CAST in UK

London

Third Floor
87 Worship Street
London EC2A 2BE
Tel: +44 (0)20 7397 0550
Fax: +44 (0)20 7397 0559

CAST is the market leader in Software Intelligence, with unique technology backed by $150 million in software analysis and measurement R&D. CAST technology helps digital leaders and doers see the truth, become software geniuses and deliver super software - resilient, responsive, safe and secure software. Hundreds of companies rely on CAST to improve end-user satisfaction and time-to-market, prevent business disruption and reduce cost. Founded in 1990, CAST operates globally with offices in North America, Europe, India and China.

New Study Reveals Too Many Global Organizations are Gambling Their Business on Poor Code

Global CRASH Report from CAST uncovers applications in Financial Services can be exploited to steal confidential information

 

New York  – March 7, 2017CAST, a leader in software analysis and measurement, announced findings from its latest CRASH Report, the largest objective study of software ‘health factors’ such as Reliability and Security. Health factors indicate the volume and severity of structural software flaws in business applications.

The report, which analyzed 1.03 billion lines of code across 1,850 applications submitted by over 329 organizations in 8 different countries, exposes the overall quality of too many mission critical functions across the globe is POOR. Security scores varied widely with some of the highest and worst scores observed for any health factor. The lowest security scores of some applications indicate there is a significant amount of business software at risk.

This represents a big gamble for organizations whose business operations rest on poor code. Financial Services were specifically found to be particularly susceptible to security risk. Retail and Telco scored marginally better than Financial Services. For an industry carrying large amounts of sensitive data, Financial Services organizations are at risk of severe regulatory fines.

“Lack of security architecture combined with porous code in legacy systems produce easy targets for hackers. This is especially concerning in Financial Services applications,” said Dr. Bill Curtis, SVP and Chief Scientist at CAST Research Labs. “Despite the push to ‘go digital’ our CRASH Report findings indicate there is a significant amount of bad code lingering in enterprise systems. The takeaway for IT is clear: poor software quality is exposing many businesses to excessive risk.”

Key findings of the study include:

Security is lagging

  • Security scores varied widely with some of the worst falling into this category.
  • Geographically, the UK scores the lowest out of all regions. France scores best.
  • The Financial Services industry scored worst, compared to the highest scoring industry, Government.

Smaller teams perform better

  • Findings reveal a team size ‘sweet spot’. Development teams of under 10 people perform best across most areas of structural quality.
  • Development teams of over 20 consistently perform the worst across all health factors.

Maturity must be improved 

  • Organizations at the least mature development processes (Level 1) as measurement by the Capability Maturity Model Integration (CMMI) have the worst scores in all areas of structural quality. Such organizations too often have overworked developers on unrealistic schedules. They make myriad mistakes without having adequate time to detect and correct them. Organizations at Level 2 that have implemented basic project controls or at Level 3 that have standardized their processes produce far better software.

A hybrid method is the way to go

  • Findings reveal the highest scores developed software using a hybrid method that combines practices from both Agile and Waterfall. The lowest scores were obtained by those reporting use of ‘no method’. Both Agile and Waterfall were consistently achieved lower scores than Hybrid methods. This confirms the same finding in the last CRASH Report two years ago.
  • By combining up front analysis and design of application architectures with rapid feedback on defects during short, iterative coding sprints, hybrid methods produce higher structural quality than Agile or Waterfall methods alone.

A copy of the CRASH Executive summary and the full report can be downloaded here.

 

Methodology
CAST Research on Application Software Health (CRASH) is a biennial report on global trends in the structural quality of business applications. It reports scores on Health factors which represent attributes of the engineering soundness of the architecture and code of software systems. The technology that generated the data in CRASH Reports measures the number and severity of violations of good architectural and coding practice. These are the defects most likely to cause operational problems such as outages, performance degradation, unauthorized access, or data corruption. The health factors measured in the report look at five traits: Robustness, Security, Performance Efficiency, Changeability and Transferability. Scores are computed on a scale of 1 (high risk) to 4 (low risk).

 

About CAST
CAST is the world leader in software analysis and measurement, with unique technology resulting from $130 million in R&D investment. CAST introduces fact-based transparency into application development and sourcing to transform it into a management discipline. More than 250 companies across all industry sectors and geographies rely on CAST to prevent business disruption while reducing hard IT costs and software risk. CAST is an integral part of software delivery and maintenance at the world's leading IT service providers. Founded in 1990, CAST is listed on Euronext (CAS) and serves IT intensive enterprises worldwide with offices in North America, Europe and India.

 

For more information about CAST:
Web: http://www.castsoftware.com
Blog: http://blog.castsoftware.com
Twitter: http://www.twitter.com/onquality

PR Contacts:
Britney Schaeffer
communications@castsoftware.com
+1 212-871-8361

Partners in the UK

ATOS Logo
Atos UK & Ireland
4 Triton Square
Regent's Place
London
NW1 3HG
Tel. +44 (0)207 830 4444
Capgemini Capgemini UK
Forge End,
Woking,
Surrey
GU21 6DB
Tel. +44 (0) 1483 764 764
hcl logo
HCL Great Britain Ltd
Network House, Norreys Drive
Maidenhead,
Berkshire
SL6 4FJ
Tel. +44 (0) 207 105 8610
hp HP UK
Amen Corner
Cain Road
Bracknell
Berkshire, RG12 1HN
Tel. +44 207 9490300
IBM IBM United Kingdom Limited
PO Box 41, North Harbour
Portsmouth
Hampshire, PO6 3AU
Tel.+44 (0) 23 92 56 1000
Logo Infosys
Infosys
14th and 15th Floor
10 Upper Bank Street
Canary Wharf
London E14 5NP
Tel.+44 20 7715 3300
mahindra satyam Mahindra Satyam
63, Queen Victoria Street,
London - EC4N 4UA
Tel. +44 (0)1908 553400
Logo Sopra
Sopra UK
4th Floor,
30 Old Broad Street,
London, EC2N 1HT
Tel. +44 (0) 207 786 5800
Logo Steria
Steria Limited
Three Cherry Trees Lane
Hemel Hempstead
Hertfordshire
HP2 7AH
Tel. +44 (0)845 601 8877
Logo tata
Tata Consultancy Services Limited
4th Floor
33 Grosvenor Place
London SW1X 7HY
Tel. +44 (0)20-7245-1800
VerifySolutions Verify Solutions
Market House
Market Place
Wokingham
Berkshire
RG40 1AP
Tel. 44 (0)11 8978 4720
Wipro Wipro Technologies
Kings Court,
185 Kings Road, Reading,
Berks RG1 4EX
Tel. +44 (118) 902 2300