[SystemSafety] Request for links to papers about software defect densities
David Crocker
dcrocker at eschertech.com
Fri Nov 6 20:03:26 CET 2020
I published some date on defect rates discovered by weak static analysis
in ~4m lines of C++ code in the SCSC newsletter several years ago, but
it doesn't meet Martyn's criterion of being peer reviewed. I was not at
liberty to provide the source of the original data.
It's very hard to get figures for discovered defects in closed-source
code. One way that defect rate data might be generated is if proper
static analysis were applied to a large body of open-source software
that hasn't had full static analysis applied before, and the issues
identified examined to see whether they represented actual defects or
not (which is what I did in the study I published, except that the
static analysis was weak). Any ideas on who might fund such a project?
Cheers
David Crocker, Escher Technologies Ltd.
http://www.eschertech.com
Tel. +44 (0)20 8144 3265 or +44 (0)7977 211486
On 06/11/2020 18:39, Steve Tockey wrote:
>
> Along these same lines, does anyone have any reliable data on defect
> re-injection rates? Specifically, I remember hearing that on average
> for every 8 defects that are fixed, a new defect is injected as a
> result of that fix.
>
> Does anybody have a pointer to reliable data along these lines?
>
>
> Thanks,
>
> — steve
>
>
>
> From: systemsafety
> <systemsafety-bounces at lists.techfak.uni-bielefeld.de
> <mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de>> on
> behalf of Martyn Thomas <martyn at 72f.org <mailto:martyn at 72f.org>>
> Date: Thursday, October 29, 2020 at 2:05 AM
> To: "systemsafety at techfak.uni-bielefeld.de
> <mailto:systemsafety at techfak.uni-bielefeld.de>"
> <systemsafety at techfak.uni-bielefeld.de
> <mailto:systemsafety at techfak.uni-bielefeld.de>>
> Subject: [SystemSafety] Request for links to papers about software
> defect densities
>
> Colleagues
>
> I would be grateful for links or references to peer-reviewed papers
> that contain experimental or empirical evidence about software defect
> densities. I know of work over 30 years ago and it would be useful to
> have data that is more recent.
>
> Thanks for any help you can give
>
> Martyn
>
> Martyn Thomas CBE FREng
> Emeritus Professor of IT and Fellow, Gresham College
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20201106/e3af2c3c/attachment.html>
More information about the systemsafety
mailing list