The Software Intelligence Blog

  • Software Risk and Security in 2016

    Software has always been risky business compared to more mature industries such as telecommunications and manufacturing. Historically, software has seen more canceled projects, higher costs and more frequent schedule overruns than any other industry.

    Today in 2016 we are also on the forefront of receiving an increasing amount of cyber-attacks in many different forms such as denial of service, data theft, phishing and the like. Of course, other industries are also risk prone, such as banking and finance as seen by their many failures circa 2008. Indeed the insurance industry centers around risk and has developed sophisticated actuarial methods for predicting the costs of risks and when they will occur.

  • Software Complexity Is Killing Us

    While you're reading this article, if you come across words – and even sentences – that you don’t understand, there's a high chance you feel like developers do when they're looking at lines of code with a high level of nested complexity. A high level of software complexity can make it difficult to determine architectural hotspots where risk and cost emanate.

tst mze
  • DevOps, Digital Transformation and IoT, ‘Oh My’!

    Companies are waking up to the fact that the digital transformation journey is not a leisurely stroll. It’s more of a marathon sprint. Between externalization of processes and the Internet of Things (IoT) the need to increase “velocity” is becoming a key attribute of success. Yet the pressure to maintain cost effective solutions has not gone away. Big reasons today’s enterprises are accelerating digital transformation include:

  • Software Analytics, un estímulo para el éxito de negocio

    Con motivo de nuestro 25 aniversario, el pasado 16 de junio tuvo lugar el primer User Workshop a nivel local, una sesión cuyo objetivo reside en crear una comunidad de usuarios de CAST AIP y mantener informados a los clientes de las novedades de nuestras soluciones.

    ¿Hacia dónde evolucionan las soluciones de CAST y cómo pueden influir en las organizaciones?, ¿Estoy optimizando el uso de CAST AIP en mi organización? En formato taller y para crear un ambiente dinámico y participativo se dio respuesta a esta y muchas otras inquietudes y experiencias de un grupo de usuarios de CAST AIP con el objetivo de extraer todo el valor y potencial que la herramienta puede aportar en cada organización y dependiendo del público al que se dirijan los resultados de análisis extraído.

  • Takeaways from the CAST Italy Summer User Group

    On June 22nd, CAST held its annual User Group in Italy, hosting software measurement professionals from major companies in the Banking, Insurance, Telco, Public Sector and IT Consulting industries for a four-hour working session. Attendees walked away from the event with a better understanding of best practices in establishing objective software measurement standards and creating better visibility in to application portfolios.

    Among CAST Application Intelligence Platform presentations and updates regarding the new CISQ RFC for Automated Enhanced Points and its relationship with the AFP OMG standard, attendees also discussed software measurement in Agile and DevOps environments.

  • Security By Design

    Le 15 Juin 2016, CAST a organisé un workshop au tour du sujet Security By Design à l’hôtel Hilton, Paris La Défense avec des intervenants de SOLUCOM, ATOS, BNP PARIBAS CARDIF et CAST en présence d’une trentaine de participants du secteur public, finance, énergie, éditeurs de logiciels, etc.

  • Recap: Software Risk Summit 2016

    Software risk has historically been overlooked as a security concern by business leaders, and companies have paid a high price as a result. Remember the JPMorgan hack of 2014? That cost the bank more than $6 billion. RBS has paid £231 million for their IT failures as of two years ago. The Target breach? The retailer posted a write down of $152 million. Or, more recently, Jeep controls being taken over by hackers, and a similar incident with Toyota-Lexus having to fix a software bug that disabled cars’ GPS and climate control systems? That costs the manufacturers valuable consumer confidence points and can seriously damage sales.

  • CAST Releases Application Intelligence Platform (AIP) 8.1

    CAST is pleased to announce the release of AIP 8.1, a continuation of the big step forward made in AIP 8.0. AIP 8.1 extends the functionality of Application Intelligence Platform to provide greater technology support, improved reporting and new code viewing capabilities in the Application Engineering Dashboard (AED).

     Java 8 Support

    Java 8 is quickly being adopted by Java developers. CAST now fully supports Java 8 and can help you find flaws linked to the use of the very popular Java 8 lambda functions, among others.

  • Application Security in the Internet of Things

    High-capacity network bandwidth has become more widely available, and we have quickly tapped into every last inch of its capacity. More devices are built with wi-fi capabilities, the costs of mobile devices are going down and smartphones are in the hands of more people than ever before. In fact, Apple might have already exhausted the market and is seeing drastically lower sales forecasts for the iPhone.

    We are moving into an era in which virtually any device will connect to the Internet. Phones, fitness trackers, dishwashers, televisions, espresso machines, home security systems, cars. The list goes on. Analyst firm Gartner estimates that over 20 billion connectable devices will exist worldwide by 2020. Welcome to IoT—the Internet of Things. A giant network of connectable things.

  • Adding Measurement to Your Application Outsourcing

    A recurring issue for IT and business management is whether it’s best to build an in-house team or outsource the development of software applications. Some of the biggest factors when contemplating application outsourcing are cost, security and loss of control.

    Business agility remains a top priority, but this puts added pressure on teams to move fast, and can sometimes lead to rushed projects and a lack of attention to detail. When in-house teams are under tight deadline restrictions, corners can get cut. In fact, most in the developer community agree that outsourcing is the best way to go for timely and on-budget development projects.

