SlideShare a Scribd company logo

Code Quality Management Best Practices

Perforce
Perforce

This document outlines pragmatic steps to improve code quality, including using a coding standard, deploying static analysis, defining metrics, and performing manual code reviews. It notes that quality is important but hard to define, and defects can be introduced at any stage of development. The document recommends using Perforce tools like Helix QAC to enable consistent code quality through local and server-side static analysis, metrics tracking in a dashboard, and annotations to improve code reviews between teams.

1 of 19
Download to read offline
Pragmatic Steps to Improve Code Quality SEPTEMBER 2019
perforce.com Here’s What We’ll Cover Today 1 2 3 The Software Quality Challenge Steps to Improve Code Quality How to Improve Quality with Perforce
perforce.com Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
perforce.com The Software Quality Challenge https://www.computerworld.com/article/3412197/top-software-failures-in-recent-history.html Nissan’s Airbag Glitch S A F E T Y Wannacry S E C U R I T Y Amazon’s 1p Price Glitch F I N A N C I A L Facebook, Instagram, and WhatsApp B R A N D R E P U T A T I O N
perforce.com Defining “Quality”
perforce.com QUALITY F U N C T I O N A L Customer Perception N O N - F U N C T I O N A L Performance S T R U C T U R A L Profitability Defining “Quality”
perforce.com Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
perforce.com QA can Become Self-defeating https://www.blackliszt.com R E C O M M E N D E D R E A D I N G : Getting It Right Keeping It Right
perforce.com Ensure that software is: ‱ Safe: It can be used without causing harm. ‱ Secure: It can’t be hacked. ‱ Reliable: It functions as it should, every time. ‱ Testable: It can be tested at the code level. ‱ Maintainable: It can be maintained, even as your codebase grows. ‱ Portable: It works the same in every environment. Achieving High Code Quality: Use a Coding Standard
perforce.com Why use a Coding Standard? Compliance with industry standards (e.g., ISO) Consistent code quality — no matter who writes the code Software security from the start Reduced development costs and accelerated time to market 1 2 3 4
perforce.com Achieving High Code Quality: Deploy Static Analysis
perforce.com Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
perforce.com Achieving High Code Quality: Define Metrics
perforce.com Using the Helix QAC Dashboard to Track Code Metrics VERSION CONTROL SYSTEM Local analysis allows for better quality control early. Server-side analysis allows deep analysis and provides results in a web interface. Other collaborators can also access results through web interface. Combine both local and server analysis DASHBOARD “Get it Right” “Keep it Right”
perforce.com Team Collaboration — Management ‱ Reporting: ‱ Helps you meet project deadlines. ‱ Retrospective reporting. ‱ Metrics: ‱ Understand how your project is progressing. ‱ Is the software quality improving over time? ‱ Is the defect injection rate decreasing?
perforce.com Achieving High Code Quality: Perform Manual Code Reviews https://www.perforce.com/blog/qac/9-best-practices-code-reviews Know what to look for. Build and test first. Review regularly and in small chunks. Give constructive feedback. Use a collaboration and tracking tool.
perforce.com Team Collaboration — QA ‱ Annotations: ‱ Improve communication between your teams ‱ Identify which areas need the most attention ‱ Enhance peer reviews ‱ Code Review: ‱ See the control flow through your functions ‱ Reduce complexity and increase maintainability ‱ Help ensure your project is delivered on time
perforce.com Summary 1 2 3 4 5 Quality is important Quality is hard to define Defects can be introduced at any stage Too many QA activities can be bad news Perforce tools enable a pragmatic approach to code quality Practical Steps for Code Quality ‱ Use a Coding Standard ‱ Deploy Static Analysis ‱ Track Metrics ‱ Conduct Manual Code Reviews
Questions?
Ad

Recommended

Code quality
Code quality Code quality
Code quality
Sunil Prasad
 
Code Quality
Code QualityCode Quality
Code Quality
François Camus
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQube
Dmytro Patserkovskyi
 
Continuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQubeContinuous Inspection of Code Quality: SonarQube
Continuous Inspection of Code Quality: SonarQube
Emre DĂŒndar
 
Why testing is important ?
Why testing is important ?Why testing is important ?
Why testing is important ?
TestCenter
 
Robot Framework Dos And Don'ts
Robot Framework Dos And Don'tsRobot Framework Dos And Don'ts
Robot Framework Dos And Don'ts
Pekka KlÀrck
 
