Software Quality: Code Analysis and Testing

The collective experience of IT companies confirms that the maintenance of large, compound software systems consisting of several million lines of code and complex architectures requires quite a large amount of resources. In most of the cases, these maintenance and further development costs are significantly higher than the costs of the initial development. The most significant part of these resources is consumed mainly by testing, bug-fixing, the implementation of newly encountered business requirements, and adaptation to changing environments. The continuous code change results in an unavoidable quality decay, and the only possibility to increase the useful life-cycle of the product is to try to moderate the quality decrease rate.

One of the primary strategic goals of the Department is to produce tools and technologies usable in real life scenarios for the mitigation of such quality decay, starting from prevention during initial development, quality assessment in the case of existing systems, as well as their improvement. Our R&D activities in this domain range from static code analysis to traditional testing and test optimization to product-based quality assurance (code quality measurement and improvement through refactoring), and to process-based quality assurance (process maturity assessment and improvement).

Code Analysis

The Department has a lot of experience in developing tools and technologies for software quality assurance. We have been conducting R&D projects in this field since 1997, and the topics of these projects include developing source code analyzers (Java, C/C++, C#, PL/SQL, Python, JavaScript, RPG, etc.) for the analysis of large systems containing several million lines of source code. The technology named Columbus incorporates a wide range of tools and technologies in various areas of software quality assurance, static source code analysis, quality monitoring frameworks, quality models, test-efficiency improvement approaches (automatic test-case selection, test case generation, test coverage measurement, test automation, etc.), and software architecture reconstruction through dependency analysis and reverse engineering.

To promote related activities of other researchers and practitioners, and to support open research, some central parts of our source code analysis technology are available as open source through the OpenStaticAnalyzer project.

Our spin-off company, FrontEndART Ltd., offers products and services related to software quality based on the research and development results of the Department.

Testing

Testing is inevitably one of the most important instruments to software quality assessment (and, indirectly, improvement), and for many companies, quality-related efforts are limited to the traditional testing activities. Various research showed that often a significant portion of the total project costs (20-60%) is spent on testing, but the question is how efficiently these resources are used.

The Department has a notable experience in traditional and more advanced software testing methods, approaches, and tools and is conducting R&D in various related fields, ranging from scientific research to industrial testing projects. Several staff members hold official professional certificates as software testers on Foundation and Advanced levels according to the ISTQB scheme. We also offer related training services to organizations and individuals.

Specific areas in software testing R&D include optimization of test processes and test infrastructure, test automation, testing tools, code-related testing, code coverage assessment and improvement, and also more advanced, scientific and sophisticated testing methods including random testing, mutation testing, systematic fault localization, automated debugging, bug prediction, etc.
Further testing related competences of the Department are security testing and fuzz testing, see more details at IT Security.

Key Projects

REPARA-FP7

The REPARA project aims to help the transformation and deployment of new and legacy applications in parallel heterogeneous computing architectures while maintaining a balance between application performance, energy efficiency and source code maintainability. Read more, Project website

GINOP-2.2.1-15-2017-00038

The goal of the project is research and development of SmartCity and SmartVillage technologies and services at SagemCom in collaboration with universities. Read more in Hungarian

GINOP-2.1.1-15-2015-00370

The overall objective of the project is to provide tools and methods for the analysis of the structure and data dependencies of large industrial databases. The Department participates as external consultant. Read more in Hungarian

GOP-1.1.1-11-2012-0323

The overall objective of the project is to provide tools and methods for RPG/400 software quality assurance, modernizing transformations and cloud adaptations. Read more , Read more in Hungarian

GOP 1.1.1 -11-2011-0038

Research on the impact of the quality of business critical IT systems on system security, risks and costs. Developing tools and services based on source code analysis and process modelling. Read more , Read more in Hungarian

GOP 1.1.1-11-2011-0006

Development of the European based OpenDocument Format (ODF) applications by applying novel software quality assurance- and mobile technologies. Read more , Read more in Hungarian

GOP 1.1.1-11-2011-0039

Development of tools supporting the testing of applications written in fourth-generation programming languages. Read more, Read more in Hungarian

GOP 1.1.1-11-2011-0049

Development and validation of a technology supporting the reconstruction and assesment of the architecture of SaaS frameworks based on Java Enterprise platform. Read more, Read more in Hungarian

SZOMIN08

Development of a software quality assurance service package for OpenDocument Format ODF applications. Read more

OpenOffice++

Improving the Quality of Open Source Software: analysing the structural architecture and source code quality of the open source package called OpenOffice.org. (5 million lines of code)

ART-Szeged & TE-Szeged

Studying the source code analysis techniques that can effectively support the re-construction of system architecture models and improve the current code analysis tools for Symbian.

CIRENE - Cross-border ICT Research Network

Development of a methodology/platform for the functional and structural testing of embedded systems. Read more, Project website

Impact analysis (OTKA)

Research on efficient system-level impact analysis methods and their applications in software engineering. Read more

CodeMetropolis

Research on Code visualisation with high expressive power. Read more

Key Industrial Projects

  • Design and development of a C/C++ source code analyzer frontend and the quality check of the S60 development platform.

