GitHub's CodeQL is a powerful semantic code analysis engine for identifying vulnerabilities across codebases. We've extended CodeQL to support Solidity, the most popular programming language for smart contracts. CodeQL enables you to query code as though it were data, and it's open-source (OSS). You can check it out here: <https://github.com/CoinFabrik/CyScout/>. The product page is available at <https://www.coinfabrik.com/products/cyscout-solidity-codeql/>.
CodeQL has its own licensing model, which you can find at https://codeql.github.com/. TL;DR: CodeQL is free for research and open-source projects.