TrainingConferencesAbout UsContact UsAdvertiseSQE.comRSS Feed
StickyMinds.com: brain food for building better software

Log In

Search For:
 Clarify Your Search Criteria

Tips on Using Our Search Feature(s)
 
StickyMinds.com Home
ResourcesTopicsCommunityPowerPassBlogs
Home  >  Detail: What’s So Great About Inspections?!?



A StickyMinds.com Original
Article Picture
What’s So Great About Inspections?!?

By Robert L. Glass

Send This Content to a FriendGet a Short Link to This ContentPrint This ContentSee User Comments About This Content

Summary: Lots of things in the software field have been labeled as “breakthroughs.” Invariably, they are not! Inspections, on the other hand, have never been labeled as breakthroughs. But the reality is, they nearly are! Here are some surprising thoughts on what inspections are, and how to perform them effectively.


Infosys
Probably the biggest plague on the house of software is hype. All too many new techniques and technologies are hyped by their advocates as being the most important new approaches to hit the profession. It happened with 4GLs (“Programming Without Programmers”), CASE tools, object-orientation, Java... and the list goes on. Name your recent software concept and someone probably hyped it. It makes you wonder whether any new ideas are worth anything at all.  
 
Meanwhile, quietly, off in the wings, there is one technology that really is worth some of those hyped claims, but no one is making any exaggerated claims for it at all! “What’s that technology?” you’re probably asking. It’s inspections. Yes, inspections. That old-fashioned technology that we’ve known about for more than thirty years! 
 
What’s so great about inspections? Research study after research study shows that inspections are a better, faster, cheaper way of finding errors in a software product than any of the alternatives. Better than testing. Better than fault-tolerant code.  
 
That doesn’t mean that, if you do inspections, you don’t need to use any other error-removal approaches. Testing still has a very important role to play, as enterprises that have tried to eliminate it in favor of alternatives have learned the hard way.  
 
Now, what do those research studies show us? That by using inspections properly, more than 90 percent of the errors can be removed from a software product before its first test case is run. That’s pretty impressive stuff, and though I doubt the researchers can ever be sure that 90 percent of software errors have been found (that implies they know how many errors are present in total, which is unlikely!), it’s clear that more errors were found—more cheaply—by inspections than by any other technique.  
 
At one company having problems with multitudes of undetected software errors, I recommended (as you might expect) that they use inspections. When I followed up some months later, I found that they had, indeed, begun using inspections, and that the incidence of errors was way down. But I was not quite prepared for what the cause of that change had been. It wasn’t that the inspections were identifying tons of software errors. But the programmers, knowing that their code was going to be inspected, were poring over it in advance of the inspections and finding most of the errors beforehand. 
 
Fine. If inspections cause a reduction in the number of errors, who am I to care whether that happens at the inspection or beforehand? 
 
So how do you conduct an effective inspection? If you’re guessing that I’m going to advocate the well-known Fagan approach to inspections…guess again! 
 
The Fagan inspection, as you may know, is a process-focused inspection. Inspectors are assigned roles and are trained in how to play those roles in the inspection meeting. Meeting goals and processes are rigorously defined. There are meeting rules, and the rules are enforced.  
 
I believe that the product rather than the process should matter most in inspections. And that naturally raises the question: Is there a kind of inspection that is product focused? 
 
Product, Not Process 
The answer is “yes.” For example, Rifkin and Deimel—several years ago in an SEI-funded study—came up with a way of conducting inspections where the pre-meeting training was in code-reading approaches, rather than meeting process. They tested the two approaches against each other and found that there were “spectacular” benefits to the new approach. Code-focused inspectors were finding 90 percent more errors than process-focused inspectors.  
 
Porter and Votta came up with another approach (they presented it at the 1994 meeting of the NASA-Goddard Software Engineering Workshop [SEW]), which they called “scenario-based” inspection. With this approach, each inspector looked for certain kinds of errors. Once again, the scenario inspectors outperformed the Fagan/process inspectors. 
 
The bottom line of this issue is that inspections that focus on the product clearly outperform those that focus on inspection process. Fagan is by no means the final word on inspections. 
 
To Meet, or Not to Meet? 
Is it really important to conduct inspections in a meeting at all? How effective would it be, for example, to turn a bunch of skilled inspectors loose individually on the artifact to be examined? 
 
