SlideShare uma empresa Scribd logo

Characterizing and predicting which bugs get fixed

Thomas Zimmermann
Thomas Zimmermann

Presented at ICSE 2010.

TecnologiaNegócios
1 de 30
Characterizing and Predicting Which Bugs Get Fixed Philip Guo, Stanford University Thomas Zimmermann, Microsoft Research Nachiappan Nagappan, Microsoft Research Brendan Murphy, Microsoft Research © Microsoft Corporation
A confession…
Opinions expressed on this slide are the personal opinions of the presenter, not of Microsoft. ;-)
Incomplete bugs Duplicate bugs
Too many bugs
Not all bugs get fixed • Bug #1 occurs rarely and affects only a few users. – Changes required to fix Bug #1 could be large and expensive. • Fixing Bug #2 could introduce new bugs – Code changes that fix bugs are up to twice as likely to introduce new bugs as other kinds of changes. • Users are relying on existing behavior – Fixing the bug could break their systems. © Microsoft Corporation
Research question How do factors related to people and bug report edits affect whether a bug is successfully resolved as FIXED? → Inefficiencies in bug triaging process → Inform design of tools and policies © Microsoft Corporation
Bug handling is pervasive 24,000+ MSFT employees reported, commented on, or handled at least one bug in Windows (vs. 2,000+ Windows developers) © Microsoft Corporation
Methodology Qualitative Quantitative survey data analysis Reputation • Interest • Reassignments • Distance • Additional qualitative factors from survey © Microsoft Corporation
Qualitative survey • In your experience, how do each of these factors affect the chances of whether a bug will get successfully resolved as FIXED? – 7-point Likert scale • Sent to 1,773 Microsoft employees – Employees who opened OR were assigned to OR resolved most Windows Vista bugs – 358 responded (20%) © Microsoft Corporation
SURVEY: How does the bug report's activity affect the chances of it being successfully fixed? Severity upgraded Severity downgraded Few editors (<10) Many editors (>=10) No re-assignments (0) Few re-assignments (1-5) Many re-assignments (>30) At least 1 re-open -3 -2 -1 0 1 2 3 Decreases chances of fix Increases chances of fix © Microsoft Corporation
SURVEY: How do the people involved in addressing the bug affect the chances of it being successfully fixed? Opener/assignee same person Same manager Same building Same country Different managers Different countries Opened by temp. employee Assigned to temp. employee -3 -2 -1 0 1 2 3 Decreases chances of fix Increases chances of fix © Microsoft Corporation
Other qualitative factors Textual quality of bug report: “Just to re-emphasize: The quality of the bug description is very important. Not necessarily filling in the dozens of fields in the bug database with all sorts of crap (build numbers, dates, classifications, etc) - but just the plain-text description of the problem, the implication and maybe even the potential solution.” Perceived customer/business impact: “Customer impact can be a very big impact on a bug if evidence exists to show the cost of not fixing the bug for one or more customers.” Rank and seniority of bug opener: “A bug opened because something went wrong on a VPs [vice president’s] laptop has better chance [of being fixed] than a bug opened because the same thing happened to an intern.” Interpersonal skills of bug opener: “One other ‘soft’ factor is the speaking skill persuasiveness of the developer (or other representative) when arguing for the bug.” © Microsoft Corporation
Quantitative data analysis • Correlate likelihood of bug report getting fixed – Reputation • Interest • Reassignments • Distance • Windows Vista and Windows 7 bug reports – Bug lifetime: open, assign, edit, resolve, close • Microsoft employee data – Manager, Building, Country © Microsoft Corporation
#1: Reputation “A big influence [on bug fixes] is the reputation of the person opening the bug. If submitter has a history of submitting high quality bugs then new bugs from that person get better attention [...]” From anonymous survey respondent © Microsoft Corporation
Quantifying reputation For each bug, calculate opener’s reputation by aggregating over all bugs in the past. Hooimeijer and Weimer: Modeling bug report quality. ASE 2007. © Microsoft Corporation
Reputation vs. bug fixes © Microsoft Corporation
Reputation vs. bug fixes © Microsoft Corporation
#2: Interest Windows Vista Windows 7 © Microsoft Corporation
#3: Reassignments Severity upgraded Severity downgraded Few editors (<10) Many editors (>=10) No re-assignments (0) Few re-assignments (1-5) Many re-assignments (>30) At least 1 re-open -3 -2 -1 0 1 2 3 © Microsoft Corporation
#3: Reassignments Windows Vista Windows 7 © Microsoft Corporation
The need for reassignments “Bugs many times are exposed in the UI [user interface], but are not caused by the team writing the UI code. These bugs can pass down several layers of components before landing on a lower level component owner.” From anonymous survey respondent © Microsoft Corporation
#4: Geographical distance © Microsoft Corporation
#5: Organizational distance © Microsoft Corporation
Trust vs. distance “Whenever I open bugs assigned to people I know, they are investigated thoroughly as there is a trust in the report I write. Often when reporting a bug within areas where I don't know the owners, there is inherent distrust in the bug report.” From anonymous survey respondent © Microsoft Corporation
Predictive model • At bug opening time, predict probability of fix • Logistic regression model with 7 factors – Bug source – Reputation of bug opener – Reputation of first assignee – Initial severity level – Opened by temporary employee? – Opener & initial assignee had same manager? – Opener & initial assignee in same building? • Train on Windows Vista, predict Windows 7 fixes – 68% precision, 64% recall (0.50 cut-off) © Microsoft Corporation
Recommendations • Train and incentivize employees to write higher-quality bug reports • Improve awareness of developers’ expertise to minimize reassignments • Improve communication and trust amongst people in different teams and locations • Encourage more objectivity in prioritizing and handling bugs © Microsoft Corporation
Summary • Characterization of which bug reports get fixed. – At least one reassignment increases but too many reassignments decrease the likelihood – The higher reputation a bug opener has, the more likely his/her bugs are to get fixed. – Bugs handled by multiple teams and across multiple locations are less likely to get fixed. • Survey results provide insights into social factors that affect the bug triaging process. – Seniority, reputation, personal relations, and trust. © Microsoft Corporation

