dr. michael eichberg software engineering department of ... · major external quality factors |...

Dr. Michael Eichberg Software Engineering Department of Computer Science Technische Universität Darmstadt

Software Engineering

Software Quality

Software Quality• Software Quality Factors

B. Meyer; Object-oriented software construction; Prentice Hall, 1997

|Software Quality

We distinguish between internal and external software quality factors.

• The internal quality factors can only be perceived by computer professionals

• The external quality factors are ultimately the relevant ones, as they are perceived by the userHowever, the external quality factors depend on the internal quality factors.

3

|Software Quality - Major External Software Quality Factors


• Correctness • Robustness • Extendibility • Reusability • Compatibility • Efficiency • Portability • Ease of use • Functionality

4

The user encompasses all stake holders: - the owner, - the “end user”, - the administrator, - ...

|Major External Quality Factors

Correctness is the ability of software products to perform their tasks as defined by their specification.

• To achieve correctness a precise requirements definition is needed

• Correctness is usually only conditional - we guarantee the correctness of our program on the assumption that the lower layers - upon which our product is built - are correct(E.g. we assume that a processor calculates correctly, that the compiler compiles our program correctly, …)

5


Robustness is the ability of software systems to react appropriately to abnormal conditions.

• Robustness characterizes what happens “outside of the specification”

• Robustness complements correctness

6


Change is pervasive in software development.

Extendibility characterizes the ease of adapting software products to changes of the specification.

• Important principles to achieve extendibility: • Design simplicity

A simple architecture is easier to adapt. • Decentralization

Autonomous modules (modules which have minimal coupling to other modules → Software Engineering Design & Construction) are easier to change.

7


• Reusability is the ability of software elements to serve for the construction of many different applications

• Compatibility is the ease of combining software elements with others

• Portability characterizes the ease of transferring software products to various hardware and software environments (i.e., porting it from Android to iOS; porting it from Windows to Linux,…)

8


Do not worry how fast it is unless it is also right! Efficiency nearly always have to be balanced with other goals.

Efficiency is the ability of a software system to place as few demands as possible on hardware resources.

• Resources are the processor time, the space occupied in internal and external memories, the bandwidth used in communication devices, ...…

• Always try to use “good” algorithms over “bad” ones, because a computer that is twice as fast as a previous model can handle problem sizes near 2*N if the algorithm’s complexity is O(n). Do ask yourself: If the complexity is O(2n) a computer that is twice as fast can handle problems of size?

9


Functionality characterizes the extent of possibilities provided by a system.

• Avoid featurism; remain consistent with existing features if you add new ones

10


Ease of Use is the ease with which people of various backgrounds and qualifications can learn to use software products and apply them to solve problems.

11

IPhoto ‘06 IPhoto ’09

Software Quality• … or the lack thereof.

|Software FailuresSoftware failures can be disastrous.

• Therac-25 People died due to an overdosis of radiation (1985)

• Ariane 5 A system from Ariane 4 was reused but the specification was ignored (1996)

• Mars Climate Orbiter There was some confusion about the units (i.e. metric system or english system) that are used (1999).

• ...

13

|Software FailuresSoftware failures can be disastrous.

• hessische Schulsoftware LUSD“just” unusable (2007)

• ...

14 10/12/2007 11:06 AMHessen erlebt Desaster mit neuer Schulsoftware von CSC | Home - News - Themenüberblick - Business | TecChannel.de

Page 1 of 2http://www.tecchannel.de/index.cfm?pid=401&pk=1732014

THEMENÜBERBLICK / NEWS Weitere News

Vorherige News Nächste News

Informationstechnologie

Suchbegriff:

Einsatzregion:

Ort oder PLZ:

Umkreis:

10 km

National International

Detailsuche

IP Vernetzung

Optimale Kommunikation durch IP-Vernetzung

> mehr Infos

Eindringlingserkennung auf Web-Servern

E-Mail-Exploits und ihre Gefahren

Umsetzung des Payment Card Industry Data SecurityStandard (PCI DSS)

