• Introduction
• Fixing Bugs is expensive.
• Coding Standards are preventative medicine for software.
• Standards are only useful when they are followed.
• Let CodeWizard do the work for you.
• The right technology for the job.
• ISO Certification is within reach.

Introduction

If all software was completely bug-free, the world would be a more efficient and happier place, not to mention safer. Realistically, we are very far from such a utopia. Let’s face it, ALL software has bugs. No industry in the world is free from hidden defects and difficult to reproduce problems in their software. If everyone was required to produce software that was 100% squeaky clean and bug-free, every software company would go out of business, and most industry would grind to a halt.

There are many kinds of bugs that manifest themselves in a variety of ways, but they do one common thing -- they cause problems. Bugs in software can cause life-saving equipment during surgery to fail, aircraft engines to malfunction during flight, ABS braking systems to behave erratically, or even funds to be transferred into the wrong account. Rather than taking such risks, most companies need to find and fix ALL the bugs. Concerns over these kinds of problems has lead to the development of international quality standards, such as ISO 9000.

Fixing Bugs is expensive.

Locating and repairing bugs can be very difficult and time-consuming. It is not uncommon for the debugging phase of software development to take 60-70% of the overall development time. In fact, debugging is responsible for 80% of all software project overruns. Several studies have been conducted to prove how much time goes into debugging.

One such study done by Microsoft concluded that it takes an average of 12 programming hours to find and fix a programming error. Another study by DeMarco and Lister concluded that professional programmers average 1.2 software defects for every 200 lines of code written. If you take these conclusions and apply them to the number of lines of code in your current development project, you can see that it will take a lot of time and money to rid your software of bugs.

Should endless time, effort and money be spent in debugging? Of course not. Efforts in the development of Total Quality Software (TQS) such as ISO tell us that quality is a process, and cannot just be applied at the end of production. The right way to deal with software defects is to prevent bugs from entering the code in the first place. Contrary to popular belief, there are ways to do this. The experience of many projects suggests that one way to prevent bugs is to use coding standards. Do coding standards guarantee bug-free code? Maybe not, but they help significantly, and every defect avoided is money in the bank!

Coding Standards are preventative medicine for software.

The use of coding standards is comparable to preventative medicine. Preventative medicine cannot guarantee that you will not be diagnosed with cancer but it can decrease your chances of developing cancer. Similarly, coding standards cannot guarantee that you will have bug-free code, but they will surely lessen the chances of producing "buggy" code that will cost you money later on.

Like preventative medicine, coding standards are not effective when applied inconsistently or haphazardly. Exercising 12 hours once a month does not have the same effect as 30 minutes every day. You can only experience the maximum benefits if it is used properly and systematically. By using coding practices consistently everyday, you decrease the chances of errors and increase code quality.

The constant application of coding standards is especially beneficial to new developers. Having less experience and knowledge, newer developers have a tendency to produce improper coding constructs that can lead to code that is unwieldy and prone to errors. Coding standards will not turn beginning programmers into experts, only training and experience can do that. However, the use of good coding standards will definitely help avoid the development of potentially hazardous code.

Good coding standards can also unify developers. Nowadays, more developers work independently to produce code. When other developers go to work with that same code, will they know what’s going on? Most likely not. Since everyone has a different style of writing code, there is a higher probability of the code being unclear and confusing. This can be prevented by agreeing upon and adhering to the same standards. When developers apply unified standards, the code is more comprehensible and maintainable, no matter who writes it.

Standards are only useful when they are followed.

Once developers agree upon the coding standards, the next step is to make sure they continue to follow them. A coding standard written on paper might be followed initially, but soon becomes cumbersome. Programmers should be able to access and enforce standards easily, with minimal effort. Remember, coding standards are supposed to make the developers’ jobs easier, not more difficult.

So how do you get the developers to constantly follow the guidelines? One easy solution is to provide a tool that enforces the standards automatically. This tool will help the developers stay consistent with and obedient to the standards. For maximum results you would even want to integrate the tool into the development process as a part of code validation. For example, the tool could be used on the code prior to checking it into the source control system or as a gate prior to integrating other modules.

Let CodeWizard do the work for you.

CodeWizard is the ideal tool that does ALL of this. CodeWizard has two purposes; to avoid hazardous coding practices and to enforce coding standards. By using CodeWizard, developers can code according to a consistent style, reduce maintenance, reduce time spent debugging, and above all, improve clarity. It frees programmers from worrying about the details of the coding standard, allowing them rather to concentrate their efforts on solving the task at hand. This tool not only helps developers avoid bad constructs and enforce standards, but also helps managers keep them accountable to it.

Out of the box, CodeWizard supports rules by Scott Meyers, noted programming expert and author "Effective C++" and "More Effective C++". The rules from these books are well-known and already part of the corporate coding standards for many software organizations. CodeWizard enforces Meyers’ rules automatically. CodeWizard is also very flexible and is able to enforce rules that other tools cannot.

Aside from Scott Meyers’ rules, all companies have their own sets of standards as well as their own unique development environment. ParaSoft knows that each development project needs rules that are tailored to its project specifications. Because of this, ParaSoft offers services to implement rules that project leaders and managers want or may already be using. ParaSoft can implement custom rules into your version of CodeWizard, in addition to the standard rules already included. CodeWizard can be customized to fit special programming requirements.

The right technology for the job.

One might ask, how can a software program look at code and judge its quality and adherence to standards without a programmer watching over it. CodeWizard uses an advanced technology called Source Code Analysis (SCA) to accomplish this. This patent-pending technology allows CodeWizard to parse source code and automatically alert the developer whenever a violation occurs. CodeWizard produces messages that tell you which rule was violated and shows you the code responsible for the error, including, where appropriate, the line number.

As with any coding guidelines, there may be circumstances where certain rules will not apply. Blind application of standards to all projects is perhaps as dangerous as not having standards. To accommodate certain exceptions, CodeWizard provides the developer with a very flexible and powerful mechanism for suppressing violation messages.

CodeWizard’s ability to provide context-sensitive error suppression allows you to suppress messages according to any combination of the following criteria: rule number, the severity of the violation (or how likely is it to cause problems), the file being processed, and the class that violated the rule. Suppressions can be placed into configuration files by hand, or generated interactively with the CodeWizard GUI, and can be set on a per-user, per-project, or site-wide basis. You can customize CodeWizard to your current project, which makes its reports more manageable. "Noise" from unimportant or unwanted messages is suppressed, so the only warnings the developer sees are those you consider critical.

ISO Certification is within reach.

CodeWizard is also an ideal tool for companies seeking to be ISO certified. ISO 9000 certification is rapidly becoming a must for companies in the software industry. CodeWizard can help you get and retain your certification, by putting in place coding procedures that consistently produce quality code.

In a real sense, CodeWizard becomes the software manager’s best friend. It silently enforces the coding standard, and because it’s non-obtrusive to the development process, the developer learns to rely on it. Over time programmers being to take full advantage of CodeWizard’s capabilities by developing their own rules and additions to the coding standards, based on their experience. Quality and coding standards are constantly improved in this manner, and maybe, just maybe, it can be a bug free world after all.