Skip to main content



Source Code Static Analysis PGRelief C/C++ Installation Case Example

FUJIFILM Software Co., Ltd.: Creating the Future of Imaging with New Ideas and Technologies

In software development, it is very important to improve quality at the coding stage to reduce rework at the test stage. The introduction of a static analysis tool to streamline development has attracted attention for that very reason. FUJIFILM Software is working on overall quality improvement. We asked them how they are using a static analysis tool in their efforts.

FUJIFILM's reception areaCompany profile of FUJIFILM Software Co., Ltd.
FUJIFILM Software Co., Ltd. provides different kinds of software, including the embedded software in digital cameras, minilab control software, and photo-editing applications. As a part of the Fujifilm Group, they have a proud history of achievements in various areas of development. In 2006, FUJIFILM Software reached CMMI Level 3. CMMI stands for Capability Maturity Model Integration, which is an evaluation model of process improvement.

Early Detection of Programming Errors to Improve Quality

Your company installed a static analysis tool (*1) last year, with the quality assurance division taking the lead. What was the purpose?

Photo 1 of Mr. Kimura

To remain competitive as a software company, we must primarily consolidate our basic technologies. So we focused our attention on installing a static analysis tool and creating coding conventions. Our hope is that, if the tool can handle primitive work, our engineers can engage in more creative work.

What is important in software development is the implementation process, or more specifically, programming. But the quality of programs often varies because it mostly depends on the skills of each programmer. If we fail to check programs thoroughly in the implementation phase, quality assurance may be moved back to a later process. That is why we have a triple-check system in place for static analysis before product shipment. With the system, we have quality management that assures both our customers and ourselves of product quality.
We installed the static analysis tool two years ago for development. However, we could not use it efficiently for several reasons, such as not enough tool licenses, complicated display messages, and the excessive output of on-screen indicators. This time around, we got our environment sorted out and selected a tool that displays user-friendly messages. I think this helped us solve the problems of a low usage rate and operational overload.

Timing is the key to preventing both overload and mistakes
Correlation chart of the timing and usability of static analysis
Photo 1 of Ms. Higashi

The earlier the static analysis, the more that efficiency increases and the load on engineers decreases. (See the above figure.) We were concerned that the extra work time created by the installation of the static analysis tool might lead to our engineers' being unwilling to install the tool. Actually, as was later confirmed, the tool can reduce the workload on the engineers when the static analysis precedes the code review, which is a rough program check by people. From the project that served as a test case, the following was reported:

  • The coding time decreased by about two hours per kilostep(*2).
  • When the static analysis tool was used before the code review, the problems found in the code review dropped by 30%.
  • More than 5,000 potential bugs were eliminated in the entire project.
  • The problems pointed out in all test phases dropped by 22.8%.

You could say that the tool improved not only programming quality but also productivity.
By eliminating simple coding mistakes indicated by the tool before the code review, we could focus on the essential verification of algorithms in the code review. That was the best point for our developers, who saw it as one advantage of the static analysis tool.
For programs that use a lot of existing code, the range of the effects of code corrections might be difficult to assess. The static analysis tool can make that assessment easier. Also, there is no 100% guarantee of quality assurance with the code review because its effectiveness depends on the skills of the engineer in charge. Therefore, a very effective means of ensuring quality is to incorporate a static analysis that comprehensively detects identical patterns into the quality assurance system for the implementation process.

Comprehensive development of engineers' technical capabilities

What is important for the successful installation and operation of the latest static analysis tool?

Photo 2 of Mr. Kimura

Everybody at the development site was strongly aware that the tool was being installed for their sake. The quality assurance division just provided the learning ground and set basic rules. A working group at the site took the initiative in creating concrete guidelines and testing the operations. I think they increased their own levels of satisfaction because of that.
Is it necessary to create coding conventions, which consist of programming methods and rules, before actual operation? A working group is now in the process of reviewing that, aiming to complete the review within this current period.

An extremely important point is to organize the operational rules. Since whoever uses the static analysis tool can see the on-screen indicators for compliance with the coding conventions, the tool can in this way ensure compliance. And at the same time, it can eliminate code that lacks versatility, such as code that only the code creator can understood.
Another comment I have is that the developers sharing information on the analysis results of the tool has given rise to technical communications in the company. Engineers will likely improve their skills simply by observing the coding conventions. The tool also makes it easier for development managers to understand the problems in projects. So we are considering using the static analysis tool for quality assurance in offshore development in the future.

Creating a framework for further quality improvement

What were the main concerns about installing and using the static analysis tool, PGRelief?

Photo 2 of Ms. HigashiHigashi:
The main point was that the on-screen indicators and descriptions be clear and intelligible and that their explanations be detailed. The C language standard includes many ambiguous parts, so a program's behavior sometimes varies with the compiler. PGRelief covers such details, and we appreciate that PGRelief is designed not only for use as an analysis tool but also for programmer education.
In our company, we try not to have engineers do unnecessary work--work that is not in their area of expertise. We try to get them to concentrate on what they are supposed to do. We believe that improves production efficiency. Another point is the floating license, which does not limit the number of installations but restricts simultaneous use on the server. We could avoid adding extra work to engineers because of the floating license. For example, engineers didn't need to install and uninstall the license to share the tool. And with the floating license, we can install the product throughout the office to use it for multiple projects. As a result, operation with the tool has been efficient and uninfluenced by waves of development.
We use the functions that can be executed from the command line so that we can execute them directly from an IDE, which is an integrated development environment. This means we can refer to the analysis results without calling the interface, saving us some work. Before installation, we divided the engineers into small groups and held a seminar for each group. We got some favorable comments from the engineers.

What are you considering for further quality improvements in the future?

Photo of Mr. Kimura and Ms. HigashiKimura:
The level of quality required from evaluations should depend on what products the system under development will be installed on and how complex the adopted program modules are. Through actual use of the static analysis tool, we will obtain metrics data. From that data, we will determine the complexity to be used as the threshold for the code review. And we will do this to enhance evaluations until we "hit the nail on the head" in the test process.
We will also organize the coding rules for languages other than C and encourage improvement of the tool. To promote quality assurance, we will combine coding conventions and static analysis for more projects in the company. We also want to improve programming technologies.
Generally speaking, there are three stages of development: design, implementation, and evaluation. The static analysis tool is a tool for ensuring the quality of products just in the implementation stage. We will need to create frameworks for design and evaluation processes for further quality improvements.


  • *1 Static analysis tool:
    A tool for analyzing source code and detecting syntax errors and violations of coding conventions. The tool usually operates together with a dynamic analysis tool that actually runs programs to test them and detect bugs.
  • *2 Step: A unit indicating the scale of a program. One kilostep is 1,000 steps.

Profile of FUJIFILM Software Co. Ltd.

FUJIFILM's reception areaAs a group company of FUJIFILM Corporation, FUJIFILM Software Co. Ltd. has many development achievements to be proud of such as embedded software for digital camera, control software for minilab equipment and image processing applications. In 2010, FUJIFILM Software Co. Ltd. accomplished level 4 of CMMI (Capability Maturity Model Integration), which is evaluation model of process improvement, in medical development field.


Contact us about this product

The titles, numerical values, and proper names in this case example are as of the date that this article is posted on the site. They may have changed when you access this page.

This webpage has been created from a brochure with the installation case example (and customer interviews).
For a copy of the brochure with the installation case example, please click here, Brochure Request Form.