SonarQube: Continuous Code Inspection
SonarQube: Continuous Code InspectionSonarQube: Continuous Code Inspection
SonarQube: Continuous Code Inspection
Michael Jesse
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ?
Geeks Anonymes
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level Basic
Erol Selitektay
 
Code review
Code reviewCode review
Code review
dqpi
 
Improving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessImproving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review Process
Dr. Syed Hassan Amin
 
e2e testing with cypress
e2e testing with cypresse2e testing with cypress
e2e testing with cypress
Tomasz Bak
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
Satwik Bhupathi Raju
 
Regression testing
Regression testingRegression testing
Regression testing
Anamta Sayyed
 
An Introduction to Unit Testing
An Introduction to Unit TestingAn Introduction to Unit Testing
An Introduction to Unit Testing
Joe Tremblay
 
Basic software-testing-concepts
Basic software-testing-conceptsBasic software-testing-concepts
Basic software-testing-concepts
medsherb
 
Tracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubeTracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQube
Patroklos Papapetrou (Pat)
 
Test Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and CucumberTest Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and Cucumber
Rhoynar Software Consulting
 
Working With Legacy Code
Working With Legacy CodeWorking With Legacy Code
Working With Legacy Code
Andrea Polci
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
Manu Pk
 
Software testing
Software testing Software testing
Software testing
Ravindranath Tagore
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube Overview
Ahmed M. Gomaa
 
Cypress testing
Cypress testingCypress testing
Cypress testing
Vladyslav Romanchenko
 
Qa exploratory test charter template
Qa exploratory test charter templateQa exploratory test charter template
Qa exploratory test charter template
Rob Swoboda
 
Software testing
Software testingSoftware testing
Software testing
balamurugan.k Kalibalamurugan
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
amscanne
 
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechConShifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Tom Stiehm
 
Test Driven Development (TDD)
Test Driven Development (TDD)Test Driven Development (TDD)
Test Driven Development (TDD)
David Ehringer
 
Software Quality Architecture And Code Audit
Software Quality Architecture And Code AuditSoftware Quality Architecture And Code Audit
Software Quality Architecture And Code Audit
Xebia IT Architects
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis
Perforce
 
Ad

More Related Content

What's hot (20)

ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level Basic
Erol Selitektay
 
Code review
Code reviewCode review
Code review
dqpi
 
Improving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessImproving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review Process
Dr. Syed Hassan Amin
 
e2e testing with cypress
e2e testing with cypresse2e testing with cypress
e2e testing with cypress
Tomasz Bak
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
Satwik Bhupathi Raju
 
Regression testing
Regression testingRegression testing
Regression testing
Anamta Sayyed
 
An Introduction to Unit Testing
An Introduction to Unit TestingAn Introduction to Unit Testing
An Introduction to Unit Testing
Joe Tremblay
 
Basic software-testing-concepts
Basic software-testing-conceptsBasic software-testing-concepts
Basic software-testing-concepts
medsherb
 
Tracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubeTracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQube
Patroklos Papapetrou (Pat)
 
Test Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and CucumberTest Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and Cucumber
Rhoynar Software Consulting
 
Working With Legacy Code
Working With Legacy CodeWorking With Legacy Code
Working With Legacy Code
Andrea Polci
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
Manu Pk
 
Software testing
Software testing Software testing
Software testing
Ravindranath Tagore
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube Overview
Ahmed M. Gomaa
 
Cypress testing
Cypress testingCypress testing
Cypress testing
Vladyslav Romanchenko
 
Qa exploratory test charter template
Qa exploratory test charter templateQa exploratory test charter template
Qa exploratory test charter template
Rob Swoboda
 
Software testing
Software testingSoftware testing
Software testing
balamurugan.k Kalibalamurugan
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
amscanne
 
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechConShifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Tom Stiehm
 
Test Driven Development (TDD)
Test Driven Development (TDD)Test Driven Development (TDD)
Test Driven Development (TDD)
David Ehringer
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level Basic
Erol Selitektay
 
Code review
Code reviewCode review
Code review
dqpi
 
Improving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review ProcessImproving Code Quality Through Effective Review Process
Improving Code Quality Through Effective Review Process
Dr. Syed Hassan Amin
 
e2e testing with cypress
e2e testing with cypresse2e testing with cypress
e2e testing with cypress
Tomasz Bak
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
Satwik Bhupathi Raju
 
Regression testing
Regression testingRegression testing
Regression testing
Anamta Sayyed
 
An Introduction to Unit Testing
An Introduction to Unit TestingAn Introduction to Unit Testing
An Introduction to Unit Testing
Joe Tremblay
 
