COLLECTING METRICS OF SOFTWARE CODE TO ANALYZE ITS VULNERABILITIES
Gleb A. Popov
Senior Lecturer, Department of Information Security,
Volgograd State University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation
Maria M. Zhuneva
Student, Department of Information Security,
Volgograd State University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation
Abstract. Collecting metric information about the code is one of the most accessible methods of static analysis, which allows you to identify potential errors and vulnerabilities in the software. The main metrics used in this process include the number of comment lines, inheritance hierarchy, cyclomatic complexity, and computational complexity. The number of comments helps to assess the clarity of the code, while complex inheritance schemes can lead to difficulties in support and increase the likelihood of errors. Cyclomatic complexity, proposed by Thomas McCabe, measures the number of independent execution paths in the code, which allows you to assess its complexity and potential risks. Halsted metrics, based on statistical analysis of operators and operands, help predict the number of errors in a program. It is important to note that collecting metric information does not guarantee the absence of errors, but only indicates code sections that require attention. The process of collecting metrics is easy to implement and does not require significant efforts on the part of developers, which makes it a valuable tool for improving the quality of software. In conclusion, the use of metric data in code analysis contributes to more effective identification and elimination of potential problems in software systems.
Key words: metric information, static code analysis, software errors, Halsted metrics, code analysis.
This work is licensed under a Creative Commons Attribution 4.0 International License. 4_Popov, Zhuneva.pdfURL: https://ti.jvolsu.com/index.php/en/component/attachments/download/958 | 0 Downloads |  |