On the value of static analysis for fault detection in software. Zheng, J.; Williams, L.; Nagappan, N.; Snipes, W.; Hudepohl, J.; and Vouk, M. IEEE Transactions on Software Engineering, 32(4):240--253, April, 2006.
doi  abstract   bibtex   
No single software fault-detection technique is capable of addressing all fault-detection concerns. Similarly to software reviews and testing, static analysis tools (or automated static analysis) can be used to remove defects prior to release of a software product. To determine to what extent automated static analysis can help in the economic production of a high-quality product, we have analyzed static analysis faults and test and customer-reported failures for three large-scale industrial software systems developed at Nortel Networks. The data indicate that automated static analysis is an affordable means of software fault detection. Using the orthogonal defect classification scheme, we found that automated static analysis is effective at identifying assignment and checking faults, allowing the later software production phases to focus on more complex, functional, and algorithmic faults. A majority of the defects found by automated static analysis appear to be produced by a few key types of programmer errors and some of these types have the potential to cause security vulnerabilities. Statistical analysis results indicate the number of automated static analysis faults can be effective for identifying problem modules. Our results indicate static analysis tools are complementary to other fault-detection techniques for the economic production of a high-quality software product.
@article{ zheng_value_2006,
  title = {On the value of static analysis for fault detection in software},
  volume = {32},
  issn = {0098-5589},
  doi = {10.1109/TSE.2006.38},
  abstract = {No single software fault-detection technique is capable of addressing all fault-detection concerns. Similarly to software reviews and testing, static analysis tools (or automated static analysis) can be used to remove defects prior to release of a software product. To determine to what extent automated static analysis can help in the economic production of a high-quality product, we have analyzed static analysis faults and test and customer-reported failures for three large-scale industrial software systems developed at Nortel Networks. The data indicate that automated static analysis is an affordable means of software fault detection. Using the orthogonal defect classification scheme, we found that automated static analysis is effective at identifying assignment and checking faults, allowing the later software production phases to focus on more complex, functional, and algorithmic faults. A majority of the defects found by automated static analysis appear to be produced by a few key types of programmer errors and some of these types have the potential to cause security vulnerabilities. Statistical analysis results indicate the number of automated static analysis faults can be effective for identifying problem modules. Our results indicate static analysis tools are complementary to other fault-detection techniques for the economic production of a high-quality software product.},
  number = {4},
  journal = {IEEE Transactions on Software Engineering},
  author = {Zheng, J. and Williams, L. and Nagappan, N. and Snipes, W. and Hudepohl, J.P. and Vouk, M.A},
  month = {April},
  year = {2006},
  keywords = {Computer industry, Failure analysis, Fault detection, Fault diagnosis, Large-scale systems, Nortel Networks, Production systems, Software Quality, System testing, _based_on_odc, _done, _model_of_faults, _target_is_code, automated static analysis, automatic testing, code inspection, code inspections, high-quality software product, industrial software system, orthogonal defect classification scheme, program diagnostics, programmer error, security vulnerability, software fault-detection, software testing, software tools, static analysis tool, walkthroughs.},
  pages = {240--253}
}
Downloads: 0