W10 Concurrent Class

10/2/2013 1:45:00 PM

"Agile Code Reviews for Better

Software—Sooner"

Presented by:

Mark Hammer

SmartBear Software

Brought to you by:

340 Corporate Way, Suite 300, Orange Park, FL 32073

888-268-8770 ∙ 904-278-0524 ∙ sqeinfo@sqe.com ∙ www.sqe.com

Mark Hammer

SmartBear Software

Senior product director at SmartBear Software Mark Hammer speaks and writes about the

software development process with a special emphasis on code review. Mark has more than

twenty years of experience in software product management, previously at global-education

leader Houghton Mifflin Harcourt. He has a strong track record in developing customer-focused

business solutions in both business-to-business and business-to-consumer markets. Mark was

VP of marketing for CompassLearning, an educational software developer.

9/20/2013

1

Want Higher Quality Software

from Your Agile Team?

Peer Review Works

1

Mark Hammer

2

9/20/2013

2

3

4

Product Mgmt Development QA

9/20/2013

3

5

Product Mgmt Development QA

User stories Code Test Plans

6

Professional Writers Have Editors

9/20/2013

4

7

8

Industry Metrics

9/20/2013

5

9

Measure Industry Average

High Performance Teams

Net Promoter Score 20% > 70%

% defects of total injected found by customer 15% < 2%

% effort spent in finding and fixing defects 50% < 10%

% effort for post-release support 30% < 5%

Unit test code coverage Varies > 80%

Post release defect density 7.5 defects/KLOC

< 0.5 defects/KLOC

10

Measure Industry Average

High Performance Teams

Net Promoter Score 20% > 70%

% defects of total injected found by customer 15% < 2%

% effort spent in finding and fixing defects 50% < 10%

% effort for post-release support 30% < 5%

Unit test code coverage Varies > 80%

Post release defect density 7.5 defects/KLOC

< 0.5 defects/KLOC

Bugs found in development are 8-12X less expensive to fix than those found in QA phase

And 30-100X less expensive than bugs that reach customers

9/20/2013

6

11

The Curious Case of Missing Code Reviews

12

Requirements

Design

Architecture

Discussion Review Review

9/20/2013

7

13

Requirements

Design

Architecture

Code

Discussion Review Review N/A

14

Requirements Architecture Code Test Plans

Review

Product Mgmt Development QA

9/20/2013

8

15

Geographically-distributed teams (main vs. offshore

teams, apprentice – mentor)

CMMI – code review is mandated

FDA – code review is mandated

Embedded systems – very high cost of change

PCI – code review is mandated

Agile teams – fast, convenient way to collaborate,

provides less time-intensive “pair programming”

opportunity

If You Need More Convincing

16

Code Review Options

Over-the-Shoulder

Email

Pair Programming

Formal Inspection Meetings?!

Tool

9/20/2013

9

17

Over-the-Shoulder

18

Over-the-Shoulder

Easy / Free

Interruption

No Info Recorded

9/20/2013

10

19

Email

20

Email

Easy / Free

No Interruption / Remote

Conversation Tracking

Info. Hard to Retrieve

No End?

9/20/2013

11

21

Pair Programming

22

Pair Programming

No Tools or Workflow

Deep Thought

Big Time Commitment

No Info. Recorded

Too Close

9/20/2013

12

23

Why Don’t More Teams Do It?

• It’s hard to do, with no clear perceived

benefits

– Expensive, tedious and time consuming to

do it manually

– Difficult to track threads of communication

– Code review isn’t integrated with source

code management (SCM) tool

– Hard to collaborate with remote members

24

Hapless Developer

Reviewers

Version Control

9/20/2013

13

25

Largest Peer Code Review Study Ever

• Objectives:

– lightweight vs. formal inspections

– What constitutes an effective review?

• 10-month case study at Cisco

• Cisco MeetingPlace product, teleconferencing

solution

• 3.2 million lines of code

• 2500 reviews

• 50 developers

26

Recommendations (Best Practices)

LOC under review < 200, Not to exceed 400

Author preparation with annotations - Self review checklist

Total review time < 60 min. Not to exceed 90

Inspection rate < 300 LOC/hour

9/20/2013

14

27

Product Mgmt QA

User stories Code Test Plans

28

Requirements Architecture Code Test Plans

Review

Product Mgmt Development QA

9/20/2013

15

29

Case Study

• 2011: 70 floating licenses: ~350 developers

• 2013: 130 floating licenses: ~650 team members

• User stories are shared in Word format with entire

team

• Design documents are shared in Powerpoint with

entire team

• Code is shared with entire team

• Test cases are shared in Excel format with entire

team

30

Benefits of Cross-Functional Peer Review

• Every member of the extended development team

knows what’s happening

• Problems with user stories, code, and test plans are

found faster

• It forces developers to write readable code (code that

can be read without explanation!)

• Optimization methods/tricks/productive programs

spread faster

• Programmer as a specialist "evolve" faster

• Teams can iterate from story to code to test plan

• It's fun

9/20/2013

16

31

The simple fact of knowing your work will be

reviewed by others means you’ll do it better.