A method for detecting user input dependence in software code. The method including representing the software code with a reachability graph having: a plurality of nodes, where a root node of the plurality of nodes represents an input controlled by a user; a first directed edge connecting a first node of the plurality of nodes and a second node of the plurality of nodes, where the first directed edge represents a data dependency; and a second directed edge connecting a third node of the plurality of nodes and a fourth node of the plurality of nodes, wherein the second directed edge represents a data dependency. The method also includes identifying a fifth node of the plurality of nodes as a reachable node from the root node by traversing the reachability graph from the root node to the reachable node; and marking a portion of the software code represented by the reachable node as user input dependant.