Recomendados

Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
 
Characterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedCharacterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedThomas Zimmermann
 
Design for Testability: A Tutorial for Devs and Testers
Design for Testability: A Tutorial for Devs and TestersDesign for Testability: A Tutorial for Devs and Testers
Design for Testability: A Tutorial for Devs and TestersTechWell
 
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012TEST Huddle
 
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...Crystal Thomas
 
Software Architecture Erosion: Impacts, Causes, and Management
Software Architecture Erosion: Impacts, Causes, and ManagementSoftware Architecture Erosion: Impacts, Causes, and Management
Software Architecture Erosion: Impacts, Causes, and ManagementCSCJournals
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Software Testability
Software TestabilitySoftware Testability
Software TestabilityKai Feng Zhang
 

Recomendados

Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
 
Characterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedCharacterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedThomas Zimmermann
 
Design for Testability: A Tutorial for Devs and Testers
Design for Testability: A Tutorial for Devs and TestersDesign for Testability: A Tutorial for Devs and Testers
Design for Testability: A Tutorial for Devs and TestersTechWell
 
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012
Peter Zimmerer - Evolve Design For Testability To The Next Level - EuroSTAR 2012TEST Huddle
 
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...
3784_Streamlining_the_development_process_with_feature_flighting_and_Azure_cl...Crystal Thomas
 
Software Architecture Erosion: Impacts, Causes, and Management
Software Architecture Erosion: Impacts, Causes, and ManagementSoftware Architecture Erosion: Impacts, Causes, and Management
Software Architecture Erosion: Impacts, Causes, and ManagementCSCJournals
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Software Testability
Software TestabilitySoftware Testability
Software TestabilityKai Feng Zhang
 
Aspect Mining for Large Systems
Aspect Mining for Large SystemsAspect Mining for Large Systems
Aspect Mining for Large SystemsThomas Zimmermann
 
Mining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software ChangesMining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software ChangesThomas Zimmermann
 
DynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision HistoriesDynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision HistoriesThomas Zimmermann
 
Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceThomas Zimmermann
 
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)yguarata
 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic modelsThomas Zimmermann
 
Automatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing ChangesAutomatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing ChangesThomas Zimmermann
 
Predicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsPredicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsThomas Zimmermann
 
Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing InformationThomas Zimmermann
 
Philips lighting ppt
Philips lighting pptPhilips lighting ppt
Philips lighting pptSanju Choudhary
 
Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development Thomas Zimmermann
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect predictionThomas Zimmermann
 
Bug best practice
Bug best practiceBug best practice
Bug best practicegaoliang641
 
