Monday, October 19, 2009

Inserting Static Analysis Into Your Agile Processes

Most software development organizations are moving to Agile development processes. All flavors of companies have started instituting Agile whether the organization is an IT organization supporting their business units or product companies who are developing software for customers. An important benefit of Agile is the ability to improve cycle times. Agile enables organizations to iterate much faster on market requirements and to iterate much faster on delivering working software to the market.

To meet these demands, software development organizations are using everything they can get their hands on to help them accomplish their goals. Whether it's continuous integration servers or static analysis solutions, development teams are arming themselves with new tools and new processes to capitalize on their ability to meet market needs faster and with less risk.

From Nightly Analysis to Continuous Analysis.
Static analysis can help in a number of ways. Many organizations already have a nightly build in which they require their developers to check-in only code that has been verified as clean. By making sure their software builds successfully every day, they minimize the risk of having broken code and complex integration steps towards the latter stage of the development process. It's not a stretch to increase the check-in requirement to also include addressing of all new static analysis defects. In fact, being alerted to these issues during development make them much easier to fix than when reported later in the development process.

Continuous integration is a further step in ensuring that the code is being constructed earlier and often. The challenge for most organizations is having static analysis operate at a reasonable performance to keep up with the build frequency. A typical large project may take only 15 minutes to build in an optimized environment but take 4-5 hours to analyze. With the right tweaks, static analysis can be optimized to be much faster. Often, it takes some outside expertise to assist.

Inserting static analysis whenever you build is an ideal time. Builds are a convenient time to run statistics, run automated tests and perform static analysis on your code.

Meeting the Demands
No developer wants to be the person who breaks the build. If there are new criteria required to check-in code, then those requirements should be testable by the developer in their development environment so they get a chance to address any problems prior to the more visible tests. They should therefore be able to make changes to their code and test, fix and iterate until they feel sure that their changes will pass the criteria. Arming the developers with this capability is not easy. Static analysis is doing complicated stuff. The computations that occur take time. Moving static analysis to the desktop requires both proper performance levels as well as the right usability model. At Code Integrity Solutions we've worked with extremely large codebases (tens of millions of lines of code) that whose analysis times can be chopped down to just minutes). Better quality code gets checked in when developers can iterate multiple times. Investing in a developer desktop model provides orders of magnitude benefit including better quality software earlier in the process and improved developer productivity.

Invest in a good, fast solution for both developers and your software development infrastructure and you'll see your Agile pay off faster!

2 comments: