Monday, January 18, 2010

Static Testing and Static Analysis

Why, when and what to review?

Any document can be reviewed. For instance, requirement specifications, design specifications, code, test plans, user guides, etc. Ideally review as soon as possible.

Costs – on-going review costs of approx. 15% of development budget. The cost of reviews includes activities such as the review process itself, metrics analysis and process improvement.

Benefits – include areas such as development productivity improvements, reduced development time-scales, testing cost and time reductions, lifetime cost reductions, reduced fault levels, etc.

Types of Reviews

Walkthroughs – scenarios, dry runs, peer group, led by author.

Inspections – led by trained moderator (not author), defined roles, includes metrics, formal process based on rules and checklists with entry and exit criteria.

Informal reviews – undocumented, but useful, cheap, widely-used.

Technical reviews (also known as peer reviews) – documented, defined fault-detection process, includes peers and technical experts, no management participation.

Goals – validation and verification against specifications and standards, (and process improvement). Achieve consensus.

Activities – planning, overview meeting, preparation, review meeting, and follow-up (or similar).

Roles and responsibilities – moderators, authors, reviewers/inspectors and managers (planning activities).

Deliverables – product changes, source document changes, and improvements (both review and development).

Pitfalls – lack of training, lack of documentation, lack of management support (and failure to improve process).

Static Analysis

- compiler-generated information; dataflow analysis; control-flow graphing; complexity analysis

Explain that static analysis involves no dynamic execution and can detect possible faults such as unreachable code, undeclared variables, parameter type mismatches, uncalled functions and procedures, possible array bound violations, etc.

Explain that any faults found by compilers are found by static analysis. Compilers find faults in the syntax. Many compilers also provide information on variable use, which is useful during maintenance.

Explain that data flow analysis considers the use of data on paths through the code, looking for possible anomalies, such as ‘definitions’ with no intervening ‘use’, and ‘use’ of a variable after it is ‘killed’.

Explain use of, and provide example of production of control flow graph for a program.

Introduce complexity metrics, including cyclomatic complexity.

Labels: ,

4 Comments:

At May 11, 2010 at 7:25 AM , Blogger QPT said...

Can u get 10 / 10 in this Testing game?Try
Easy learning

 
At June 9, 2010 at 11:04 AM , Blogger SEO First said...

According to me static analysis done by the examine the code without executing.
software quality assurance

 
At March 21, 2013 at 11:39 PM , Blogger raaz said...

Hi..
I appreciate the ideas and this is very nice article and have great information.
Sample Analysis in China | Food Testing .

 
At July 1, 2017 at 10:07 PM , Blogger Alford Williams said...

The static code analysis tools comparison. very detailed and exact information given. Time taken for this article is highly appreciable.
static analysis in testing

 

Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home