Steps To Ensure Software Quality From Open Source Perspective
Steps to ensure Software Quality from Open Source perspective
Posted on 4th Apr 2016 14:41:02 in Software Engineering
By: Elamurugu Sundararaj
Taking care of following important factors will reduce the risk of poor software being built.
Software that provides the stated functionality should behave exactly the same way under all conditions. Categorized mainly into -
Acceptance of input values with boundary and type to be checked
- Looping and unwanted iterations – proper boundary checks on lower and upper values on loop constructs, else there could be memory exploits leading to performance issues.
- Neglected upper bounds or extreme conditions – it is always better to put and test for the ceiling values in the input or loop constructs to check for breakage.
- Unnecessary functionality or dead code - All unwanted code should be removed from the production installation. It is general practice that the code used in Development environment for various test conditions getting migrated to production ignoring these adversaries.
- Incorrect Operand in an expression - Taking care of Boolean expressions. For example the Boolean operators versus other compare operators.
- Operator precedence issues - There has to be correct usage of operators with proper enclosures, else the result will be unpredictable.
- Overflow, Underflow and Sign Conversion Errors - For example, the width of smallint is max of 8 and the signed range is -128 to 127
- Incorrect routines or Arguments getting passed to the calling programs or interfaces
- Failure to test a return value for its compatibility
Data Handling problems
- Incorrect data or variable initialization
- Referencing wrong data variables
- Inconsistent data or insufficient data validations
Floating Point Arithmetic
- Floating Point Representation (rounding off)
- Overflow / Underflow
Display and report of processed data in the same expected format, taken care of all type, decimal, round-off and truncation rules.
- Management strategy – how the switch over should take place or abrupt halt on failures.
- Redundancy in space and time – Not checking for memory usage and proper freeing up of resources
- Recoverability – how efficient is the system to recover and rebuild with data in case of failure
- Code vulnerability – weak links, exposure of internal data structure, absence of data protection strategy
- Buffer Overflow – missing out to initialize or freeing up buffers thereby leading to hazardous code behavior
- Problematic APIs – Additional care should be taken when the data is getting passed or received. Data received from user forms should also be properly validated, especially when it is plain text or csv based inputs.
- Data and privilege leakage – Role check, login validation should be taken care. Table level or Row level validation can also be performed. Session expiry, idle time management, abrupt browser or tab closure should be properly checked for and the logic should be built in to deal with.
- Measurement Techniques - Load balancing test, I/O bound tasks (run loops to min and max conditions), CPU / Kernel bound tasks
- Algorithm complexity
- Code interaction with other peripheral resources (O/S, Cache)
- Memory Allocation and mapping - Heap and Stack Memory
Check for any mal-functions on the following conditions
- Cross platform – how efficient and robust is the system when ported across platforms
- Data Type Properties
- Data Storage
- Compiler issues
- User Interface (GUI)
- Internationalization versus Localization (Timezone issues, character sets, messages)
The following parameters to be checked from code maintenance perspective.
- The Maintainability Index –It is a software metric which measures how maintainable(easy to support and change) the source code is. The maintainability index is calculated as a factored formula consisting of Lines Of Code (KLOC) , Cyclomatic Complexity (functional touch points) and Halstead volume (identifying measurable properties and testing).
- Metrics for Object-Oriented Programs – Coupling, Cohesion, Resuability, Complexity
- Expression Formatting
- Statement Formatting
- Naming Conventions
- Statement Level Comments
- Versioning Comments
- Visual Structures – Blocks and Indentation
- Length of Expressions, Functions and Methods
- Control Structures
- Boolean Expressions
- Recognizability and Cohesion
- Dependencies and Coupling
- Code Block Comments
- Data Declaration Comments
- Appropriate Identified Names
- Locality of Dependencies
- Encapsulation and Data Hiding
- Data Abstraction
- Type Checking
- Date, Time zone and Currency conversion issues
- Unit Testing
- Integration Testing
- Test Coverage Analysis
- Incidental Testing