Static code analysis (i.e., static analysis) techniques involve analysis of source code without executing the source code. Some static analysis methods require an analysis of the potential execution paths of source code. One method of modeling such paths is to generate a control flow graph (CFG). A CFG represents potential execution paths using directed edges connecting basic blocks of source code. Other modeling techniques involving varying degrees of abstraction are also used by some static analysis algorithms.
By identifying defects and other properties of source code using static analysis tools, software reliability improvements have been made to many phases of the software development lifecycle. Analysis of the impact of software defects, for example, has shown potentially high costs associated with memory leaks, deadlocks, and other hazardous program states. In some cases, small investments in analysis tools earlier in the lifecycle can show dividend gains in the form of lower maintenance costs and prevention of potentially costly redesign later.