Source Code verifiction Using Logiscope nd CodeReducer Christophe Peron Principl Consultnt Klimetrix
Agend Introducing Logiscope: Improving confidence nd developer s productivity Bsed on stte-of-the-rt best prctices A ll-in-one toolset Introducing New Comer: CodeReducer Logiscope nd CodeReducer in ction: A demo Q&A 2
Qulity Requirements for Tody s Softwre Tody s development stndrds nd best prctices ll gree: Forml Verifiction & Review processes re required! RTCA/DO-178B, IEC 61508, MIL-STD 498, EN 50128, MISRA, JSF++ CMMI, ISO/IEC 12207, Softwre code qulity is now clerly tied to Business Priorities Improve qulity vi efficient bug prevention Reduce development & mintennce costs Improve reuse Outsourced development vlidtion Customer nd regultion cceptnce 3
Exmples of regultory requirements: IEC 61508-3: Softwre requirement for Sfety relted systems «Functionl sfety of electricl / electronic / progrmmble electronic sfety relted systems Prt 3: softwre requirements» Technique/Mesure SIL1 SIL2 SIL3 SIL4 Softwre module testing nd integrtion Softwre nd Hrdwre integrtion Softwre verifiction 1 Probbilistic testing --- R R HR x x x 2 Dynmic nlysis nd testing R HR HR HR x x 3 Dt recording nd nlysis HR HR HR HR x x 4 Functionl nd blck box testing HR HR HR HR x x x x 5 Performnce testing R R HR HR x x x 6 Interfce testing R R HR HR x x 7 Sttic nlysis R HR HR HR x 8 Forml proof --- R R HR x 9 Softwre complexity metrics R R R R x 10 Simultion nd modelling R R HR HR x Softwre sfety vlidtion Softwre verifiction is Highly Recommended (HR) or Recommended (R) whtever the softwre Sfety Integrity Level (SIL) Logiscope supports Sttic nlysis nd Softwre complexity metrics tht re clerly stted s Highly Recommended or Recommended testing techniques.
Exmples of regultory requirements: Glileo Softwre Stndrd (Spce industry) Some requirements mong others 6.5.2.1 Structurl Coverge Requirements «The following types of verifiction methods re envisged for the structurl coverge of ech SDD component: Sttement coverge of source nd object code, Decision coverge of source code, Modified consition & decision coverge of source code.» 6.5.3.1 Verifiction of Source nd Executble Object Code «Source code nd executble code re verified by test, Source Code Inspections, Fgn inspections, Sttic Anlysis nd Wlkthroughs. Sttic code nlysis cn be fully or prtilly replced by the use of utomted tools.» 9.4. Softwre Metrics «Metrics collection nd nlysis help to evlute the softwre product in order to identify res of improvement by compring mesured qulity ginst expected qulity. Ech qulity objective is expressed in severl properties of the softwre, which cn be mesured nd quntified. The chosen metrics re nlysed ginst trget vlues to tke remedil ctions, if necessry, to ensure the chievement of the qulity gols. The metrics re pplied tking into ccount thetiloring of the qulity model lso referring to the definition of the criticlity clsses.»
Exmples of regultory requirements: ISO/IEC 12207 Softwre Life-Cycle Processes 5. Primry Processes 5.1 Acquisition 5.1 Acquisition 5.2 Supply 5.2 Supply 6. Supporting Processes support 6.1 Documenttion 6.1 Documenttion 6.2 Configurtion Mngement 6.2 Configurtion Mngement 6.3 Qulity Assurnce 6.3 Qulity Assurnce 5.3 5.3 Development 5.4 Opertion 5.5 5.5 Mintennce 6.4 Verifiction 6.4 Verifiction 6.5 Vlidtion 6.5 Vlidtion 6.6 Joint Review 6.6 Joint Review 6.7 Audit 6.7 Audit 6.8 Problem Resolution 6.8 Problem Resolution 7. Orgniztionl Processes 7.1 Mngement 7.2 Infrstructure 7.3 Improvement 7.4 Trining 6
Exmples of regultory requirements: SEI / CMMI Level 5 Optimizing 4 Quntittively Mnged 3 Defined 2 Mnged 1 Initil Focus Continuous process improvement Quntittive mngement Process stndrdiztion Bsic project mngement Process Ares Orgniztionl Innovtion nd Deployment Cusl Anlysis nd Resolution Orgniztionl Process Performnce Quntittive Project Mngement Requirements Development Technicl Solution Product Integrtion Verifiction Vlidtion Orgniztionl Process Focus Orgniztionl Process Definition Orgniztionl Trining Integrted Project Mngement Risk Anlysis Integrted Teming Integrted Supplier Mngement Decision Anlysis nd Resolution Requirements Mngement Project Plnning Project Monitoring nd Control Supplier Agreement Mngement Mesurement nd Anlysis Process nd Product Qulity Assurnce Configurtion Mngement 7
