Key points are not available for this paper at this time.
All software projects are guaranteed to have one artifact in common source code. Together with architectural risk analysis, code review for security ranks very high on the list of software security best practices. We look at how to automate source-code security analysis with static analysis tools.
Chess et al. (Mon,) studied this question.