Saturday, 9 January 2010

Software Program Maintenance

Software maintenance introduces more bugs. Through an analysis of the debugging progresses and the program fixes, it was clear that systems deteriorate over time. As a part of an ongoing research and analysis of software risk metrics, I have been analysing bugs and vulnerabilities as a function of coding practices for a number of companies.
clip_image002
What we see is that the first iteration of bug fixes leads to a second and subsequent series of fixes. In each set of fixes, there is a 20-50% (mean of 34% clip_image0048%[1]) of the fix creating another round of bugs. This drops on the second round of fixes, but starts to rise on the 3rd and subsequent rounds. In a smaller set of code, the low overall volume of bugs limits the number of iterations, but the larger code samples led to up to 6 iterations. This would be expected to be even larger on extremely large programs (such as an Operating System).
image
What we see is a slow deterioration of the code. As fixes occur, these introduce more and more bugs. On top of this, as new bugs are being introduced, old ones are still being uncovered.


[1] 95% Confidence Interval or clip_image006

No comments: