SlideShare a Scribd company logo
1 of 12
Download to read offline
Qualimetry
From Manual to Automatic
Software Audit
2 What We Did During Manuel Audit
• In June 2002, we started to do qualimetry audit on Air
France software code
- Document review
- Manual review of existing document (architecture,
specification)
- Static analyze of Software code
- Need a tools to analyze code (choose and training to
Mc Cabe)
- Semi automatic
- « Rules Checking »
- Check good practices and coding standards
- Semi automatic
- Dynamic analyze
- Coverage of test cases (using Mc Cabe dynamic)
- Semi automatic
3 Analyze Based Existing Models
Boehm's Quality Model
McCall's Quality ModelISO 9126 Quality Model
4 Used Qualimetry Method
• Quality grid
- Based on standard model
- Multi-level approach
- Factor: Quality external
vision
- Criteria: Quality
internal vision
- Practice: concrete
project aspect
- Metrics et rules:
objective measures
• Notation Tools
Quality Practices
Criteria
Factors
Metrics
Rules
Checking
code
documents models
architecture
Note using
formulas and
thresholds
Final notes
Weighing
average
5 Audit Manual History
Sirroco
On Demand
Manual
Audits
2002 2003 2004 2005
Monet
Manet
Solfege
Socle
vol
Monet
Manet
Aurore Vcargo
Gipsi
Prototype
EO / POCs
Automation

SQUALE
project
Crew
Keops
Sirroco
6 Need of Strict Notation
• Automatic Audit needs a strict models and Notation (no
manual review and adaptation)
- Each component should noted according to metric and
thresholds
- Average needed to note factors and criterions
• We had to solve 2 problems:
- The threshold effect (white or black notation)
- The “weighted” average (bad practice should be
highlighted)
7
0
0,5
1
1,5
2
2,5
3
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
Continuous Notation
Evg (Essential Cyclomatic Complexity)
Spaghetticodepractice
Note = 2
6-evg
3
8 Practice Average
Weighted function
with P(x) = 3 (1 – 9–x)
0
0,5
1
1,5
2
2,5
3
0 0,5 1 1,5 2 2,5 3
Actual note
WeightedNote
0,81
Final Average
Average
Example with 3 notes 3, 2.5 and 0
9 Squale: Audit
Code
Extraction
Developer
Qualimetry
Tools analysis
Check-in in
ClearCase
Qualimetry
synthesis
Mark
computing
0 21 3
Final report
consultation
Code audit at predefined frequency:
• weekly
• monthly
• on Milestones
Project team
3 axes of browsing:
• Factor / criteria / practice
• Top
• Components drill down
10 Our Java Automatic Quality Grid
Architecture
Evolutionarity
Maintenability
Reuse capacity
Architecture
relevance
Architecture
respect
Modeling
Comprehension
Homogeneity
Modularity
Integration
capacity
Simplicity
Depend on Child
Stability and abstractness level
Dependency cycle
Layer respect
Documentation
Inheritance depth
Anti patterns predetection
Method size
Number of methods
Spaghetti code
Blob
Swiss army knife
Formatting standard
Programming standard
Naming standard
ckjm dds
Documentation standard
Afferent Coupling
Copy Paste
Efferent Coupling
11 A generic model
<practice name="riskanalysis"/>
<practice name="spaghetticode" effort="30">
<weight>lambda x:30.**-x</weight>
<simpleformula>
<level>method</level>
<measures>
<measure>mccabe</measure>
</measures>
<trigger></trigger>
<formula>2**((6-mccabe.evg)/3.)</formula>
</simpleformula>
</practice>
…
<factor name="maintainability">
<criterium-ref name="comprehension" weight="1" />
<criterium-ref name="homogeneity" weight="1" />
<criterium-ref name="integrationcapacity" weight="1" />
<criterium-ref name="simplicity" weight="1" />
</factor>
12 Few statistics
•101 applications (mainly Java / J2EE)
•More than 5 400 000 codes lines under Squale control
SQUALE Deploy
0
100
200
300
400
500
600
700
14/12/05
24/3/06
2/7/06
10/10/06
18/1/07
28/4/07
6/8/07
14/11/07
Auditsnumber
0
5
10
15
20
25
30
35
40
45
Applicationsnumber
Audits Applications