Bedrohungsmanagement - Internet-Bedrohungen

Die Neuausrichtung der Unternehmenssicherheit im Fokus

weitere Downloads

Diesen Artikel als PDF-Datei

Diese News hinzufügen

IT-eBook öffnen

IT-eBook zusammenstellenAktueller Inhalt: 0 Artikel 0 News

del.icio.us

Mr. Wong

digg

Newstube

Folkd

Webnews

google

Yahoo

Linkarena

Yigg

weitere Infos

Ihre Meinung zu dieser Meldung

WHITEPAPER-DOWNLOADS:

ARTIKEL-PDF / IT-EBOOK

LINK SETZEN

MEINUNGEN ZUM ARTIKEL

JOBSUCHE FÜR IT-EXPERTEN

TecChannel Partnerzone ANZEIGE

.

Bereits seit dem vergangenen Schuljahr versuchen rund 2000 hessische Schulen mit derneuen Schulverwaltungssoftware LUSD (Lehrer- und Schülerdatenbank) zu arbeiten. Bisheute ist sie jedoch unbrauchbar. Entwickelt wurde die Schulsoftware von CSC. Start derKonzeption und der Entwicklung war der 1. Juni 2006. Mit der Implementierung in denSchulen hatte CSC im Oktober 2006 begonnen.

Leidtragende der fehlerhaften Lösung sind vor allem die Sekretariate. Bislang erreichtenmehr als 300 Beschwerden das Kultusministerium. "So viel Kaffee, wie man währendder unendlichen Wartezeiten bei der LUSD-Bearbeitung trinken kann, verträgt keinMensch", heißt es beispielsweise in einer der Protest-Mails, von denen einige auch beider Landtagsfaktion der Grünen eingingen. Die Schulsekretärinnen monieren, dass "dieneue LUSD den Schulen unausgereift aufgezwungen" worden sei. "Heute muss mansich erst anmelden, braucht ewige Zeit und viele Klicks, um das Gewünschte zubekommen. Mein Gott, in dieser Zeit ist man zehn Mal zum Aktenschrank gelaufen undhat sich die entsprechende gute alte Schülerakte oder den nötigen Ordnerherausgezogen!", schimpfte eine Anwenderin.

Die Grünen haben eine Stellungnahme vom Kultusministerium eingefordert. "Mit derunausgegorenen neuen Verwaltungssoftware hat Kultusministerin Karin Wolff die Arbeitan unseren Schulen weit gehend lahmgelegt", kritisierte der bildungspolitische Sprecherder Grünen, Mathias Wagner, in Wiesbaden gegenüber dem Hessischen Rundfunk. DieSPD-Fraktion ereiferte sich vor allem über die verfrühte Einführung der Software: "Füruns ist es völlig unverständlich, wie ein solcher Super-GAU passieren kann. 2000Schulen mit über 800.000 Schülerinnen und Schülern eignen sich nicht für Experimente",empörte sich die schulpolitische Sprecherin der SPD-Landtagsfraktion, HeikeHabermann.

Das Ministerium räumte Fehler ein. "Wir verstehen den Unmut der Schulen, auch wirhatten andere Erwartungen an das bestellte Produkt", sagte MinisteriumssprecherinTatjana Schruttke. Jedoch könne ein System für mehr als 50.000 Lehrkräfte und800.000 Schüler nicht ohne erhebliche Kraftanstrengung in die Praxis übertragenwerden. Erst Mitte 2008 rechnet sie mit einem fehlerfreien Betrieb. In einem Schreibenan alle hessischen Schulen haben die Staatssekretäre Joachim Jacobi(Kultusministerium/CDU) und Harald Lemke (Finanzministerium/parteilos) diegrundlegende Überarbeitung des Systems angekündigt. "Das von der EntwicklerfirmaCSC gelieferte System entspricht leider noch nicht dem, was Sie und wir anFunktionalität und Performance erwarten dürfen", heißt es darin.

