Join the Community www.rational-ug.org Tweet with Us @RationalUC #rationaluc www.twitter.com/rationaluc Join Our Group on LinkedIn: Global Rational User Community https://www.linkedin.com/groups/Global-Rational-User-Community-GRUC-120486/about Connect with Us on Google+ https://plus.google.com/+RationalugOrgGlobal/posts
41
Embed
Webcast Presentation: Accelerate Continuous Delivery with Development Testing and Rational Team Concert
With organizations under intense pressure to get products out to market quickly, they can’t afford to operate within operational silos. Yet communicating and collaborating across the organizational boundaries of QA and development can be difficult. Development is typically a black box to QA teams. QA has no visibility into the quality and security of the code until late in the lifecycle.
Watch this recorded webcast to learn how to break down the barriers and improve visibility and transparency by integrating development testing results into the IBM Rational Team Concert and providing QA and development with a unified workflow for ensuring code quality. Explore different development testing techniques and the types of defects and security vulnerabilities they can find.
About the Presenter:
James Croall, Director of Product Management, Coverity Over the last 8 years, James Croall has helped a wide range of customers incorporate static analysis into their software development lifecycle. Prior to Coverity, Mr. Croall spent 10 years in the computer and network security industry as a C/C++ and Java software engineer.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Join the Community
www.rational-ug.org
Tweet with Us @RationalUC #rationaluc
www.twitter.com/rationaluc
Join Our Group on LinkedIn: Global Rational User Community
“Coverity is really great and its web GUI is fun to use, too. I was able to identify and fix resource leaks, NULL pointer issues, buffer overflows and missing checks all over the place.”
-Christian, Python developer
14 Copyright 2013, Coverity Inc.
Comparison by Defect Type
Type Coverity FindBugs Shared Defects
Unhandled exceptions
(incl. NULL deref)79 7 5
Resource leaks 86 12 13
Concurrency problems 22 10 9
Critical Defect
Subtotal188 29 27
Coding Standards, Best
Practices, Other9 598 1
Total Bugs 196 627 28
Coverity
79
86
22
187
Coverity identified
4 timesas many critical defects
15 Copyright 2013, Coverity Inc.
Test Analysis
Coverity development testing platform
16 Copyright 2013, Coverity Inc.
SDLC Testing Stage Worst Median Best
Requirements review (informal) 20% 30% 50%
Top-level design reviews (informal) 30% 40% 60%
Detailed functional design inspection 30% 65% 85%
Detailed logic design inspection 35% 65% 75%
Code inspection / static analysis 35% 60% 90%
Unit tests / Regression tests 10% 25% 50%
New Function tests 20% 35% 65%
Integration tests 25% 45% 60%
System test 25% 50% 65%
External Beta tests 15% 40% 75%
Automated testing can deliver 50% defect removal efficiency – but often falls short
Source: Capers Jones
17 Copyright 2013, Coverity Inc.
Focus testing time where it matters
And don’t waste time writing testsyou don’t need
Test AnalysisImproving automated testing effectiveness and efficiency
HighRiskCode
HighRiskCode
18 Copyright 2013, Coverity Inc.
Powered by Coverity SAVE®
Test Analysis: How It Works
The critical code that must be thoroughly tested
Define
Analyze
Remediate
Govern
Code that has changed and been impacted by changes
Code that has been insufficiently tested
Manage progress to improve test coverage
19 Copyright 2013, Coverity Inc.
What code needs to be tested based on your high risk criteria
With patent-pending techniques based on code behavior and change impact
Surface issues in your workflow and efficiently manage to closure
Create a testing stage gate and enforce developer accountability
All code changes for next release …
and code impacted by those changes …
must have 100% coverage …
not counting exception handling and debug code.
Test Analysis: Sample Policy
Define
Analyze
Remediate
Govern
20 Copyright 2013, Coverity Inc.
• Change impact analysis enables understanding of the effect of a given code change beyond the place in the code where the change occurs
• Example: changing the behavior of a function might affect the behavior of other functions that call it
• Example: changing the type hierarchy might change the resolution of virtual methods, resulting in a change of behavior where those methods are called
What is Change Impact Analysis?
21
f25
f33 f77
f15 f90
Foo
...
f23f76 f32
f34
f54
...
f89 f67
f87f56
f34
......
... ...
... ...... ...
......
Changed code
Legacy code
Impactedcode
Change“ripple”
Copyright 2013, Coverity Inc.
Maximizing ROI on Automated Testing
• Improve the efficiency of your testing through focus
• Move from 10-25% efficiency to 50%Focus
• Establish and enforce consistent policies and a process for automated testing Process
• Improve visibility into the testing process
• Establish criteria for when testing is complete/introduce stage gate
Visibility and Control
Copyright 2013, Coverity Inc.22
Coverity: Who are they?
23 Copyright 2013, Coverity Inc.
Coverity Overview
Company Facts Financial Facts Customer Facts
• Founded in 2003 at Stanford Labs
• 300 employees across 10 countries
• #1 in software quality analysis – IDC
• Acquired by Synopsys in March 2014
• Over 1,100 world class customers
• Over 75,000 happy developers
• 5 billion lines of code under management
• 30% YOY revenue growth
• Cash flow positive with no debt
• 30% of revenue invested in R&D
24 Copyright 2013, Coverity Inc.
Coverity is the Development Testing Leader
2012 Testing Platforms
Market Mover ArrayCoverity Recognized as Transformational
Vendor
Featured in…
#1 vendor for Worldwide Software Quality Analysis and Measurement