On the value of static analysis for fault detection in software

Zheng, Jiang; Williams, Laurie; Nagappan, Nachiappan; Snipes, Will; Hudepohl, J.P.; Vouk, Mladen A.

doi:10.1109/tse.2006.38

Cited by 229 publications

(142 citation statements)

References 26 publications

Supporting

Mentioning

141

Contrasting

Unclassified

Order By: Relevance

“…There are three defect families: control and data flow, structural, and non-code. This classification is derived from IBM's Orthogonal Defect Classification (ODC) [1] which is widely used in the industry [9], [10], [14], [24], [37]. ODC provides a number of orthogonal ways to classify defects and we particularly focus on a categorization of defects based on their defect type.…”

Section: A Defect Classificationmentioning

confidence: 99%

“…To better manage and understand defects, one would first need to categorize the types of defects that appear in a system. For example, Orthogonal Defect Classification (ODC) [9], [10] is a defect classification scheme from IBM that has been widely used to manage defects in various software projects [24], [37]. By understanding the frequency and severity of each defect type appearing in a system, one can then plan the best course of action to minimize the future impact of defects.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Active Semi-supervised Defect Categorization

Thung

2015

2015 IEEE 23rd International Conference on Program Comprehension

View full text Add to dashboard Cite

Abstract-Defects are inseparable part of software development and evolution. To better comprehend problems affecting a software system, developers often store historical defects and these defects can be categorized into families. IBM proposes Orthogonal Defect Categorization (ODC) which include various classifications of defects based on a number of orthogonal dimensions (e.g., symptoms and semantics of defects, root causes of defects, etc.). To help developers categorize defects, several approaches that employ machine learning have been proposed in the literature. Unfortunately, these approaches often require developers to manually label a large number of defect examples. In practice, manually labelling a large number of examples is both time-consuming and labor-intensive. Thus, reducing the onerous burden of manual labelling while still being able to achieve good performance is crucial towards the adoption of such approaches. To deal with this challenge, in this work, we propose an active semi-supervised defect prediction approach. It is performed by actively selecting a small subset of diverse and informative defect examples to label (i.e., active learning), and by making use of both labeled and unlabeled defect examples in the prediction model learning process (i.e., semi-supervised learning). Using this principle, our approach is able to learn a good model while minimizing the manual labeling effort.To evaluate the effectiveness of our approach, we make use of a benchmark dataset that contains 500 defects from three software systems that have been manually labelled into several families based on ODC. We investigate our approach's ability in achieving good classification performance, measured in terms of weighted precision, recall, F-measure, and AUC, when only a small number of manually labelled defect examples are available. Our experiment results show that our active semi-supervised defect categorization approach is able to achieve a weighted precision, recall, F-measure, and AUC of 0.651, 0.669, 0.623, and 0.710, respectively, when only 50 defects are manually labelled. Furthermore, it outperforms an existing active multiclass classification algorithm, proposed in the machine learning community, by a substantial margin.

show abstract

Section: A Defect Classificationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Active Semi-supervised Defect Categorization

Thung

2015

2015 IEEE 23rd International Conference on Program Comprehension

View full text Add to dashboard Cite

show abstract

“…Jiang Zheng [18] and his colleagues once made analysis over the automatic analysis for its roles in developing high-quality commercial products. They made comparison over three large-scale commercial softwares developed by Notel Network for static analysis error, dynamic testing and user reporting error.…”

Section: Limitations Of Static Analysismentioning

confidence: 99%

Software Defect Detection-oriented Static Analysis Techniques

Hua¹

2012

IJWMT

View full text Add to dashboard Cite

show abstract

“…TM [41], looking for a few key types of programmer errors [79], PREfast (and PREfast for Drivers), a lightweight version of PREfix [7], looking for common basic coding errors in C (and driverspecific rules) [67] or PMD (checking for unused fields, empty try/catch/finally/if/while blocks, unused method parameters, etc in Java TM ) [12].…”

Section: Unsoundness By Under-exploration Of the Potential Error Spacementioning

confidence: 99%

“…In such low-quality software production environments false negatives are no problem since there always remain enough bugs in the program, or enough new ones are introduced when trying to correct old ones, so that the analyzer will always find some bug to report on, with a reasonable probability of finding an actual bug in a handful of false positives ( [79] cites common rates of 50 false alarms for an actual error). Finding bugs in large programs in this empirical way may keep programmers busy for a very long time so any help, even of low quality is welcomed.…”

Section: Extensibility and Adaptabilitymentioning

confidence: 99%