Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations

Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations

As increasingly complex software is developed every day, a growing number of companies use static analysis tools to reason about program properties ranging from simple coding style rules to more advanced software bugs, to multi-tier security vulnerabilities. While increasingly complex analyses are c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on software engineering 2022-03, Vol.48 (3), p.835-847
Hauptverfasser: Do, Lisa Nguyen Quang, Wright, James R., Ali, Karim
Format: Artikel
Sprache:eng
Schlagworte:
Computer bugs
Decision analysis
development tools
graphical environments
Industries
integrated environments
Program analysis
Security
Software
Software development
Static analysis
Usability
User interfaces
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 847
container_issue 3
container_start_page 835
container_title IEEE transactions on software engineering
container_volume 48
creator Do, Lisa Nguyen Quang
Wright, James R.
Ali, Karim
description As increasingly complex software is developed every day, a growing number of companies use static analysis tools to reason about program properties ranging from simple coding style rules to more advanced software bugs, to multi-tier security vulnerabilities. While increasingly complex analyses are created, developer support must also be updated to ensure that the tools are used to their best potential. Past research in the usability of static analysis tools has primarily focused on usability issues encountered by software developers, and the causes of those issues in analysis tools. In this article, we adopt a more user-centered approach, and aim at understanding why software developers use analysis tools, which decisions they make when using those tools, what they look for when making those decisions, and the motivation behind their strategies. This approach allows us to derive new tool requirements that closely support software developers (e.g., systems for recommending warnings to fix that take developer knowledge into account), and also open novel avenues for further static-analysis research such as collaborative user interfaces for analysis warnings.
doi_str_mv 10.1109/TSE.2020.3004525
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TSE_2020_3004525</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9124719</ieee_id><sourcerecordid>2639937118</sourcerecordid><originalsourceid>FETCH-LOGICAL-c221t-9d0c33b961cabbe73ae2dea576ec7a708dd7452d62ce8678b9cab437bb11c14a3</originalsourceid><addsrcrecordid>eNpFkEtLAzEUhYMoWKt7wU3A9dQ8JpPJSkpbH1B10RaXIZPcwSl1UpNpZf69KRVd3cX9zoHzIXRNyYhSou6Wi9mIEUZGnJBcMHGCBlRxlXHByCkaEKLKTIhSnaOLGNeEECGlGKD2_aPHU48Xvu6-TQA8hT1s_BZCxKsIeNGZrrF43JpNH5uIl95v4j0eH54hm0DbQQCXsJ3rsa__4_gVwEVsWodffNfsU41v4yU6q80mwtXvHaLVw2w5ecrmb4_Pk_E8s4zRLlOOWM4rVVBrqgokN8AcGCELsNJIUjon00hXMAtlIctKJS7nsqootTQ3fIhuj73b4L92EDu99ruQRkTNCq4Ul5SWiSJHygYfY4Bab0PzaUKvKdEHqzpZ1Qer-tdqitwcIw0A_OGKslwm3T__3HPd</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2639937118</pqid></control><display><type>article</type><title>Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations</title><source>IEEE Electronic Library (IEL)</source><creator>Do, Lisa Nguyen Quang ; Wright, James R. ; Ali, Karim</creator><creatorcontrib>Do, Lisa Nguyen Quang ; Wright, James R. ; Ali, Karim</creatorcontrib><description>As increasingly complex software is developed every day, a growing number of companies use static analysis tools to reason about program properties ranging from simple coding style rules to more advanced software bugs, to multi-tier security vulnerabilities. While increasingly complex analyses are created, developer support must also be updated to ensure that the tools are used to their best potential. Past research in the usability of static analysis tools has primarily focused on usability issues encountered by software developers, and the causes of those issues in analysis tools. In this article, we adopt a more user-centered approach, and aim at understanding why software developers use analysis tools, which decisions they make when using those tools, what they look for when making those decisions, and the motivation behind their strategies. This approach allows us to derive new tool requirements that closely support software developers (e.g., systems for recommending warnings to fix that take developer knowledge into account), and also open novel avenues for further static-analysis research such as collaborative user interfaces for analysis warnings.