Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich S&MA Directorate Can CodeSurfer Increase Code Inspection Efficiency? A Research Infusion Project.

Slides:

Advertisements

Similar presentations

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

Advertisements

Components of GIS.

Verification and Validation

Premier Director Document Imaging

Lifecycle Quality Management With the QDM System.

® IBM Software Group © 2010 IBM Corporation What’s New in Profiling & Code Coverage RAD V8 April 21, 2011 Kathy Chan

1 Appendix A: Writing and Submitting SAS ® Programs A.1 Writing and Submitting SAS Programs.

Copyright © 1994 Carnegie Mellon University Disciplined Software Engineering - Lecture 1 1 Disciplined Software Engineering Lecture #7 Software Engineering.

Static Technique. Static Technique - Review  A way of testing software work products  Program code, requirement spec., design spec.  Test plan, test.

Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.

Effective systems development requires a team effort from stakeholders, users, managers, systems development specialists, and various support personnel,

CASE Tools CIS 376 Bruce R. Maxim UM-Dearborn. Prerequisites to Software Tool Use Collection of useful tools that help in every step of building a product.

Risk Management CS 414, Software Engineering I Mark Ardis, Rose-Hulman Institute January 28, 2003.

 QUALITY ASSURANCE:  QA is defined as a procedure or set of procedures intended to ensure that a product or service under development (before work is.

1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.

Chapter 10 Publishing and Maintaining Your Web Site.

An Introduction to AlarmInsight

CHAPTER 5 Infrastructure Components PART I. 2 ESGD5125 SEM II 2009/2010 Dr. Samy Abu Naser 2 Learning Objectives: To discuss: The need for SQA procedures.

Introduction to Software Quality Assurance (SQA)

1 Software Quality Engineering CS410 Class 5 Seven Basic Quality Tools.

Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.

CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.

Validation Metrics. Metrics are Needed to Answer the Following Questions How much time is required to find bugs, fix them, and verify that they are fixed?

CMSC 345 Fall 2000 Unit Testing. The testing process.

© 2003 East Collaborative e ast COLLABORATIVE ® eC SoftwareProducts TrackeCHealth.

Software Inspection A basic tool for defect removal A basic tool for defect removal Urgent need for QA and removal can be supported by inspection Urgent.

CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,

Chapter 1 Introduction to VBA Development in Excel.

Chapter 6 : Software Metrics

Department of Computer Science A Static Program Analyzer to increase software reuse Ramakrishnan Venkitaraman and Gopal Gupta.

9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.

Manpower Planning.

Design and Programming Chapter 7 Applied Software Project Management, Stellman & Greene See also:

This chapter is extracted from Sommerville’s slides. Text book chapter

Disciplined Software Engineering Lecture #7 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department.

MSFC Avionics Department Flight Software Group CMM Level 2 Certified Automated Software Coding Standards System Development Team Assessment Team Luis Trevino.

Copyright 2003 Scott/Jones Publishing Standard Version of Starting Out with C++, 4th Edition Chapter 13 Introduction to Classes.

C++ History C++ was designed at AT&T Bell Labs by Bjarne Stroustrup in the early 80's Based on the ‘C’ programming language C++ language standardised in.

CERN Equipment Management Integrates Safety Aspects EDMS Doc Eva Sanchez-Corral Mena, Stephan Petit / CERN 1 CERN Equipment Management Integrates.

Copyright © 1994 Carnegie Mellon University Disciplined Software Engineering - Lecture 7 1 Design and Code Reviews - Overview What are design and code.

Ch 22 Verification and Validation

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

Process Improvement. It is not necessary to change. Survival is not mandatory. »W. Edwards Deming.

Gogul Balakrishnan, Radu Gruian and Thomas Reps Computer Science Dept., Univ. of Wisconsin GrammaTech, Inc. April, 2005 CodeSurfer / x86 A Platform for.

CASE (Computer-Aided Software Engineering) Tools Software that is used to support software process activities. Provides software process support by:- –

Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.

Chapter 4 Automated Tools for Systems Development Modern Systems Analysis and Design Third Edition 4.1.

SAS_08_ Architecture_Analysis_of_Evolving_Complex_Systems_of_Systems_Lindvall Architecture Analysis of Evolving Complex Systems of Systems Executive Status.

Markland J. Benson, Computer Systems Manager, White Sands Complex, (575) , Technology Infusion of CodeSonar into the Space.

Copyright (c) 2014 Pearson Education, Inc. Introduction to DBMS.

Completing the Loop: Linking Software Features to Failures 20 July 2004 Copyright © 2004, Mountain State Information Systems, Inc. All rights reserved.

