Welcome!

Microsoft Cloud Authors: David H Deans, Yeshim Deniz, Janakiram MSV, Andreas Grabner, Stackify Blog

Related Topics: Microsoft Cloud

Microsoft Cloud: Article

Static Analysis Helps Computer Company Prevent Software Errors

The "shift left" enables them to accelerate delivery while ensuring high reliability

Static Analysis Helps a Leading Computer Company Prevent Software Errors

A leading personal computer company is dedicated to adding market-differentiating software "preloads" to their systems, and wants to continue their trend of reducing field-reported defects for those preloads.

Working with Parasoft, industry leader in Development Testing and defect prevention, they have adopted a custom-tailored static analysis solution for eliminating defects early in the software development lifecycle. This "shift left" enables them to accelerate delivery while ensuring high reliability.

The Challenge: Preventing Critical, Yet Uncommon, Defects

To ensure a positive user experience, this company actively tracks and works to mitigate the number of field-reported crashes (monitored via Windows Error Reporting) associated with the software that they develop and preload on their systems. Based on their experience and research, the company's quality leaders were convinced that static analysis could help them prevent many of the crash-causing defects being reported. However, there was one problem: out of the box, none of the leading static analysis solutions (Parasoft included) caught the specific defects that were most common and important for their business.

Being able to deliver differentiating software preloads as rapidly and efficiently as possible is critical to this company's business. However, if defects are identified by QA (rather than development), considerably more time and resources are required to diagnose and eliminate each defect. This significantly impacts the velocity and predictability of their delivery cycles-an issue which is becoming increasingly critical as they transition from waterfall to Agile.

The Solution: A Custom-Tailored Static Analysis Solution

The company proposed that Parasoft partner with them to address this problem. They would share details about the defects that they most wanted to prevent-for example, defects related to accessing null pointers, memory violations, buffer overruns, out of bounds accessing, etc. Parasoft would then evolve the static analysis technology featured in its Development Testing Platform to prevent these types of defects.

This was a win-win situation. The company would gain the very specific technology needed to meet their strict quality needs, and Parasoft would be able to offer their expanded technology to the general market, as well as gain the opportunity to be integrated into the company's supply chain.

Other factors driving the selection of Parasoft included:

  • Strong support for a broad set of programming languages: The company uses C++, .NET (C#), as well as Java. Parasoft centralizes execution and reporting for static analysis across all of these languages.

  • Enterprise-grade support for centrally-managed rules across teams and projects: With a global workforce, analyzing code versus a uniform set of expectations is critical. Centralized management eliminates the opportunity for miscommunications or human error introducing inconsistencies into the analysis.

  • Workflow integration: One key reason why the company's previous static analysis initiative failed to achieve the desired result is that the solution was not integrated into the development workflow (developers had to review reports outside of their standard tools/process, so reported defects were not being addressed and resolved). Parasoft's open infrastructure allows seamless integration into the company's existing tools and process (e.g., execution via Continuous Integration and reporting via their bug-tracking system).

Next Steps: Tracking and Optimizing How Static Analysis Reduces Field-Reported Errors

This company expects that the solution will provide release management increased visibility into the risks associated with the applications being developed-enabling them to make more informed go/no-go decisions. Since Windows Error Reporting gives them a very reliable account of how many crashes are occurring in the field, they look forward to tracking which defect prevention efforts have the greatest business impact. They can then use this feedback to continuously improve towards their ultimate goal-accelerating the delivery of innovative preload software without compromising the reliability that their enterprise clients expect.

Once the Parasoft solution is fully "baked into" the process across their laptop PCs, the company plans to extend the Parasoft solution across the remainder of their product lines.

Down the road, the company anticipates making the solution a requirement for vendors within their supply chain. When a driver that is preloaded on one of their PCs fails, users are likely hold the company accountable for that failure. As part of their ongoing efforts to ensure a positive user experience, the company monitors these failures (also reported through Windows Error Reporting) and works with vendors to minimize them. If the company finds that the Parasoft solution can effectively prevent the crashes being reported for preloaded drivers, then they plan to require vendors to comply with their selected rule set as part of their partnership terms.

Static Analysis Webinar: Where Does Static Analysis Fit in "Continuous Everything"?

Modern software development strategies call for a staggering amount of process automation to reduce the injection of defects and to get to market faster. These strategies lean on continuous testing, continuous builds, and continuous delivery-in short, "continuous everything." But organizations seeking to enable continuous processes consistently hit two barriers:

  • Setting criteria for determining next-level readiness.

  • Evolving policy to meet the demands of continuous development.

Join the live Where Does Static Analysis Fit in "Continuous Everything"? Power Hour webinar on Thursday April 23 to explore the critical role that static analysis plays in enabling continuous testing, continuous builds, and continuous delivery-including how static analysis:

  • Serves as the backbone for automating quality gates that verify whether code is ready for downstream phases of development. 

  • Helps you prevent avoidable rework that impedes velocity.

More Stories By Cynthia Dunlop

Cynthia Dunlop, Lead Content Strategist/Writer at Tricentis, writes about software testing and the SDLC—specializing in continuous testing, functional/API testing, DevOps, Agile, and service virtualization. She has written articles for publications including SD Times, Stickyminds, InfoQ, ComputerWorld, IEEE Computer, and Dr. Dobb's Journal. She also co-authored and ghostwritten several books on software development and testing for Wiley and Wiley-IEEE Press. Dunlop holds a BA from UCLA and an MA from Washington State University.

@ThingsExpo Stories
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
SYS-CON Events announced today that DXWorldExpo has been named “Global Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Digital Transformation is the key issue driving the global enterprise IT business. Digital Transformation is most prominent among Global 2000 enterprises and government institutions.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
There is only one world-class Cloud event on earth, and that is Cloud Expo – which returns to Silicon Valley for the 21st Cloud Expo at the Santa Clara Convention Center, October 31 - November 2, 2017. Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers. Companies are each developing their unique mix of cloud technologies and service...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, will introduce two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a...
SYS-CON Events announced today that Secure Channels, a cybersecurity firm, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Secure Channels, Inc. offers several products and solutions to its many clients, helping them protect critical data from being compromised and access to computer networks from the unauthorized. The company develops comprehensive data encryption security strategie...
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
SYS-CON Events announced today that App2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct. 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. App2Cloud is an online Platform, specializing in migrating legacy applications to any Cloud Providers (AWS, Azure, Google Cloud).
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. Jack Norris reviews best practices to show how companies develop, deploy, and dynamically update these applications and how this data-first...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, shared examples from a wide range of industries – including en...
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Consumers increasingly expect their electronic "things" to be connected to smart phones, tablets and the Internet. When that thing happens to be a medical device, the risks and benefits of connectivity must be carefully weighed. Once the decision is made that connecting the device is beneficial, medical device manufacturers must design their products to maintain patient safety and prevent compromised personal health information in the face of cybersecurity threats. In his session at @ThingsExpo...
SYS-CON Events announced today that Grape Up will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct. 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company specializing in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market across the U.S. and Europe, Grape Up works with a variety of customers from emergi...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.