Bugs in Your Open Source Code

BUGS in your OPEN SOURCE CODE; THE FINANCIAL TIME AND COST OF DEFECTIVE SOFTWARE COST OF DEVELOPING: 45% O of defects found in open 2x source are considered high-risk factors. 35% High dependability software Low dependability software HOW OFTEN DO 70% SOFTWARE COMPANIES COST OF DEFECTS: TEST FOR RISKS & SECURITY? $180B Internally developed software total size of US software market Third party code $GOB annual cost from defective software IMPACT OF SOFTWARE DEFECTS: Companies who use third party code from open source providers: Companies who had problems from third party code resulting in defects. IMPACT OF SOFTWARE DEFECTS ON HAPPINESS: Companies believe that: require 80% 20%- customer satisfaction is impacted. 65% of all bugs... of effort to analyze, fix and correct. time-to-market is impacted. 47% 10% of defects account for 90%o of all downtime. COSTS TO THE ECONOMY: COST PER INDIVIDUAL DEFECT: $140 Requirements # in Billions of dollars Cost of inadequate software testing infrastructure $450 Design $7,100 Testing Potential savings from infrastructure improvements 38.3 I1.7 21.2 10.6 $975 Coding Users Developers $14,100 Maintenance MEDIUM RISK DEFECTS IN THE ANDROID KERNEL: Issues that cause incorrect results, concurrency problems and system freezes. Control flow issues 57 Error handling issues 036 Incorrect expression D17 Insecure data handling 53 Integer handling issues 23 Null pointer dereferences 83 WHERE ARE DEFECTS LOCATED. & HOW MUCH DO THEY COST TO REPAIR? Analysis/ Design 15% 0/ = one normalized unit of cost Coding/ 20% 5x unit test Integration/RAISE 40% 10x system test Early Feedback Beta Testing 15% 15x 30x Post Product 10% release WHAT INDUSTRIES ARE AT RISK FROM POOR QUALITY SOFTWARE? Safety & Security Economy A Records & Services Healthcare Government Airlines Manufacturing Finance Utilities Insurance Telecommuncations Defense Sources: http://agileelements.wordpress.com/2008/04/22/cost-of-software-defects/ http://www.idi.ntnu.no/grupper/su/su-diploma-2010/dipli0-janmaxim.pdf http://www.nist.gov/director/planning/upload/report02-3.pdf http://www.nist.gov/director/planning/upload/report02-3.pdf http://www.idi.ntnu.no/grupper/su/su-diploma-2010/dipll0-janmaxim.pdf http://www.coverity.com/library/pdf/coverity-scan-2010-open-source-integrity-report.pdf Source Ninja %24