More Related Content

What's hot

Software Testing Metrics
Software Testing MetricsSoftware Testing Metrics
Software Testing MetricsJatin Kochhar
 
Basic Guide to Manual Testing
Basic Guide to Manual TestingBasic Guide to Manual Testing
Basic Guide to Manual TestingHiral Gosani
 
Rob Baarda - Are Real Test Metrics Predictive for the Future?
Rob Baarda - Are Real Test Metrics Predictive for the Future?Rob Baarda - Are Real Test Metrics Predictive for the Future?
Rob Baarda - Are Real Test Metrics Predictive for the Future?TEST Huddle
 
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...'Customer Testing & Quality In Outsourced Development - A Story From An Insur...
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...TEST Huddle
 
Test Metrics
Test MetricsTest Metrics
Test MetricsDevukjs
 
Software Testing - Defect Metrics & Analysis
Software Testing - Defect Metrics & AnalysisSoftware Testing - Defect Metrics & Analysis
Software Testing - Defect Metrics & AnalysisOAK Systems Pvt Ltd
 
Fundamentaltestprocess windirohmaheny11453205427 kelase
Fundamentaltestprocess windirohmaheny11453205427 kelaseFundamentaltestprocess windirohmaheny11453205427 kelase
Fundamentaltestprocess windirohmaheny11453205427 kelasewindi rohmaheny
 
What is Ad-Hoc Testing
What is Ad-Hoc TestingWhat is Ad-Hoc Testing
What is Ad-Hoc TestingExforsys Inc
 
Measurement and Metrics for Test Managers
Measurement and Metrics for Test ManagersMeasurement and Metrics for Test Managers
Measurement and Metrics for Test ManagersTechWell
 
ISTQB Test level, Test type
ISTQB Test level, Test typeISTQB Test level, Test type
ISTQB Test level, Test typeHoangThiHien1
 
Test planning & estimation
Test planning & estimationTest planning & estimation
Test planning & estimationLeslie Smart
 
Introduction to testing.
Introduction to testing.Introduction to testing.
Introduction to testing.Jithinctzz
 

What's hot (18)

Software Testing Metrics
Software Testing MetricsSoftware Testing Metrics
Software Testing Metrics
 
Basic Guide to Manual Testing
Basic Guide to Manual TestingBasic Guide to Manual Testing
Basic Guide to Manual Testing
 
Rob Baarda - Are Real Test Metrics Predictive for the Future?
Rob Baarda - Are Real Test Metrics Predictive for the Future?Rob Baarda - Are Real Test Metrics Predictive for the Future?
Rob Baarda - Are Real Test Metrics Predictive for the Future?
 
Qulaity strategy template
Qulaity strategy templateQulaity strategy template
Qulaity strategy template
 
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...'Customer Testing & Quality In Outsourced Development - A Story From An Insur...
'Customer Testing & Quality In Outsourced Development - A Story From An Insur...
 
Metrics used in testing
Metrics used in testingMetrics used in testing
Metrics used in testing
 
Test Metrics
Test MetricsTest Metrics
Test Metrics
 
ISTQB Test Process
ISTQB Test ProcessISTQB Test Process
ISTQB Test Process
 
Software Testing - Defect Metrics & Analysis
Software Testing - Defect Metrics & AnalysisSoftware Testing - Defect Metrics & Analysis
Software Testing - Defect Metrics & Analysis
 