What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?Rogue Wave Software
 
11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)Jeremiah Grossman
 
STM-UNIT-1.pptx
STM-UNIT-1.pptxSTM-UNIT-1.pptx
STM-UNIT-1.pptxnischal55
 
5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-Testing5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-TestingMary Clemons
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
TDC PoA submission
TDC PoA submissionTDC PoA submission
TDC PoA submissionMarcelo Yuri Benesciutti
 
Steve mcconnell
Steve mcconnellSteve mcconnell
Steve mcconnellShiraz316
 
Workshop on software product development the backdrop
Workshop on software product development the backdropWorkshop on software product development the backdrop
Workshop on software product development the backdropJoy Prabhakaran
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...WhiteSource
 

Mais conteúdo relacionado

Destaque

Aspect Mining for Large Systems
Aspect Mining for Large SystemsAspect Mining for Large Systems
Aspect Mining for Large SystemsThomas Zimmermann
 
Mining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software ChangesMining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software ChangesThomas Zimmermann
 
DynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision HistoriesDynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision HistoriesThomas Zimmermann
 
Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceThomas Zimmermann
 
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)yguarata
 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic modelsThomas Zimmermann
 
Automatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing ChangesAutomatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing ChangesThomas Zimmermann
 
Predicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsPredicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsThomas Zimmermann
 
Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing InformationThomas Zimmermann
 

Destaque (10)

Aspect Mining for Large Systems
Aspect Mining for Large SystemsAspect Mining for Large Systems
Aspect Mining for Large Systems
 
Mining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software ChangesMining Version Histories to Guide Software Changes
Mining Version Histories to Guide Software Changes
 
DynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision HistoriesDynaMine: Finding Common Error Patterns by Mining Software Revision Histories
DynaMine: Finding Common Error Patterns by Mining Software Revision Histories
 
Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open Source
 
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)
 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic models
 
Automatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing ChangesAutomatic Identification of Bug-Introducing Changes
Automatic Identification of Bug-Introducing Changes
 
Predicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsPredicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency Graphs
 
Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing Information
 
Philips lighting ppt
Philips lighting pptPhilips lighting ppt
Philips lighting ppt
 

Semelhante a Characterizing and predicting which bugs get fixed

Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development Thomas Zimmermann
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect predictionThomas Zimmermann
 
Bug best practice
Bug best practiceBug best practice
Bug best practicegaoliang641
 
What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?Rogue Wave Software
 
11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)Jeremiah Grossman
 
STM-UNIT-1.pptx
STM-UNIT-1.pptxSTM-UNIT-1.pptx
STM-UNIT-1.pptxnischal55
 
5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-Testing5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-TestingMary Clemons
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
Steve mcconnell
Steve mcconnellSteve mcconnell
Steve mcconnellShiraz316
 
Workshop on software product development the backdrop
Workshop on software product development the backdropWorkshop on software product development the backdrop
Workshop on software product development the backdropJoy Prabhakaran
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...WhiteSource
 
Defect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft WebinarDefect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft WebinarXBOSoft
 
SW Engineering Management
SW Engineering ManagementSW Engineering Management
SW Engineering ManagementRobert Sayegh
 
Performance Testing And Beyond
Performance Testing And BeyondPerformance Testing And Beyond
Performance Testing And BeyondPeter Brown
 
Classic Testing Mistakes 0226
Classic Testing Mistakes 0226Classic Testing Mistakes 0226
Classic Testing Mistakes 0226MBA_Community
 
1. introducción a la Ingeniería de Software (UTM 2071)
1. introducción a la Ingeniería de Software (UTM 2071)1. introducción a la Ingeniería de Software (UTM 2071)
1. introducción a la Ingeniería de Software (UTM 2071)Mario A Moreno Rocha
 
Increasing DevSecOps Maturity Level in 2021
Increasing DevSecOps Maturity Level in 2021Increasing DevSecOps Maturity Level in 2021
Increasing DevSecOps Maturity Level in 2021Alexandre Rebert
 
How to achieve security, reliability, and productivity in less time
How to achieve security, reliability, and productivity in less timeHow to achieve security, reliability, and productivity in less time
How to achieve security, reliability, and productivity in less timeRogue Wave Software
 

Semelhante a Characterizing and predicting which bugs get fixed (20)

Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
 
Bug best practice
Bug best practiceBug best practice
Bug best practice
 
What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?What if you could eliminate the hidden costs of development?
What if you could eliminate the hidden costs of development?
 
