CodeScene

Last updated
CodeScene
Developer(s) CodeScene AB
Initial release2016
Stable release
6.5 / 2024
Operating system Any that can run a modern JVM
Platform Java
Available inEnglish
Type Behavioral program analysis
License Proprietary
Website CodeScene

CodeScene is a software engineering intelligence platform that combines code quality metrics with behavioral code analysis. It provides visualizations based on version control data and machine learning algorithms that identify social patterns and hidden risks in source code. [1]

Contents

CodeScene offers several features that support software maintainability and evolution within large-scale software development environments. The platform delivers several actionable performance indicators that assist software organizations in identifying risks and bottlenecks. CodeScene’s research team employs an evidence-based approach to validate how these indicators are associated with business-critical variables such as development velocity and defect density.

The platform uses its Code Health metric to evaluate the maintainability of source code. Another significant feature is the concept of hotspots which are areas of code that are frequently modified. This concept is inspired by geographic profiling a technique used in criminal investigations, which is reflected in the naming of CodeScene.

By focusing on improving Code Health in hotspots, CodeScene aims to assist software development organizations in prioritizing technical debt mitigation. This approach is intended to enhance the maintainability and quality of software projects.

History

CodeScene is based on the ideas from the book Your Code As A Crime Scene: Use Forensic Techniques to Arrest Defects, Bottlenecks, and Bad Design in Your Programs [2] by CodeScene's founder Adam Tornhill.

The first version of CodeScene was released in 2016, [3] and the current version is 6.5 which comes with auto-generated PDF reports, architectural code health metrics, quality gates for build pipelines, and can put costs on hotspots. [4]

In January of 2021, CodeScene raised kr  30,000,000 from Inventure and Luminar to expand its business. [5] In August of 2023, CodeScene also raised €7.5 Million in a financing round led by Neqst. [6] [7]

Overview

CodeScene measures code quality using its Code Health metric. Code Health focuses on how cognitively difficult it is for human developers to comprehend a piece of source code. The metric aligns with the mindset that the best strategy for gauging code quality is to aggregate a set of specific complexity attributes. [8] CodeScene parses source code to identify the presence of established code smells, e.g., ‘’God Class’’, ‘’God Methods’’, and ‘’Duplicated Code’’. The presence of code smells is combined into a numeric value between 1 and 10. The lower end represents extremely poor maintainability, and the upper end indicates top-notch code that is easy to maintain. CodeScene categorizes files into one of three sub-intervals: healthy (9 or higher), warning (between 4 and 9), and alert (lower than 4).

CodeScene includes support for the following programming languages: C, C++, C#, Java, Groovy, JavaScript, TypeScript, Objective-C, Scala, Python, Swift, Go, Kotlin, Visual Basic .Net, PHP, Perl 5, Dart, Erlang, Ruby, React, ECMAScript, Vue.js, Rational Software Architect Models, Clojure, PowerShell, TCL, Apex, Elixir, Rust and BrightScript. [9]

The Software as a service version of CodeScene is available for free for open source projects. [10] CodeScene is also available in an on-premise version that includes more advanced features like continuous integration support, Jira integration for cost calculations, and on- and off-boarding simulations.

Scientific research and impact

CodeScene is grounded in empirical software engineering research. The company is an active contributor to the academic community through its publication of research articles, organization of academic events, and participation in peer-review service. Examples of large research collaborations supported by publicly funded projects include the European Eureka ITEA3 TESTOMAT project, the Vinnova-backed competence center NextG2Com, and the SESAM project funded by the Swedish Knowledge Foundation.

The majority of academic research concerning CodeScene has concentrated on the validation of its Code Health metric. This metric has been extensively studied to assess its efficacy in identifying software maintainability issues. The research mission at CodeScene aims to frame source code quality as a business concern, not just a technical aspect. The primary research method used by CodeScene is mining software repositories using anonymous log files from static program analysis of proprietary projects. This approach contrasts with the majority of software engineering mining studies, which typically rely on open-source software repositories.

Example findings from empirical studies of CodeScene include:

Reception

CodeScene was featured on the ThoughtWorks Technology Radar [15] as a social code analysis tool.