  • Enterprise Architecture as the Gateway to Digital Transformation – Takeaways from the Gartner EA Summit 2016

    Last week, CAST attended the Gartner EA Summit, held at National Harbor. It was two days of jam-packed sessions and workshops about Enterprise Architecture, but what stuck out the most was the value of this very unique discipline as a catalyst for Digital Transformation.

    EA and Digital Transformation were the core focus of many presentations, including Mike J. Walker’s session “Leverage EA to Understand the Value and Impacts of Digital Disruption.” Mike stressed that this ever-evolving discipline is becoming a vital component to corporate strategy, delivering high-performing and sustainable business outcomes.

  • What Went Wrong at Google - Software Robustness Remains a Struggle

    In April, Google experienced a fairly significant cloud outage, but it was hardly news at all. In fact, it was likely the most widespread outage to hit a major public cloud to-date. The lack of coverage is strange, considering the industry’s watchful eyes like Brian Krebs and others. The even more recent Salesforce service outage seems to have received more attention. But despite the fact that Google seems to have gotten away with a “pass” this time, the glitch brings renewed attention to the fact that tech players large and small are continuing to deal with software robustness issues.

  • 4 Keys to Successful Digital Transformation

    Recently, CAST co-authored a paper with The Boston Consulting Group titled, Will Your Software Help or Hinder Digital Transformation? Navigating the digital transformation journey is a challenge, often wrought with roadblocks and IT complexities related to technical debt, disparate application development techniques and more. So how can CIOs help their company achieve digitization goals?

  • EA Insights – The Fact-Based Measurement Effect

    Today, CAST is meeting hundreds of Enterprise Architect aficionados, gurus, practitioners and professionals in National Harbor at the Gartner EA Summit. When glancing at the agenda, it is evident that EA has become omnipresent and is interacting either directly or indirectly with 100% of hot IT challenges such as Digital Transformation, Cloud Readiness, Internet of Things, Cyber Security and Innovation - the topics that are keeping many executives up at night.

    The intent of this post is to share “one” view of the EA journey and provide some personal insight into software risk management and what I think will be the upcoming challenges in our favorite discipline.

  • The Age of Digital Transformation: Where to Start?

    The term “Digital Transformation” has become more than just a buzzword as companies continuously work toward the goal of realigning and investing in the digitization of all business aspects to meet and predict customer demands. In the midst of these big changes, there has been much confusion about what it means to actually achieve digital transformation and how to monitor your progression through each stage of the transition.

  • QAI QUEST: Fixing Quality Issues with Automated Code Review

    Recently I had the pleasure of speaking at QAI QUEST 2016, which showcases the latest techniques for software quality measurement and testing. It was a content-rich program with more than three days of diving deep into issues like DevOps, Open Source, Security Mobile and more. But what struck me the most above all the event chatter is that even the brightest of companies are still having a difficult time identifying and fixing code quality errors.

  • Using Code Quality Metrics to Improve Application Performance

    For years refactoring software has been a common process used to improve the quality, efficiency, and maintainability of an application. However, a recent article by IT World discusses how CIOs may not be getting a valuable return on their investment of time and effort into the refactoring process. While many believe refactoring reduces the risk of future headaches, new findings acquired through a study by Sri Lanka researchers suggests code quality is not improved significantly by refactoring.

  • CAST User Group on Function Point Analysis: Key Findings

    1On April 6th, CAST held a user group meeting on the topic of function point analysis and software productivity measurement. The meeting gathered more than 20 software measurement professionals from major companies in the banking, IT consulting, telecom, aviation and public sectors for a two-hour working session to discuss the benefits of function point analysis testing.

    The event featured presentations including:

    1. An IBM case study on how they worked with CAST to integrate and secure an Automated Function Point (AFP) approach with a big player in the aeronautic sector within TMA Systems
    2. Functional sizing case study
    3. Updates on the new CISQ standards for Automated Function Points
    4. The importance of internal and external benchmarking
  • CISQ & IT Risk Management: Minimizing Risk in Government IT Acquisition

    6On March 15, CISQ hosted the Cyber Resilience Summit in Washington, D.C., bringing together nearly 200 IT innovators, standards experts, U.S. Federal Government leaders and attendees from private industry. The CISQ quality measures have been instrumental in guiding software development and IT organization leaders concerned with the overall security, IT risk management and performance of their technology. It was invigorating to be amongst like-minded professionals who see the value in standardizing performance measurement.

  • Software Risk Management: Risk Governance in the Digital Transformation

    UntitledSoftware Risk Management in Digital Transformation was the focus during the 4th edition of the Information Technology Forum, hosted by International Institute of Research (IIR).  Massimo Crubellati, CAST Italy Country Manager, discussed how Digital Transformation processes are changing the ICT scenario and why software risk management and prevention is mandatory.

     

    Massimo shared our recipe for Digital Governance evolution: including a specific ICT Risk chapter in the design of the governance structure of the digital transformation, whose most relevant aspect is to determine which methods and through which key performance indicators to measure the operational risk inherent in the application portfolio. Measurement needs to be continuous and structural, it must include the assessment of application assets inherent weaknesses, through the analysis of correlations between the layers composing them. Thus obtaining, not only an effective prevention of direct damage ensuring the service resilience, but a reduction in maintenance and application management costs.