Static correspondence and correlation between field defects and warnings reported by a bug finding tool

Cesar Couto, João Eduardo Montandon, Christofer Silva, Marco Tulio Valente
2011 Software quality journal  
Despite the interest and the increasing number of static analysis tools for detecting defects in software systems, there is still no consensus on the actual gains that such tools introduce in software development projects. Therefore, this article reports a study carried out to evaluate the degree of correspondence and correlation between postrelease defects (i.e., field defects) and warnings issued by FindBugs, a bug finding tool widely used in Java systems. The study aimed to evaluate two
more » ... of relations: static correspondence (when warnings contribute to find the static program locations changed to remove field defects) and statistical correlation (when warnings serve as early indicators for future field defects). As a result, we have concluded that there is no static correspondence between field defects and warnings. However, statistical tests showed that there is a moderate level of correlation between warnings and such kinds of software defects.
doi:10.1007/s11219-011-9172-5 fatcat:wbljmhxqszduvaaevf5cr53jcy