Softwre product evlution: A stndrdised process Requester's Requirements Estblishment of Requirements 1 Requirements ISO/CEI 14598-5 Informtion Technology - Softwre Product - Process Specifiction of the Specifiction Requester's Input Product Description Evlutor's Input Pre-defined Specifictions Product Components Methods 2 3 Tools Design of the Pln Record of Actions Execution of the Synthetised Results Drft Report Conclusion of the Records Reviewed Report 8
requirements: Softwre product chrcteristics "The cpbility of the softwre product to provide functions which meet stted nd implied needs when the softwre is used under specified conditions. " USABILITY FUNCTIONALITY "The cpbility of the softwre product to to be understood, lerned, used nd ttrctive to the user when used under specified conditions." RELIABILITY " The cpbility of the softwre product to mintin specified level of performnce when used under specified condition." EFFICIENCY " The cpbility of the softwre product to provide pproprite performnce, reltive to the mount of resources used, under stted conditions." MAINTAINABILITY " The cpbility of the softwre product to be modified. Modifictions my include corrections, improvments or dpttion of the softwre to chnges in environment, nd in requirements nd functionl specifictions" PORTABILITY " The cpbility of the softwre product to be trnsferred from one environment to nother."
Softwre product evlution: A stndrdised process Requester's Requirements Estblishment of Requirements Requirements ISO/CEI 14598-5 Informtion Technology - Softwre Product - Process Specifiction of the Specifiction Requester's Input Product Description Evlutor's Input Pre-defined Specifictions Product Components Methods 2 Tools Design of the Pln Record of Actions Execution of the Synthetised Results Drft Report Conclusion of the Records Reviewed Report 10
Techniques supported by Logiscope: Progrmming Rule Checking Requirements: The source code shll be "strongly typed" The source code shll follow n homogeneous presenttion Risky or mbiguous constructions shll be voided. Etc. Softwre Item: Source Code Principles: Tool-bsed checking of coding stndrds / conventions / rules : Code Lyout Dt Flow Sttement Complexity Control Flow Structuring Nming Conventions Portbility Complince etc. Source code inspection Instrument: Logiscope RuleChecker
Techniques supported by Logiscope: Source Code Metrics Requirements: "A component shll not hve n excessive intrinsic complexity" Softwre Item: Source Code Principles: Mesuring complexity ttributes on ech component Compring the vlues with threshold Rting ccording to the number of mesures exceeding the thresholds Instrument: Logiscope QulityChecker T_COM NPATH LG_PROG SAUT_INCOND T_MOY NB_NIV F_VOC VG NB_ES NB_INS
Techniques supported by Logiscope: Control Flow Anlysis Requirements: A function shll not hve n excessive intrinsic complexity" Duplicting source code shll be voided No sttement shll be locted fter brnching sttement or n exit sttement within block" etc. Softwre Item: Source Code Principles: Representing the control flow of ech function s grph Looking for risky structures : Non homogeneous processing flow, Lck of processing hierrchy, Lck of code fctoriztion, Ded code, etc. Instrument: Logiscope QulityChecker
Techniques supported by Logiscope: Components Coupling Anlysis Requirements: The dependency on the O.S. shll be optimized/minimized. The dependency on non-developmentl softwre shll be optimized/minimized. Interdependency between softwre unit shll be strictly limited Softwre Item: Source Code Principles: Representing the clling/use reltions between components s grph Grouping components into upper-level components Anlyzing the coupling between components Instrument: Logiscope QulityChecker
Techniques supported by Logiscope: Structure-Bsed Testing Test Coverge Anlysis Test Requirements: Complementrities nd synergy between testing techniques shll be ensured. The tests shll show tht ech softwre module does not perform unintended functions. The level of completeness of the test shll be explicitly defined. Softwre Item: Test Pln Principles: Decompose Decompose the the softwre softwre in in elementry elementry objects objects Count Count exercised exercised objects objects Trce Trce exercised exercised objects objects Specify Specify dditionl dditionl test test cses cses for for un-exercised un-exercised objects objects Execute Execute test test cses cses Instrument : Logiscope TestChecker
