Source code-based software risk assessing

  • Authors:

  • W. Eric Wong;Yu Qi;Kendra Cooper

  • Affiliations:

  • University of Texas at Dallas, Richardson, TX;University of Texas at Dallas, Richardson, TX;University of Texas at Dallas, Richardson, TX

  • Venue:
  • Proceedings of the 2005 ACM symposium on Applied computing
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

The more complex a software system is, the more likely it is that programmers will make mistakes that introduce faults which can lead to execution failures. A risk in a software system can be viewed as a potential problem, and a problem is a risk that has manifested. In order to reduce the risk of software operations, code which has the potential to cause problems has to be identified so that necessary actions (e.g., performing a more thorough testing on such code) can be taken to prevent any such problems from occurring. Consequently, this can help programmers detect faults in the software before it is deployed and reduce the overall maintenance code. In this paper, we propose a static and a dynamic risk model using metrics collected based on the source code; more specifically, metrics which are either related to the static structure of the source code or the dynamic test coverage of the code. The computation of the risk of code is automated at different granularity levels ranging from basic blocks to functions. An experiment to demonstrate the feasibility of using our method is reported. High risk code, so identified by our method, can be integrated with information collected from other software quality assurance practices to further ensure the safe operation of software applications.