A Machine Learning Approach for Automating Software Code Review 2022-26-0024

Development of any safety critical software applications such as in the aerospace industry needs to comply to specific standards (DO-178) to meet airworthiness requirements. This standard is applicable to all airborne software. As such, the software development needs to perform certain verification activities to comply to the standard objectives. One of the verification activities is source code inspection or review to check that the implementation meets the specification captured in the form of requirements and other aspects such as coding style guidelines and documentation, such as, indentation used in code, sufficient comments or notes in the code files etc. Generally, this activity is carried out manually, supplemented by tools which are deployed to check errors and standards in the code by means of static analysis and practices such as test-driven development (TDD), wherein, the testing and analysis is done prior to the reviews. However, software quality still relies on the tests and analysis done prior to the reviews; it does not entirely do away with manual reviews. This activity also requires independence, that is someone other than author must review it, additionally it needs more than one reviewer. This increases cost of quality. At the same time, the development teams have a challenge in meeting both the schedule and quality. This paper discusses potential approaches to improve code quality for safety critical software, while today we have several static code analyzers, however, requirements to code checkers are not readily available. This paper identifies approaches that may be followed to apply machine learning techniques for automation and a framework to incorporate this into the existing peer review process performed for airborne software. This paper also discusses the challenges in automating review activity to improve quality, reduce cost and adhere to standards (such as DO178) at the same time.