Für die Landtagsfraktion der Grünen bedeutet die Millioneninvestition in die nichtfunktionierende Software eine gigantische Verschwendung von Steuergeldern. Mit 20Millionen Euro hätten 400 Lehrerinnen und Lehrer ein Jahr beschäftigt werden können,rechnet Wagner vor. Das Vertrösten der Schulen auf 2008 sei eine Unverschämtheit."Die völlig genervten und überarbeiteten LUSD-Anwenderinnen und -Anwenderbrauchen jetzt eine Lösung und nicht erst in einem Jahr." Den Versuch, dieVerantwortung für die Probleme allein auf die in Hessen ansässige EntwicklungsfirmaCSC schieben zu wollen, bezeichnete Wagner als "schäbig". (Computerwoche/ala)

Hessen erlebt Desaster mit neuer Schulsoftware von CSC

Weitere Treffer...

Zu Ihrer Google-Suchanfrage "hessische Schulsoftware" passende Themen:

WEITERE ERGEBNISSE BEI TECCHANNEL.DE:

Mehr zum Thema: Schulsoftware , E-Government , CSC , Hessen

Vom 14.09.2007

Hessen erlebt Desaster mit neuerSchulsoftware von CSCDas Kultusministerium hat eine für 20 Millionen Euroentwickelte Verwaltungssoftware an den Schuleninstallieren lassen, die nicht funktioniert.

+++ Lesen Sie alles über reibungslose Kommunikation im Ges

Freitag, 12.10.2007 Premium-Login | Newsletter | RSS | Service | Mediadaten | Impressum

Sortierung Relevanz Datum Rubriken News Artikel Forum Blog

Suchbegri! hier eingeben in TecChannel.de suchen

HOME FOKUS WHITEPAPER SICHERHEIT NETZWERK SERVER STORAGE PC+MOBIL KOMMUNIKATION WEBTECHNIK TEST+TECHNIK

SERVICE

Aktuelle Themen News News-Archiv Newsletter PDF Newsletter PDA-News Webnews RSS Forum Stichwortverzeichnis BlogBeratung zu IBMLenovo (Boy2006)

WARNUNG VOR 1&1HORROR /PROBLEME(Dremml)

sound & antivirsymbol fehlen imtray (hectorr)

Outlook-SucheLookout zumkostenlosenDownload(Ben.Kramer)

Firma fürPatronennachfüllung(helscha)

Disk Boot Failure.Insert System DiskAnd Press Enter(computar)

Raid 1Betriebsystem Frage(computar)

RAID 1 Was ist hierdefekt(boy_of_connemar)

Steve Ballmer warntRed-Hat-Anwender(Moritz Jäger)

Studie: Linux-Rechner steuernWindows-Botnets(Moritz Jäger)

Irgendwie reichtsjetzt, Apple!

CloneDVD brenntschnell / Grabbingsehr schnell

Für Mathe-Geeks:Fibonacci-Folge inRocksong

20x auch mitAshampoo BurningStudio / TevionDVD+R ?

Brennen mit 20fach?

AKTUELL IM FORUM

AKTUELL IM BLOG

|Software QualityLack of software quality.

• CampusNet error message shown to the end user(2010)

15

|Software Quality - FirstSpirit - 2009 16

|Software FailuresMissing software quality in commercial software.

• Lufthansa Buchungssystem“Totalausfall” (2004)

• ...

