I thought that I use the Simple Map Concept by J.D. Meier to help illustrate the basics of implementing code analysis.  It is amazing when you break down complex structures how easy the individual pieces are to understand.

 

Process Details
Governance
  • Policy In Writing
  • Global Rules Gatekeeper
  • Suppression Reviews
  • Add/Change/Remove Procedures
Development
  • Adding Additional Rules
  • Project / Solution Templating Support
  • Rule Suppression Training
  • Peer Mentorship of Rule existence
Implementation
  • Centralized Storage
  • CI Integration
  • Code Review Management
  • Linked vs. Global Suppressions
  • Documenting Exceptions vs. Rules
Measurement
  • Baselines
  • Build Breaks due to Code Analysis
  • Bug/Defect Reduction
  • Code Maintainability/Consistency
  • Management Reporting

What other areas can you think of in the breakdown of Code Analysis? 

Advertisements