When it comes to software development, the old adage is best spun in a slightly different way: better “early” than never. Accordingly, static analysis can help those developing in Java to stay one step ahead of potential coding problems.
Today’s software development teams are under immense pressure; the market demands high-quality, secure releases at a constantly increasing pace while security threats become more and more sophisticated. Considering the high cost of product failures and security breaches, it is more important than ever to address these risks throughout the software development process. Potential problems need to be spotted early to prevent release delays or, worse, post-release failures. Fortunately, there are numerous tools to help developers manage these risks, helping to identify potential problems early in the development phase when issues are less disruptive and easier to fix. They are readily accessible to developers and easy to use within many development environments. This applies to developers programming in any language; however, we focus on Java in this discussion (see Sidebar 1).
refer to: http://embedded-computing.com/articles/static-helps-manage-risk-java/