</description><identifier>ISSN: 0098-5589</identifier><identifier>EISSN: 1939-3520</identifier><identifier>DOI: 10.1109/TSE.2020.3004525</identifier><identifier>CODEN: IESEDJ</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Computer bugs ; Decision analysis ; development tools ; graphical environments ; Industries ; integrated environments ; Program analysis ; Security ; Software ; Software development ; Static analysis ; Usability ; User interfaces</subject><ispartof>IEEE transactions on software engineering, 2022-03, Vol.48 (3), p.835-847</ispartof><rights>Copyright IEEE Computer Society 2022</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c221t-9d0c33b961cabbe73ae2dea576ec7a708dd7452d62ce8678b9cab437bb11c14a3</citedby><cites>FETCH-LOGICAL-c221t-9d0c33b961cabbe73ae2dea576ec7a708dd7452d62ce8678b9cab437bb11c14a3</cites><orcidid>0000-0001-9622-5842 ; 0000-0003-3146-7968 ; 0000-0002-5516-1376</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9124719$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9124719$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Do, Lisa Nguyen Quang</creatorcontrib><creatorcontrib>Wright, James R.</creatorcontrib><creatorcontrib>Ali, Karim</creatorcontrib><title>Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations</title><title>IEEE transactions on software engineering</title><addtitle>TSE</addtitle><description>As increasingly complex software is developed every day, a growing number of companies use static analysis tools to reason about program properties ranging from simple coding style rules to more advanced software bugs, to multi-tier security vulnerabilities. While increasingly complex analyses are created, developer support must also be updated to ensure that the tools are used to their best potential. Past research in the usability of static analysis tools has primarily focused on usability issues encountered by software developers, and the causes of those issues in analysis tools. In this article, we adopt a more user-centered approach, and aim at understanding why software developers use analysis tools, which decisions they make when using those tools, what they look for when making those decisions, and the motivation behind their strategies. This approach allows us to derive new tool requirements that closely support software developers (e.g., systems for recommending warnings to fix that take developer knowledge into account), and also open novel avenues for further static-analysis research such as collaborative user interfaces for analysis warnings.</description><subject>Computer bugs</subject><subject>Decision analysis</subject><subject>development tools</subject><subject>graphical environments</subject><subject>Industries</subject><subject>integrated environments</subject><subject>Program analysis</subject><subject>Security</subject><subject>Software</subject><subject>Software development</subject><subject>Static analysis</subject><subject>Usability</subject><subject>User interfaces</subject><issn>0098-5589</issn><issn>1939-3520</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpFkEtLAzEUhYMoWKt7wU3A9dQ8JpPJSkpbH1B10RaXIZPcwSl1UpNpZf69KRVd3cX9zoHzIXRNyYhSou6Wi9mIEUZGnJBcMHGCBlRxlXHByCkaEKLKTIhSnaOLGNeEECGlGKD2_aPHU48Xvu6-TQA8hT1s_BZCxKsIeNGZrrF43JpNH5uIl95v4j0eH54hm0DbQQCXsJ3rsa__4_gVwEVsWodffNfsU41v4yU6q80mwtXvHaLVw2w5ecrmb4_Pk_E8s4zRLlOOWM4rVVBrqgokN8AcGCELsNJIUjon00hXMAtlIctKJS7nsqootTQ3fIhuj73b4L92EDu99ruQRkTNCq4Ul5SWiSJHygYfY4Bab0PzaUKvKdEHqzpZ1Qer-tdqitwcIw0A_OGKslwm3T__3HPd</recordid><startdate>20220301</startdate><enddate>20220301</enddate><creator>Do, Lisa Nguyen Quang</creator><creator>Wright, James R.</creator><creator>Ali, Karim</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope><scope>K9.