Modeling and managing risk early in software development
ICSE '93 Proceedings of the 15th international conference on Software Engineering
Error Reporting with Graduated Color
IEEE Software
Impact of interruption style on end-user debugging
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Mylar: a degree-of-interest model for IDEs
Proceedings of the 4th international conference on Aspect-oriented software development
Static analysis tools as early indicators of pre-release defect density
Proceedings of the 27th international conference on Software engineering
Experiences from Conducting Semi-structured Interviews in Empirical Software Engineering Research
METRICS '05 Proceedings of the 11th IEEE International Software Metrics Symposium
ICIMP '07 Proceedings of the Second International Conference on Internet Monitoring and Protection
ESEM '07 Proceedings of the First International Symposium on Empirical Software Engineering and Measurement
A report on a survey and study of static analysis users
DEFECTS '08 Proceedings of the 2008 workshop on Defects in large software systems
Secure programming with static analysis
Secure programming with static analysis
Proceedings of the Second ACM-IEEE international symposium on Empirical software engineering and measurement
Using Static Analysis to Find Bugs
IEEE Software
Refactoring Tools: Fitness for Purpose
IEEE Software
Path projection for user-centered static analysis tools
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A few billion lines of code later: using static analysis to find bugs in the real world
Communications of the ACM
Proceedings of the 19th international symposium on Software testing and analysis
An interactive ambient visualization for code smells
Proceedings of the 5th international symposium on Software visualization
EFindBugs: Effective Error Ranking for FindBugs
ICST '11 Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation
A study on improving static analysis tools: why are we not using them?
Proceedings of the 34th International Conference on Software Engineering
Novice understanding of program analysis tool notifications
Proceedings of the 2013 International Conference on Software Engineering
Investigation of error notifications through categorization
Proceedings of the 2013 companion publication for conference on Systems, programming, & applications: software for humanity
Teaching Secure Coding Practices to STEM Students
Proceedings of the 2013 on InfoSecCD '13: Information Security Curriculum Development Conference
| Hi-index | 0.00 |
Using static analysis tools for automating code inspections can be beneficial for software engineers. Such tools can make finding bugs, or software defects, faster and cheaper than manual inspections. Despite the benefits of using static analysis tools to find bugs, research suggests that these tools are underused. In this paper, we investigate why developers are not widely using static analysis tools and how current tools could potentially be improved. We conducted interviews with 20 developers and found that although all of our participants felt that use is beneficial, false positives and the way in which the warnings are presented, among other things, are barriers to use. We discuss several implications of these results, such as the need for an interactive mechanism to help developers fix defects.