QW2001 Paper 6V2

Mr. Larry Markosian
(Reasoning)

Improving Software Quality & Delivery Schedules Through Automated Inspection

Key Points

Presentation Abstract

Automated source code inspection tools have been available for decades. Only recently, however, has the underlying technology matured enough to pinpoint serious defects-defects that cause an application to crash or corrupt data-without burying these “nuggets” under reams of false positives and low-interest code problems. The technology has been developed by Reasoning to focus on defects such as memory leaks, NULL pointer dereferences, out of bounds array accesses, and other serious defects that delay functional testing and often escape into the deployed application. Especially in the case of mission-critical applications and embedded applications, such defects are a significant cause of delayed releases and expensive failures in the field.

Reasoning’s InstantQA is a software defect detection service based on advanced source code analysis technology that can pinpoint critical defects during development, when they are easiest and least expensive to fix. Early discovery means that the testing cycle is not interrupted to deal with application crashes, unpredictable results and other delays caused by these hard-to-identify bugs. Also, identification by source code analysis provides precise information about where the bug is located, what type of bug it is, and under what conditions will trigger it. This information is usually adequate for even junior level developers with limited knowledge of the application to implement a fix. This is contrasted with the results of testing, where only the symptom of the failure typically can be reported, and long hours on the part of experienced developers may be spent tracking the runtime error to its source.

About the Author

Lawrence Markosian, a founder of Reasoning, Inc., is product manager for InstantQA, Reasoning's automated source code defect inspection service. Prior to joining Reasoning, Lawrence was a Research Associate at Stanford University, where he specialized in models of mathematical and logical inference and learning. Lawrence is the author of numerous articles on software reengineering, reverse engineering and defect detection, including articles in Communications of the ACM and Java Developers Journal. His email address is zaven@reasoning.com.