Softwre product evlution: A stndrdized process Requester's Requirements Estblishment of Requirements Requirements ISO/CEI 14598-5 Informtion Technology - Softwre Product - Process Specifiction of the Specifiction Requester's Input Product Description Evlutor's Input Pre-defined Specifictions Product Components Methods Tools Design of the 3 Pln Record of Actions Execution of the Synthetised Results Drft Report Conclusion of the Records Reviewed Report 16
The tool: Logiscope A set of evlution modules supporting sttic nlysis techniques: Logiscope Modules Qulity Checker Rule Checker Code Reducer Test Checker Control Flow Anlysis Component Coupling Anlysis Source Code Metrics Progrmming Rules Checking Structure-Bsed Testing Processing C, C++, Ad nd Jv source code Avilble on Windows, UNIX nd LINUX pltforms
Sttic Anlysis A risk mngement mixed technique Frequency of filure Construction Uncceptble Risk Mixed technique Prevention Acceptble Risk Severity of filures Construction : Better structuring the code to reduce severity of filures Prevention : Chnging the code to correct violtions thus reducing the number of ltent bugs in the code
Sttic Anlysis: Expecting high ROI No risky / erroneous construction No duplicted code No complex function No useless/unused item Less defects Relibility Less code Less Review nd Testing Higher Productivity Hierchicl processing Structured flow Mintinbility Esier to dive in code Less Rework Homogeneous code
Source code verifiction using Logiscope & CodeReducer A Demo 20
Logiscope CodeReducer A New Comer in the Logiscope Toolset Find similrities in the code t the code structure level Independently of the formtting, nming of files, functions, vribles, etc. NOT just n other File Compre tool! Increse Softwre Mintinbility through pproprite code re-fctoring in identifying duplicted code possibly cross mny source code trees. through voidble code dupliction resulting of low qulity mintennce ctivities. 21
CodeReducer A New Comer in the Logiscope Toolset Severl Use Cses: Finding code similrities in the overll code of project Compring two versions of the sme project nd highlighting differences. Finding ll instnces similr to reference code in the project 22
Pieces re NOT identicl CodeReducer Similrity Vs. Identity // Here is comment for (i=0;i<5;++i) { j = j+1; } for (j=5; j<10; ++j) { // here is nother comment k = k+1; } But there re similr (A loop) 23
Pieces re NOT identicl CodeReducer Similrity Vs. Identity // Here is comment for (i=0;i<max_size;i++) { j = j+1; } // Here is comment for (i=0;i<max_size;i++) { j = j+i; } But there re (very) similr: Is tht fix not reported? 24
Pieces re NOT identicl CodeReducer Similrity Vs. Identity // Here is comment for (i=0;i<max_size;i++) { j = j+1; } // Here is comment for (i=0;i<max_size;i++) { j = j+1; k = k+1; // BugRep No 25 } But there re (lso very) similr: Is tht gin fix not reported? 25
CodeReducer Using code tokens For CodeReducer, similrity is two or more of sequences of identicl tokens found A token is code structurl element: e.g. control structures, structure nd instructions delimiters, ssignment opertors, For ll lnguges, tokens re broken down into ctegories: Ctegory 1: Control structures (if, else, loops, switch, procedures, pckges, clsses), Ctegory 2: Blocks (begin, end, {}), Ctegory 3: Assignments, Ctegory 4: Opertors (+, -, *,...), Ctegory 5: Prenthesis nd instructions termintors. 26
CodeReducer Code tokens nd «precision» The higher the precision, the more tokens will be considered when looking for similrities. A given precision considers ll tokens for this precision nd lower ones too. - Precision 1 uses only tokens of Ctegory 1; - Precision 2 uses tokens of Ctegory 1 nd Ctegory 2, -etc. The serch results grnulrity is linked to the precision: Precision 1: Detection of similr lgorithms, Precision 2: + detection of similr code structure, Precision 3: + detection of sme number of vribles ssignments in code blocks, Precision 4: + detection of similr expressions, Precision 5: + detection of sme number of instructions with similr contents. 27
Source code verifiction using Logiscope & CodeReducer Bck to the Demo 28
Thnk You - Questions Source Code Verifiction Using Logiscope nd CodeReducer
Source Code Verifiction Using Logiscope Avoidnce nd Erly Detection of Defects Detection of risky / erroneous constructions Correltion between code complexity nd defect number 8 residul defects by verge for cyclomtic complexity of 50 2 residul defects by verge for cyclomtic complexity of 25 NCBody 10 9 8 7 6 5 4 3 2 1 [CNES Study on Arine CCO Ad source code - 2001] 0 10,0 20,0 30,0 40,0 50,0 60,0 70,0 80,0 90,0 X4 Bugs for only X2 Complexity ct_cyclo.sum Moyenne cumulée Moyenne Prog. Lin.