Introduction of static quality analysis in small- and medium-sized software enterprises: experiences from technology transfer

Mario Gleirscher, Dmitriy Golubitskiy, Maximilian Irlbeck, Stefan Wagner

Research output: Contribution to journalArticlepeer-review

17 Scopus citations

Abstract

Today, small- and medium-sized enterprises (SMEs) in the software industry face major challenges. Their resource constraints require high efficiency in development. Furthermore, quality assurance (QA) measures need to be taken to mitigate the risk of additional, expensive effort for bug fixes or compensations. Automated static analysis (ASA) can reduce this risk because it promises low application effort. SMEs seem to take little advantage of this opportunity. Instead, they still mainly rely on the dynamic analysis approach of software testing. In this article, we report on our experiences from a technology transfer project. Our aim was to evaluate the results static analysis can provide for SMEs as well as the problems that occur when introducing and using static analysis in SMEs. We analysed five software projects from five collaborating SMEs using three different ASA techniques: code clone detection, bug pattern detection and architecture conformance analysis. Following the analysis, we applied a quality model to aggregate and evaluate the results. Our study shows that the effort required to introduce ASA techniques in SMEs is small (mostly below one person-hour each). Furthermore, we encountered only few technical problems. By means of the analyses, we could detect multiple defects in production code. The participating companies perceived the analysis results to be a helpful addition to their current QA and will include the analyses in their QA process. With the help of the Quamoco quality model, we could efficiently aggregate and rate static analysis results. However, we also encountered a partial mismatch with the opinions of the SMEs. We conclude that ASA and quality models can be a valuable and affordable addition to the QA process of SMEs.

Original languageEnglish
Pages (from-to)499-542
Number of pages44
JournalSoftware Quality Journal
Volume22
Issue number3
DOIs
StatePublished - 1 Sep 2014
Externally publishedYes

Keywords

  • Architecture conformance analysis
  • Bug pattern detection
  • Code clone detection
  • Quality models
  • Small- and medium-sized software enterprises
  • Software quality
  • Static analysis

Fingerprint

Dive into the research topics of 'Introduction of static quality analysis in small- and medium-sized software enterprises: experiences from technology transfer'. Together they form a unique fingerprint.

Cite this