Static Code Analysis in .NET 4.0 using FxCop 10.0 with Custom Rules

Author: Veeresh Rudrappa. Date: July 27, 2013

FxCop is an application that analyzes managed code assemblies and reports information about the assemblies, such as possible design, localization, performance, and security improvements. You can also write custom rules to check for your own design guidelines. In this tutorial let us see how to install FxCop 10.0 and also learn how to analyze code by writing our own custom rules.

Step 1: Download and Install Microsoft Windows SDK for Windows 7 and .NET Framework 4 Just select the tools under .NET Framework.

Installing FxCop 10.0

Installing FxCop 10.0

Step 2: Install FxCop 10.0.
It can be found at C:/Program files/WindowsSDk/Widows/7.1/bin/FxCop.

Step 3: Launch FxCop.
Right click on project > click on select target and choose which assembly you want to analyze. For tutorial purpose I will be analyzing an assembly from one of my previous blogs NHibernate.

fxcop add target

FxCop comes built in with a set of pre defined rules. Click on the Rules tab to check them. You can check or un check the set of rules that you want to test your assembly against. Click on each rule to see the description of what the rules stand for.
fxcop rules

Step 4: Click on Analyze
If your assembly is pretty big then you could be overwhelmed with the number warnings that pop up. Many of which could be quite trivial like namespace warnings. In the rules tab you can Check only the important ones and uncheck all the trivial rules.

fxcop 10.0 analysis results

Step 5: Writing custom rules.
The beauty of FxCop is that you can write your own custom rules that you can test you assemblies against. This could be very useful if you are enforcing some sort of design rules which you want all of your developers to conform to.
Let us now see how to write our own custom rule. For the purpose of the tutorial I have a written a rule which checks if any static variables have been declared in the application and warns us if it finds one.
Ok don't curse me if you find it too trivial. :) I just wanted to write something very simple.

Step 6: Start a new library project in your visual studio 2010 and let us name it CustomCopRule. Add the following the references to the project.
1) FxCopSdk.dll
2) Microsoft.Cci.dll
Rename the class as NoStatic.cs. Add a xml file to the root of the project and name it SuperStaticRule.xml. Let our NoStatic.cs extend BaseIntrospectionRule. Create a default constructor and pass the following arguments to your base class constructor. a) The class name b) Name of the resource file, i.e SuperStaticRule c) resource assembly

Step 7: Add a function called check which would first check if the member/element is a class, if yes, then check the sub element if it is static. This is just a simple example, feel free to add any logic/rule that you want your custom-rule to check. Try experimenting with different options by using the VS intelisense on the field variable in the code below and you should see a bunch of options.

                                            using System;
                                            using System.Collections.Generic;
                                            using System.Linq;
                                            using System.Text;
                                            using Microsoft.FxCop.Sdk;

                                            namespace CustomCopRule
                                                public class NoStatic : BaseIntrospectionRule
                                                    public NoStatic(): base("NoStatic", "CustomCopRule.SuperStaticRule", typeof(NoStatic).Assembly)

                                                    public override ProblemCollection Check(Member member)
                                                        if (member.DeclaringType is ClassNode)
                                                            Field field = member as Field;
                                                            if (field != null)
                                                                if (field.IsStatic)
                                                                    Problems.Add(new Problem(GetNamedResolution("No Static", field.Name.Name)));

                                                        return Problems;


                                            Static Variable Found
                                             Veeresh Rudrappa
                                            Do not declare any staic variables


Step 8: Now let us add our customcoprule.dll to our fxcop project. First repeat the step 3 and add the target assembly that you want to test. Now select the rules tab at the top. Right click on the project and select add new rules. Find the customcoprule.dll that you compiled in the previous step and add it. Uncheck all the rules and just select the rule that we added. Hit analyze button at the top.

fxcop 10.0 custom rules

fxcop 10.0 cutom rules

Documentation on fxcop is very limited on the web. One website which helped me a lot was If you want to create more complex rules then its a great resource. Hope my article helped you to get started with FxCop. Let me know if you have any questions.

comments powered by Disqus