Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Beyond Static Analysis: Integrating Java Static Analysis with Unit Testing and More

892 views

Published on

Learn the strengths and weaknesses of Java static analysis—and how a comprehensive development testing strategy that also includes unit testing, code review, and runtime error detection can pick up where development testing leaves off.

Published in: Technology
  • Be the first to comment

Beyond Static Analysis: Integrating Java Static Analysis with Unit Testing and More

  1. 1. Prevent All Java Software Defects with a Single Tool 2010 Parasoft Proprietary and Confidential
  2. 2. Automated Analysis Techniques <ul><li>Application Tracing for Unit Tests </li></ul><ul><li>Pattern-Based Static Code Analysis </li></ul><ul><li>Runtime Error Detection </li></ul><ul><li>Automated Unit Test Generation </li></ul><ul><li>Data Flow Analysis </li></ul><ul><li>Regression Testing </li></ul>
  3. 3. Introducing the Java Web App JPetStore Java EE Tutorial <ul><li>Spring-Based </li></ul><ul><li>HSQL Database </li></ul><ul><li>JSP Web Interface </li></ul><ul><li>Apache Tomcat </li></ul>
  4. 4. The Problem Report Similar Items not Aggregating in Shopping Cart <ul><li>Add one item to the cart </li></ul><ul><li>Add the same item again </li></ul><ul><li>Expected: a single line item with quantity 2 </li></ul><ul><li>Found: 2 line items each with quantity 1 </li></ul>
  5. 5. Application Tracing for Unit Tests <ul><li>Record internal method calls inside the running application when the problem occurs </li></ul><ul><li>Replicate the problem in a JUnit test </li></ul><ul><li>Alter the JUnit test to assert the correct behavior </li></ul><ul><li>Now possible solutions can be tested quickly without redeploying the web application </li></ul>
  6. 6. Pattern-Based Static Analysis <ul><li>Quick scan to list possible problems </li></ul><ul><li>Fixing violations prevents certain classes of errors </li></ul><ul><li>Each source file is analyzed separately </li></ul><ul><li>Static analysis categories include: </li></ul><ul><ul><li>Logical Errors </li></ul></ul><ul><ul><li>API Misuse </li></ul></ul><ul><ul><li>Typographical Errors </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><ul><li>Threads and Synchronization </li></ul></ul><ul><ul><li>Performance and Optimization </li></ul></ul>
  7. 7. Runtime Error Detection <ul><li>Check for anti-patterns at runtime in the application </li></ul><ul><li>Violations are presented in the context of real-world data values to stress their importance </li></ul><ul><li>Runtime error categories include: </li></ul><ul><ul><li>Threads and Synchronization </li></ul></ul><ul><ul><li>Performance and Optimization </li></ul></ul><ul><ul><li>Application Crashes </li></ul></ul><ul><ul><li>Functional Errors </li></ul></ul><ul><ul><li>Security </li></ul></ul>
  8. 8. Automated Unit Test Generation <ul><li>Test code branches not covered by the application-level test </li></ul><ul><li>Combine these unit tests with runtime error detection to check the new execution paths </li></ul><ul><li>Build a baseline regression test suite </li></ul>
  9. 9. Data Flow Analysis <ul><li>Simulate hypothetical execution paths </li></ul><ul><li>Detect possible errors along those paths </li></ul><ul><li>Data flow analysis error categories include: </li></ul><ul><ul><li>Exceptions </li></ul></ul><ul><ul><li>Optimization </li></ul></ul><ul><ul><li>Resource Leaks </li></ul></ul><ul><ul><li>API misuse </li></ul></ul><ul><ul><li>Security </li></ul></ul>
  10. 10. Regression Testing <ul><li>Capture current behavior of covered code paths </li></ul><ul><ul><li>Whether the current behavior is right or wrong </li></ul></ul><ul><li>Alert when code modifications cause a change in behavior </li></ul><ul><li>Developers can then mark JUnit assertions as correct behavior to increase the severity if those assertions fail in the future </li></ul>
  11. 11. Java Software Problems <ul><li>Functional </li></ul><ul><li>Thread concurrency </li></ul><ul><li>Performance </li></ul><ul><li>Regression </li></ul><ul><li>Requirement Testing </li></ul><ul><li>Code Review </li></ul>
  12. 12. Comparable Tools <ul><li>Static Analysis </li></ul><ul><li>Data Flow Analysis </li></ul><ul><li>Unit Test Framework (with Test Engineer) </li></ul><ul><li>Profiler </li></ul><ul><li>QA Functional Tester </li></ul><ul><li>Code Review </li></ul><ul><li>Code Metrics Measurement </li></ul><ul><li>Code Duplication Detection </li></ul><ul><li>Task Management </li></ul>

×