Basic software-testing-concepts
Basic software-testing-conceptsBasic software-testing-concepts
Basic software-testing-concepts
medsherb
 
Tracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQubeTracking and improving software quality with SonarQube
Tracking and improving software quality with SonarQube
Patroklos Papapetrou (Pat)
 
Test Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and CucumberTest Automation Framework with BDD and Cucumber
Test Automation Framework with BDD and Cucumber
Rhoynar Software Consulting
 
Working With Legacy Code
Working With Legacy CodeWorking With Legacy Code
Working With Legacy Code
Andrea Polci
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
Manu Pk
 
Software testing
Software testing Software testing
Software testing
Ravindranath Tagore
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube Overview
Ahmed M. Gomaa
 
Cypress testing
Cypress testingCypress testing
Cypress testing
Vladyslav Romanchenko
 
Qa exploratory test charter template
Qa exploratory test charter templateQa exploratory test charter template
Qa exploratory test charter template
Rob Swoboda
 
Software testing
Software testingSoftware testing
Software testing
balamurugan.k Kalibalamurugan
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
amscanne
 
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechConShifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon
Tom Stiehm
 
Test Driven Development (TDD)
Test Driven Development (TDD)Test Driven Development (TDD)
Test Driven Development (TDD)
David Ehringer
 

Similar to Code Quality Management Best Practices (20)

Software Quality Architecture And Code Audit
Software Quality Architecture And Code AuditSoftware Quality Architecture And Code Audit
Software Quality Architecture And Code Audit
Xebia IT Architects
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis
Perforce
 
A journey to_be_a_software_craftsman
A journey to_be_a_software_craftsmanA journey to_be_a_software_craftsman
A journey to_be_a_software_craftsman
Jaehoon Oh
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps Next
Perfecto by Perforce
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
TelecomValley
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Perforce
 
[India Merge World Tour] Coverity
[India Merge World Tour] Coverity[India Merge World Tour] Coverity
[India Merge World Tour] Coverity
Perforce
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
Parasoft
 
Parasoft Case Study: Wipro
Parasoft Case Study: WiproParasoft Case Study: Wipro
Parasoft Case Study: Wipro
Erika Barron
 
Advanced Codeless Testing for Web Apps
Advanced Codeless Testing for Web AppsAdvanced Codeless Testing for Web Apps
Advanced Codeless Testing for Web Apps
Perfecto by Perforce
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
Perforce
 
How AI and ML Can Accelerate and Optimize Software Development and Testing
How AI and ML Can Accelerate and Optimize Software Development and TestingHow AI and ML Can Accelerate and Optimize Software Development and Testing
How AI and ML Can Accelerate and Optimize Software Development and Testing
Aggregage
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays
 
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Lucas Jellema
 
Peer Code Review An Agile Process
Peer Code Review An Agile ProcessPeer Code Review An Agile Process
Peer Code Review An Agile Process
gsporar
 
What's New in Helix QAC 2019.1
What's New in Helix QAC 2019.1What's New in Helix QAC 2019.1
What's New in Helix QAC 2019.1
Perforce
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
Perforce
 
LucNguyen
LucNguyenLucNguyen
LucNguyen
Luc Nguyen
 
codEnforcer 2013
codEnforcer 2013codEnforcer 2013
codEnforcer 2013
Alexander Lipanov
 
Software Quality Architecture And Code Audit
Software Quality Architecture And Code AuditSoftware Quality Architecture And Code Audit
Software Quality Architecture And Code Audit
Xebia IT Architects
 
How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis How To Improve Quality With Static Code Analysis
How To Improve Quality With Static Code Analysis
Perforce
 
A journey to_be_a_software_craftsman
A journey to_be_a_software_craftsmanA journey to_be_a_software_craftsman
A journey to_be_a_software_craftsman
Jaehoon Oh
 
Automated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps NextAutomated Code Reviews with AI and ML - DevOps Next
Automated Code Reviews with AI and ML - DevOps Next
Perfecto by Perforce
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
TelecomValley
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Perforce
 
[India Merge World Tour] Coverity
[India Merge World Tour] Coverity[India Merge World Tour] Coverity
[India Merge World Tour] Coverity
Perforce
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
Parasoft
 
Parasoft Case Study: Wipro
Parasoft Case Study: WiproParasoft Case Study: Wipro
Parasoft Case Study: Wipro
Erika Barron
 
Advanced Codeless Testing for Web Apps
Advanced Codeless Testing for Web AppsAdvanced Codeless Testing for Web Apps
Advanced Codeless Testing for Web Apps
Perfecto by Perforce
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
Perforce
 
