Costas Voliotis (CodeWeTrust) – An AI-driven approach to source code evaluation

0 likes57 views

This document discusses an AI-driven approach to source code quality evaluation called source code inspection. It aims to reduce technical debt and the costs of maintenance, integration, and license compliance by continuously evaluating source code quality as part of the software development lifecycle. The proposed approach uses machine learning and analytics to classify issues, detect vulnerabilities, analyze dependencies, and provide recommendations to optimize the development process.

Technology

Source code Inspection
An AI-driven approach to source
code quality evaluation
BI focusing on the efficiency of SDLC
Costas Voliotis
5/13/21
1

Source code Inspection
“The ability for engineering teams to deliver high
quality software at velocity is the difference between
companies that gain a competitive edge versus those
that fall behind” Undo CEO, Barry Morris
Today, every company is a software company

Source code Inspection
The Source Code Quality? What is this?

Source code Inspection
Why we should care about it?

Source code Inspection
the sooner the cheaper!

Source code Inspection
… quick take-away!

Source code Inspection
… we propose an AI-driven process that helps
reduce the technical debt burden
Time, and resources are limited ...

Source code Inspection
AI-driven SDLC management
8

Source code Inspection
The c2m SQA evaluation process

Source code Inspection
… digging a little bit deeper
10
Reduce the cost
maintenance
Reduce the cost of
integration
Improve the defence
against web attacks.
Simplify License
Compliance
resolution
Classify the level of maintenance required per version (Classiﬁcation)
Reduce the size of code requires maintenance (Clustering)
Optimise and Standardize maintenance process (Rules Based Workﬂows)
Detect Version Similarities (K-Means-), Suggest Eliminate/Merge of
versions ( Recommendations), Reduce False-Positives, (Learning),
Classify tech stacks (Classification) reduce downtime (Predictive analytics)
Detect Vulnerabilities(Pattern Matching)-Identify Hotspots (Rule based
recommendations). Classify Business Risk (Rule based/Classification)
Identify vulnerabilities based on dependencies (Learning/Matching)
Detect Licenses (Name matching/Pattern Matching), Licenses Resolution
(Rules based recommendations). Classify Business Risk (Rule
based/Classiﬁcation). Reduce false-positives (Learning)
AI ML

Source code Inspection
How does c2m look like? Dashboard view

Source code Inspection
Issues distribution-Interactive heatmaps

Source code Inspection
Technical Reports and Code Viewer
Web Interface -
visualizes all the
aspects of SW
quality
Code Viewer -
enables detailed
inspection of the
ﬁndings

Source code Inspection
Our vision:Optimization of the SDLC’s efﬁciency
Input : dev team alignment +
Continuous SQA
assessment
Process : Federation, SQA
part of CI/CD + Flexibility
Monitoring + Learning
Output : Proﬁtable,
sustainable, ﬂexible, evolving
sw development process
14

Source code Inspection
Resources
Code we trust website: https://www.codewetrust.com/
Freemium Server +
CI/CD download page: https://www.codewetrust.com/download
Live demo / test cases : https://www.codewetrust.com/test-cases

More Related Content

Similar to Costas Voliotis (CodeWeTrust) – An AI-driven approach to source code evaluation (20)

DOCX

Agile Independent Verification & Validation Body of Knowledge v1.1commercescape

PDF

Maturity of-code-mgmt-2016-04-06Bogusz Jelinski

PPT

Software Quality Architecture And Code AuditXebia IT Architects

PDF

Oak Systems - When you build Software, we build Quality in it Oak Systems

PPT

MOND Semantics IntegrationSales Emea

PDF

Agile Team Autonomy – Don’t Just Give It Away Make Teams Earn It Consortium for Information & Software Quality (CISQ)