CodeScene users report that CodeScene is "The right way to manage technical debt", "A new standard for quality assurance", and provides "Insights like never seen before". [16]

CodeScene's free version is used to visualize the case studies in Adam Tornhill's book Software Design X-Rays: Fix Technical Debt with Behavioral Code Analysis. [17]

Related Research Articles

In computing, source code, or simply code or source, is a plain text computer program written in a programming language. A programmer writes the human readable source code to control the behavior of a computer.

In computer science, static program analysis is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs during their execution in the integrated environment.

<span class="mw-page-title-main">Software testing</span> Checking software against a standard

Software testing is the act of checking whether software satisfies expectations.

A software bug is a bug in computer software.

In software engineering and development, a software metric is a standard of measure of a degree to which a software system or process possesses some property. Even if a metric is not a measurement, often the two terms are used as synonyms. Since quantitative measurements are essential in all sciences, there is a continuous effort by computer science practitioners and theoreticians to bring similar approaches to software development. The goal is obtaining objective, reproducible and quantifiable measurements, which may have numerous valuable applications in schedule and budget planning, cost estimation, quality assurance, testing, software debugging, software performance optimization, and optimal personnel task assignments.

<span class="mw-page-title-main">Code review</span> Activity where one or more people check a programs code

Code review is a software quality assurance activity in which one or more people check a program, mainly by viewing and reading parts of its source code, either after implementation or as an interruption of implementation. At least one of the persons must not have authored the code. The persons performing the checking, excluding the author, are called "reviewers".

In software development, code reuse, also called software reuse, is the use of existing software, or software knowledge, to build new software, following the reusability principles.

<span class="mw-page-title-main">Ada Semantic Interface Specification</span> Interface

The Ada Semantic Interface Specification (ASIS) is a layered, open architecture providing vendor-independent access to the Ada Library Environment. It allows for the static analysis of Ada programs and libraries. It is an open, published interface library that consists of the Ada environment and their tools and applications.

In the context of software engineering, software quality refers to two related but distinct notions:

Software visualization or software visualisation refers to the visualization of information of and related to software systems—either the architecture of its source code or metrics of their runtime behavior—and their development process by means of static, interactive or animated 2-D or 3-D visual representations of their structure, execution, behavior, and evolution.

In software development, peer review is a type of software review in which a work product is examined by author's colleagues, in order to evaluate the work product's technical content and quality.

In software development and other information technology fields, technical debt is the implied cost of future reworking because a solution prioritizes expedience over long-term design.

In engineering, debugging is the process of finding the root cause of and workarounds and possible fixes for bugs.

Software archaeology or source code archeology is the study of poorly documented or undocumented legacy software implementations, as part of software maintenance. Software archaeology, named by analogy with archaeology, includes the reverse engineering of software modules, and the application of a variety of tools and processes for extracting and understanding program structure and recovering design information. Software archaeology may reveal dysfunctional team processes which have produced poorly designed or even unused software modules, and in some cases deliberately obfuscatory code may be found. The term has been in use for decades.

<span class="mw-page-title-main">Parasoft C/C++test</span> Integrated set of tools

Parasoft C/C++test is an integrated set of tools for testing C and C++ source code that software developers use to analyze, test, find defects, and measure the quality and security of their applications. It supports software development practices that are part of development testing, including static code analysis, dynamic code analysis, unit test case generation and execution, code coverage analysis, regression testing, runtime error detection, requirements traceability, and code review. It's a commercial tool that supports operation on Linux, Windows, and Solaris platforms as well as support for on-target embedded testing and cross compilers.

Development testing is a software development process that involves synchronized application of a broad spectrum of defect prevention and detection strategies in order to reduce software development risks, time, and costs.

<span class="mw-page-title-main">CAST (company)</span> Technology corporation

CAST is a technology corporation headquartered in New York City and France, near Paris. It was founded in 1990 in Paris, France, by Vincent Delaroche.

A software map represents static, dynamic, and evolutionary information of software systems and their software development processes by means of 2D or 3D map-oriented information visualization. It constitutes a fundamental concept and tool in software visualization, software analytics, and software diagnosis. Its primary applications include risk analysis for and monitoring of code quality, team activity, or software development progress and, generally, improving effectiveness of software engineering with respect to all related artifacts, processes, and stakeholders throughout the software engineering process and software maintenance.