  • Assessment and documentation of the entire IT infrastructure (hardware, software, etc.) of a large local company using the SourceInventory framework Analysis and quality assurance checks of the software systems written in ForrásSQL programming language.

  • Development of a platform and tools for the static analysis of the ForrásSQL programming language Design and implementation of a test manager framework for ForrásSQL, research on automatic test case generation for ForrásSQL.

  • Development of a platform for the quality assurance and architecture reconstruction of the Magic programming language.
    The framework named Magister continuously analyzes and evaluates the source code of Magic and reports eventual problems or issues.

  • Development of source code analysis and refactoring technologies for modern C++ architectures.

Key Partners

Nokia, Ericsson, Sun Microsystems / Oracle, Erste Bank, CIB Bank, Multiráció, FrontEndART Software, Szeged Software, R&R Software, evopro, HUAWEI, SagemCom, NNG, T-Systems Hungary

Selected Publications

Gyimesi, Péter, Béla Vancsics, Andrea Stocco, Davood Mazinanian, Árpád Beszédes, Rudolf Ferenc, and Ali Mesbah. BugsJS: a Benchmark of JavaScript Bugs In 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST). Xi'an, China, 2019.

Ujhelyi, Zoltán, Ákos Horváth, Dániel Varró, Norbert István Csiszár, Gábor Szőke, László Vidács, and Rudolf Ferenc. "Anti-pattern Detection with Model Queries: A Comparison of Approaches." In Proceedings of the 2014 Software Evolution Week (Merger of the 18th IEEE European Conference on Software Maintenance and Reengineering & 21st IEEE Working Conference on Reverse Engineering – CSMR-WCRE 2014), 293-302. Antwerp, Belgium: IEEE Computer Society, 2014.

Beszédes, Árpád, L. Schrettner, B. Csaba, Tamás Gergely, Judit Jász, and Tibor Gyimóthy. "Empirical investigation of SEA-Based dependence cluster properties." In IEEE 13th International Working Conference on Source Code Analysis and Manipulation, SCAM 2013, edited by Bram Adams, Juergen Rilling and Foutse Khomh, 1-10. Piscataway: IEEE Computer Society, 2013.

Bakota, Tibor, P. Hegedűs, P Körtvélyesi, Rudolf Ferenc, and Tibor Gyimóthy. "A probabilistic software quality model." In Software Maintenance (ICSM), 2011 27th IEEE International Conference on, 243-252., 2011.

Related Publications

Vidács, László, Judit Jász, Árpád Beszédes, and Tibor Gyimóthy. "Combining Preprocessor Slicing with C/C++ Language Slicing." In Proceedings of the 16th IEEE International Conference on Program Comprehension (ICPC'08), 163-171., 2008.

Beszédes, Árpád, Tamás Gergely, and Tibor Gyimóthy. "Graph-Less Dynamic Dependence-Based Dynamic Slicing Algorithms." In Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation (SCAM'06), 21-30., 2006.

Gyimóthy, Tibor, Rudolf Ferenc, and István Siket. "Empirical Validation of Object-Oriented Metrics on Open Source Software for Fault Prediction." In IEEE Transactions on Software Engineering, 897-910. Vol. 31. IEEE Computer Society, 2005.

Binkley, D., S. Danicic, Tibor Gyimóthy, M. Harman, Ákos Kiss, and B. Korel. "Minimal Slicing and the Relationships between Forms of Slicing." In Proceedings of the 5th {IEEE} International Workshop on Source Code Analysis and Manipulation ({SCAM} 2005), 45-54. Budapest, Hungary: ieeecs, 2005.

Ferenc, Rudolf, Árpád Beszédes, M. Tarkiainen, and Tibor Gyimóthy. "Columbus – Reverse Engineering Tool and Schema for C++." In Proceedings of the 18th International Conference on Software Maintenance (ICSM'02), 172-181. IEEE Computer Society, 2002.

Beszédes, Árpád, Tamás Gergely, Zs. M. Szabó, J. Csirik, and Tibor Gyimóthy. "Dynamic Slicing Method for Maintenance of Large C Programs." In Proceedings of the Fifth European Conference on Software Maintenance and Reengineering (CSMR 2001), 105-113. IEEE Computer Society, 2001.

Gyimóthy, Tibor, Árpád Beszédes, and I. Forgács. "An Efficient Relevant Slicing Method for Debugging." In Proceedings of the Joint 7th European Software Engineering Conference and 7th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (ESEC/FSE'99), 303-321. Lecture Notes in Computer Science. Springer-Verlag, 1999.

Key People (in alphabetical order):

  • Árpád Beszédes, PhD
  • Rudolf Ferenc, PhD
  • Tamás Gergely, PhD
  • Tibor Gyimóthy, DSc
  • Péter Hegedűs, PhD
  • Ferenc Horváth
  • Judit Jász, PhD
  • István Siket, PhD
  • Péter Siket
  • Zoltán Gábor Tóth
  • László Vidács, PhD
Page last modified: October 9, 2019