SCARE (Source Code Analysis Risk Evaluation) analyzes source code and provides a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited, nor does it do a static analysis for known limitations like vulnerabilities. However, it will flag code for a particular interaction type or control and allow the developer to understand which operational security (OpSec) holes are not protected even if it can't say the effectiveness of that protection at this time.
CCTree is a Vim 7 plugin that displays hierarchical call-trees for functions or files using a cscope database. The functionality is similar to that offered by other IDEs and source-analysis applications, like Kscope, Source Navigator, and Eclipse. CCTree features a symbol dependency tree analyzer for C using a cscope database. It has basic support for functions and macros, and extended support for global variables, macros, enums, and typedefs.
ccglue is a complementary tool to cscope and ctags. The tool builds a cross-reference symbol database from cscope (and ctags) databases that can be used to display dependency-graphs (aka call-trees, code flow). Visualization can be done with the Vim CCTree plugin or the built-in stand-alone command-line tracer.