PPT

Rhapsody SoftwareBill Duncan

PDF

Introduction: Low Code Testing and Its ScopeStudySection

PDF

Cloud Migration: Azure acceleration with CAST HighlightCAST

PDF

WSO2Con USA 2015: The Needs of Next Generation GiantsWSO2

PPTX

Introduction to the Microsoft Azure Cloud.pptxEverestMedinilla2

PDF

[India Merge World Tour] CoverityPerforce

PDF

2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례VMware Tanzu Korea

PDF

2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개VMware Tanzu Korea

PDF

Case Study: Automating Code Reviews for Custom SAP ABAP Applications with Vir...Virtual Forge

PDF

Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...apidays

PDF

Optimize your CI/CD with GitLab and AWSDevOps.com

PPTX

DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...DevOps Enterprise Summmit

PPT

Care with Source2VALUEmeijerandre

PPTX

DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...Gene Kim

Agile Independent Verification & Validation Body of Knowledge v1.1commercescape

Maturity of-code-mgmt-2016-04-06Bogusz Jelinski

Software Quality Architecture And Code AuditXebia IT Architects

Oak Systems - When you build Software, we build Quality in it Oak Systems

MOND Semantics IntegrationSales Emea

Agile Team Autonomy – Don’t Just Give It Away Make Teams Earn It Consortium for Information & Software Quality (CISQ)

Rhapsody SoftwareBill Duncan

Introduction: Low Code Testing and Its ScopeStudySection

Cloud Migration: Azure acceleration with CAST HighlightCAST

WSO2Con USA 2015: The Needs of Next Generation GiantsWSO2

Introduction to the Microsoft Azure Cloud.pptxEverestMedinilla2

[India Merge World Tour] CoverityPerforce

2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례VMware Tanzu Korea

2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개VMware Tanzu Korea

Case Study: Automating Code Reviews for Custom SAP ABAP Applications with Vir...Virtual Forge

Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...apidays

Optimize your CI/CD with GitLab and AWSDevOps.com

DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...DevOps Enterprise Summmit

Care with Source2VALUEmeijerandre

DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...Gene Kim

More from Codiax (20)

PDF

Dr. Laura Kerber (NASA’s Jet Propulsion Laboratory) – Exploring Caves on the ...Codiax

PDF

Dr. Lobna Karoui (Fortune 500) – Disruption, empathy & Trust for sustainable ...Codiax

PDF

Luka Postružin (Superbet) – ‘From zero to hero’ in early life customer segmen...Codiax

PDF

Gema Parreno Piqueras (Apium Hub) – Videogames and Interactive Narrative Cont...Codiax

PDF

Janos Puskas (Accenture) – Azure IoT Reference Architecture for enterprise Io...Codiax

PDF

Adria Recasens, DeepMind – Multi-modal self-supervised learning from videosCodiax

PDF

Roelof Pieters (Overstory) – Tackling Forest Fires and Deforestation with Sat...Codiax

PDF

Javier Fuentes Alonso (Uizard) – Using machine learning to turn you into a de...Codiax

PDF

Emeli Dral (Evidently AI) – Analyze it: production monitoring for machine lea...Codiax

PDF

Matthias Feys (ML6) – Bias in ML: A Technical IntroCodiax

PDF

Christophe Tallec, Hello Tomorrow – Solving our next decade challenges throug...Codiax

PDF

Sean Holden (University of Cambridge) - Proving Theorems_ Still A Major Test ...Codiax

PDF

Olga Afanasjeva (GoodAI) - Towards general artificial intelligence for common...Codiax

PDF

Maciej Marek (Philip Morris International) - The Tools of The TradeCodiax

PDF

Joanna Bryson (University of Bath) - Intelligence by Design_ Systems engineer...Codiax

PDF

Jakub Langr (University of Oxford) - Overview of Generative Adversarial Netwo...Codiax

PDF

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldCodiax

PDF

Jair Ribeiro - Defining a Successful Artificial Intelligence Strategy for you...Codiax

PDF

Cindy Spelt (Zoom In Zoom Out) - How to beat the face recognition challenges?Codiax

PDF

Alexey Borisenko (Cisco) - Creating IoT solution using LoRaWAN Network ServerCodiax