Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric (2022)
A large-scale study of usability criteria addressed by static analysis tools.
31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22). virtual Conference (18.07.2022 - 22.07.2022)
doi: 10.1145/3533767.3534374
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research on static analysis emphasizes its technical challenges but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and in some cases, user dissatisfaction even leads to tool abandonment. To comprehensively assess the current state of the art, this paper presents the first systematic usability evaluation in a wide range of static analysis tools. We derived a set of 36 relevant criteria from the scientific literature and gathered a collection of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. Then, we evaluated how well these tools fulfill the aforementioned criteria. The evaluation shows that more than half of the considered tools offer poor warning messages, while about three-quarters of the tools provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for improved handling of false positives and tuning the results for the corresponding developer. Finally, issues regarding workflow integration and specialized user interfaces are proved further. These findings should prove useful in guiding and focusing further research and development in the area of user experience for static code analyses.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2022 |
| Autor(en): | Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric |
| Art des Eintrags: | Bibliographie |
| Titel: | A large-scale study of usability criteria addressed by static analysis tools |
| Sprache: | Englisch |
| Publikationsjahr: | 18 Juli 2022 |
| Verlag: | ACM |
| Buchtitel: | Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis |
| Veranstaltungstitel: | 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22) |
| Veranstaltungsort: | virtual Conference |
| Veranstaltungsdatum: | 18.07.2022 - 22.07.2022 |
| DOI: | 10.1145/3533767.3534374 |
| Kurzbeschreibung (Abstract): | Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research on static analysis emphasizes its technical challenges but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and in some cases, user dissatisfaction even leads to tool abandonment. To comprehensively assess the current state of the art, this paper presents the first systematic usability evaluation in a wide range of static analysis tools. We derived a set of 36 relevant criteria from the scientific literature and gathered a collection of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. Then, we evaluated how well these tools fulfill the aforementioned criteria. The evaluation shows that more than half of the considered tools offer poor warning messages, while about three-quarters of the tools provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for improved handling of false positives and tuning the results for the corresponding developer. Finally, issues regarding workflow integration and specialized user interfaces are proved further. These findings should prove useful in guiding and focusing further research and development in the area of user experience for static code analyses. |
| Freie Schlagworte: | explainability, program analysis, static analysis, tool support, user experience, E1 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche DFG-Graduiertenkollegs 20 Fachbereich Informatik > EC SPRIDE 20 Fachbereich Informatik > EC SPRIDE > Secure Software Engineering DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 25 Okt 2024 13:26 |
| Letzte Änderung: | 25 Okt 2024 13:26 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum