Static code analysis is a method of analyzing and evaluating search code without executing a program. Static code analysis is part of what is called "white box testing" because, unlike in black box testing, the source code is available to the testers. Many types of software testing involve static code analysis, where developers and other parties look for bugs or otherwise analyze the code for a software program.
Static code analysis is also known as static program analysis.
The opposite of static code analysis is dynamic code analysis. In the latter, the program is executed and developers look for run-time errors.
Different kinds of static code analysis include testing at various levels, such as at the unit level or system level. Experts point out that the compilation step done by modern compilers is a form of static code analysis in that it is designed to catch different types of syntactic or technical errors before a program is run. Static code analysis resources should provide better quality of code, although some IT professionals contend that there can be problems with this type of testing, some of which are related to overly standardized debugging tools. Also, although tools like compilers can catch many kinds of syntax errors, static code testing may or may not catch broader logical errors that can compromise quality. Some of these must be found in dynamic code testing.