Title :
Prioritizing Correction of Static Analysis Infringements for Cost-Effective Code Sanitization
Author :
Carrozza, Gabriella ; Cinque, Marcello ; Giordano, Ugo ; Pietrantuono, Roberto ; Russo, Stefano
Author_Institution :
SELEX ES, A Finmeccanica Co., Rome, Italy
Abstract :
Static analysis is a widely adopted technique in the industrial development of software systems. It allows to automatically check for code compliance with respect to predefined programming rules. When applied to large software systems, sanitizing the code in an efficient way requires a careful guidance, as a high number of (more or less relevant) rule infringements can result from the analysis. We report the results of a static analysis study conducted on several industrial software systems developed by SELEX ES, a large manufacturer of software-intensive mission-critical systems. We analyzed results on a set of 156 software components developed in SELEX ES, based on them, we developed and experimented an approach to prioritize components and violated rules to correct for a cost-effective code sanitization. Results highlight the benefits that can be achieved in terms of quality targets and incurred cost.
Keywords :
program compilers; program diagnostics; program verification; safety-critical software; software development management; SELEX ES; code compliance; cost effective code sanitization; industrial software system development; prioritize components; software components development; software intensive mission-critical system; static analysis; Companies; Encoding; Programming; Resource management; Security; Software; Standards; critical systems; defect analysis; effort allocation; industrial study; static analysis;
Conference_Titel :
Software Engineering Research and Industrial Practice (SER&IP), 2015 IEEE/ACM 2nd International Workshop on
Conference_Location :
Florence
DOI :
10.1109/SERIP.2015.13