19

Konsequenz aus System-Ausfall 14.10.2004

Lufthansa will Check-In-Technik besser absichern Nachdem das weltweiten Check-In-Systems bei der Lufthansa vor drei Wochen komplett ausgefallen ist zieht die Airline nun Konsequenzen. Geprüft werden Möglichkeiten zur besseren Absicherung. Eine Entscheidung darüber werde aber noch einige Monate dauern, sagte eine Unternehmenssprecherin am Donnerstag. HB FRANKFURT. Der für die Technik zuständigen Konzerntochter Lufthansa Systems zufolge versagte bei dem Ausfall das vorhandene Reservesystem (Back-up) für die Check-In-Terminals, weil es an entscheidender Stelle auf das ausgefallene Betriebssystem zurückgreift. Sechs Stunden lang wurden am 23. September weltweit die Fluggäste von Lufthansa und mehreren Partnergesellschaften von Hand eingecheckt. Neben zahlreichen Verspätungen wurden 60 innereuropäische Flüge gestrichen. Prinzipiell sei ein eigenständiges Parallelsystem denkbar, sagte Lufthansa Systems-Chef Peter Franke. „So etwas ist natürlich nicht kostenneutral“, fügte er hinzu. Die Entscheidung für die Ausgestaltung des Back-up-Systems liege beim Kunden, in diesem Fall dem Lufthansa Geschäftsbereich Passage. Nach Einschätzung von Technikexperten hätte das Check-In mit einem Zweitsystem, das im Stand-by-Betrieb bereit stünde, binnen weniger als einer Stunde wieder funktionsfähig gewesen. Ein solches System würde rund zehn Mill. € zusätzlich kosten, hieß es am Rande eines Touristikfachkongresses in Köln bei Technikanbietern für den Luftfahrt- und Touristikbereich. Über möglichen Schadenersatz besteht bei Lufthansa noch keine Klarheit. „Ob und in welcher Höhe Schadenersatzforderungen geltend gemacht werden, wird momentan noch geprüft“, teilte die Unternehmens-Sprecherin mit. Eine Wiederholung der konkreten Ursache für den Check-In-Ausfall gilt mittlerweile als ausgeschlossen. „Es handelte sich um eine Verkettung von gleich drei Problemen“, sagte Systems-Chef Franke. Die US-Firma Unisys, deren Betriebssystem Lufthansa beim Check-In verwendet, hatte in der Nacht ein Software-Update ausgeführt. Im Gefolge davon kam es zu einem Systemabsturz, weil eine Speicherdatei vollgelaufen war.

… hatte in der Nacht ein Software-Update ausgeführt. Im Gefolge

davon kam es zu einem Systemabsturz, weil eine

Speicherdatei vollgelaufen war.…

|Software FailuresMissing software quality in commercial software.

• Lufthansa Buchungssystem“Totalausfall” (2009)

• ...

20

Computerpanne bei Lufthansa 30.09.2009, 12:26

Mit Zettel und Stift musste die Lufthansa heute ihre Passagiere einchecken. Eine Computerpanne hatte den Check-In lahmgelegt.

Mit Verspätungen muss wegen der Computerpanne noch bis morgen gerechnet werden. (Foto: ddp) Ein Ausfall des zentralen Lufthansa-Check-In-Systems hat weltweit zu Verzögerungen bei der Abfertigung sowie zu Verspätungen und einzelnen Flugausfällen geführt.

Das System kam kurz vor 04.00 Uhr während eines routinemäßigen Software-Updates zum Stillstand, wie ein Sprecher sagte. Zwar habe man den Server um 08.00 Uhr wieder starten können. Bis zum Mittwochabend könne es aber zu Verspätungen kommen.

Wegen des Systemausfalls musste die Lufthansa weltweit auf manuelles Einchecken umstellen. Passagiere wurden per Hand mit Stift und Papier eingecheckt werden, sagte Lufthansa-Sprecher[…]

|Nisus Writer Pro 1.4 - 2010Missing software quality in commercial software.

21

|Duden Office Bibliothek - 2010Missing software quality in commercial software.

22

|Software Quality - Internal Quality Factors


• Internal quality factors • modular • readable • …

23

} This lecture series’ main subject

|Internal Quality FactorsAn example of missing internal quality.

/// <summary> /// Turns true into false and false into true /// <param name="_booInpt">True of false</param> /// <returns>False or true</returns> private bool trueandorfalse(bool _booInpt) { // I'm quite sure though there is a very // clever C# standard command doing this, // I just can't find it right now ... if (_booInpt == true) return false; return true; }

24

|Internal Quality FactorsAn example of missing internal quality.

