The Cost and Benefits of Static Analysis During Development

by   William R. Nichols Jr, et al.

Without quantitative data, deciding whether and how to use static analysis in a development workflow is a matter of expert opinion and guesswork rather than an engineering trade-off. Moreover, relevant data collected under real-world conditions is scarce. Important but unknown quantitative parameters include, but are not limited to, the effort to apply the techniques, the effectiveness of removing defects, where in the workflow the analysis should be applied, and how static analysis interacts with other quality techniques. This study examined the detailed development process data 35 industrial development projects that included static analysis and that were also instrumented with the Team Software Process. We collected data project plans, logs of effort, defect, and size and post mortem reports and analyzed performance of their development activities to populate a parameterized performance model. We compared effort and defect levels with and without static analysis using a planning model that includes feedback for defect removal effectiveness and fix effort. We found evidence that using each tool developers found and removed defects at a higher rate than alternative removal techniques. Moreover, the early and inexpensive removal reduced not only final defect density but also total development effort. The contributions of this paper include real-world benchmarks of process data from projects using static analysis tools, a demonstration of a cost-effectiveness analysis using this data, and a recommendation these tools were consistently cost effective operationally.


page 1

page 2

page 3

page 4


A Longitudinal Study of Static Analysis Warning Evolution and the Effects of PMD on Software Quality in Apache Open Source Projects

Automated static analysis tools (ASATs) have become a major part of the ...

Development Effort Estimation in Free/Open Source Software from Activity in Version Control Systems

Effort estimation models are a fundamental tool in software management, ...

Statistical Learning for Best Practices in Tattoo Removal

The causes behind complications in laser-assisted tattoo removal are cur...

Learning from the past: A process recommendation system for video game projects using postmortems experiences

Context: The video game industry is a billion dollar industry that faces...

Interactive Static Software Performance Analysis in the IDE

Detecting performance issues due to suboptimal code during the developme...

The CESAW dataset: a conversation

An analysis of the 61,817 tasks performed by developers working on 45 pr...

VeriFly: On-the-fly Assertion Checking via Incrementality

Assertion checking is an invaluable programmer's tool for finding many c...

Please sign up or login with your details

Forgot password? Click here to reset