11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)
 
STM-UNIT-1.pptx
STM-UNIT-1.pptxSTM-UNIT-1.pptx
STM-UNIT-1.pptx
 
5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-Testing5-Ways-to-Revolutionize-Your-Software-Testing
5-Ways-to-Revolutionize-Your-Software-Testing
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded system
 
TDC PoA submission
TDC PoA submissionTDC PoA submission
TDC PoA submission
 
Steve mcconnell
Steve mcconnellSteve mcconnell
Steve mcconnell
 
Workshop on software product development the backdrop
Workshop on software product development the backdropWorkshop on software product development the backdrop
Workshop on software product development the backdrop
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
 
Defect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft WebinarDefect Prevention & Predictive Analytics - XBOSoft Webinar
Defect Prevention & Predictive Analytics - XBOSoft Webinar
 
SW Engineering Management
SW Engineering ManagementSW Engineering Management
SW Engineering Management
 
Performance Testing And Beyond
Performance Testing And BeyondPerformance Testing And Beyond
Performance Testing And Beyond
 
Classic Testing Mistakes 0226
Classic Testing Mistakes 0226Classic Testing Mistakes 0226
Classic Testing Mistakes 0226
 
1. introducción a la Ingeniería de Software (UTM 2071)
1. introducción a la Ingeniería de Software (UTM 2071)1. introducción a la Ingeniería de Software (UTM 2071)
1. introducción a la Ingeniería de Software (UTM 2071)
 
unit 1 ppt.pptx
unit 1 ppt.pptxunit 1 ppt.pptx
unit 1 ppt.pptx
 
Increasing DevSecOps Maturity Level in 2021
Increasing DevSecOps Maturity Level in 2021Increasing DevSecOps Maturity Level in 2021
Increasing DevSecOps Maturity Level in 2021
 
How to achieve security, reliability, and productivity in less time
How to achieve security, reliability, and productivity in less timeHow to achieve security, reliability, and productivity in less time
How to achieve security, reliability, and productivity in less time
 

Mais de Thomas Zimmermann

Predicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsPredicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsThomas Zimmermann
 
Data driven games user research
Data driven games user researchData driven games user research
Data driven games user researchThomas Zimmermann
 
Empirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchEmpirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchThomas Zimmermann
 
Analytics for software development
Analytics for software developmentAnalytics for software development
Analytics for software developmentThomas Zimmermann
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesThomas Zimmermann
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesThomas Zimmermann
 
Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities Thomas Zimmermann
 
Got Myth? Myths in Software Engineering
Got Myth? Myths in Software EngineeringGot Myth? Myths in Software Engineering
Got Myth? Myths in Software EngineeringThomas Zimmermann
 
Mining Workspace Updates in CVS
Mining Workspace Updates in CVSMining Workspace Updates in CVS
Mining Workspace Updates in CVSThomas Zimmermann
 
Mining Software Archives to Support Software Development
Mining Software Archives to Support Software DevelopmentMining Software Archives to Support Software Development
Mining Software Archives to Support Software DevelopmentThomas Zimmermann
 
esolang: Esoterische Programmiersprachen
esolang: Esoterische Programmiersprachenesolang: Esoterische Programmiersprachen
esolang: Esoterische ProgrammiersprachenThomas Zimmermann
 
TA-RE: An Exchange Language for Mining Software Repositories
TA-RE: An Exchange Language for Mining Software RepositoriesTA-RE: An Exchange Language for Mining Software Repositories
TA-RE: An Exchange Language for Mining Software RepositoriesThomas Zimmermann
 
Fine-grained Processing of CVS Archives with APFEL
Fine-grained Processing of CVS Archives with APFELFine-grained Processing of CVS Archives with APFEL
Fine-grained Processing of CVS Archives with APFELThomas Zimmermann
 
How History Justifies System Architecture (or Not)
How History Justifies System Architecture (or Not)How History Justifies System Architecture (or Not)
How History Justifies System Architecture (or Not)Thomas Zimmermann
 
HATARI: Raising Risk Awareness
HATARI: Raising Risk AwarenessHATARI: Raising Risk Awareness
HATARI: Raising Risk AwarenessThomas Zimmermann
 
Mining Version Archives for Co-changed Lines
Mining Version Archives for Co-changed LinesMining Version Archives for Co-changed Lines
Mining Version Archives for Co-changed LinesThomas Zimmermann
 

