The document summarizes a presentation by Mark Hammer of SmartBear Software on using agile code reviews to build higher quality software more quickly. It discusses how code reviews are underutilized on many agile teams and presents best practices and metrics showing reviews find many defects early, saving significant costs compared to later fixes. The presentation recommends integrating code reviews into development workflows using review tools and highlights benefits seen in a large Cisco case study, such as faster problem finding, more readable code, and improved collaboration across functions.
1. W10
Concurrent Class
10/2/2013 1:45:00 PM
"Agile Code Reviews for Better
Software—Sooner"
Presented by:
Mark Hammer
SmartBear Software
Brought to you by:
340 Corporate Way, Suite 300, Orange Park, FL 32073
888-268-8770 ∙ 904-278-0524 ∙ sqeinfo@sqe.com ∙ www.sqe.com
2. Mark Hammer
SmartBear Software
Senior product director at SmartBear Software Mark Hammer speaks and writes about the
software development process with a special emphasis on code review. Mark has more than
twenty years of experience in software product management, previously at global-education
leader Houghton Mifflin Harcourt. He has a strong track record in developing customer-focused
business solutions in both business-to-business and business-to-consumer markets. Mark was
VP of marketing for CompassLearning, an educational software developer.
7. 9/20/2013
Measure
Industry
Average
High
Performance
Teams
Net Promoter Score
20%
> 70%
% defects of total injected found by customer
15%
< 2%
% effort spent in finding and fixing defects
50%
< 10%
% effort for post-release support
30%
< 5%
Unit test code coverage
Varies
> 80%
Post release defect density
7.5
defects/KLOC
< 0.5
defects/KLOC
9
Measure
Industry
Average
High
Performance
Teams
Net Promoter Score
20%
> 70%
% defects of total injected found by customer
15%
< 2%
% effort spent in finding and fixing defects
50%
< 10%
% effort for post-release support
30%
< 5%
Unit test code coverage
Varies
> 80%
Post release defect density
7.5
defects/KLOC
< 0.5
defects/KLOC
Bugs found in development are 8-12X less expensive to fix than those
found in QA phase
And 30-100X less expensive than bugs that reach customers
10
5
8. 9/20/2013
The Curious Case of Missing Code Reviews
11
Requirements
Discussion
Design
Review
Architecture
Review
12
6
10. 9/20/2013
If You Need More Convincing
Geographically-distributed teams (main vs. offshore
teams, apprentice – mentor)
CMMI – code review is mandated
FDA – code review is mandated
Embedded systems – very high cost of change
PCI – code review is mandated
Agile teams – fast, convenient way to collaborate,
provides less time-intensive “pair programming”
opportunity
15
Code Review Options
Over-the-Shoulder
Email
Pair Programming
Formal Inspection Meetings?!
Tool
16
8
14. 9/20/2013
Why Don’t More Teams Do It?
• It’s hard to do, with no clear perceived
benefits
– Expensive, tedious and time consuming to
do it manually
– Difficult to track threads of communication
– Code review isn’t integrated with source
code management (SCM) tool
– Hard to collaborate with remote members
23
Hapless
Developer
Reviewers
Version
Control
24
12
15. 9/20/2013
Largest Peer Code Review Study Ever
•
•
•
•
•
•
Objectives:
– lightweight vs. formal inspections
– What constitutes an effective review?
10-month case study at Cisco
Cisco MeetingPlace product, teleconferencing
solution
3.2 million lines of code
2500 reviews
50 developers
25
Recommendations (Best Practices)
LOC under review < 200, Not to exceed 400
Inspection rate < 300 LOC/hour
Author preparation with annotations
- Self review checklist
Total review time < 60 min. Not to exceed
90
26
13
17. 9/20/2013
Case Study
• 2011: 70 floating licenses: ~350 developers
• 2013: 130 floating licenses: ~650 team members
• User stories are shared in Word format with entire
team
• Design documents are shared in Powerpoint with
entire team
• Code is shared with entire team
• Test cases are shared in Excel format with entire
team
29
Benefits of Cross-Functional Peer Review
• Every member of the extended development team
knows what’s happening
• Problems with user stories, code, and test plans are
found faster
• It forces developers to write readable code (code that
can be read without explanation!)
• Optimization methods/tricks/productive programs
spread faster
• Programmer as a specialist "evolve" faster
• Teams can iterate from story to code to test plan
• It's fun
30
15
18. 9/20/2013
The simple fact of knowing your work will be
reviewed by others means you’ll do it better.
31
16