Testing strategies
Testing strategiesTesting strategies
Testing strategies
 
Fundamentaltestprocess windirohmaheny11453205427 kelase
Fundamentaltestprocess windirohmaheny11453205427 kelaseFundamentaltestprocess windirohmaheny11453205427 kelase
Fundamentaltestprocess windirohmaheny11453205427 kelase
 
What is Ad-Hoc Testing
What is Ad-Hoc TestingWhat is Ad-Hoc Testing
What is Ad-Hoc Testing
 
Measurement and Metrics for Test Managers
Measurement and Metrics for Test ManagersMeasurement and Metrics for Test Managers
Measurement and Metrics for Test Managers
 
ISTQB Test level, Test type
ISTQB Test level, Test typeISTQB Test level, Test type
ISTQB Test level, Test type
 
Test planning & estimation
Test planning & estimationTest planning & estimation
Test planning & estimation
 
Software testing
Software testingSoftware testing
Software testing
 
Introduction to testing.
Introduction to testing.Introduction to testing.
Introduction to testing.
 
Training program BaffleSol academy of learning
Training program BaffleSol academy of learningTraining program BaffleSol academy of learning
Training program BaffleSol academy of learning
 

Similar to 20100309 05 - Air France : des audits manuels aux audits automatisés

Presentation Verification & Validation
Presentation Verification & ValidationPresentation Verification & Validation
Presentation Verification & ValidationElmar Selbach
 
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2
Se 381 -  lec 28 -- 34 - 12 jun12 - testing 1 of 2Se 381 -  lec 28 -- 34 - 12 jun12 - testing 1 of 2
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2babak danyal
 
Software_effort_estimation for Software engineering.pdf
Software_effort_estimation for Software engineering.pdfSoftware_effort_estimation for Software engineering.pdf
Software_effort_estimation for Software engineering.pdfsnehan789
 
ISTQBCH2.ppt
ISTQBCH2.pptISTQBCH2.ppt
ISTQBCH2.pptghkadous
 
Il product development - 20 01 2011
Il  product development - 20 01 2011Il  product development - 20 01 2011
Il product development - 20 01 2011nakham
 
ISTQB Foundation - Chapter 2
ISTQB Foundation - Chapter 2ISTQB Foundation - Chapter 2
ISTQB Foundation - Chapter 2Chandukar
 
Class9_SW_Testing_Strategies.pdf
Class9_SW_Testing_Strategies.pdfClass9_SW_Testing_Strategies.pdf
Class9_SW_Testing_Strategies.pdfFarjanaParvin5
 
Who cares about Software Process Modelling? A First Investigation about the P...
Who cares about Software Process Modelling? A First Investigation about the P...Who cares about Software Process Modelling? A First Investigation about the P...
Who cares about Software Process Modelling? A First Investigation about the P...Daniel Mendez
 
Modeling and Testing Dovetail in MagicDraw
Modeling and Testing Dovetail in MagicDrawModeling and Testing Dovetail in MagicDraw
Modeling and Testing Dovetail in MagicDrawGregory Solovey
 
ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2onsoftwaretest
 
(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should knowRichard Cheng
 
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...TEST Huddle
 
John Fodeh Adventures in Test Automation - EuroSTAR 2013
John Fodeh Adventures in Test Automation - EuroSTAR 2013John Fodeh Adventures in Test Automation - EuroSTAR 2013
John Fodeh Adventures in Test Automation - EuroSTAR 2013TEST Huddle
 
Software Project Management lecture 10
Software Project Management lecture 10Software Project Management lecture 10
Software Project Management lecture 10Syed Muhammad Hammad
 
Software Development : Jeremy Gleason Iscope Digital
Software Development : Jeremy Gleason Iscope DigitalSoftware Development : Jeremy Gleason Iscope Digital
Software Development : Jeremy Gleason Iscope DigitalIscope Digital
 
agile with scrum methodology
agile with scrum methodology agile with scrum methodology
agile with scrum methodology rahul reddy
 

Similar to 20100309 05 - Air France : des audits manuels aux audits automatisés (20)