How AI and ML Can Accelerate and Optimize Software Development and Testing
How AI and ML Can Accelerate and Optimize Software Development and TestingHow AI and ML Can Accelerate and Optimize Software Development and Testing
How AI and ML Can Accelerate and Optimize Software Development and Testing
Aggregage
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays
 
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Software Engineering as the Next Level Up from Programming (Oracle Groundbrea...
Lucas Jellema
 
Peer Code Review An Agile Process
Peer Code Review An Agile ProcessPeer Code Review An Agile Process
Peer Code Review An Agile Process
gsporar
 
What's New in Helix QAC 2019.1
What's New in Helix QAC 2019.1What's New in Helix QAC 2019.1
What's New in Helix QAC 2019.1
Perforce
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
Perforce
 
LucNguyen
LucNguyenLucNguyen
LucNguyen
Luc Nguyen
 
codEnforcer 2013
codEnforcer 2013codEnforcer 2013
codEnforcer 2013
Alexander Lipanov
 
Ad

More from Perforce (20)

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
Perforce
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Perforce
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Perforce
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
Perforce
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
Perforce
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
Perforce
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
Perforce
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
Perforce
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
Perforce
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
Perforce
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Perforce
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
Perforce
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
Perforce
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Perforce
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
Perforce
 
Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2
Perforce
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
Perforce
 
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Perforce
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
Perforce
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
Perforce
 
How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
Perforce
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Perforce
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Perforce
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
Perforce
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
Perforce
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
Perforce
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
Perforce
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
Perforce
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
Perforce
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
Perforce
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Perforce
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
Perforce
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
Perforce
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Perforce
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
Perforce
 
Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2Achieving Software Safety, Security, and Reliability Part 2
Achieving Software Safety, Security, and Reliability Part 2
Perforce
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
Perforce
 
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Perforce
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
Perforce
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
Perforce
 
Ad

Recently uploaded (20)

Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
The Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdfThe Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdf
drewplanas10
 
Agentic AI Use Cases using GenAI LLM models
Agentic AI Use Cases using GenAI LLM modelsAgentic AI Use Cases using GenAI LLM models
Agentic AI Use Cases using GenAI LLM models
Manish Chopra
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
Adobe Photoshop Lightroom CC 2025 Crack Latest Version
Adobe Photoshop Lightroom CC 2025 Crack Latest VersionAdobe Photoshop Lightroom CC 2025 Crack Latest Version
Adobe Photoshop Lightroom CC 2025 Crack Latest Version
usmanhidray
 
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
Xforce Keygen 64-bit AutoCAD 2025 Crack
Xforce Keygen 64-bit AutoCAD 2025 CrackXforce Keygen 64-bit AutoCAD 2025 Crack
Xforce Keygen 64-bit AutoCAD 2025 Crack
usmanhidray
 
Salesforce Aged Complex Org Revitalization Process .pdf
Salesforce Aged Complex Org Revitalization Process .pdfSalesforce Aged Complex Org Revitalization Process .pdf
Salesforce Aged Complex Org Revitalization Process .pdf
SRINIVASARAO PUSULURI
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]
saniaaftab72555
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and CollaborateMeet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Maxim Salnikov
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Shift Left using Lean for Agile Software Development
Shift Left using Lean for Agile Software DevelopmentShift Left using Lean for Agile Software Development
Shift Left using Lean for Agile Software Development
SathyaShankar6
 
Landscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature ReviewLandscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature Review
Hironori Washizaki
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Mastering OOP: Understanding the Four Core Pillars
Mastering OOP: Understanding the Four Core PillarsMastering OOP: Understanding the Four Core Pillars
Mastering OOP: Understanding the Four Core Pillars
Marcel David
 
How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
The Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdfThe Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdf
drewplanas10
 
Agentic AI Use Cases using GenAI LLM models
Agentic AI Use Cases using GenAI LLM modelsAgentic AI Use Cases using GenAI LLM models
Agentic AI Use Cases using GenAI LLM models
Manish Chopra
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
Adobe Photoshop Lightroom CC 2025 Crack Latest Version
Adobe Photoshop Lightroom CC 2025 Crack Latest VersionAdobe Photoshop Lightroom CC 2025 Crack Latest Version
Adobe Photoshop Lightroom CC 2025 Crack Latest Version
usmanhidray
 
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
Xforce Keygen 64-bit AutoCAD 2025 Crack
Xforce Keygen 64-bit AutoCAD 2025 CrackXforce Keygen 64-bit AutoCAD 2025 Crack
Xforce Keygen 64-bit AutoCAD 2025 Crack
usmanhidray
 