Mais de Thomas Zimmermann (20)

MSR 2013 Preview
MSR 2013 PreviewMSR 2013 Preview
MSR 2013 Preview
 
Predicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsPredicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode Operations
 
Klingon Countdown Timer
Klingon Countdown TimerKlingon Countdown Timer
Klingon Countdown Timer
 
Data driven games user research
Data driven games user researchData driven games user research
Data driven games user research
 
Empirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchEmpirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft Research
 
Analytics for software development
Analytics for software developmentAnalytics for software development
Analytics for software development
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
 
Meet Tom and his Fish
Meet Tom and his FishMeet Tom and his Fish
Meet Tom and his Fish
 
Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities
 
Got Myth? Myths in Software Engineering
Got Myth? Myths in Software EngineeringGot Myth? Myths in Software Engineering
Got Myth? Myths in Software Engineering
 
Mining Workspace Updates in CVS
Mining Workspace Updates in CVSMining Workspace Updates in CVS
Mining Workspace Updates in CVS
 
Mining Software Archives to Support Software Development
Mining Software Archives to Support Software DevelopmentMining Software Archives to Support Software Development
Mining Software Archives to Support Software Development
 
Unit testing with JUnit
Unit testing with JUnitUnit testing with JUnit
Unit testing with JUnit
 
esolang: Esoterische Programmiersprachen
esolang: Esoterische Programmiersprachenesolang: Esoterische Programmiersprachen
esolang: Esoterische Programmiersprachen
 
TA-RE: An Exchange Language for Mining Software Repositories
TA-RE: An Exchange Language for Mining Software RepositoriesTA-RE: An Exchange Language for Mining Software Repositories
TA-RE: An Exchange Language for Mining Software Repositories
 
Fine-grained Processing of CVS Archives with APFEL
Fine-grained Processing of CVS Archives with APFELFine-grained Processing of CVS Archives with APFEL
Fine-grained Processing of CVS Archives with APFEL
 
How History Justifies System Architecture (or Not)
How History Justifies System Architecture (or Not)How History Justifies System Architecture (or Not)
How History Justifies System Architecture (or Not)
 
HATARI: Raising Risk Awareness
HATARI: Raising Risk AwarenessHATARI: Raising Risk Awareness
HATARI: Raising Risk Awareness
 
Mining Version Archives for Co-changed Lines
Mining Version Archives for Co-changed LinesMining Version Archives for Co-changed Lines
Mining Version Archives for Co-changed Lines
 

Último

React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 

Último (20)