/** * Checks to see if Australia is typed into the other country box */ function checkContactCountry(inputBox) { var validator = new RegExp( /^(A|a)(U|u)(S|s)(T|t)(R|r)(A|a)(L|l)(I|i)(A|a) |(N|n)(E|e)(W|w)(Z|z)(E|e)(A|a)(L|l)(A|a)(N|n)(D|d) |(N|n)(E|e)(W|w) (Z|z)(E|e)(A|a)(L|l)(A|a)(N|n)(D|d)$/);

if(validator.test(inputBox.value)) { alert("Your Residential Address must be outside Australia. " + "Enter your residential address outside this country," + "or visit redacted-travel.com.au to make a booking if " + "you live in Australia."); inputBox.focus(); inputBox.select(); } }

25

|Internal Quality FactorsInternal quality.

def isAnnotatedWith( classFile: ClassFile, annotationTypes: Iterable[ObjectType]): Boolean = {

var bufferOutput: Iterable[Object] = Iterable.empty val runtimeVisibleAnnotations = classFile.runtimeVisibleAnnotations val runtimeInvisibleAnnotations = classFile.runtimeInvisibleAnnotations for (annotationType ← annotationTypes) { bufferOutput = bufferOutput ++ runtimeVisibleAnnotations.filter { case Annotation(`annotationType`, _) ⇒ true case _ ⇒ false } bufferOutput = bufferOutput ++ runtimeInvisibleAnnotations.filter { case Annotation(`annotationType`, _) ⇒ true case _ ⇒ false } }

annotationTypes.nonEmpty && !classFile.isAnnotationDeclaration && bufferOutput.nonEmpty }

26

Where is the issue/are the issues?

|

“Internal Quality Factors

Painting the Bike Shed - A sure-fire technique for ending pointless coding debates; ACM Queue, ACM 2009 1542-7730/09/0600

George V. Neville-Neil

[...] Have you ever noticed that when someone checks in some complex and, oftentimes, horrific piece of code, the check-in is greeted with an almost deafening silence? […] The explanation for why this occurs was first given by C. Northcote Parkinson […] He stated that if you were building something complex, then few people would argue with you because few people could understand what you were doing. If you were building something simple […] which most anyone could build, then everyone would have an opinion.

27

Just one reason for

“bad code”...

|Internal Quality FactorsIf you want to study code with missing quality...

28

But, reading other people’s code - in particular if the code is good - is one of the best ways to learn to program.

| Internal Quality FactorsIf you want to study code...

29

|Internal Quality FactorsSoftware quality in commercial software.

30

http://googlecode.blogspot.com/2009/07/apollo-11-missions-40th-anniversary-one.html

Part of the source code for Comanche, build 055. It is part of the source code for the Command Module's (CM) Apollo Guidance Computer (AGC), Apollo 11.

|Software Quality

It is often not possible to improve all software quality attributes. Sometimes they are at odds.

31

Software Quality Attributes

Reusability

MaintainabilityCorrectness

…

Software Quality• Good Software

Ian Sommerville; Software Engineering - Eighth Edition; Addison Wesley, 2007

|Software QualityAttributes of “good Software”

• Maintainability Software should be written in such a way that it may evolve to meet changing needs of customers.

• EfficiencySoftware should not waste system resources; it includes: responsiveness, processing time, memory utilisation, etc.

• Usability Software must be usable by the intended users.

• Dependability (dt. Verlässlichkeit)Dependable software does not cause physical or economic damage in the event of system failure. Further properties: Repairability, Survivability, Error Tolerance...

