Static Analysis provides the earliest possible insight into an application by reviewing its very foundation – the source code. But more precisely, what does static analysis consist of? Different people have different ideas... This lack of clarity and consistency was not lost on the software testing experts within ISO/IEC JTC1/SC7/WG26 who are now working on a draft International Standard to address this ambiguity. This paper will discuss the general expectations of static analysis and the proposed standard, outlining the appropriate processes to be followed.

• Defines clear expectations for static analysis practices
• Aligns with ISO/IEC 12207 and ISO 9000 standards
• Clarifies ambiguity in current static analysis interpretations
• Supports open-source and full software lifecycle integration