Uncovering Technical Debt Through Data-Driven Management

by

Much like financial debt, technical debt can be a persistent and difficult burden for IT teams to overcome. Particularly for CIOs and IT leaders, devoting resources to technical debt remediation must be balanced with more innovation-driven investments, like the adoption of blockchain or biometric features for better customer experiences.

Though the term technical debt has existed for decades, many still struggle to effectively describe its impact and effects on development processes, and therefore lack a solution to effectively mitigate technical debt across their organization. In this article by the Software Engineering Institute’s (SEI) Ipek Ozkaya, he outlines the SEI’s research on technical debt remediation and shares techniques to help IT leaders make more informed and strategic decisions around technical debt management.

Industry Standards Aid Technical Debt Management

“Although many Agile development teams follow simple practices of labeling their technical debt, talking about it, and trying to minimize it with heuristics,” writes Ozkaya, “most management of technical debt today is ad hoc.” This leaves gaps for teams who are trying to standardize technical debt management from team-to-team.

Technical-Debt-Analysis-SEI

To help make technical debt management a more streamlined process, static analysis tools and standards groups like the Consortium for IT Software Quality have come onto the scene to help establish code-policy rules and best practices for secure software design that result in less technical debt and foster more productive remediation in the future.

SEI Research on Technical Debt

The Software Engineering Institute is “developing tools that integrate data from multiple, commonly available sources to pinpoint problematic design decisions and quantify their consequences in a repeatable and reliable way for uncovering technical debt. Design problems, which frequently result from optimizing for delivery speed, are a critical part of long-term software costs.”

At CAST, we go beyond technical debt to look at secure software design, focusing on hard-to-detect flaws that could signal forbidden data access, back doors and more. In fact, highly concentrated areas of technical debt could be the first sign that you have critical security vulnerabilities in your code.

As the SEI continues to work with engineers and project managers to establish technical debt best practices, the idea that technical debt deserves a place at the IT leadership table alongside requirements for engineering, software architecture, testing and design has begun to take hold. Ozkaya’s work at the SEI remains critical, as it will help teams to identify technical debt risk sooner and prevent technical debt from accumulating to an unmanageable state.

Filed in: Technical Debt
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Jodi Rosenblum
Jodi Rosenblum Marketing Manager
Jodi is the marketing manager for CAST's public sector practice. Passionate about helping federal, state and local government organizations realize the full potential of Software Intelligence, Jodi is an expert on issues like technical debt and risk management.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|