July 2003 At A Glance The GMSEC provides efficient and enabling GSFC mission services and products for the next decade. Benefits Establishes a Single Strategic.

CS223: Software Engineering Lecture 21: Unit Testing Metric.

CIS-NG CASREP Information System Next Generation Shawn Baugh Amy Ramirez Amy Lee Alex Sanin Sam Avanessians.

Scientific data storage: How are computers involved in the following?

LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.

Verification vs. Validation Verification: "Are we building the product right?" The software should conform to its specification.The software should conform.

COMPREHENSIVE Excel Tutorial 12 Expanding Excel with Visual Basic for Applications.

© 2008, Renesas Technology America, Inc., All Rights Reserved 1 Introduction Purpose  This training course demonstrates the use of the High-performance.

SOFTWARE TESTING Date: 29-Dec-2016 By: Ram Karthick.

Software Development and Safety Critical Decisions

Software Quality Assurance Software Quality Factor

Verification and Validation

Verification and Validation

Chapter 13 Quality Management

HP ALM Introduction.

Overview Activities from additional UP disciplines are needed to bring a system into being Implementation Testing Deployment Configuration and change management.

Run-time environments

SeeSoft A Visualization Tool..

Presentation transcript:

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich S&MA Directorate Can CodeSurfer Increase Code Inspection Efficiency? A Research Infusion Project Mark Markovich - SAIC Dan Freund – NASA Principal Investigator

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich Safety and Mission Assurance Directorate About CodeSurfer RI About Us – JSC Safety and Mission Assurance Directorate, Flight Equipment Division - We assure software for Government Furnished Equipment (GFE). These are flight projects, usually small to moderately sized, typically ranging between 1,000 and 50,000 lines of code. : What is CodeSurfer? – CodeSurfer is a static analysis tool from Grammatech, Inc. used for source code analysis and navigation. CodeSurfer does not itself find defects in the code. Its purpose is to make the trained reviewer more effective. CodeSurfer includes many capabilities that could decrease the amount of time required to review the code by enabling the reviewer to perform them more quickly. In addition, CodeSurfer also has capabilities that could allow the reviewer additional technical insight into the workings of the code. What is Static Analysis? – Static analysis examines non-executing code and analyzes all known, possible behaviors that might arise at run time. The analysis of code during execution is known as dynamic analysis. Projects – Space Integrated Global Positioning System / Inertial Navigation System (SIGI) – Health Management System Defibrillator (Defib) Power and Data Interface Module (PDIM) Approach – Perform a code inspection without CodeSurfer, collecting appropriate metrics on time required and defects identified. Using a different software engineer, inspect the software using CodeSurfer, collecting the same metrics. Both inspectors used the same checklist.

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich Safety and Mission Assurance Directorate CodeSurfer Features Features û Pointer analysis, including which pointers point to which variables and procedures Shows call graphs that are complete, even when indirect function calls are used Shows all the variables a function uses and all the variables a function can modify Show all statements that depend on a selected statement, including code in other files Can search the entire application for user specified items Shows why statements execute, and can be used to follow the control code one step at a time using the provided hyperlinks û Allows users to right-click on a macro and navigate to the macro’s definition. Follows preprocessor directives during build. Conditionally-compiled code (not part of the current build) is color coded

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich Safety and Mission Assurance Directorate Most Useful Capabilities Puts code in visually appealing format allows user to quickly scan the code for problems Checking variable initialization is very easy Queries Easy identification of dead code and unused variables

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich Safety and Mission Assurance Directorate Results COMBINED SIGI AND PDIM INSPECTION DATA MetricManual Code inspectionWith CodeSurfer Inspection Time (hr) Lines of Code (LOC)10650 Inspection Rate (LOC/hr) Total Defects Found Using Method818 Defects Found per Hour Unique Defects Found Using Method212

Johnson Space Center SAS05_CodeSurfer_Infusion_JSC_Markovich Safety and Mission Assurance Directorate Challenges and Recommendations CodeSurfer can only be used to analyze code that can be compiled using one of several common compilers provided with the tool. Code analysis can be difficult where developer used a different compiler. This can be a problem when supporting multiple development labs Export restrictions made it difficult to seek technical assistance. Training and onsite visits by the vendor is expensive. But trying to figure it out on your own may be even more expensive. Research Infusion proposals should strongly consider including training and onsite support by the vendor Identifying the correct files for compilation can be difficult Regular use is required to maintain competence It is fair to note that other tools are likely to have similar problems if they require a compile or build of the software to be analyzed.