{{Short description|Establishing properties of computer programs without executing them}}
{{Software development process}}
'''Static program analysis''' is the [[program analysis (computer science)|analysis of computer software]] that is performed without actually executing any programs, in contrast with [[dynamic program analysis|dynamic analysis]], which is analysis performed on programs whileduring theytheir are executingexecution.<ref>{{cite journal |archive-url=https://web.archive.org/web/20110927010304/http://www.ida.liu.se/~TDDC90/papers/industrial95.pdf |archive-date=2011-09-27 | title=Industrial Perspective on Static Analysis. |journal=Software Engineering Journal |date=Mar 1995 |pages=69–75 |last1=Wichmann |first1=B. A. |first2=A. A. |last2=Canning |first3=D. L. |last3=Clutterbuck |first4=L. A. |last4=Winsbarrow |first5=N. J. |last5=Ward |first6=D. W. R. |last6=Marsh |volume=10 |issue=2 |doi=10.1049/sej.1995.0010 |url=http://www.ida.liu.se/~TDDC90/papers/industrial95.pdf}}</ref><ref>{{Cite journal|last=Egele|first=Manuel|last2=Scholte|first2=Theodoor|last3=Kirda|first3=Engin|last4=Kruegel|first4=Christopher|date=2008-03-05|title=A survey on automated dynamic malware-analysis techniques and tools|url=https://doi.org/10.1145/2089125.2089126|journal=ACM Computing Surveys|volume=44|issue=2|pages=6:1–6:42|doi=10.1145/2089125.2089126|issn=0360-0300}}</ref> In most cases the analysis is performed on some version of the [[source code]], and in the other cases, some form of the [[object code]].
The term is usually applied to the analysis performed by an [[List of tools for static code analysis|automated tool]], with human analysis typically being called "program understanding", [[program comprehension]], or [[code review]]. In the last of these, [[Softwaresoftware inspection]]s and [[software walkthrough]]s are also used. inIn most cases the latteranalysis caseis performed on some version of a program's [[source code]], and, in other cases, on some form of its [[object code]].
