Abstract
Today’s small and medium-sized enterprises (SMEs) in the software industry are faced with major challenges. While having to work efficiently using limited resources they have to perform quality assurance on their code to avoid the risk of further effort for bug fixes or compensations. Automated static analysis can reduce this risk because it promises little effort for running an analysis. We report on our experience in analysing five projects from and with SMEs by three different static analysis techniques: code clone detection, bug pattern detection and architecture conformance analysis. We found that the effort that was needed to introduce those techniques was small (mostly below one person-hour), that we can detect diverse defects in production code and that the participating companies perceived the usefulness of the presented techniques as well as our analysis results high enough to include the techniques in their quality assurance.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Ahsan, S.N., Ferzund, J., Wotawa, F.: Are there language specific bug patterns? Results obtained from a case study using Mozilla. In: Proc. Fourth International Conference on Software Engineering Advances (ICSEA 2009), pp. 210–215. IEEE Computer Society (2009)
Ayewah, N., Pugh, W., Morgenthaler, J.D., Penix, J., Zhou, Y.: Evaluating static analysis defect warnings on production software. In: Proc. 7th Workshop on Program Analysis for Software Tools and Engineering (PASTE 2007), pp. 1–8. ACM Press (2007)
de Moor, O., Verbaere, M., Hajiyev, E., Avgustinov, P., Ekman, T., Ongkingco, N., Sereni, D., Tibble, J.: QL for source code analysis. In: Proc. Seventh IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2007), pp. 3–16. IEEE Computer Society (2007)
Deissenboeck, F., Heinemann, L., Hummel, B., Juergens, E.: Flexible architecture conformance assessment with ConQAT. In: Proc. 32nd ACM/IEEE International Conference on Software Engineering, vol. 2, pp. 247–250. ACM Press (2010)
European Commission. Commission recommendation of May 6 2003 concerning the definition of micro, small and medium-sized enterprises. Official Journal of the European Union L 124, 36–41 (May 2003)
Feilkas, M., Ratiu, D., Juergens, E.: The loss of architectural knowledge during system evolution: An industrial case study. In: Proc. IEEE 17th International Conference on Program Comprehension (ICPC 2009), pp. 188–197. IEEE Computer Society (2009)
Ferzund, J., Ahsan, S.N., Wotawa, F.: Analysing Bug Prediction Capabilities of Static Code Metrics in Open Source Software. In: Dumke, R.R., Braungarten, R., Büren, G., Abran, A., Cuadrado-Gallego, J.J. (eds.) IWSM 2008. LNCS, vol. 5338, pp. 331–343. Springer, Heidelberg (2008)
Fiutem, R., Antoniol, G.: Identifying design-code inconsistencies in object-oriented software: A case study. In: Proc. International Conference on Software Maintenance (ICSM 1998). IEEE Computer Society (1998)
Foster, J., Hicks, M., Pugh, W.: Improving software quality with static analysis. In: Proc. 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE 2007), pp. 83–84. ACM Press (2007)
Hofer, C.: Software development in Austria: Results of an empirical study among small and very small enterprises. In: Proc. 28th Euromicro Conference, pp. 361–366. IEEE Computer Society (2002)
Juergens, E., Deissenboeck, F., Hummel, B.: CloneDetective – A workbench for clone detection research. In: Proc. 31th International Conference on Software Engineering (ICSE 2009), pp. 603–606. IEEE Computer Society (2009)
Juergens, E., Deissenboeck, F., Hummel, B., Wagner, S.: Do code clones matter? In: Proc. 31th International Conference on Software Engineering (ICSE 2009), pp. 485–495. IEEE Computer Society (2009)
Juergens, E., Göde, N.: Achieving accurate clone detection results. In: Proceedings 4th International Workshop on Software Clones, pp. 1–8. ACM Press (2010)
Kautz, K.: Making sense of measurement for small organizations. IEEE Software 16, 14–20 (1999)
Knodel, J., Popescu, D.: A comparison of static architecture compliance checking approaches. In: Proc. IEEE/IFIP Working Conference on Software Architecture (WICSA 2007), p. 12. IEEE Computer Society (2007)