Software diagnosis refers to concepts, techniques, and tools that allow for obtaining findings, conclusions, and evaluations about software systems and their implementation, composition, behaviour, and evolution. It serves as means to monitor, steer, observe and optimize software development, software maintenance, and software re-engineering in the sense of a business intelligence approach specific to software systems. It is generally based on the automatic extraction, analysis, and visualization of corresponding information sources of the software system. It can also be manually done and not automatic.

Software intelligence is insight into the inner workings and structural condition of software assets produced by software designed to analyze database structure, software framework and source code to better understand and control complex software systems in information technology environments. Similarly to business intelligence (BI), software intelligence is produced by a set of software tools and techniques for the mining of data and the software's inner-structure. Results are automatically produced and feed a knowledge base containing technical documentation and blueprints of the innerworking of applications, and make it available to all to be used by business and software stakeholders to make informed decisions, measure the efficiency of software development organizations, communicate about the software health, prevent software catastrophes.

References

  1. Tornhill, Adam (2018). "Assessing Technical Debt in Automated Tests with CodeScene". 2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW). pp. 122–125. doi:10.1109/ICSTW.2018.00039. ISBN   978-1-5386-6352-3.
  2. Tornhill, Adam (2015). Your Code as a Crime Scene Use Forensic Techniques to Arrest Defects, Bottlenecks, and Bad Design in Your Programs. Raleigh, North Carolina: Pragmatic Bookshelf. ISBN   978-1680500387.
  3. Tornhill, Adam. "CodeScene: The First Three Years". CodeScene AB. Retrieved 23 October 2018.
  4. "CodeScene 4.0: Dawn of a new User Interface". CodeScene AB.
  5. "De förutspår felaktig kod med hjälp av ai – tar in 30 miljoner". DiGITAL. 17 January 2021.
  6. "Neqst Investments". Neqst.
  7. "CodeScene Raises €7.5 Million in a Financing Round". CodeScene AB.
  8. Fenton, N. (1994). "Software Measurement: A Necessary Scientific Basis". IEEE Transactions on Software Engineering. 20 (3): 199–206. doi:10.1109/32.268921.
  9. "Supported Programming Languages". CodeScene. CodeScene AB. Retrieved 24 October 2019.
  10. "CodeScene Cloud plans" . Retrieved 23 October 2018.
  11. Tornhill, Adam; Borg, Markus (2022). "Code red: The business impact of code quality - a quantitative study of 39 proprietary production codebases". Proceedings of the International Conference on Technical Debt. pp. 11–20. doi:10.1145/3524843.3528091. ISBN   978-1-4503-9304-1.
  12. Borg, Markus; Pruvost, Ilyana; Mones, Enys; Tornhill, Adam (2024). "Increasing, not Diminishing: Investigating the Returns of Highly Maintainable Code". Proceedings of the 7th ACM/IEEE International Conference on Technical Debt. pp. 21–30. doi:10.1145/3644384.3644471. ISBN   979-8-4007-0590-8.
  13. Borg, Markus; Tornhill, Adam; Mones, Enys (2023). "U Owns the Code That Changes and How Marginal Owners Resolve Issues Slower in Low-Quality Source Code". Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering. pp. 368–377. doi:10.1145/3593434.3593480. ISBN   979-8-4007-0044-6.
  14. Al-Boghdady, Abdullah; Wassif, Khaled; El-Ramly, Mohammad (2021). "The Presence, Trends, and Causes of Security Vulnerabilities in Operating Systems of IoT's Low-End Devices". Sensors. 21 (7): 2329. Bibcode:2021Senso..21.2329A. doi: 10.3390/s21072329 . PMC   8037610 . PMID   33810605.
  15. "Social code analysis". Thoughtworks Tech Radar. Thoughtworks, Inc. Retrieved 23 October 2018.
  16. "CodeScene Reviews and Pricing". Capterra. Retrieved 24 October 2019.
  17. Tornhill, Adam (2018). Software Design X-Rays: Fix Technical Debt With Behavioral Code Analysis. Raleigh, North Carolina: Pragmatic Bookshelf. ISBN   978-1680502725.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.