There are, once again, a number of research studies addressing this question. Bruce C. Hungerford reported at the 1997 Association for Information Systems conference that inspection meetings tend to slow project progress by an average of two weeks, and that the meetings found no more errors than the most competent participant did (although Hungerford admitted he was concerned with the accuracy of that particular finding). 
 
Other studies have found up to an 8 percent improvement benefit in meetings over individual inspections. 
 
What’s the bottom line? The jury is still out, but it is safe to conclude at this point that inspection meetings are little better than individual inspections. 
 
How Many Inspectors? 
There’s another interesting issue here. How many inspectors does it take to do an inspection optimally? There have been lots of research studies of this issue, perhaps surprisingly, and there are several different conclusions. But the answers tend to a fairly clear trend. It doesn’t take very many inspectors to begin to approach the optimum point for error detection. One study suggests two inspectors, for example; another suggests three or more, and yet another found that four was no more effective than two.  
 
Based on all of that, you could safely guess that three inspectors is as good an answer as you are going to find.  
 
Inspections are under utilized in practice. To be done properly (that means with intense rigor), they require exhausting, grubby-detail work. It takes a set of experts who really understand both the proposed software solution and the problem domain to do a good job of inspection. Many say that one inspection can only cover about 100 lines of code (again, note that most of what I am saying is about code inspection) before the participants are mentally exhausted. And that translates, generally, into a one- or perhaps two-hour inspection session. Anything longer is counter-productive. 
 
At that rate, doing a thorough inspection of a significant software product could take many hours—hours that the typical project may not allow. Yet those errors not found through inspections must be found later in laborious testing efforts.  
 
In other words, inspection is not an error-removal breakthrough. It is simply the best of a costly collection of alternatives. If you really want to produce software with a minimal number of errors in the production version, use inspections. You may find it painful in the short term, but the long-term payoff is worth it. I hope this column helps point you to some nice ways to minimize that pain.

About the Author
Robert L. Glass is president of Computing Trends (publishers of the “Software Practitioner” newsletter). He has been active in the software field for 45+ years. He is the author of more than 20 computing books and 60 papers and is a columnist for several computing periodicals.

Back to Top 

StickyMinds.com Weekly Column From 6/11/01 

Member Comments
Add Your CommentExpand Comments
 
Comment:    
by David Hammerslag 6/15/2001

While agreeing with the main thrust of the article, I note that Glass sets up a false dichotomy. You do not need to choose between process rigor (Fagan) and perspective or scenario based reading. It is straightforward to combine both practices.

 
 
Comment:    
by Willi Vole 6/14/2001

If inspections are being held without meetings, four major strengths of inspection meetings are lost - 1) The learning experience, 2) the human fraility aspect (I am positive there are no more issues with this document, you say, until you get to the meeting and hear about all the other issues that were invisible to you!), 3) minimizing the impact of communication breakdowns relating to the inspected document (and what the author meant to say or thought she said. It is much easier to explain something once during a inspection meeting, rather than have to explain it individually to all the reviewers.) 4) deciding collectively whether the...Read On

 
 
Comment:    
by Kevin Robertson 6/13/2001

My experence (8 yrs doing inspections of requirements, designs, and code with different size teams in the financial services industry) agrees with Mr. Glass' article. In one inspection of functional requiremets I used three parallel teams of 10-12 inspectors for a medium-large, new IT project. The inspections took several weeks and the results showed that 5-6 inspectors found approximately 90 percent of the unique defects reported, while the remaining members of each team found the other 10 percent. There is no advantage to large teams.

 
 
Comment:    
by Dave Lutzker 6/13/2001

I like the author's approach, and I agree that the further upstream inspections are done, the more is saved. I have used testing of requirements very effectively. I have long been bothered by the thought of experienced programmers who have worked in isolation, and have never learnt good technique. Their code works, but not well. In this environment I think something less formal, like a "Peer Code Review" is very effective in not only producing better code, but also improving the skills of the programmers. Also, the author also mentions that the programmers themselves take more care when they know their code will be inspected. This is a...Read On

 
 
Comment:    
by Nicole Bianco 6/13/2001

Mr. Glass presents interesting information, supporting inspections but not necessarily the formality. I have been performing and preaching inspections for more than 25 years with great success, but success of the individual product under review is only part of the benefit. Use of the data gathered during the inspection process is equally important in improving the ways we develop software to eliminate inserting the defect in the first place. By determing that most defects are inserted in a specific phase (phase containment), it is possible to do root cause to boost the results from that phase. By understanding the effort going into the...Read On