Presentation Verification & Validation
Presentation Verification & ValidationPresentation Verification & Validation
Presentation Verification & Validation
 
Manualtestingppt
ManualtestingpptManualtestingppt
Manualtestingppt
 
Introduction & Manual Testing
Introduction & Manual TestingIntroduction & Manual Testing
Introduction & Manual Testing
 
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2
Se 381 -  lec 28 -- 34 - 12 jun12 - testing 1 of 2Se 381 -  lec 28 -- 34 - 12 jun12 - testing 1 of 2
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2
 
Software_effort_estimation for Software engineering.pdf
Software_effort_estimation for Software engineering.pdfSoftware_effort_estimation for Software engineering.pdf
Software_effort_estimation for Software engineering.pdf
 
ISTQBCH2.ppt
ISTQBCH2.pptISTQBCH2.ppt
ISTQBCH2.ppt
 
ISTQBCH2.ppt
ISTQBCH2.pptISTQBCH2.ppt
ISTQBCH2.ppt
 
Il product development - 20 01 2011
Il  product development - 20 01 2011Il  product development - 20 01 2011
Il product development - 20 01 2011
 
ISTQB Foundation - Chapter 2
ISTQB Foundation - Chapter 2ISTQB Foundation - Chapter 2
ISTQB Foundation - Chapter 2
 
Class9_SW_Testing_Strategies.pdf
Class9_SW_Testing_Strategies.pdfClass9_SW_Testing_Strategies.pdf
Class9_SW_Testing_Strategies.pdf
 
Who cares about Software Process Modelling? A First Investigation about the P...
Who cares about Software Process Modelling? A First Investigation about the P...Who cares about Software Process Modelling? A First Investigation about the P...
Who cares about Software Process Modelling? A First Investigation about the P...
 
Modeling and Testing Dovetail in MagicDraw
Modeling and Testing Dovetail in MagicDrawModeling and Testing Dovetail in MagicDraw
Modeling and Testing Dovetail in MagicDraw
 
ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2
 
(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know(Agile) engineering best practices - What every project manager should know
(Agile) engineering best practices - What every project manager should know
 
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...
John Fodeh - Adventures in Test Automation-Breaking the Boundaries of Regress...
 
John Fodeh Adventures in Test Automation - EuroSTAR 2013
John Fodeh Adventures in Test Automation - EuroSTAR 2013John Fodeh Adventures in Test Automation - EuroSTAR 2013
John Fodeh Adventures in Test Automation - EuroSTAR 2013
 
Software Process Models
Software Process ModelsSoftware Process Models
Software Process Models
 
Software Project Management lecture 10
Software Project Management lecture 10Software Project Management lecture 10
Software Project Management lecture 10
 
Software Development : Jeremy Gleason Iscope Digital
Software Development : Jeremy Gleason Iscope DigitalSoftware Development : Jeremy Gleason Iscope Digital
Software Development : Jeremy Gleason Iscope Digital
 
agile with scrum methodology
agile with scrum methodology agile with scrum methodology
agile with scrum methodology
 

More from LeClubQualiteLogicielle

20171122 03 - Les tests de performance en environnement DevOps
20171122 03 - Les tests de performance en environnement DevOps20171122 03 - Les tests de performance en environnement DevOps
20171122 03 - Les tests de performance en environnement DevOpsLeClubQualiteLogicielle
 
20171122 04 - Automatisation - formation et certifications
20171122 04 - Automatisation - formation et certifications20171122 04 - Automatisation - formation et certifications
20171122 04 - Automatisation - formation et certificationsLeClubQualiteLogicielle
 
20171122 01 - REX : Intégration et déploiement continu chez Engie
20171122 01 - REX : Intégration et déploiement continu chez Engie20171122 01 - REX : Intégration et déploiement continu chez Engie
20171122 01 - REX : Intégration et déploiement continu chez EngieLeClubQualiteLogicielle
 
