Information leakage in computer systems can be clustered in different classes based on how the information is leaked. Two examples of such classes are information leakage through data content and information leakage through execution time. The Secure-Programming Assistant and Side-Channel Analyzer (SPASCA) is an information-flow analysis tool for Java programs at the source-code level. SPASCA can be used to detect information leakage in programs written in a rich sequential Java subset. It implements two static type-based information-flow analyses: a timing-insensitive analysis detecting only leakage through data content, and a timing-sensitive analysis that builds on the former and additionally detects information leakage through execution time.