Coding-error based defects in enterprise resource planning software: Prevention, discovery, elimination and mitigation

Software defects due to coding errors continue to plague the industry with disastrous impact, especially in the enterprise application software category. Identifying how much of these defects are specifically due to coding errors is a challenging problem. In this paper, we investigate the best methods for preventing new coding defects in enterprise resource planning (ERP) software, and discovering and fixing existing coding defects. A large-scale survey-based ex-post-facto study coupled with experiments involving static code analysis tools on both sample code and real-life million lines of code open-source ERP software were conducted for such purpose. The survey-based methodology consisted of respondents who had experience developing ERP software. This research sought to determine if software defects could be merely mitigated or totally eliminated, and what supporting policies, procedures and infrastructure were needed to remedy the problem. In this paper, we introduce a hypothetical framework developed to address our research questions, the hypotheses we have conjectured, the research methodology we have used, and the data analysis methods used to validate the stated hypotheses. Our study revealed that: (a) the best way for ERP developers to discover coding-error based defects in existing programs is to choose an appropriate programming language; perform a combination of manual and automated code auditing, static code analysis, and formal test case design, execution and analysis, (b) the most effective ways to mitigate defects in an ERP system is to track the defect densities in the ERP software, fix the defects found, perform regression testing, and update the resulting defect density statistics, and (c) the impact of epistemological and legal commitments on the defect densities of ERP systems is inconclusive. We feel that our proposed model has the potential to vastly improve the quality of ERP and other similar software by reducing the coding-error defects, and recommend that future research aimed at testing the model in actual production environments.

[1]  Norman E. Fenton,et al.  A Critique of Software Defect Prediction Models , 1999, IEEE Trans. Software Eng..

[2]  Craig Le Clair How To Succeed In The Enterprise Software Market , 2005 .

[3]  Tihana Galinac Grbac,et al.  Software Verification Process Improvement Proposal Using Six Sigma , 2007, PROFES.

[4]  Peter Norvig,et al.  Artificial Intelligence: A Modern Approach , 1995 .

[5]  Adam Barr,et al.  Find the Bug: A Book of Incorrect Programs , 2004 .

[6]  Austin Melton,et al.  Deriving structurally based software measures , 1990, Journal of Systems and Software.

[7]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[8]  Michael Sipser,et al.  Introduction to the Theory of Computation , 1996, SIGA.

[9]  Thilo Mende,et al.  Replication of defect prediction studies: problems, pitfalls and recommendations , 2010, PROMISE '10.

[10]  Nachum Dershowitz,et al.  Verification: Theory and Practice , 2004, Lecture Notes in Computer Science.

[11]  Mark Dowson,et al.  The Ariane 5 software failure , 1997, SOEN.

[12]  Nikos E. Mastorakis,et al.  Software economics: quality-based return-on-investment model , 2010 .

[13]  T. Greenfield,et al.  Research Methods for Postgraduates , 2002 .

[14]  Cynthia Rettig The Trouble With Enterprise Software , 2007 .

[15]  Capers Jones Applied Software Measurement: Global Analysis of Productivity and Quality , 1991 .

[16]  Patricia Adams,et al.  Programming Languages: Principles and Practice , 1993 .

[17]  Paul D Jeanne Ellis Ormrod Leedy,et al.  Practical Research: Planning and Design , 1974 .

[18]  Geoffrey Phipps Comparing observed bug and productivity rates for Java and C++ , 1999 .

[19]  Joseph P. Poole A Method to Determine a Basis Set of Paths to Perform Program Testing | NIST , 1995 .

[20]  D. O'Leary,et al.  Enterprise Resource Planning Systems Systems , Life Cycle , Electronic Commerce , and Risk , 2002 .

[21]  Steve McConnell,et al.  Best Practices: Gauging Software Readiness with Defect Tracking , 1997, IEEE Softw..

[22]  Martin Fowler Design - Who needs an architect? , 2003, IEEE Software.

[23]  Eric Larson An undergraduate course on software bug detection tools and techniques , 2006, SIGCSE '06.

[24]  Ayse Basar Bener,et al.  Defect prediction from static code features: current results, limitations, new approaches , 2010, Automated Software Engineering.

[25]  M. Markus,et al.  The Enterprise System Experience— From Adoption to Success , 2000 .

[26]  George Candea,et al.  Microreboot - A Technique for Cheap Recovery , 2004, OSDI.

[27]  Alan J. Hu Automatic formal verification of software: Fundamental concepts , 2009, 2009 International Conference on Communications, Circuits and Systems.

[28]  Rob Law,et al.  An overview of debugging tools , 1997, SOEN.

[29]  Henny B. Sipma,et al.  What's Decidable About Arrays? , 2006, VMCAI.

[30]  Bastian Schlich,et al.  Automatic Bug Detection in Microcontroller Software by Static Program Analysis , 2009, SOFSEM.

[31]  C. A. R. Hoare,et al.  The emperor's old clothes , 1981, CACM.

[32]  Ayse Basar Bener,et al.  Data mining source code for locating software bugs: A case study in telecommunication industry , 2009, Expert Syst. Appl..