Software peer review
Encyclopedia
In software development, peer review
is a type of software review
in which a work product (document, code, or other) is examined by its author and one or more colleagues, in order to evaluate its technical content and quality.
.
When performed as part of each Software development process
activity, peer reviews identify problems that can be fixed early in the lifecycle. That is to say, a peer review that identifies a requirements problem during the Requirements analysis
activity is cheaper and easier to fix than during the Software architecture
or Software testing
activities.
The National Software Quality Experiment, evaluating the effectiveness of peer reviews, finds, "a favorable return on investment for software inspections; savings exceeds costs by 4 to 1". To state it another way, it is four times more costly, on average, to identify and fix a software problem later.
s, which are conducted by management representatives rather than by colleagues, and for management and control purposes rather than for technical evaluation. They are also distinct from software audit review
s, which are conducted by personnel external to the project, to evaluate compliance with specifications, standards, contractual agreements, or other criteria.
s, technical peer reviews, and software inspection
s, at the other. The IEEE defines formal structures, roles, and processes for each of the last three.
Management representatives are typically not involved in the conduct of a peer review except when included because of specific technical expertise or when the work product under review is a management-level document. This is especially true of line managers of other participants in the review.
Processes for formal peer reviews, such as software inspection
s, define specific roles for each participant, quantify stages with entry/exit criteria, capture software metrics on the peer review process.
, something like peer review has taken place in the engineering and evaluation of computer software
. In this context, the rationale for peer review has its equivalent in Linus's law
, often phrased: "Given enough eyeballs, all bugs are shallow", meaning "If there are enough reviewers, all problems are easy to solve." Eric S. Raymond
has written influentially about peer review in software development
.
Peer review
Peer review is a process of self-regulation by a profession or a process of evaluation involving qualified individuals within the relevant field. Peer review methods are employed to maintain standards, improve performance and provide credibility...
is a type of software review
Software review
A software review is "A process or meeting during which a software product is examined by a project personnel, managers, users, customers, user representatives, or other interested parties for comment or approval"....
in which a work product (document, code, or other) is examined by its author and one or more colleagues, in order to evaluate its technical content and quality.
Purpose
The purpose of a peer review is to provide "a disciplined engineering practice for detecting and correcting defects in software artifacts, and preventing their leakage into field operations" according to the Capability Maturity ModelCapability Maturity Model
The Capability Maturity Model is a development model that was created after study of data collected from organizations that contracted with the U.S. Department of Defense, who funded the research. This model became the foundation from which CMU created the Software Engineering Institute...
.
When performed as part of each Software development process
Software development process
A software development process, also known as a software development life cycle , is a structure imposed on the development of a software product. Similar terms include software life cycle and software process. It is often considered a subset of systems development life cycle...
activity, peer reviews identify problems that can be fixed early in the lifecycle. That is to say, a peer review that identifies a requirements problem during the Requirements analysis
Requirements analysis
Requirements analysis in systems engineering and software engineering, encompasses those tasks that go into determining the needs or conditions to meet for a new or altered product, taking account of the possibly conflicting requirements of the various stakeholders, such as beneficiaries or users...
activity is cheaper and easier to fix than during the Software architecture
Software architecture
The software architecture of a system is the set of structures needed to reason about the system, which comprise software elements, relations among them, and properties of both...
or Software testing
Software testing
Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software...
activities.
The National Software Quality Experiment, evaluating the effectiveness of peer reviews, finds, "a favorable return on investment for software inspections; savings exceeds costs by 4 to 1". To state it another way, it is four times more costly, on average, to identify and fix a software problem later.
Distinction from other types of software review
Peer reviews are distinct from management reviewManagement review
A management review is a management study into a project's status and allocation of resources. It is different from both a software engineering peer review, which evaluates the technical quality of software products, and a software audit, which is an externally conducted audit into a project's...
s, which are conducted by management representatives rather than by colleagues, and for management and control purposes rather than for technical evaluation. They are also distinct from software audit review
Software audit review
A software audit review, or software audit, is a type of software review in which one or more auditors who are not members of the software development organization conduct "An independent examination of a software product, software process, or set of software processes to assess compliance with...
s, which are conducted by personnel external to the project, to evaluate compliance with specifications, standards, contractual agreements, or other criteria.
Review processes
Peer review processes exist across a spectrum of formality, with relatively unstructured activities such as "buddy checking" towards one end of the spectrum, and more formal approaches such as walkthroughSoftware walkthrough
In software engineering, a walkthrough or walk-through is a form of software peer review "in which a designer or programmer leads members of the development team and other interested parties through a software product, and the participants ask questions and make comments about possible errors,...
s, technical peer reviews, and software inspection
Software inspection
Inspection in software engineering, refers to peer review of any work product by trained individuals who look for defects using a well defined process...
s, at the other. The IEEE defines formal structures, roles, and processes for each of the last three.
Management representatives are typically not involved in the conduct of a peer review except when included because of specific technical expertise or when the work product under review is a management-level document. This is especially true of line managers of other participants in the review.
Processes for formal peer reviews, such as software inspection
Software inspection
Inspection in software engineering, refers to peer review of any work product by trained individuals who look for defects using a well defined process...
s, define specific roles for each participant, quantify stages with entry/exit criteria, capture software metrics on the peer review process.
"Open source" reviews
In the free / open source communityFree software community
The free-software community is an informal term that refers to the users and developers of free software as well as supporters of the free-software movement. The movement is sometimes referred to as the open-source software community or a subset thereof...
, something like peer review has taken place in the engineering and evaluation of computer software
Computer software
Computer software, or just software, is a collection of computer programs and related data that provide the instructions for telling a computer what to do and how to do it....
. In this context, the rationale for peer review has its equivalent in Linus's law
Linus's Law
There are two statements named Linus's Law: one by Eric S. Raymond concerning software bug detection by a community, and the other by Linus Torvalds about the motivations of programmers.- By Eric Raymond :...
, often phrased: "Given enough eyeballs, all bugs are shallow", meaning "If there are enough reviewers, all problems are easy to solve." Eric S. Raymond
Eric S. Raymond
Eric Steven Raymond , often referred to as ESR, is an American computer programmer, author and open source software advocate. After the 1997 publication of The Cathedral and the Bazaar, Raymond was for a number of years frequently quoted as an unofficial spokesman for the open source movement...
has written influentially about peer review in software development
Software development
Software development is the development of a software product...
.