</scope><orcidid>https://orcid.org/0000-0001-9622-5842</orcidid><orcidid>https://orcid.org/0000-0003-3146-7968</orcidid><orcidid>https://orcid.org/0000-0002-5516-1376</orcidid></search><sort><creationdate>20220301</creationdate><title>Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations</title><author>Do, Lisa Nguyen Quang ; Wright, James R. ; Ali, Karim</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c221t-9d0c33b961cabbe73ae2dea576ec7a708dd7452d62ce8678b9cab437bb11c14a3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Computer bugs</topic><topic>Decision analysis</topic><topic>development tools</topic><topic>graphical environments</topic><topic>Industries</topic><topic>integrated environments</topic><topic>Program analysis</topic><topic>Security</topic><topic>Software</topic><topic>Software development</topic><topic>Static analysis</topic><topic>Usability</topic><topic>User interfaces</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Do, Lisa Nguyen Quang</creatorcontrib><creatorcontrib>Wright, James R.</creatorcontrib><creatorcontrib>Ali, Karim</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Health &amp; Medical Complete (Alumni)</collection><jtitle>IEEE transactions on software engineering</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Do, Lisa Nguyen Quang</au><au>Wright, James R.</au><au>Ali, Karim</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations</atitle><jtitle>IEEE transactions on software engineering</jtitle><stitle>TSE</stitle><date>2022-03-01</date><risdate>2022</risdate><volume>48</volume><issue>3</issue><spage>835</spage><epage>847</epage><pages>835-847</pages><issn>0098-5589</issn><eissn>1939-3520</eissn><coden>IESEDJ</coden><abstract>As increasingly complex software is developed every day, a growing number of companies use static analysis tools to reason about program properties ranging from simple coding style rules to more advanced software bugs, to multi-tier security vulnerabilities. While increasingly complex analyses are created, developer support must also be updated to ensure that the tools are used to their best potential. Past research in the usability of static analysis tools has primarily focused on usability issues encountered by software developers, and the causes of those issues in analysis tools. In this article, we adopt a more user-centered approach, and aim at understanding why software developers use analysis tools, which decisions they make when using those tools, what they look for when making those decisions, and the motivation behind their strategies. This approach allows us to derive new tool requirements that closely support software developers (e.g., systems for recommending warnings to fix that take developer knowledge into account), and also open novel avenues for further static-analysis research such as collaborative user interfaces for analysis warnings.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TSE.2020.3004525</doi><tpages>13</tpages><orcidid>https://orcid.org/0000-0001-9622-5842</orcidid><orcidid>https://orcid.org/0000-0003-3146-7968</orcidid><orcidid>https://orcid.org/0000-0002-5516-1376</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0098-5589
ispartof IEEE transactions on software engineering, 2022-03, Vol.48 (3), p.835-847
issn 0098-5589
1939-3520
language eng
recordid cdi_crossref_primary_10_1109_TSE_2020_3004525
source IEEE Electronic Library (IEL)
subjects Computer bugs
Decision analysis
development tools
graphical environments
Industries
integrated environments
Program analysis
Security
Software
Software development
Static analysis
Usability
User interfaces
title Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-21T20%3A36%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Why%20Do%20Software%20Developers%20Use%20Static%20Analysis%20Tools?%20A%20User-Centered%20Study%20of%20Developer%20Needs%20and%20Motivations&rft.jtitle=IEEE%20transactions%20on%20software%20engineering&rft.au=Do,%20Lisa%20Nguyen%20Quang&rft.date=2022-03-01&rft.volume=48&rft.issue=3&rft.spage=835&rft.epage=847&rft.pages=835-847&rft.issn=0098-5589&rft.eissn=1939-3520&rft.coden=IESEDJ&rft_id=info:doi/10.1109/TSE.2020.3004525&rft_dat=%3Cproquest_RIE%3E2639937118%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2639937118&rft_id=info:pmid/&rft_ieee_id=9124719&rfr_iscdi=true