{"title":"Improving manual analysis of automated code inspection results: Need and effectiveness","authors":"","doi":"10.1109/issrew.2013.6688867","DOIUrl":null,"url":null,"abstract":"Automated code inspection using static analysis tools has been found to be useful and cost-effective over manual code reviews. This is due to ability of these tools to detect programming bugs (or defects) early in the software development cycle without running the code. Further, using sound static analysis tools, even large industry applications can be certified to be free of certain types of the programming bugs such as Division by Zero, Null/Illegal Dereference of a Pointer, Memory Leaks, and so on. In spite of these merits, as per various surveys, the static analysis tools are used infrequently and inconsistently in practice to ensure software quality. Large number of false alarms generated and the efforts required to manually analyze them are the primary reasons for this. Similar has been the experience of our team with the usage of these tools.","PeriodicalId":332420,"journal":{"name":"2013 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/issrew.2013.6688867","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Automated code inspection using static analysis tools has been found to be useful and cost-effective over manual code reviews. This is due to ability of these tools to detect programming bugs (or defects) early in the software development cycle without running the code. Further, using sound static analysis tools, even large industry applications can be certified to be free of certain types of the programming bugs such as Division by Zero, Null/Illegal Dereference of a Pointer, Memory Leaks, and so on. In spite of these merits, as per various surveys, the static analysis tools are used infrequently and inconsistently in practice to ensure software quality. Large number of false alarms generated and the efforts required to manually analyze them are the primary reasons for this. Similar has been the experience of our team with the usage of these tools.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
