagnostic identification and analysis for correction have limitations that adversely affect ability of coders to produce software free or errors and potential vulnerabilities.
Producing completely error-free code is nearly impossible absent the aide of source code scanning tools. These techniques can be commercially available or open source in order to significantly reduce the quantity of errors. Various methods, whether automated or manual, have been experimented with over the years to reduce source code errors with success, but these have comparative advantages and disadvantages.
Research has demonstrated that a combination of automated and manual source code review constitutes the best manner to reduce the greatest number of coding errors. Methods to reduce source code vulnerabilities typically center around corporate policy, availability of technical personnel, project timelines and budgetary constraints.