1 / 5

Remediation metrics

Remediation metrics. For each problem reported Severity Level (Crit, Error, Warn, Info) Review State (Via workflow) Unknown (not reviewed yet) Known (reviewed, but nothing else done) Accepted (reviewed, but not formally accepted) Mitigated (problem fixed). Report Display.

rafael-day
Download Presentation

Remediation metrics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Remediation metrics • For each problem reported • Severity Level (Crit, Error, Warn, Info) • Review State (Via workflow) • Unknown (not reviewed yet) • Known (reviewed, but nothing else done) • Accepted (reviewed, but not formally accepted) • Mitigated (problem fixed)

  2. Report Display • Table of raw counts (row=Sev, col=Rev) • Horiz bar for each Sev • Shows composition % in each Rev state • List of problem types for each Rev state • 4x4 sparklines (Sev x Rev)

  3. Things to add/change? • Use capture-recapture (or capture for removal) for each Rev state • Show ‘delta market share’ chart for each Rev • Normalized to show % of each Sev in the Rev • Lots of other things, I’m sure… it’s still young

  4. Code complexity metrics • McCabe Cyclomatic • MCC == Br + 1 • Branch complexity • System Complexity • SYSC == Fo^2 + P/(Fo+1) • Design-time metric to show ‘difficulty to implement’ • Card, D. N. And W. W. Agresti. "Measuring Software Design Complexity." The Journal of Systems And Software 8, 3 (June 1988), 185-197.

  5. Information flow complexity • IFC == ((Fi+Vr)*(Fo+Vw))^2 • Indicates ‘stress points’ or multi-purpose functions • IEEE 982.2 1988. IEEE Guide for the Use of IEEE Standard Dictionary of Measures to Produce Reliable Software. A25. Data of Information Flow Complexity. p. 112.

More Related