33

|Software QualitySome Aspects of Dependable Systems

34

Availability =dt. Verfügbarkeit Reliability =dt. Zuverlässigkeit Safety =dt. Betriebssicherheit Security =dt. Systemsicherheit

Dependability

Availability

The ability of the system to deliver

services when required

Safety

The ability of the system to

operate without catastrophic

failure

Security

The ability to protect itself

against accidental or

deliberate intrusion

this includes

Reliability

The ability of the system to deliver

services as specified

correctness precision timeliness

Software Engineering; Ian Sommerville; 2007

Software Quality Assurance (SQA)• Constructive vs. Analytical

|Software Quality Assurance

Fostering Software Quality by Means of… Constructive SQA and Analytical SQA

36

Scalable Static Analyses

Integrated Development Environments

Programming Languages

Domain Specific Languages

Lightweight Formal Methods

Software Development Processes

Software Architecture

Type Systems (Language Based Security)

Metrics

Machine Learning

….

…

|Programming Languages - Constructive Software Quality AssuranceNull Values…

• found in java.nio.file.FileTreeWalker next()if (ioe != null) { ioe = e;} else { ioe.addSuppressed(e);}

37

here, ioe is null

Constructive SQA

|Programming Languages - Constructive Software Quality Assurance 38

SimpleProject

ComplexProject

ProcessesExperiencesBest PracticesTools

Expr

essiv

ity o

f the

Pro

gram

min

g La

ngua

ge

Constructive SQA

|Fostering Software Quality

A Few (Well Known) Static Analysis Tools

• FindBugsLightweight static analyses on top of Java Bytecode.

• PMDLightweight static analyses on top of the AST using Java Visitors or XPath based rules.

• CheckStyle Lightweight static analyses on top of the AST using Java Visitors.

• CheckerFramework Static analyses using pluggable types.

• ConQATCode Clone Detection.

39

}

|Software Inspections - Lightweight Static Software Analysis 40



• JDependStructural analysis on top of Java Bytecode.

• DependencyFinderStructural analysis on top of Java Bytecode.

• Stan4JStructural analysis on top of Java Bytecode.

• Sonargaph (SonarJ)Analyzes the structure of applications.

47

}



• ESC/Java2Formal verification using JML Annotations.

• KeyFormal verification.

• …

48

}

|Fostering Software Quality by means of Static Analyses 49

reusability maintainability correctness effort

lightweight static analyses ✓ ✓ ↓-○

semi formal methods ✓ ↓

formal methods ✓ ↑

structure analyses ✓ ✓ ↓

style conformance checking ✓ ↓

architecture conformance

checking✓ ✓ ○-↑

code clone detection

violations of best practices/bug

patternsAna

lytica

l SQA

|Software Quality - TerminologyClassifying Found Issues

• True and False Positives • True and False Negatives • Irrelevant True Positives • Perceived False Positives

50

|Software Quality - TerminologyTrue and False Positives

• a True Positive is the correct finding (of something relevant)

• a False Positive is a finding that is just incorrect

51

This is what static analyses should detect.

False positives are typically caused by the weaknesses of the analysis.

|Software Quality - TerminologyExample of a True Positive

void printIt(String args[]) { if (args != null) { System.out.println(“number of elements: " + args.length); } for (String arg : args) { System.out.println(arg); } }

52

Let’s assume that we have a “basic” analysis to detect object accesses (o.xyz) that appear in a guarded context (if (o != null)) and also outside a guarded context.

guarded & unguarded

access

guard

|Software Quality - TerminologyExample of a False Positive

void printReverse(String args[]) { int argscount = 0; if (args != null) { argscount = args.length; } for (int i = argscount - 1; i >= 0; argscount--) { System.out.println(args[i]); } }

53

guarded & unguarded access

guard

implicit guard

Let’s assume that we have a “basic” analysis to detect object accesses (o.xyz) that appear in a guarded context (if (o != null)) and also outside a guarded context.

|Software Quality - TerminologyTrue and False Negatives

• a True Negative is the correct finding of no issue. • a False Negative is an issue that is not reported.

54

Generally, only relevant in the context of formal approaches.

|Software Quality - TerminologyIrrelevant True Positives

• Irrelevancy is context-dependent… • Issues related to Serialization are irrelevant when your application

doesn’t use Serialization at all. • A violation of the hashCode-equals contract may be completely

irrelevant for an (inner) class that is never put in a collection that uses hashes.