20171122 02 - Engage developers to use better coding practices
20171122 02 - Engage developers to use better coding practices20171122 02 - Engage developers to use better coding practices
20171122 02 - Engage developers to use better coding practicesLeClubQualiteLogicielle
 
20171122 - Accueil Club Qualité Logicielle
20171122 - Accueil Club Qualité Logicielle 20171122 - Accueil Club Qualité Logicielle
20171122 - Accueil Club Qualité Logicielle LeClubQualiteLogicielle
 
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...LeClubQualiteLogicielle
 
20151013 - Agirc arrco : Behavior driven development
20151013 - Agirc arrco : Behavior driven development20151013 - Agirc arrco : Behavior driven development
20151013 - Agirc arrco : Behavior driven developmentLeClubQualiteLogicielle
 
20151013 - Réduire les coûts des tests de performance ?
20151013 - Réduire les coûts des tests de performance ?20151013 - Réduire les coûts des tests de performance ?
20151013 - Réduire les coûts des tests de performance ?LeClubQualiteLogicielle
 
20151013 - Accueil Club Qualité Logicielle
20151013 - Accueil Club Qualité Logicielle 20151013 - Accueil Club Qualité Logicielle
20151013 - Accueil Club Qualité Logicielle LeClubQualiteLogicielle
 
20151013 - DevOps et qualification continue
20151013 - DevOps et qualification continue20151013 - DevOps et qualification continue
20151013 - DevOps et qualification continueLeClubQualiteLogicielle
 
20140410 - Cartographie applicative multi-technologies et analyse d'impact
20140410 - Cartographie applicative multi-technologies et analyse d'impact20140410 - Cartographie applicative multi-technologies et analyse d'impact
20140410 - Cartographie applicative multi-technologies et analyse d'impactLeClubQualiteLogicielle
 
20140410 - Implémentation de squash TM-TA - Architecture et méthodologie
20140410 - Implémentation de squash TM-TA - Architecture et méthodologie20140410 - Implémentation de squash TM-TA - Architecture et méthodologie
20140410 - Implémentation de squash TM-TA - Architecture et méthodologieLeClubQualiteLogicielle
 
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...LeClubQualiteLogicielle
 
20140410 - Choisir et implanter un outil de test
20140410 - Choisir et implanter un outil de test20140410 - Choisir et implanter un outil de test
20140410 - Choisir et implanter un outil de testLeClubQualiteLogicielle
 
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...LeClubQualiteLogicielle
 
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...LeClubQualiteLogicielle
 
20130113 05 - Inspection continue et roadmap 2013
20130113 05 - Inspection continue et roadmap 201320130113 05 - Inspection continue et roadmap 2013
20130113 05 - Inspection continue et roadmap 2013LeClubQualiteLogicielle
 
20130113 04 - Tests d'integration et virtualisation - La vision IBM
20130113 04 - Tests d'integration et virtualisation - La vision IBM20130113 04 - Tests d'integration et virtualisation - La vision IBM
20130113 04 - Tests d'integration et virtualisation - La vision IBMLeClubQualiteLogicielle
 
20130523 06 - The mathematics the way algorithms think / the mathematics the ...
20130523 06 - The mathematics the way algorithms think / the mathematics the ...20130523 06 - The mathematics the way algorithms think / the mathematics the ...
20130523 06 - The mathematics the way algorithms think / the mathematics the ...LeClubQualiteLogicielle
 

More from LeClubQualiteLogicielle (20)

20171122 03 - Les tests de performance en environnement DevOps
20171122 03 - Les tests de performance en environnement DevOps20171122 03 - Les tests de performance en environnement DevOps
20171122 03 - Les tests de performance en environnement DevOps
 
20171122 04 - Automatisation - formation et certifications
20171122 04 - Automatisation - formation et certifications20171122 04 - Automatisation - formation et certifications
20171122 04 - Automatisation - formation et certifications
 
