Static Analysis Process

• 

• About SPARROW

  SPARROW is a leading static analysis tool based on semantic analysis engine, which identifies with great accuracy security weaknesses and defects in program execution that are not found easily during source code analysis.
  It detects the 47 security weaknesses announced by the Ministry of Interior, and noncompliances with standards such as OWASP, CWE, CERT, MISRA, and BSSC. Its speedy analysis produces results twice as fast as any foreign static analysis tool. It analyzes large-scale source codes accurately and swiftly, and its quality and technology have been verified by GS and ISO 26262 certificates.
  SPARROW is the most effective static analysis tool that achieved CC certificate for source code security weaknesses and satisfies software development security and quality requirements. WISESTONE is a partner of Fasoo.com.
  More

Benefits of Static Analysis

Static analysis detects and eliminates potential errors that may critically undermine security of an application and reduces time-to-market.

Scope of Verification

• Execution Error
  Buffer Overflow, Null Pointer, Divided by Zero, Memory Leak, Resource Leak, Uninitialized variable.. etc

• Unnecessary Code
  Dead Code, Unreachable Code, Ignored Return Value, Useless Values 등

• Coding standards violations
  MISRA-C:1998, MISRA-C:2004, High Integrity C++, CERT – C, C++, JAVA, SW development security guideline by the Ministry of Interior, and Electronic Finance Supervisory Regulations

Why Choose Us

• We help our customers to detect and correct errors early on in the development life cycle, so they could meet their launching schedule and save costs on quality control at a later phase of development.
• Our test professionals have extensive experience across all aspects of domain quality control.
• Our unique OWL PnF Methodology produces test results in accordance with standard protocol.