The Software Intelligence Blog

  • CISQ Aims to Bring Software Quality Sanity Back to Federal Outsourcing

    The current state of outsourced application development is a sorry state of affairs because of myriad software quality issues causing unprecedented glitches and crashes. It’s not that all outsourcers are making terrible software, rather, it’s that governments and organizations have no way of accurately measuring the performance, robustness, security, risk, and structural quality of the applications once they’ve been handed the keys.

  • 20 Software Engineering and Code Quality Goals You Should Nail Before 2018

    When applications crash due to a code quality issues, the common question is, “How could those experts have missed that?” The problem is, most people imagine software development as a room full of developers, keyboards clacking away with green, Matrix-esque code filling up the screen as they try and perfect the newest ground-breaking feature. However, in reality most of the work developers actually do is maintenance work fixing the bugs found in the production code to ensure a higher level of code quality.

tst mze
  • AIP 7.2 Gives CIOs Software Risk Assessment at a Glance

    For many CIOs, reporting on software risk is a complex problem. The reports are usually compiled once a quarter, and can take days if not weeks to complete. But worse than that, they often fail to deliver actionable insight to answer simple business questions. Which of my critical systems are most vulnerable? Are my IT vendors delivering as promised? How can we improve customer satisfaction? Are my development teams under-performing? How can we improve time-to-market for new projects?

  • A UK Regulator Confirms Software Risk Very Real In UK Financial Sector

    Pay attention US financial sector, because the UK is one step ahead of you … sort of. They’re at least willing to admit they have a problem with software risk and IT system resiliency, which is on the path to recovery.

  • The Next Step in Measuring Agile Software Development

    Agile software development is a streamlined, transparent process with speed built into each step. It’s so focused on speed, in fact, that developers call what they can successfully accomplish in a two week sprint their ‘velocity.’ But while Agile development teams do incorporate unit tests and the testing of functional aspects of their code, there is often little analysis of the structural quality above the module level. This is something that makes most architects in enterprise software organizations nervous about Agile.

  • Application Risk Management: Good Software Architecture is Good Business

    The software architecture is one of the most important artifacts created in the lifecycle of an application. Architectural decisions directly impact the achievement of business goals, as well as functional and quality requirements. Yet once the architecture has been designed, most architectural descriptions are seldom verified or maintained over time. Architecture compliance checking is a sound application risk management strategy that can detect deviations between the intended architecture and the implemented architecture.

  • Static analysis: Leveraging source code analysis to reign in application maintenance cost

    The ever-growing cost to maintain systems continues to crush IT organizations, robbing their ability to fund innovation while increasing risks across the organization. The cost of maintaining a software system is directly proportional to the size and complexity of the system. Therefore any effort to reduce the size and complexity translates into direct improvement of software maintenance costs. The following provides guidance on how a static code analysis of applications generates actionable insight you can take to immediately improve the maintainability of systems.

  • Stating the Obvious: Big Software Projects Fail

    In the spirit of Yogi Berra, I’ve decided to list of the obvious things that I know in life: water is wet, the sky is blue, and big software projects fail.

    I’m sure that you are aware of the very public failure of the centerpiece of Obamacare,, and by now have heard enough of the public interrogations of this project, the system, its agency, and policy.

    Rather than adding to that, I’d caution that instead of staring too long and too closely at this incident, we should allow it to serve as a simple reminder that there are more and bigger failures lurking.

  • Technical Assets

    Eight years ago I organized the Workshop on Technical Debt at Calvin College, and I've stayed involved in the discussion since.

    The concept, to me, seems simple, intuitive, and obvious: Technical short-cuts lead to a slight increase in value today at the expense of speed tomorrow.

    Then Ron Jeffries, a co-author of the Agile Manifesto, got up to speak, along with his partner, Chet Hendrickson. Ron and Chet had served as part of the team that invented Extreme Programming in 1999.

    What they had to say turned the workshop upside down.

  • Software Risk: 3 Things Every IT Manager Must Know About A Risk-Based Testing Model

    Because the world of software development is so incredibly complex and modular, quality assurance and testing for software risk has become costly, time-consuming, and at times, inefficient. That’s why many organizations are turning towards a risk-based testing model that can identify problem areas in the code before it’s moved from development to testing. But be careful, because hidden risks can still exist if you don’t implement the model properly throughout your organization.

  • Emerging Trends and Software Quality Assurance

    The future challenges for Software Quality assurance (SQA) follow a few software trends, including:

  • Investigating What Went Wrong?

    The media has been a firestorm of ‘glitchy’ reporting since the botched launch of the Obama Administration’s healthcare exchange marketplace, mainly because no one’s quite sure what did or didn’t happened.

    If you missed it, the exchange’s Oct. 1st launch was mired with complaints, outages, and glitches. Many pundits and talking heads claimed that this was simply because of the enormous amount of Americans who were all trying to log into the brand new system. But we dived into the code to figure out what was actually going on, and what we found was much more nefarious.

  • Bite Sized Portfolio Analysis

    Nobody disputes the promises made by enterprise application portfolio analysis tools made over the past 20 years - visibility, risk identification, faster, better budgeting decisions.

  • Haste Makes Waste Again: Faces a Long and Expensive Recovery

    We’re less than a month into the launch of, and as each day passes we’re finding out about more glitches, shoddy code quality, a lack of end-to-end testing, and rushed changes made days before the healthcare exchange was to go live. All of which are symptomatic of a software project being rushed to completion to meet a deadline without considering the implications of a botched launch.

  • Executives, Management, and Testers: Are You Aligned?

    What draws me to Anaheim, Calif., in October is not the walking Disney characters (though there are plenty of those), but instead the STARWest, the West Coast’s largest conference on software testing analysis and review.

  • Highlight Update Brings Rapid Portfolio Analysis to the Masses

    Large and small enterprises have continually struggled with finding a way to manage the software risk inherent in their ever-increasing application portfolio. And now, in a year where companies such as NASDAQ, Knight Capital, American Airlines, and BATS have suffered costly and embarrassing IT failures, software risk is top of mind for every IT executive.