Category: Software Measurement

Giovedì 11 Giugno 2015 ha avuto luogo la IV Edizione della CAST CIO Conference. Ringraziamo i numerosi aderenti alla manifestazione che hanno contribuito al successo di questo evento consentendoci di analizzare, traendo spunto dai più recenti  casi di malfunzionamento di applicazioni “mission critical”, le strategie di prevenzione dei rischi attraverso la misurazione della qualità strutturale degli asset applicativi critici.

Key Points dalla CAST CIO CONFERENCE 2015

In business, measurement is key. It’s not a new concept, of course, but it’s one that information technology has enabled to be implemented to a higher degree than ever before. Function point analysis is one of those areas where, like initiatives such as Six Sigma, the ability to measure can help insure ultimate success.

Function Points Analysis: On Point at Federal Productivity Workshop

Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

Poor Software Quality Impacts Application Security

Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.

Automated Function Points Provide Data-Driven Captives Management

Barbara Beech, an expert in the field of IT development for telecommunications companies, recently spoke to CAST in a video chat about her experience using software analysis and measurement as well as automated function points to gain visibility into IT vendor deliverables.

As a solution to gaining visibility into IT vendor deliverables, Beech points to the CAST Automated Function Points (AFP) capability – an automatic function points counting method that is based on rules defined by the International Function Point User Group (IFPUG). CAST automates the manual counting process by using the structural information retrieved by source code analysis, database structure and transactions.

VIDEO: IT Expert Calls Upon Automated Function Points for Vendor Management

There’s an old adage in the IT industry – you can’t manage what you can’t measure. Knowing how complex an organization’s application portfolio is provides insight into how to manage it best. The problem is the issues that comprise software complexity – legacy system remnants, antiquated code, overwritten and rewritten code, the integration of formerly proprietary applications, et al – are the same things that make measuring it difficult.

With multiple system interfaces and complex requirements, the complexity of software systems sometimes grows beyond control, rendering applications and portfolios too costly to maintain and too risky to enhance. Left unchecked, software complexity can run rampant in delivered projects, leaving behind bloated, cumbersome applications. In fact, Alain April, an expert in the field of IT maintenance, has stated, “the act of maintaining software necessarily degrades it.”

Five Reasons You MUST Measure Software Complexity

Last week I attended CAST’s Annual CIO Conference on Risk and Productivity Measurement, in Paris. Upon arrival I realised it was somewhat of a meeting of minds. Analysts, consultants, advisors, IT project leaders and decision makers from across industries were in attendance, all to address software risk, code quality, and some of the biggest issues facing IT today.

CAST CIO Conference: IT's common dreads

So, you’re ready to get started on building your own multi-language custom source code analyzer platform using open source components.  Your return estimates are still looking pretty good, even after taking into account the costs in our previous post, “6 Hidden Costs of Building Your Own Multi-Language Code Analyzer Platform”.

Well, we have a quick list of maintenance costs that you may not have considered.  So, before you break ground on that project, see if you thought of all these.

6 Hidden Costs of Maintaining an Open Source Code Analyzer Platform

Last Wednesday we had an excellent and very interactive webinar discussion with David Sisk and Scott Buchholz, Directors at Deloitte Consulting, LLC. David and Scott are experts regarding technical debt -- both at a technical hands-on level as well as the strategy and governance topics in IT. So, we talked about the symptoms and causes of technical debt in large IT environments, as well as the organization and processes that need to be put in place in order to reverse the normal trend of technical debt accrual.

One of the topics that came up a lot is how to get the business onboard. Our guest presenters gave us some very interesting approaches to making the case, even when the immediate symptoms of the debt are not evident to business stakeholders. I think this discussion by itself is valuable to listen to.

Another topic that came up a lot in the Q&A was different ways of asking how to set up a technical debt measurement program.  As in our last webinar, we wound up going a couple minutes over our timeslot to address some of the questions, but we had to leave many unanswered due to time. The goal here is to try and answer some of those questions in our blog. If anyone wants to get into a more detailed discussion on any of these points, please contact us and we’ll be happy to talk to you. So, here goes:

Technical Debt Measurement Webinar: Reversal Strategy Q&A Follow Up