Open Access

REVIEW

Static Analysis Techniques for Secure Software: A Systematic Review

Brian Mweu^1,*, John Ndia²

1 Department of Computer Science, Murang’a University of Technology, Murang’a, 75-10200, Kenya
2 Department of Information Technology, Murang’a University of Technology, Murang’a, 75-10200, Kenya

* Corresponding Author: Brian Mweu. Email:

Journal of Cyber Security 2025, 7, 417-437. https://doi.org/10.32604/jcs.2025.071765

Received 11 August 2025; Accepted 16 September 2025; Issue published 10 October 2025

Abstract

Static analysis methods are crucial in developing secure software, as they allow for the early identification of vulnerabilities before the software is executed. This systematic review follows Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) 2020 guidelines to assess static analysis techniques for software security enhancement. We systematically searched IEEE Xplore, Association for Computing Machinery (ACM) Digital Library, SpringerLink, and ScienceDirect for journal articles published between 2017 and 2025. The review examines hybrid analyses and machine learning integration to enhance vulnerability detection accuracy. Static analysis tools enable early fault detection but face persistent challenges. These include high false-positive rates, scalability issues, and usability concerns. Our findings provide guidance for future research and methodological advancements to create better tools for secure software development.

---

Keywords

---