What is the difference between static analysis and semantic analysis?
Question
Looking at Table 9 in ISO 26262-6 (2011) Road Vehicle Functional Safety Part 6 Product Development, static code analysis (1g) and semantic code analysis (1h) are listed separately as methods for verifications.
I searched for an explanation of the differences, but I did not come across anything satisfying.
Is it an over simplification to state that static analysis can use semantic analysis, but not necessarily vice versa?
In general, what is the difference between static analysis and semantic analysis?
Most descriptions of static analysis that I've seen seem to involve discussion of semantic analysis. What is static code analysis?
Thanks for your time and any possible insights and feedback.
3 answers
solution1
2 2015-03-10 05:51:11
Static analysis means that the analysis runs only for a source code, does not need to run a code or provide testing inputs. Another kind in this category is dynamic analysis which actually runs a code to test given inputs.
Semantic analysis states that the analysis estimates (or computes) a meaning of a source code. Another kind in this category is syntactic analysis which only checks a shape of a source code.
In most cases, just saying semantic or syntactic analysis implies that it is also static analysis.
For example, assuming a C compiler issues two errors "missing semicolon" and "unused variables", the former is the result from (static) syntactic analysis and the latter is the result from (static) semantic analysis performed by the compiler.
solution2
2 2017-05-08 22:15:43
If you look at table 9 more carefully you will see: 1h | Semantic code analysis^d
Below the table you can read what the '^d' means: Method 1h is used for mathematical analysis of source code by use of an abstract representation of possible values for the variables...
There are software tools which provide such analysis, fe Polyspace Proover.
solution3
1 2013-12-10 15:41:26
Semantic analysis is made at compile time in most compilers, and it's purpose is to check, wheter or not your code satisfy programming language specification. It usually checks type correctness, method existence and so on.
Static analisis is a more complicated process, to find some warnings, bugs, etc, without running program. It's go deeper than semantics analysis and produce more detailed results.
For example there are many tools for statical analisys like PVS-Studio , Intellij Idea inspections, and so on.
Sometimes, they produce a lot of noise, but can save you from some errors.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.