This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact firstname.lastname@example.org if you have any questions about the US-CERT website archive.
Presents best practices for performing code analysis to uncover errors in and improve the quality of source code. Methods include manual code auditing, walkthroughs, static analysis, dynamic analysis, metric analysis, testability analysis, crypto analysis, random number analysis, and fault injection.