While process quality is an enabling condition for delivery quality products, measuring product quality is required. A number of key characteristics to check at code level are maintainability and evolvability.
CETIC had adapted a metrics-based approach and integrated tools for performing precise code level measurements. The approach allows to generate clear reports allowing project managers or developers to easy interpret the results relying on pertinent diagrams. These help in the decision making process and suggest improvements that can be quickly undertaken.
Typical question that can be answered are the following:
What is the quality of this code?
Is it worth maintaining or should (a part of) it be redeveloped?
Is this component trustful?
Does this third-party application respect our standard quality requirements?
What part of this code requires in-depth testing?
Code analysis is proposed in a variety of contexts such as:
Continuous code assessment during project development to assess delivery maturity
Internal assessment of code subject to evolution or legacy code
External quality assessment of the delivery quality in a client-provider relationship
Validation of maturity of open-source components (see also CELLAVI)
The direct customer benefits are the reduction of development time through a continuous evaluation of quality, the reduction of maintenance costs by strategic decision making about bad parts, improved confidence in the code quality and a supported decision process.
The code analysis relies on third party parsers and currently integrates support for Java, Delphi, C, C++ and C#.
Many code audit analysis have been carried out, especially in a public sector context for the French Community Parliament (evaluation of open-source components, assessment of newly developed components) and software editors (e.g. in CRM domain).