 
 
Comment:    
by Tek Wallah 6/12/2001

I'd like to know whether any of these studies compared the value of inspections of complex systems by experienced designers against small applications by junior programmers. I've only seen inspections done on code by inexperienced staff, who tend to make frequent, obvious mistakes. Inspections then are as much part of a training program as a quality effort. Has anyone seen good results in other cases? XP claims some good results with experienced people. But that is also not clear. Celia Redmore celia_redmore@bmc.com

 
 
Comment:    
by bruce galinsky 6/12/2001

If you ignore the requirements than the code inspections won't be nearly as effective. It also much more cost effective to change a written requirement than it is to modify code. My groups have been using a structured (not overly process heavy) requirements review for years and it has been very effective in identifying and weeding out requirements defects. However, whether you review the requirements, the code or other artificats, the focus should be on the inspection and not the process. There are too many people making too much money by implementing too much process already. These days, how many shops have the time and resources to...Read On

 
 
Comment:    
by James Maloy 6/12/2001

A number of the responders questioned the Inspect & Test combination, how it can be cheaper than testing only. Having worked in both "black box" and "white box" testing environments (black = no inspection, white = full inspection), I can answer that one easily. When the tester has done a full inspection and knows the ins & outs of every line of code, he can pare down his test set accordingly. He can discover, for example, that Input-1, Input-2, and Input-3 are processed independently. So he only needs to set up two test cases (all TRUE and all FALSE) instead of eight cases (to cover the eight permutations). The other benefit comes...Read On

 
 
Comment:    
by Jaiprakash Gurala 6/12/2001

Inspections are really useful in arresting the number of errors, if done judiously. Inspections need not be confined to Coding only. They can be used for many work products from various project stages. This technique suits very well for Inspecting Design documents against Requirement Specifications, Program specifications against Design documents and Test cases against Requirement and design documents. Unless it is planned well for inspecting code, this can not be conducted effectively for thousands and thousands of lines of code.

 
 
Comment:    
by Surjya Mohanty 6/12/2001

In this article the author has mainly emphasized code inspection. In my opinion code inspection will be less effective if it is done without inspecting the design and specifications. Also the author said that inspection does not replace testing. On this context I want to ask the author if testing has to be done anyway then why inspections ? Do you think the defects found out by inspections would be missed by testing ? Don't you think inspection and testing will affect the overall budget of the project ?

 
 
Comment:    
by Paul Wirsing 6/11/2001

I am dismayed at the comments that conclude that the author was advocating eliminating testing. I found his comment in paragraph four to be unambigous. The point of the article was that inspections give you high value for the cost involved.

 
 
Comment:    
by Danny Faught 6/11/2001

The author focuses mainly on code inspections, and indeed, that's sometimes the easiest type of inspection to convince a client to try. However, the real impact comes from inspecting documents that are further upstream from the code. If the upstream documents like specifications and designs are well-inspected, then there's little value in inspecting the code, except perhaps for the most critical code segments.

 
 
Comment:    
by Charles Reace 6/11/2001

In response to the prior comment, I don't think there is any intention here to replace testing with code inspections. (Actually, I consider code inspections to simply be one form of testing.) Rather, the intention is to drastically reduce the number of bugs before [other] testing begins. Study after study has confirmed that the later in the process a bug is found, the more costly it is to fix. Therefore, I strongly endorse the author's support of inspections, and found several of his concepts regarding who, how, and how many should inspect to be quite interesting and enlightening.

 
 
Comment:    
by yogita sahoo 6/11/2001

So that looks like 'Testing Without Testers'. Good article, no doubt. I also have few questions for Mr. Glass. In the earlier paragraphs, you specified that inspections are better, cheaper and faster than testing. But in the later sections of the article, I read that one inspection can cover only 100 loc (before they become counter-productive). Then how do you suggest that it's FASTER than testing ? The next paragraph says that testing should be able to find bugs those were missed by inspection because of time restrictions. That means inspections have to be followed by testing.So what makes it BETTER than testing ? I even doubt now whether...Read On

 
Back to Top



 
Ads By Google
What's This?
 
 

Home   |   Resources   |   Topics   |   Community   |   PowerPass



© 2010 StickyMinds.com. All rights reserved.
StickyMinds.com is a division of Software Quality Engineering.
Privacy Policy    Terms & Conditions    Link to StickyMinds.com    Feedback
Avnet

HP Software




STAREAST 


Better Software Conference