20171122 01 - REX : Intégration et déploiement continu chez Engie
20171122 01 - REX : Intégration et déploiement continu chez Engie20171122 01 - REX : Intégration et déploiement continu chez Engie
20171122 01 - REX : Intégration et déploiement continu chez Engie
 
20171122 02 - Engage developers to use better coding practices
20171122 02 - Engage developers to use better coding practices20171122 02 - Engage developers to use better coding practices
20171122 02 - Engage developers to use better coding practices
 
20171122 - Accueil Club Qualité Logicielle
20171122 - Accueil Club Qualité Logicielle 20171122 - Accueil Club Qualité Logicielle
20171122 - Accueil Club Qualité Logicielle
 
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...
20151013 - Crédit Mutuel ARKEA : mise en place d'une traçabilité outillée des...
 
20151013 - Agirc arrco : Behavior driven development
20151013 - Agirc arrco : Behavior driven development20151013 - Agirc arrco : Behavior driven development
20151013 - Agirc arrco : Behavior driven development
 
20151013 - Réduire les coûts des tests de performance ?
20151013 - Réduire les coûts des tests de performance ?20151013 - Réduire les coûts des tests de performance ?
20151013 - Réduire les coûts des tests de performance ?
 
20151013 - Accueil Club Qualité Logicielle
20151013 - Accueil Club Qualité Logicielle 20151013 - Accueil Club Qualité Logicielle
20151013 - Accueil Club Qualité Logicielle
 
20151013 - DevOps et qualification continue
20151013 - DevOps et qualification continue20151013 - DevOps et qualification continue
20151013 - DevOps et qualification continue
 
20140410 - Cartographie applicative multi-technologies et analyse d'impact
20140410 - Cartographie applicative multi-technologies et analyse d'impact20140410 - Cartographie applicative multi-technologies et analyse d'impact
20140410 - Cartographie applicative multi-technologies et analyse d'impact
 
20140410 - Implémentation de squash TM-TA - Architecture et méthodologie
20140410 - Implémentation de squash TM-TA - Architecture et méthodologie20140410 - Implémentation de squash TM-TA - Architecture et méthodologie
20140410 - Implémentation de squash TM-TA - Architecture et méthodologie
 
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...
20140410 - Gestion des identités, traçabilité des accés - Analogie avec la qu...
 
20140410 - Choisir et implanter un outil de test
20140410 - Choisir et implanter un outil de test20140410 - Choisir et implanter un outil de test
20140410 - Choisir et implanter un outil de test
 
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...
20130113 02 - TMMI, un modèle pour rentabiliser une organisation de test et a...
 
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...
20130113 06 - Travaux de recherche sur la corrélation entre qualité du code e...
 
20130113 05 - Inspection continue et roadmap 2013
20130113 05 - Inspection continue et roadmap 201320130113 05 - Inspection continue et roadmap 2013
20130113 05 - Inspection continue et roadmap 2013
 
20130113 04 - Tests d'integration et virtualisation - La vision IBM
20130113 04 - Tests d'integration et virtualisation - La vision IBM20130113 04 - Tests d'integration et virtualisation - La vision IBM
20130113 04 - Tests d'integration et virtualisation - La vision IBM
 
20130523 06 - The mathematics the way algorithms think / the mathematics the ...
20130523 06 - The mathematics the way algorithms think / the mathematics the ...20130523 06 - The mathematics the way algorithms think / the mathematics the ...
20130523 06 - The mathematics the way algorithms think / the mathematics the ...
 