React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 

Characterizing and predicting which bugs get fixed

  • 1. Characterizing and Predicting Which Bugs Get Fixed Philip Guo, Stanford University Thomas Zimmermann, Microsoft Research Nachiappan Nagappan, Microsoft Research Brendan Murphy, Microsoft Research © Microsoft Corporation
  • 3. Opinions expressed on this slide are the personal opinions of the presenter, not of Microsoft. ;-)
  • 4.
  • 5.
  • 8. Not all bugs get fixed • Bug #1 occurs rarely and affects only a few users. – Changes required to fix Bug #1 could be large and expensive. • Fixing Bug #2 could introduce new bugs – Code changes that fix bugs are up to twice as likely to introduce new bugs as other kinds of changes. • Users are relying on existing behavior – Fixing the bug could break their systems. © Microsoft Corporation
  • 9. Research question How do factors related to people and bug report edits affect whether a bug is successfully resolved as FIXED? → Inefficiencies in bug triaging process → Inform design of tools and policies © Microsoft Corporation
  • 10. Bug handling is pervasive 24,000+ MSFT employees reported, commented on, or handled at least one bug in Windows (vs. 2,000+ Windows developers) © Microsoft Corporation
  • 11. Methodology Qualitative Quantitative survey data analysis Reputation • Interest • Reassignments • Distance • Additional qualitative factors from survey © Microsoft Corporation
  • 12. Qualitative survey • In your experience, how do each of these factors affect the chances of whether a bug will get successfully resolved as FIXED? – 7-point Likert scale • Sent to 1,773 Microsoft employees – Employees who opened OR were assigned to OR resolved most Windows Vista bugs – 358 responded (20%) © Microsoft Corporation
  • 13. SURVEY: How does the bug report's activity affect the chances of it being successfully fixed? Severity upgraded Severity downgraded Few editors (<10) Many editors (>=10) No re-assignments (0) Few re-assignments (1-5) Many re-assignments (>30) At least 1 re-open -3 -2 -1 0 1 2 3 Decreases chances of fix Increases chances of fix © Microsoft Corporation
  • 14. SURVEY: How do the people involved in addressing the bug affect the chances of it being successfully fixed? Opener/assignee same person Same manager Same building Same country Different managers Different countries Opened by temp. employee Assigned to temp. employee -3 -2 -1 0 1 2 3 Decreases chances of fix Increases chances of fix © Microsoft Corporation
  • 15. Other qualitative factors Textual quality of bug report: “Just to re-emphasize: The quality of the bug description is very important. Not necessarily filling in the dozens of fields in the bug database with all sorts of crap (build numbers, dates, classifications, etc) - but just the plain-text description of the problem, the implication and maybe even the potential solution.” Perceived customer/business impact: “Customer impact can be a very big impact on a bug if evidence exists to show the cost of not fixing the bug for one or more customers.” Rank and seniority of bug opener: “A bug opened because something went wrong on a VPs [vice president’s] laptop has better chance [of being fixed] than a bug opened because the same thing happened to an intern.” Interpersonal skills of bug opener: “One other ‘soft’ factor is the speaking skill persuasiveness of the developer (or other representative) when arguing for the bug.” © Microsoft Corporation
  • 16. Quantitative data analysis • Correlate likelihood of bug report getting fixed – Reputation • Interest • Reassignments • Distance • Windows Vista and Windows 7 bug reports – Bug lifetime: open, assign, edit, resolve, close • Microsoft employee data – Manager, Building, Country © Microsoft Corporation
  • 17. #1: Reputation “A big influence [on bug fixes] is the reputation of the person opening the bug. If submitter has a history of submitting high quality bugs then new bugs from that person get better attention [...]” From anonymous survey respondent © Microsoft Corporation
  • 18. Quantifying reputation For each bug, calculate opener’s reputation by aggregating over all bugs in the past. Hooimeijer and Weimer: Modeling bug report quality. ASE 2007. © Microsoft Corporation
  • 19. Reputation vs. bug fixes © Microsoft Corporation
  • 20. Reputation vs. bug fixes © Microsoft Corporation
  • 21. #2: Interest Windows Vista Windows 7 © Microsoft Corporation
  • 22. #3: Reassignments Severity upgraded Severity downgraded Few editors (<10) Many editors (>=10) No re-assignments (0) Few re-assignments (1-5) Many re-assignments (>30) At least 1 re-open -3 -2 -1 0 1 2 3 © Microsoft Corporation
  • 23. #3: Reassignments Windows Vista Windows 7 © Microsoft Corporation
  • 24. The need for reassignments “Bugs many times are exposed in the UI [user interface], but are not caused by the team writing the UI code. These bugs can pass down several layers of components before landing on a lower level component owner.” From anonymous survey respondent © Microsoft Corporation
  • 25. #4: Geographical distance © Microsoft Corporation
  • 26. #5: Organizational distance © Microsoft Corporation
  • 27. Trust vs. distance “Whenever I open bugs assigned to people I know, they are investigated thoroughly as there is a trust in the report I write. Often when reporting a bug within areas where I don't know the owners, there is inherent distrust in the bug report.” From anonymous survey respondent © Microsoft Corporation
  • 28. Predictive model • At bug opening time, predict probability of fix • Logistic regression model with 7 factors – Bug source – Reputation of bug opener – Reputation of first assignee – Initial severity level – Opened by temporary employee? – Opener & initial assignee had same manager? – Opener & initial assignee in same building? • Train on Windows Vista, predict Windows 7 fixes – 68% precision, 64% recall (0.50 cut-off) © Microsoft Corporation
  • 29. Recommendations • Train and incentivize employees to write higher-quality bug reports • Improve awareness of developers’ expertise to minimize reassignments • Improve communication and trust amongst people in different teams and locations • Encourage more objectivity in prioritizing and handling bugs © Microsoft Corporation
  • 30. Summary • Characterization of which bug reports get fixed. – At least one reassignment increases but too many reassignments decrease the likelihood – The higher reputation a bug opener has, the more likely his/her bugs are to get fixed. – Bugs handled by multiple teams and across multiple locations are less likely to get fixed. • Survey results provide insights into social factors that affect the bug triaging process. – Seniority, reputation, personal relations, and trust. © Microsoft Corporation