Channels ▼
RSS

Design

Do You Inspect?


IBM developed formal inspections of source code, config files, and other software artifacts in the '70s. They're still used today with applications of most any size to eliminate defects and improve quality be­fore the apps get tested.

Formal inspections work well with development methods such as CMMI, RUP, TSP, agile, QFD, JAD, and Earned Value. They've been ranked the most efficient defect-removal process available. Because inspection participants tend to avoid making the kinds of errors that are found in formal inspections, they're also one of the top-ranked defect-prevention methods.

Given their effectiveness, you'd expect formal inspections would be used on 100% of mission-critical software projects and on all of the critical sections of other software projects. But in reality, they're underutilized. Our research shows that more than 35% of organizations developing defense, systems, and embedded applications use formal inspections, while fewer than 10% of those writing IT, commercial, and Web applications use them.

One reason for this underutilization is that no vendor is out marketing formal inspections; that provides discouraging social commentary on how the software-engineering community learns new skills. No company owns formal inspections, and the method behind them is in the public domain. No one except a few consultants who teach the technique makes any money from inspections. Although there are many books and articles about the technique, there's no active marketing of it. To discover their value, people must seek out information on effective quality methods, and few take time to do this.

Tools and methods generally are adopted either in response to well-funded vendor marketing or market momentum. When methods such as agile, RUP, and TSP achieve a critical level of usage, other companies adopt them without much analysis.

Inspections haven't achieved the critical mass necessary to become self-sustaining and expand rapidly. Many more developers use newer defect-identification methods such as static analysis than inspections, because more than a dozen tool vendors, such as CAST, Coverity, Klocwork, and Parasoft, have effective static analysis marketing programs.

Another reason people don't use inspections is because they are aware that inspections raise effort and costs during requirements, design, and coding. But they don't have enough data to realize that once testing starts inspections will dramatically reduce testing costs and speed up the schedule, allowing the entire project to be delivered faster and cheaper. Inspections raise front-end costs, but they lower downstream costs forever. Projects with inspections are about 15% more productive during development than similar uninspected projects, and their maintenance costs are about 45% lower.  

Where Inspections Are Used

In addition to being the most efficient defect-removal technique, formal design and code inspections have a synergistic relationship with other defect-removal processes, such as testing, and also are quite successful in preventing defects.

Recent work by Tom Gilb, one of the more prominent authors dealing with software inspections, and his colleagues continues to support earlier findings that a human being inspecting code is the most effective way to find and eliminate complex problems that originate in requirements, design, and other noncode deliverables. Indeed, to identify deeper problems in source code, formal code inspection outranks testing in terms of defect-removal efficiency levels.

We find among our clients that about 100 enterprises out of 600 are using formal inspections more or less the way they're designed to be used. Another 125 are using semiformal inspections, design reviews, structured walkthroughs, or one of a number of local variations on the inspection process.

Large companies that produce systems and embedded software are making the most effective use of formal inspections. They've learned that if software is going to control complex physical devices, it must have the highest possible quality levels, and only inspections can achieve that.

The companies that are most likely to use inspections are those that look for software quality best practices and adopt them. It's telling that all organizations and industries most committed to quality tend to use pretest inspections. For example, formal inspections are common among computer, telecom, aerospace, defense, and medical instrument manufacturers, as well as systems software and operating systems developers. These types of companies need high-quality software to market their products; therefore, inspections are a key part of their approach.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video