Architecture and Source Code Analysis

The goal of expert software architecture and source code analysis is to detect errors committed during the stages of software code design and development.

Architecture and code audit is effective in spotting some common problems with software systems such as security vulnerabilities, memory leaks, bottlenecks leading to impaired performance, shared access problems.

Competently designed application architecture and carefully selected technologies offer the possibility to dramatically reduce development time, which is one of the main aims of regular audits.

Expertise

Architecture and source code analysis is carried out by application architects, project managers, and lead programmers over a checklist that will be further used for results reporting.

The following activity types are available upon request as part of the architecture and code audit service:

• Application architecture analysis (utilized development templates);
• System scalability analysis;
• Estimation of the total amount of work (in man-hours) required for migration to new technologies;
• Feasibility study on technologies selection.

Stages of Architecture and Code Audit

• Project infrastructure analysis

Correct project organization can substantially reduce development time, need for project support services, along with helping to tackle security issues and increasing teamwork efficiency. At this stage our specialists analyse software development life cycle, project structure, version control tools, code test coverage, as well as build processes, continuous integration, statistics and reporting activities.

• Architecture analysis

System architecture is one of the crucial elements of any software product. Thorough analysis of architectural solutions helps to get rid of a great number of errors at an early stage of development, which means there are fewer errors to fix down the line. This leads to a more predictable and less expensive system alteration process.

Our specialists will make an estimate of your system in terms of design defects, architectural mistakes, and potential risks. Subsequent to the performed analysis they will produce a set of recommendations on how to correct the found defects.

• Progress nalysis

As a general rule, a base case scenario uses an iterative process that includes a number of consecutive audits. As a result of each stage of code review, a series of recommendations is formulated and implemented. The aim of this phase is to compare the results of a current code review to a preceding one in order to assess the effectiveness of the implemented changes.

• Architectural compliance analysis

This task is intended to check if the project implementation is compliant with the accepted architectural solutions, i.e. if the development accords with the architecture documentation.

• Code analysis

Source code is analysed to comply with the coding standards, supportability and performance. As a consequence our specialists prepare an assessment report of whether the developed code functions optimally.

Source code is analysed to comply with project architecture, to follow the same style, to be of the same overall implementation quality, to be developed by the team, whose members have similar qualification levels, and to check availability and quality of inline documentation (commentaries).

The analysis reveals explicit and potential errors, inefficient code leading to impaired performance, complexity level inadequate to the solved task, common pitfalls (anti-patterns), etc.

Tools

Specific employment of automation tools simplifies and shortens the process of code analysis.

The following tools are regularly used at Qulix QA:

• NCover;
• Code Analysis;
• Practice Checker;
• FxCop;
• Araxis;
• JDepend;
• Checkstyle;
• PMD;
• Findbugs;
• Cobertura.