Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form

Your request is being processed

We’ll send a trial key to .

If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam

Static analysis in financial area

Graph with cost to fix

PVS‑Studio is a Static Application Security Testing (SAST) solution. This tool helps enhance code in terms of quality, reliability, and safety.

PVS‑Studio detects errors and potential vulnerabilities at the early stages of development, thus reducing the cost of fixing them. The analyzer supports analysis of programs written in C, C++, C#, Java.

The PVS‑Studio analyzer is extremely in demand where any error can lead to large losses of time, reputation, or money.

One of these software development areas is the financial area — for example, trading and banking software.

Here's a little story our user told us at a conference.

Case study: how code errors deprive a company of money

The analyzer has the V3040 diagnostic rule, which detects a situation when one integer value is divided by another integer value. The result of division is placed in a variable of the float or double type. Of course, such code is not always erroneous, but it is definitely suspicious and requires checking.

Someone might think this error if far-fetched and V3040 is often false. They may be right and wrong. It all depends on the application type and what this program actually calculates.
The user said that the team they work in found a nasty error with the help of this diagnostic rule. We won't tell you where this person works, since this story was told on condition of anonymity (no, it wasn't a bank).

The module where the error was found calculated flexible prices for various options and conditions of orders. In other words, the software calculated what price managers should tell the potential client. The error crept into the calculation of a certain coefficient. An integer division was used where it is not necessary:

double K;
....
if (foo)
  K = 200 / 95;
else
....

Let's state right away that this code fragment is just an example, and we don't know what the real code looks like. The idea is that instead of a coefficient of 2.1, a coefficient of 2 was used in code. As a result, while communicating with customers, managers set the price a bit lower than they expected. The price was calculated incorrectly only under a certain combination of conditions, so no one ever noticed the error, trusting the numbers that the program gives out.
Since this coefficient was calculated incorrectly only in rare cases, this error did not significantly harm the company's revenue. Nevertheless, the error was so unpleasant, that the developers decided to hide it from the management and quietly fixed it.

Image with big OOPS

Let's not delve into discussion about whether such behavior is ethical or not. What's more interesting, a simple error in integer division leads to such consequences that developers are afraid to tell the management about.

As you can see, even the simplest errors can lead to losses of money, time, and effort. If we are talking about more serious software, then errors can be extremely expensive in general. Those who develop software for the financial area use an integrated approach to ensure reliability. The PVS‑Studio static analyzer can be an excellent addition to the code quality control tools.

Download and try the PVS‑Studio static analyzer

Unicorn with cool gift for all our awesome visitors :)