• …

55

|Software Quality - TerminologyIrrelevant True Positives

boolean handleIt(int i) { if (i < 0 || i > 2) throw new IllegalArgumentException();

switch (i) { case 0: case 1: return true;

case 2: return false;

default: throw new UnknownError(); } }

56

They are typically related to: • default cases in switch statements • assertions • a test that leads to an AssertionError

|Software Quality - Terminology

java.awt.font.TextLayout - Line 2404ff

Perceived False Positives

GeneralPath result = new GeneralPath(GeneralPath.WIND_NON_ZERO); … if (dx != 0 || dy != 0) { AffineTransform tx = AffineTransform.getTranslateInstance(dx, dy); result = (GeneralPath)tx.createTransformedShape(result); }

57

This cast will always fail!





58

public Shape createTransformedShape(Shape pSrc) { if (pSrc == null) { return null; } return new Path2D.Double(pSrc, this); }

interface Shape

class Path2D implements Shape, Cloneable

/*inner*/ class Double extends Path2D implements Serializable





59

public Shape createTransformedShape(Shape pSrc) { if (pSrc == null) { return null; } return new Path2D.Double(pSrc, this); }

interface Shape

class Path2D implements Shape, Cloneable

/*inner*/ class Double extends Path2D implements Serializable

Perceived false positives are the result of issue reports related to complex issues

and/or related to reports that are not easy to comprehend.


javax.swing.plaf.basic.BasicOptionPaneUI


protected Icon getIconForType(int messageType) { if(messageType < 0 || messageType > 3) return null; String propertyName = null; switch(messageType) { case 0: propertyName = “OptionPane.errorIcon"; break; case 1: propertyName = “OptionPane.informationIcon"; break; case 2: propertyName = “OptionPane.warningIcon"; break; case 3: propertyName = “OptionPane.questionIcon"; break; } if (propertyName != null) { return (Icon)DefaultLookup.get(optionPane, this, propertyName); } return null; }

60

Dead Code!


javax.swing.plaf.basic.BasicOptionPaneUI


protected Icon getIconForType(int messageType) { String propertyName = null; switch(messageType) { case 0: propertyName = “OptionPane.errorIcon"; break; case 1: propertyName = “OptionPane.informationIcon"; break; case 2: propertyName = “OptionPane.warningIcon"; break; case 3: propertyName = “OptionPane.questionIcon"; break; default: return null; } return (Icon)DefaultLookup.get(optionPane, this, propertyName); }

61

Refactored

|Software Quality - TerminologyCryptic True Positives

boolean process() throws Exception { boolean done = false; do { Thread.sleep(500); done = (System.currentTimeMillis() % 100l == 0l); } while (!done); return !done; }

62

Dead Edge!

if (done) done = false else done = true return done

Refactored: return false;

|Software Quality Assurance 63

Software Process Model

Modeling LanguagesDomain Specific Languages

Programming Language

Development Environment Traceability Tools

Static/Dynamic Analysis Tools{ }(High-Level) Documentation

…

A Holistic View is required.

Software Quality• Summary

|Does distributed development affect software quality? An empirical case study of Windows Vista

International Conference on Software Engineering Proceedings of the 2009 IEEE 31st International Conference on Software Engineering Year of Publication: 2009 ISBN:978-1-4244-3453-4

65

Does Distributed Development Affect Software Quality?An Empirical Case Study of Windows Vista

Christian Bird1, Nachiappan Nagappan2, Premkumar Devanbu1, Harald Gall3, Brendan Murphy2

1University of California, Davis, USA2Microsoft Research

3University of Zurich, Switzerland{cabird,ptdevanbu}@ucdavis.edu {nachin,bmurphy}@microsoft.com [email protected]