Salesforce Aged Complex Org Revitalization Process .pdf
Salesforce Aged Complex Org Revitalization Process .pdfSalesforce Aged Complex Org Revitalization Process .pdf
Salesforce Aged Complex Org Revitalization Process .pdf
SRINIVASARAO PUSULURI
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]
saniaaftab72555
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and CollaborateMeet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Maxim Salnikov
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Shift Left using Lean for Agile Software Development
Shift Left using Lean for Agile Software DevelopmentShift Left using Lean for Agile Software Development
Shift Left using Lean for Agile Software Development
SathyaShankar6
 
Landscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature ReviewLandscape of Requirements Engineering for/by AI through Literature Review
Landscape of Requirements Engineering for/by AI through Literature Review
Hironori Washizaki
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Mastering OOP: Understanding the Four Core Pillars
Mastering OOP: Understanding the Four Core PillarsMastering OOP: Understanding the Four Core Pillars
Mastering OOP: Understanding the Four Core Pillars
Marcel David
 
How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 

Code Quality Management Best Practices

  • 1. Pragmatic Steps to Improve Code Quality SEPTEMBER 2019
  • 2. perforce.com Here’s What We’ll Cover Today 1 2 3 The Software Quality Challenge Steps to Improve Code Quality How to Improve Quality with Perforce
  • 3. perforce.com Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
  • 4. perforce.com The Software Quality Challenge https://www.computerworld.com/article/3412197/top-software-failures-in-recent-history.html Nissan’s Airbag Glitch S A F E T Y Wannacry S E C U R I T Y Amazon’s 1p Price Glitch F I N A N C I A L Facebook, Instagram, and WhatsApp B R A N D R E P U T A T I O N
  • 6. perforce.com QUALITY F U N C T I O N A L Customer Perception N O N - F U N C T I O N A L Performance S T R U C T U R A L Profitability Defining “Quality”
  • 7. perforce.com Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
  • 8. perforce.com QA can Become Self-defeating https://www.blackliszt.com R E C O M M E N D E D R E A D I N G : Getting It Right Keeping It Right
  • 9. perforce.com Ensure that software is: ‱ Safe: It can be used without causing harm. ‱ Secure: It can’t be hacked. ‱ Reliable: It functions as it should, every time. ‱ Testable: It can be tested at the code level. ‱ Maintainable: It can be maintained, even as your codebase grows. ‱ Portable: It works the same in every environment. Achieving High Code Quality: Use a Coding Standard
  • 10. perforce.com Why use a Coding Standard? Compliance with industry standards (e.g., ISO) Consistent code quality — no matter who writes the code Software security from the start Reduced development costs and accelerated time to market 1 2 3 4
  • 11. perforce.com Achieving High Code Quality: Deploy Static Analysis
  • 12. perforce.com Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
  • 13. perforce.com Achieving High Code Quality: Define Metrics
  • 14. perforce.com Using the Helix QAC Dashboard to Track Code Metrics VERSION CONTROL SYSTEM Local analysis allows for better quality control early. Server-side analysis allows deep analysis and provides results in a web interface. Other collaborators can also access results through web interface. Combine both local and server analysis DASHBOARD “Get it Right” “Keep it Right”
  • 15. perforce.com Team Collaboration — Management ‱ Reporting: ‱ Helps you meet project deadlines. ‱ Retrospective reporting. ‱ Metrics: ‱ Understand how your project is progressing. ‱ Is the software quality improving over time? ‱ Is the defect injection rate decreasing?
  • 16. perforce.com Achieving High Code Quality: Perform Manual Code Reviews https://www.perforce.com/blog/qac/9-best-practices-code-reviews Know what to look for. Build and test first. Review regularly and in small chunks. Give constructive feedback. Use a collaboration and tracking tool.
  • 17. perforce.com Team Collaboration — QA ‱ Annotations: ‱ Improve communication between your teams ‱ Identify which areas need the most attention ‱ Enhance peer reviews ‱ Code Review: ‱ See the control flow through your functions ‱ Reduce complexity and increase maintainability ‱ Help ensure your project is delivered on time
  • 18. perforce.com Summary 1 2 3 4 5 Quality is important Quality is hard to define Defects can be introduced at any stage Too many QA activities can be bad news Perforce tools enable a pragmatic approach to code quality Practical Steps for Code Quality ‱ Use a Coding Standard ‱ Deploy Static Analysis ‱ Track Metrics ‱ Conduct Manual Code Reviews