Software Verification and Validation are often considered expensive activities not producing a lot of results.


Against this false and unfortunately spread opinion there are some few facts:


  1. The majority of the total cost of software projects is associated with finding and fixing defects.

  2. Usually, defects finding and fixing occur too late in the life cycle of a project.

  3. No single remedy for the software crisis has been found, but empirical data gathered on several software projects have shown that Code Inspection allows for defects prevention and early defects detection and removal.

  4. Code Inspection is facilitated by tools like Static Analyzers, and many of these tools are open source.

  5. The analysis results produced by Static Analyzers can be displayed together with the code under analysis (from within the code itself) by Code Quality Platforms like SonarQube.

  6. Code Quality Platforms simplify the management of the Issues found by the Static Analyzers allowing the execution of Software Verification and Validation in a continuous and seamless way, similar to how Integration and Testing are performed. 



The SAFe Toolset is an Ubuntu Virtual Machine containing:


  1. some open source Static Analyzers;


  1. some cross compilers;


  1. the Code Quality Platform SonarQube (community edition).


The purpose of the SAFe Toolset is to show, to demonstrate that Code Inspection (and therefore Software Verification and Validation) can be performed in an effective and productive way.