Primeon offers a comprehensive, Best Practices Application Quality Assurance
Code Assessment Service whose brand name is known as "DeepSource". A DeepSource
code review for quality is an independent review of source code that
assesses the architectural design, business logic, application implementation
and performance of a developed application. It is a 3rd party, independent
assessment of an application's quality.
The methodology applied to this assessment is a top-down analysis approach
including four levels:
I. Application Architectural Design Profiling - High level application
analysis to determine a) whether the application design is based on a sound
framework and meets a set of good design considerations, and b) whether the
architecture of an application includes necessary supports to ensure required
performance, stability, scalability, maintainability and data integrity in
the application.
II. Implementation Assessment - Middle level analysis to verify expected
business logic has been properly and efficiently implemented in the application.
III. Coding Inspection - Application review to identify low level coding
issues.
IV. Performance - Application review for performance bottleneck issues.
This DeepSource QA code review provides a true independent look at an application
with respect to:
Resource Management: Socket/Memory not released,
database connections held too long
Code Quality: Adherence to coding standards including
Best Practices and/or client defined
Documentation: Comprehensive and well-maintained
development documentation
Functionality Issues: Transactions not closed,
race conditions, etc.
Data Integrity: Data unprotected for sharing, data
input validation
Configuration Management: Incorrect configuration
which affects performance and quality
DeepSource Assessment Activities Provided by Primeon
The DeepSource application assessment includes the following activities:
1. Architecture and design analysis, business function analysis
- Primeon's assessment team gains an understanding of the application by
using application documentation, the run-time environment and source code.
The architecture and design analysis is a useful tool for identifying issues
within the application architecture and for prioritizing components for
implementation review. The review will identify the key algorithms used
and component/module abstraction. Specifically, Primeon's engineering team
will use the DeepSource Issue Modeling Technique, which is composed of the
following components:
Information Collection
Application architecture modeling
Issue candidates selection
Prioritizing the source code review
2. Source code review - Primeon's assessment team reviews
source code from the target application code base using the DeepSource Toolkit,
which helps perform static analysis of the code. The proprietary DeepSource
Toolkit is a collection of programs, scripts, rules, check list, and filters
that are used by Primeon's engineers to sift through the code to find instances
of issues, errors and vulnerabilities. These language analysis tools have been
developed and refined over the past fifteen years and have been used to analyze
over one billion lines of code in over 80 different programming languages and
databases. These tools are kept in a repository available to Primeon's engineering
team, so that new techniques and scripts are quickly made available.