Static Analysis Deployment Pitfalls
This addresses deployment challenges for software developers and organizations using static analysis, but it is incremental as it compiles known pitfalls into a handbook.
The paper identifies organizational, political, and configuration pitfalls that can cause static analysis tools to lose most of their value during deployment in software development, even when management goals are met, based on experiences as a consultant.
Organizational, political, and configuration mistakes in the deployment of a static source code analysis tool within a software development organization can result in most of the value of the tool being lost, even while apparently meeting management goals. A list of pitfalls encountered as a static analysis consultant is presented, with discussion of techniques for avoiding or mitigating them. This is part of a work in progress, tentatively entitled "Handbook of Static Analysis Deployment."