Abstract

It is widely believed that distributed software develop-ment is riskier and more challenging than collocated de-velopment. Prior literature on distributed development insoftware engineering and other fields discuss various chal-lenges, including cultural barriers, expertise transfer dif-ficulties, and communication and coordination overhead.We evaluate this conventional belief by examining the over-all development of Windows Vista and comparing the post-release failures of components that were developed in a dis-tributed fashion with those that were developed by collo-cated teams. We found a negligible difference in failures.This difference becomes even less significant when control-ling for the number of developers working on a binary.We also examine component characteristics such as codechurn, complexity, dependency information, and test codecoverage and find very little difference between distributedand collocated components to investigate if less complexcomponents are more distributed. Further, we examine thesoftware process and phenomena that occurred during theVista development cycle and present ways in which the de-velopment process utilized may be insensitive to geographyby mitigating the difficulties introduced in prior work in thisarea.

1. Introduction

Globally distributed software development is an increas-ingly common strategic response to issues such as skillset availability, acquisitions, government restrictions, in-creased code size, cost and complexity, and other resourceconstraints [5, 10]. In this paper, we examine develop-ment that is globally distributed, but completely within Mi-crosoft. This style of global development within a singlecompany is to be contrasted with outsourcing which in-volves multiple companies. It is widely believed that dis-

tributed collaboration imposes many challenges not inher-ent in collocated teams such as delayed feedback, restrictedcommunication, less shared project awareness, difficulty ofsynchronous communication, inconsistent development andbuild environments, lack of trust and confidence betweensites, etc. [22]. While there are studies that have examinedthe delay associated with distributed development and thedirect causes for them [12], there is a dearth of empiricalstudies that focus on the effect of distributed developmenton software quality in terms of post-release failures.

In this paper, we use historical development data fromthe implementation of Windows Vista along with post-release failure information to empirically evaluate the hy-pothesis that globally distributed software developmentleads to more failures. We focus on post-release failuresat the level of individual executables and libraries (whichwe refer to as binaries) shipped as part of the operating sys-tem and use the IEEE definition of a failure as “the inabilityof a system of component to perform its required functionswithin specified performance requirements” [16].

Using geographical and commit data for the developersthat worked on Vista, we divide the binaries produced intothose developed by distributed and collocated teams and ex-amine the distribution of post-release failures in both popu-lations. Binaries are classified as developed in a distributedmanner if at least 25% of the commits came from locationsother than where binary’s owner resides. We find that thereis a small increase in the number of failures of binaries writ-ten by distributed teams (hereafter referred to as distributedbinaries) over those written by collocated teams (collocatedbinaries). However, when controlling for team size, the dif-ference becomes negligible. In order to see if only smaller,less complex, or less critical binaries are chosen for dis-tributed development (which could explain why distributedbinaries have approximately the same number of failures),we examined many properties, but found no difference be-tween distributed and collocated binaries. We present ourmethods and findings in this paper.

ICSE’09, May 16-24, 2009, Vancouver, Canada978-1-4244-3452-7/09/$25.00 © 2009 IEEE 518

|Browser Security: Lessons from Google Chrome

ACM Queue Volume 7 , Issue 5 (June 2009) Distributed Computing Year of Publication: 2009 ISSN:1542-7730

66

|Software Quality

Take responsibility!

There are no excuses. If you develop a system, it is your responsibility to do it right. Take that responsibility. Do it right, or don’t do it at all.

67

Recall the “fifteen principles of Software Engineering”.

|Goal of the Lecture

The goal of this lecture is to enable you to systematically carry out small(er) software projects that produce quality software.

68

• Software quality is not just about the (internal) quality of the source code. • Software quality means different things to different stake holders. • To produce quality software a holistic view on a software project is required.

|Goal of the Lecture

• The goal of this lecture is to enable you to systematically carry out small(er) commercial or open-source projects.

69

Project Start

Project End

Software Project Management

Requirements ManagementDomain Modeling

Software Quality

dr. michael eichberg software engineering department of ... · major external quality factors |...

Documents