Risk Assessment using Automotive SPICE and static code analysis

Do you want to evaluate the quality and risks related to accepting software applications from your suppliers? Are you responsible for taking over and maintaining an application and do you want to know beforehand where you can expect trouble?
Our risk assessment will provide you with objective insight in quality and risks.

How to evaluate the risks for maintaining an application?

There may be several aspects to the risk of taking over an application. Crucial product documentation needed for understanding the application may be lacking or of poor quality. On the other hand risks related to operation and maintenance may also be hidden in the code.
During the risk and quality assessment we analyze the product documentation and the code is analyzed using static code analysis.

How do we perform the product documentation analysis?

We analyze the available product documentation and we compare it with the requirements of Automotive SPICE. Automotive SPICE as reference model provides a detailed view on typical product documentation requirements.
The SPICE model is used both for identifying and analyzing flaws in the product documentation and for categorizing the derived risks for acceptance, operations and maintenance of the application. The assessment report includes risk reduction suggestions.

How is the static code analysis performed?

The code will undergo both manual and automatic code analysis against a well-defined set of quality indicators, which include code test-coverage, cyclomatic complexity, code-duplication, fan-out, dead code, and risks related to use of linked libraries.
We have an extensive set of proprietary code-checking tools for a variety of programming languages. We can also combine or integrate with your dedicated code-checking tools.
Automatic code-checking from our side can be performed once as part of the risk assessment, but you can also choose to take a subscription for continuous monitoring of code quality.

TQI_small_de.png

The static code analysis is performed by our partner Tiobe. The analysis results will be compared against Tiobe's benchmarking database. The analyzed code will be rated against Tiobe's Code Quality Index, which ranges from A (high quality) to F (poor quality).

You will receive a combined view on the results of both the product documentation analysis and the static code review. We will present and discuss the required steps to effectively reduce the identified risks.

You want to learn more? Call us.

Do you have questions?
portrait
wibas

Management Consultants


+31 (0)40 248 9822

[protected email]

[protected email]

Do you have questions?
portrait
wibas

Management Consultants


+31 (0)40 248 9822

[protected email]

[protected email]