Stock Exchange Failures - What Next?


London Stock Exchange

So, a slew of high-profile failures.

Major stock exchanges suffering embarrassing technology breakdowns that have left some traders resorting to placing trades over old-fashioned phone lines! What next, ticker tape?

Euronext, Borsa Italiana (bought by the LSE in 2007), the Australian Stock Exchange (ASX) and London (LSE) are all suffering or suffered outages. And two days ago, it struck Bank of America.

That’s quite a line up – a total market capitalization of $150 billion which amounts to about 30% of Switzerland’s 2010 GDP!

Of course, we don’t know what went wrong for sure yet. A last straw that broke the camel’s back? Missing a step in a protocol because of miscommunication? A sequence of events, each one harmless on its own, but deadly when put together?

One thing we do know is these systems are incredibly complicated. As Lev writes in the previous blog post, London Bourse is Falling Down:

“An average mission critical application has just under 400,000 lines of code, 5,000 components, 1000 database tables and just under 1000 stored procedures. Architecturally, these components are layered such that an average transaction passes through about five layers between the user and the data. The applications that are in the top quartile of size and complexity comprise over 2.5 million lines of code, and though we haven’t analyzed the MilleniumIT trading system [the one that runs the LSE], it is probably well into the top quartile…probably well beyond that mark.”

You can only test for things you know will go wrong. But the software that runs these exchanges is complex enough that no human or team of humans can possibly know what to test for. It goes beyond what testing is even meant to do.

The only way to improve your odds on systems like these is to measure structural quality – the way in which the system is built to withstand unknown unknowns.

In a quick video, see how CAST makes structural quality visible.

Filed in: Technical Debt
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Load more reviews
Thank you for the review! Your review must be approved first
New code

You've already submitted a review for this item