> I am currently doing a research project that aims to identify risk areas in the kernel by measuring code complexity metrics ... Another aspect of complexity that might be worth a look is modularisation, interface definitions for kernel components, etc. One classic paper is "Ifdef Considered Harmful". https://www.usenix.org/legacy/publications/library/proceedings/sa92/spencer.pdf
