Any inventor knows it: a great design really isn’t all that great until it stands the test of real-time use. (Proof: All those crazy old movies of flying machines crashing before they even got off the runway.) The same is true with software development. Only through system-level analysis can you learn how components interact with one another across multiple layers (UI, logic and data) and across multiple technologies. Much like those crazy old flying machines, the exact same piece of code can be safe and of excellent quality or highly dangerous, depending on its interaction with other components.
When you conduct system-level analysis in conjunction with application discovery and blueprinting, you’re setting yourself up for success. Three months ago, I shared my insights on getting started with Software Intelligence for the technical lead. Here I'd like to continue with that thread by looking at the process of building Software Intelligence with CAST Architecture Checker.
By using this module of the CAST Application Intelligence Platform (AIP), you can build a view of an application’s structural quality that helps in reducing security vulnerabilities and overall risk. Architecture Checker aids the Technical Lead or subject-matter-expert by:
Constructing Your View
Once you’ve built the layers representing the objects of a system, you can now build either Authorized Dependencies (acceptable flow through the application) or Forbidden Dependencies (unacceptable flow through the application). Do this by dragging-and-dropping an arrow from one layer to another.
Going Live with Architecture Checker
After repeating this process to build a system “map,” you can now conduct a live violations check, using data from the most recent CAST analysis knowledge base.
I look forward to your comments and questions about Architect Checker’s role in system-level analysis and building upon overall Software Intelligence. In Part 3, I’ll discuss how you can use CAST Enlighten to blueprint software as you continue to gather, refine, and leverage Software Intelligence – all in your effort to ensure software quality and make certain that your “crazy flying machines” will soar off the runway as planned.
Erik Oltmans, an Associate Partner from EY, Netherlands, spoke at the Software Intelligence Forum on how the consulting behemoth uses Software Intelligence in its Transaction Advisory services.
Erik describes the changing landscape of M & A. Besides the financial and commercial aspects, PE firms now equally value technical assessments, especially for targets with significant software assets. He goes on to detail how CAST Highlight makes these assessments possible with limited access to the targetâ€™s systems, customized quality metrics, and liability implications of open source components - all three that are critical for an M&A due diligence.