Koschke, R.: Survey of research on software clones. In: Duplication, Redundancy, and Similarity in Software, Schloss Dagstuhl, Germany (2007)
Koschke, R., Simon, D.: Hierarchical reflexion models. In: Proc. 10th Working Conference on Reverse Engineering (WCRE 2003), p. 368. IEEE Computer Society (2003)
Lague, B., Proulx, D., Mayrand, J., Merlo, E.M., Hudepohl, J.: Assessing the benefits of incorporating function clone detection in a development process. In: Proc. International Conference on Software Maintenance (ICSM 1997), pp. 314–321. IEEE Computer Society (1997)
Lanubile, F., Mallardo, T.: Finding function clones in web applications. In: Proc. 7th European Conference on Software Maintenance and Reengineering (CSMR 2003), pp. 379–388. IEEE Computer Society (2003)
Littlewood, B., Popov, P.T., Strigini, L., Shryane, N.: Modeling the effects of combining diverse software fault detection techniques. IEEE Transactions on Software Engineering 26, 1157–1167 (2000)
Mattsson, A., Lundell, B., Lings, B., Fitzgerald, B.: Experiences from representing software architecture in a large industrial project using model driven development. In: Proc. Second Workshop on SHAring and Reusing architectural Knowledge Architecture, Rationale, and Design Intent (SHARK-ADI 2007). IEEE Computer Society (2007)
Mishra, A., Mishra, D.: Software quality assurance models in small and medium organisations: A comparison. International Journal of Information Technology and Management 5(1), 4–20 (2006)
Passos, L., Terra, R., Valente, M.T., Diniz, R., das Chagas Mendonca, N.: Static architecture-conformance checking: An illustrative overview. IEEE Software 27, 82–89 (2010)
Richardson, I., Von Wangenheim, C.: Guest editors’ introduction: Why are small software organizations different? IEEE Software 24(1), 18–22 (2007)
Rosik, J., Le Gear, A., Buckley, J., Babar, M.: An industrial case study of architecture conformance. In: Proc. 2nd ACM-IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM 2008), pp. 80–89. ACM Press (2008)
Roy, C.K., Cordy, J.R.: A survey on software clone detection research. Technical report, Queen’s University at Kingston (2007)
Sangal, N., Jordan, E., Sinha, V., Jackson, D.: Using dependency models to manage complex software architecture. In: Proc. 20th Annual ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications (OOPSLA 2005), pp. 167–176. ACM Press (2005)
von Wangenheim, C.G., Anacleto, A., Salviano, C.F.: Helping small companies assess software processes. IEEE Software 23, 91–98 (2006)
Wagner, S.: Defect classification and defect types revisited. In: Proc. 2008 Workshop on Defects in Large Software Systems (DEFECTS 2008), pp. 39–40. ACM Press (2008)
Wagner, S., Deissenboeck, F., Aichner, M., Wimmer, J., Schwalb, M.: An evaluation of two bug pattern tools for java. In: Proc. First International Conference on Software Testing, Verification, and Validation (ICST 2008), pp. 248–257. IEEE Computer Society (2008)
Wagner, S., Jürjens, J., Koller, C., Trischberger, P.: Comparing Bug Finding Tools with Reviews and Tests. In: Khendek, F., Dssouli, R. (eds.) TestCom 2005. LNCS, vol. 3502, pp. 40–55. Springer, Heidelberg (2005)
Wikipedia. List of tools for static code analysis — wikipedia, the free encyclopedia (2011) (accessed May 6, 2011)
Zheng, J., Williams, L., Nagappan, N., Snipes, W., Hudepohl, J.P., Vouk, M.A.: On the value of static analysis for fault detection in software. IEEE Transactions on Software Engineering 32, 240–253 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gleirscher, M., Golubitskiy, D., Irlbeck, M., Wagner, S. (2012). On the Benefit of Automated Static Analysis for Small and Medium-Sized Software Enterprises. In: Biffl, S., Winkler, D., Bergsmann, J. (eds) Software Quality. Process Automation in Software Development. SWQD 2012. Lecture Notes in Business Information Processing, vol 94. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27213-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-27213-4_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27212-7
Online ISBN: 978-3-642-27213-4
eBook Packages: Computer ScienceComputer Science (R0)