Tag: code quality
So, you’re ready to get started on building your own multi-language custom source code analyzer platform using open source components. Your return estimates are still looking pretty good, even after taking into account the costs in our previous post, “6 Hidden Costs of Building Your Own Multi-Language Code Analyzer Platform”.
Well, we have a quick list of maintenance costs that you may not have considered. So, before you break ground on that project, see if you thought of all these.
Thinking about building your own multi-language custom source code analyzer platform using open source components? Sure, the upsides seem to add up: no licensing fees, great customization ability, and an impressive new entry on your resume (making it even shinier). Read that project charter once more before you sign it in ink, because our experience has shown it’s not quite that simple.
We just finished up the 30-minute webinar where Dr. Bill Curtis, our Chief Scientist, described some of the findings that are about to be published by CAST Research Labs. The CRASH (CAST Research on Application Software Health) report for 2014 is chock full of new data on software risk, code quality and technical debt. We expect the initial CRASH report to be produced in the next month, and based on some of the inquiries we’ve received so far, we will probably see a number of smaller follow-up studies come out of the 2014 CRASH data.
This year’s CRASH data that we saw Bill present is based on 1316 applications, comprising 706 million lines of code – a pretty large subset of the overall Appmarq repository. This means the average application in the sample was 536 KLOC. We’re talking big data for BIG apps here. This is by far the biggest repository of enterprise IT code quality and technical debt research data. Some of the findings presented included correlations between the health factors – we learned that Performance Efficiency is pretty uncorrelated to other health factors and that Security is highly correlated to software Robustness. We also saw how the health factor scores were distributed across the sample set and the differences in structural code quality by outsourcing, offshoring, Agile and CMMI level.
Because the world of software development is so incredibly complex and modular, quality assurance and testing for software risk has become costly, time-consuming, and at times, inefficient. That’s why many organizations are turning towards a risk-based testing model that can identify problem areas in the code before it’s moved from development to testing. But be careful, because hidden risks can still exist if you don’t implement the model properly throughout your organization.
The media has been a firestorm of ‘glitchy’ reporting since the botched launch of the Obama Administration’s healthcare exchange marketplace, mainly because no one’s quite sure what did or didn’t happened.
If you missed it, the exchange’s Oct. 1st launch was mired with complaints, outages, and glitches. Many pundits and talking heads claimed that this was simply because of the enormous amount of Americans who were all trying to log into the brand new system. But we dived into the code to figure out what was actually going on, and what we found was much more nefarious.
We’re less than a month into the launch of HealthCare.gov, and as each day passes we’re finding out about more glitches, shoddy code quality, a lack of end-to-end testing, and rushed changes made days before the healthcare exchange was to go live. All of which are symptomatic of a software project being rushed to completion to meet a deadline without considering the implications of a botched launch.
What draws me to Anaheim, Calif., in October is not the walking Disney characters (though there are plenty of those), but instead the STARWest, the West Coast’s largest conference on software testing analysis and review.
Large and small enterprises have continually struggled with finding a way to manage the software risk inherent in their ever-increasing application portfolio. And now, in a year where companies such as NASDAQ, Knight Capital, American Airlines, and BATS have suffered costly and embarrassing IT failures, software risk is top of mind for every IT executive.