Controlled strings are the opposite of tainted strings. There is positive evidence that they are fully controlled by the program source code.
Strings that are known to not include any special characters, due to being fully controlled by the programmer.
A static analysis of strings that end in a single quote. When such strings are concatenated with another string, it suggests the programmer believes that code needed quoting. However, it is better to use a prepared query than to just put single quotes around the string.