In this guide, you will learn how to use the Action Plan function in Kiuwan.
Once you have analyzed an application with Kiuwan, you will have a bunch of results.
Most likely, you will not decide to fix all the defects found, but a subset of them.
That subset of defects to be fixed will be decided based on very different considerations, from technical to economic reasons. The most common reasons have to do with the technical impact of the defects and available effort to fix them.
Those defects, together with target dates and responsible assignee, constitute an Action Plan.
Kiuwan helps you during this process:
Let’s go through those steps and see how Kiuwan can help you.
As said above, the Action Plan can be decided on several factors, such as technical considerations and/or economical reasons.
To decide which defects to fix, Kiuwan lets you:
Let’s suppose we have an application with the following results
As we can see, although the application shows quite acceptable indicators for Efficiency, Portability, and Reliability, we have poor levels for Maintainability and Security.
What is most important to fix depends on your business needs.
You could be making yourself these kinds of questions:
All the above questions are quite common, so let’s see how Kiuwan will help to assess and define an appropriate action plan.
Once you select the application and analysis, you select the Action Plan tab and clicking on the Menu you will have both options:
Kiuwan allows you to create an Action Plan by manually selecting those defects you are most interested in fixing.
For example, let’s suppose that you are very concerned about security and, taking OWASP as your main security reference, you want to make sure that OWASP-related High and Very High defects should be fixed. That’s your plan.
To do it, once you click New action plan, you will be presented all the defects of the application.
Just filter the defects list for the appropriate criteria select all of them (or any subset you consider).
Once done, click Save.
You will see the number of defects contained in this action plan, the effort required to fix them as well as the metrics before and after the fulfillment of the action plan.
What if you want to improve your code but you don’t know where to start?
Well, ‘What if’ feature helps you generating an automatic action plan with a given quantity of available hours or a quality goal you want to achieve.
Rather than manually selecting the specific defects, let Kiuwan find those defects that should be fixed according to your needs.
What-If tool allows you to simulate as many scenarios as you want, letting you build an action plan based on two different strategies:
You could decide to spend a certain amount of hours to fix tasks.
For example, let’s suppose you have 1 week (40 hours) to dedicate, so you will need to identify those defects that will return you the highest return.
Kiuwan will distribute the effort to maximize Global Indicator.
You can specify the total amount to be distributed across all the characteristics or the amount to dedicate only to certain characteristics.
In the example, the application has acceptable levels for Efficiency, Portability, and Reliability, so you could decide to spend those 40 hours distributed evenly in Security (20h) and Maintainability (20h).
As another approach to effort-driven, you could decide to improve any of the characteristics to meet a certain value.
For example, using our example, you could want to have a plan to reach 50 for Security and reach 30 for Maintainability.
What-If lets you specify this and any other combination that suits your needs.
As with the effort-based approach, Kiuwan will generate the optimized listing of defects that should be fixed to meet the indicated values.
Whatever is the approach (effort- or simulator-driven), click Simulate to generate a full list of defects to be fixed, as well as the future values of Kiuwan indicators after completion of the Action Plan.
Click Save this action plan to create the Action Plan, or continue the simulation until you find an appropriate plan that suits your needs.
Select the Action Plans tab of Code Analysis to show all the available Action Plans for the selected application.
For every Action Plan, Kiuwan provides the following information:
Action Plan Progress (%) is calculated as the percentage of defects fixed in the last application analysis as compared to the defects when the action plan was created. Click the Progress link to show a detailed Progress page.
Pending Effort is calculated as the effort to fix the remaining defects.
As the application is further analyzed, Kiuwan will update progress indicators for every plan.
Click the Progress link of any action plan to show the detailed Progress page.
At this page, you will be able to see the Remediation Timeline, i.e. a temporal view of the execution progress of the plan.
By hovering the mouse over any point you will see details such as analysis date and fixed vs total defects.
Progression information will be presented for any analysis you choose (selecting the analysis in the selection list).
Circle graphics display information on Progress as well as Pending Defects (classified by Priority and Software characteristic).
Also, you will be presented with three tabs with a breakdown of the action plan’s defects ;
Visit the following guide: Export an Action Plan