[SystemSafety] Analysis of some Work Breakdown Structure projects

Martyn Thomas martyn at 72f.org
Wed Jun 9 11:05:12 CEST 2021 

On 08/06/2021 22:14, Derek M Jones wrote:
> Martyn,
>
>> I'd be interested in data on the defects injected and fixed.  How 
>> many per KLOC, how variable between individuals, what
>
> Defect per KLOC is meaningless unless it is connected with usage
> data, e.g., there can be zero defects per KLOC (because the software
> has no users), or lots per KLOC because it has millions of users.


The datasets from http://arxiv.org/abs/2106.03679 that you analysed 
contain defects injected and defects found later in development and 
repaired. have you analysed those?


>
>
>
> I've never seen a breakdown by individual.  It's possible to do, when
> mining github (actually this is by user id, and there are cases of
> the same person having multiple ids), but again usage needs to be
> taken into account.


Again, the http://arxiv.org/abs/2106.03679 data seems to show 
individuals. The Watts Humphrey study below does that too.


>> There was data of this sort from the SEI 30 years ago and some from 
>> UK MoD, and some reports by the CHAOS group twenty years ago but 
>> nothing I know of recently.
>
>

The SEI data I referred to was from a study carried out by Watts 
Humphrey, of the Software Engineering Institute at Carnegie-Mellon 
University, analysed the fault density of more than 8000 programs 
written by 810 industrial software developers. 
resources.sei.cmu.edu/asset_files/SpecialReport/2009_003_001_15035.pdf p132

>
> UK MoD?  This does not ring any bells for me.  Do you have a reference,
>
My reference was to the analysis of Boeing flight control software 
published in Crosstalk

 5.

    German, A.: Software static code analysis lessons learned. Crosstalk
    16(11) (2003)


and to the review of the Full Authority Digital Engine Controller that 
was installed in Chinook helicopters; which is described in a House of 
Commons report into the Mull of Kintyre Chinook accident on 2 June 1994 
. This said:/In the summer of 1993 an independent defence IT contractor, 
EDS-SCICON, was instructed to review the FADEC software; after examining 
only 18 per cent of the code they found 486 anomalies and stopped the 
review/.

Martyn



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20210609/c0283dd0/attachment.html>

More information about the systemsafety mailing list