20130523 05 - Cyclomatic complexity
20130523 05 - Cyclomatic complexity20130523 05 - Cyclomatic complexity
20130523 05 - Cyclomatic complexity
 

Recently uploaded

Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 

Recently uploaded (20)

Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 

20100309 05 - Air France : des audits manuels aux audits automatisés

  • 1. Qualimetry From Manual to Automatic Software Audit
  • 2. 2 What We Did During Manuel Audit • In June 2002, we started to do qualimetry audit on Air France software code - Document review - Manual review of existing document (architecture, specification) - Static analyze of Software code - Need a tools to analyze code (choose and training to Mc Cabe) - Semi automatic - « Rules Checking » - Check good practices and coding standards - Semi automatic - Dynamic analyze - Coverage of test cases (using Mc Cabe dynamic) - Semi automatic
  • 3. 3 Analyze Based Existing Models Boehm's Quality Model McCall's Quality ModelISO 9126 Quality Model
  • 4. 4 Used Qualimetry Method • Quality grid - Based on standard model - Multi-level approach - Factor: Quality external vision - Criteria: Quality internal vision - Practice: concrete project aspect - Metrics et rules: objective measures • Notation Tools Quality Practices Criteria Factors Metrics Rules Checking code documents models architecture Note using formulas and thresholds Final notes Weighing average
  • 5. 5 Audit Manual History Sirroco On Demand Manual Audits 2002 2003 2004 2005 Monet Manet Solfege Socle vol Monet Manet Aurore Vcargo Gipsi Prototype EO / POCs Automation  SQUALE project Crew Keops Sirroco
  • 6. 6 Need of Strict Notation • Automatic Audit needs a strict models and Notation (no manual review and adaptation) - Each component should noted according to metric and thresholds - Average needed to note factors and criterions • We had to solve 2 problems: - The threshold effect (white or black notation) - The “weighted” average (bad practice should be highlighted)
  • 7. 7 0 0,5 1 1,5 2 2,5 3 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Continuous Notation Evg (Essential Cyclomatic Complexity) Spaghetticodepractice Note = 2 6-evg 3
  • 8. 8 Practice Average Weighted function with P(x) = 3 (1 – 9–x) 0 0,5 1 1,5 2 2,5 3 0 0,5 1 1,5 2 2,5 3 Actual note WeightedNote 0,81 Final Average Average Example with 3 notes 3, 2.5 and 0
  • 9. 9 Squale: Audit Code Extraction Developer Qualimetry Tools analysis Check-in in ClearCase Qualimetry synthesis Mark computing 0 21 3 Final report consultation Code audit at predefined frequency: • weekly • monthly • on Milestones Project team 3 axes of browsing: • Factor / criteria / practice • Top • Components drill down
  • 10. 10 Our Java Automatic Quality Grid Architecture Evolutionarity Maintenability Reuse capacity Architecture relevance Architecture respect Modeling Comprehension Homogeneity Modularity Integration capacity Simplicity Depend on Child Stability and abstractness level Dependency cycle Layer respect Documentation Inheritance depth Anti patterns predetection Method size Number of methods Spaghetti code Blob Swiss army knife Formatting standard Programming standard Naming standard ckjm dds Documentation standard Afferent Coupling Copy Paste Efferent Coupling
  • 11. 11 A generic model <practice name="riskanalysis"/> <practice name="spaghetticode" effort="30"> <weight>lambda x:30.**-x</weight> <simpleformula> <level>method</level> <measures> <measure>mccabe</measure> </measures> <trigger></trigger> <formula>2**((6-mccabe.evg)/3.)</formula> </simpleformula> </practice> … <factor name="maintainability"> <criterium-ref name="comprehension" weight="1" /> <criterium-ref name="homogeneity" weight="1" /> <criterium-ref name="integrationcapacity" weight="1" /> <criterium-ref name="simplicity" weight="1" /> </factor>
  • 12. 12 Few statistics •101 applications (mainly Java / J2EE) •More than 5 400 000 codes lines under Squale control SQUALE Deploy 0 100 200 300 400 500 600 700 14/12/05 24/3/06 2/7/06 10/10/06 18/1/07 28/4/07 6/8/07 14/11/07 Auditsnumber 0 5 10 15 20 25 30 35 40 45 Applicationsnumber Audits Applications