While researching tools, I stumbled upon a tool, Understand 2.0 http://www.scitools.com/products/understand/ which provides an impressive set of capabilities and source code visualizations, is multi-lingual and multi-platform.
The required critical capabilities are
- Multi-Lingual support.
- Searchable code structural visualization (something like this http://scitools.com/blog/2008/12/yes-searching-in-graphs.html)
- Rapid navigation for purposes for maintenance/support of inherited systems
- Vulnerability scanning (for Information Assurance purposes)
Driving Factors
- The tasks of static and dynamic code analysis, architecture recovery and visualization (from the code), code structural analysis, extracting other metrics (cyclomatic complexity, maintainability, other measurements defined by SEI) is an important part of a lot of projects.
- Frequently one tool would not cover all needs (and languages) and we normally deal with a combination of several tools both commercial and free/opensource
List of tools that researched (not an exhaustive list, just a compilation after about a day's worth of researching)
Commercial
- Coverity (multi-lingual))
- JHawk (Java)
- Lattix (.NET)
- NDepend (.NET)
- PC-Lint
- Rational Software Architect (multi-lingual) -built-in capabilities. (Eclipse based)
- Understand (multi-lingual)
- Visual Studio (multi-lingual) - built-in capabilities, plugins.
Free/Open source
- Eclipse (multi-lingual) - built-in capabilities, plugins.
- FindBugs (Java)
- IBM Structural Analysis for Java (SA4J) - very impressive structural visualization.
- JDepend (Java)
- NetBeans (multi-lingual) - - built-in capabilities, plugins.
- PMD (Java)
- SourceMontor (multi-lingual) -creates nice Kiviat diagrams.
The bottom line is that source code analysis/metrics tools are plentiful in both the commerical and open source markets. You have to define what your requirements are, do the necessary research to devise a solution set of tools and techniques, and then resolve your problem.