We always hear about issues with systems, applications, or services caused by poor code quality or missed defects, but what happens when these problems become life threatening? Recently an article posted by npr discussed the early release of dangerous prisoners who are now being charged for murder. According to the article, Governor Jay Inslee of Washington State reported that more than 3,200 prisoners were released early due to a software defect.

A Code Quality Problem in Washington State Puts Dangerous Criminals Back on the Street
Arlene Minkiewicz, Chief Scientist at Price Systems, recently  presented on the issues relating to technical debt and software maintenance.
At the Intersection of Technical Debt and Software Maintenance Costs
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>

The banking industry has definitely had its share of ups and downs when it comes to service reliability. In the past year, there have been a number of instances where customers have been unable to gain access to funds, receive deposits, and pay bills. As reported in an article by theguardian, HSBC experienced a system failure at the end of August, which left thousands of their customers in a bind over a major banking holiday.

The HSBC Failure Has Many Wondering: Are Banking Providers Taking the Appropriate Measures to Ensure Code Quality and System Dependability?
It is common practice for a developer to make a quick fix in a software project and to then move onto the next shiny new feature.
Technical Debt and Reverse Grind: How to Manage it
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report

With the advancements of both cloud and mobile technologies, security remains a hot topic for every company. The number of reported instances of security backdoors due to faulty code or hardware continues to stagger. A recent article by Wired has brought forth another one of these unfortunate issues for a big player: Juniper. This technology giant has been providing networking and firewall solutions to companies, corporations, and the government for a number of years.

As a leader in networking technology, the last thing you want to hear is that a tech powerhouse like Juniper has found an application security problem. Two security issues were identified after a code review session outside of the company’s normal evaluation cycle. Security continues to remain a primary concern as more companies, government agencies, and even individuals rely on technology providers to manage data or maintain smooth operations.

Was Lack of Proper Code Analysis Tools a Root Cause of Juniper Networks Security Backdoors?
There has become a recent trend in discussing the benefits of machine learning - however, despite its recent popularity there are few large-scale systems that actually employ it in production.
The Machine Learning Hype Dampened by Technical Debt
In 2015 there was a major slew of headlines dedicated to software failures at major companie which led to a discussion of best practices for software development.
Improving Software Quality to Avoid System Failure

As reported in a recent article by InfoWorld, a high profile privacy driven smartphone provider located a security hole capable of exposing their devices to attacks. Blackphone is a specially designed smartphone developed by SGP Technologies, who operates as a subsidiary of Silent Circle. The phone uses VPN for Internet access and runs on a modified Android version titled “SilentOS”. A third-party component Silent Circle used as part of the device design was capable of exposing the secure smartphone to outside attacks.

What Was the Security Issue?

The vulnerability made it possible for an attacker to control the modem functions of the phone. Researchers brought this problem forth when they identified an open socket accessible on the phone during a reverse engineering exercise. Currently, Blackphone is one of the most secure phones on the market because it uses built-in encryption to deliver secure:

  • Voice Calling
  • Text Messaging
  • Video Conferencing
  • File Transfers
Blackphone Update Removes Critical Security Threat: Did Code Quality Issues Contribute to the Problem?
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Vision is a term often employed to describe leaders: i.e "they have vision" or "they are visionaries".
How Technical Debt Can Help You Be Innovative
In this great podcast from .Net Rocks! the discussion on how to handle technical debt takes an interesting turn towards the discrepancy in communication between different stakeholders on a software project.
Technical Debt and Breaking Down "Tribal Speak"
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Often times in the development process large amounts of technical debt result in stalled innovation from a given team.
How Innovation Debt Is Just As Damaging as Technical Debt
In this post from InfoQ, Thomas Bradford explains his experience on working with a monolith java-based system that had improper test coverage and huge technical debt.
Maintaining Technical Debt and Team Morale in a Large System
Much of what comes with being an entrepreneurial leader is knowing when to accept certain tradeoffs.
When You Should Start Paying Off Your Technical Debt
It has become a recent practice in organizations to measure technical debt in their software.
The Risks of Measuring Technical Debt
Technical debt is a very important concept to developers that is often lost on the management end. Developers use the concept to describe the consequences of a pressure to meet deadlines.
Technical Debt and Risk: One and the Same
It's estimated that the federal government spends about $80 billion a year on IT.
Technical Debt & Software Quality Tools

As we come together to help those affected by recent global tensions, we have made a charitable donation of $10,000 to Doctors Without Borders/Médecins Sans Frontières (MSF) on behalf of the CAST community. We believe that our citizenship transcends geography and political borders as we are united within one, universal community.

CAST is proud to support an organization that values people and upholds their right to medical care regardless of gender, race, creed, religion or political affiliation. In over 60 countries around the world, MSF saves lives by providing medical aid where it is needed most — in armed conflicts, epidemics, natural disasters and other crises.

Supporting Our Global Community

IT leaders from throughout the federal government discussed the value of how software measurement can positively impact their development process at CAST’s recent Cyber Risk Measurement Workshop in Arlington, VA – just outside of the Washington, D.C. area. The event brought together more than 40 IT leaders from several governmental agencies, including the Department of Defense and Department of State, system integrators and other related organizations. The group shared their experiences in how their respective organizations are driving value to end users and taxpayers.

IT Leaders Address the Value of Software Measurement & Government Mandates Impacting Development

Application portfolio analysis was at the center of discussion as Forrester Research Vice President and Principal Analyst, Margo Visitacion, presented how Agile development is affecting the application development process and IT’s portfolio planning. Ms. Visitacion explained that in the “Age of the customer,” they want more for less and expect companies to fluidly change based on their needs and demands. As companies shift their attention to customers’ experiences rather than production figures, it’s leading directly to higher revenue and a longer-lasting relationships.

Key Discussion Points from Forrester Webinar: Agile Portfolio Management Requires Rapid Transparency

Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Software Risk: Executive Insights on Application Resiliency