Tag: Application Quality

While you're reading this article, if you come across words – and even sentences – that you don’t understand, there's a high chance you feel like developers do when they're looking at lines of code with a high level of nested complexity. A high level of software complexity can make it difficult to determine architectural hotspots where risk and cost emanate.

Software Complexity Is Killing Us

Con motivo de nuestro 25 aniversario, el pasado 16 de junio tuvo lugar el primer User Workshop a nivel local, una sesión cuyo objetivo reside en crear una comunidad de usuarios de CAST AIP y mantener informados a los clientes de las novedades de nuestras soluciones.

¿Hacia dónde evolucionan las soluciones de CAST y cómo pueden influir en las organizaciones?, ¿Estoy optimizando el uso de CAST AIP en mi organización? En formato taller y para crear un ambiente dinámico y participativo se dio respuesta a esta y muchas otras inquietudes y experiencias de un grupo de usuarios de CAST AIP con el objetivo de extraer todo el valor y potencial que la herramienta puede aportar en cada organización y dependiendo del público al que se dirijan los resultados de análisis extraído.

Software Analytics, un estímulo para el éxito de negocio

On June 22nd, CAST held its annual User Group in Italy, hosting software measurement professionals from major companies in the Banking, Insurance, Telco, Public Sector and IT Consulting industries for a four-hour working session. Attendees walked away from the event with a better understanding of best practices in establishing objective software measurement standards and creating better visibility in to application portfolios.

Among CAST Application Intelligence Platform presentations and updates regarding the new CISQ RFC for Automated Enhanced Points and its relationship with the AFP OMG standard, attendees also discussed software measurement in Agile and DevOps environments.

Takeaways from the CAST Italy Summer User Group

Le 15 Juin 2016, CAST a organisé un workshop au tour du sujet Security By Design à l’hôtel Hilton, Paris La Défense avec des intervenants de SOLUCOM, ATOS, BNP PARIBAS CARDIF et CAST en présence d’une trentaine de participants du secteur public, finance, énergie, éditeurs de logiciels, etc.

Security By Design

CAST is pleased to announce the release of AIP 8.1, a continuation of the big step forward made in AIP 8.0. AIP 8.1 extends the functionality of Application Intelligence Platform to provide greater technology support, improved reporting and new code viewing capabilities in the Application Engineering Dashboard (AED).

 Java 8 Support

Java 8 is quickly being adopted by Java developers. CAST now fully supports Java 8 and can help you find flaws linked to the use of the very popular Java 8 lambda functions, among others.

CAST Releases Application Intelligence Platform (AIP) 8.1

High-capacity network bandwidth has become more widely available, and we have quickly tapped into every last inch of its capacity. More devices are built with wi-fi capabilities, the costs of mobile devices are going down and smartphones are in the hands of more people than ever before. In fact, Apple might have already exhausted the market and is seeing drastically lower sales forecasts for the iPhone.

We are moving into an era in which virtually any device will connect to the Internet. Phones, fitness trackers, dishwashers, televisions, espresso machines, home security systems, cars. The list goes on. Analyst firm Gartner estimates that over 20 billion connectable devices will exist worldwide by 2020. Welcome to IoT—the Internet of Things. A giant network of connectable things.

Application Security in the Internet of Things

Last week, CAST attended the Gartner EA Summit, held at National Harbor. It was two days of jam-packed sessions and workshops about Enterprise Architecture, but what stuck out the most was the value of this very unique discipline as a catalyst for Digital Transformation.

EA and Digital Transformation were the core focus of many presentations, including Mike J. Walker’s session “Leverage EA to Understand the Value and Impacts of Digital Disruption.” Mike stressed that this ever-evolving discipline is becoming a vital component to corporate strategy, delivering high-performing and sustainable business outcomes.

Enterprise Architecture as the Gateway to Digital Transformation – Takeaways from the Gartner EA Summit 2016

In April, Google experienced a fairly significant cloud outage, but it was hardly news at all. In fact, it was likely the most widespread outage to hit a major public cloud to-date. The lack of coverage is strange, considering the industry’s watchful eyes like Brian Krebs and others. The even more recent Salesforce service outage seems to have received more attention. But despite the fact that Google seems to have gotten away with a “pass” this time, the glitch brings renewed attention to the fact that tech players large and small are continuing to deal with software robustness issues.

What Went Wrong at Google - Software Robustness Remains a Struggle

Recently I had the pleasure of speaking at QAI QUEST 2016, which showcases the latest techniques for software quality measurement and testing. It was a content-rich program with more than three days of diving deep into issues like DevOps, Open Source, Security Mobile and more. But what struck me the most above all the event chatter is that even the brightest of companies are still having a difficult time identifying and fixing code quality errors.

QAI QUEST: Fixing Quality Issues with Automated Code Review

For years refactoring software has been a common process used to improve the quality, efficiency, and maintainability of an application. However, a recent article by IT World discusses how CIOs may not be getting a valuable return on their investment of time and effort into the refactoring process. While many believe refactoring reduces the risk of future headaches, new findings acquired through a study by Sri Lanka researchers suggests code quality is not improved significantly by refactoring.

Using Code Quality Metrics to Improve Application Performance

We always hear about issues with systems, applications, or services caused by poor code quality or missed defects, but what happens when these problems become life threatening? Recently an article posted by npr discussed the early release of dangerous prisoners who are now being charged for murder. According to the article, Governor Jay Inslee of Washington State reported that more than 3,200 prisoners were released early due to a software defect.

A Code Quality Problem in Washington State Puts Dangerous Criminals Back on the Street

The banking industry has definitely had its share of ups and downs when it comes to service reliability. In the past year, there have been a number of instances where customers have been unable to gain access to funds, receive deposits, and pay bills. As reported in an article by theguardian, HSBC experienced a system failure at the end of August, which left thousands of their customers in a bind over a major banking holiday.

The HSBC Failure Has Many Wondering: Are Banking Providers Taking the Appropriate Measures to Ensure Code Quality and System Dependability?

With the advancements of both cloud and mobile technologies, security remains a hot topic for every company. The number of reported instances of security backdoors due to faulty code or hardware continues to stagger. A recent article by Wired has brought forth another one of these unfortunate issues for a big player: Juniper. This technology giant has been providing networking and firewall solutions to companies, corporations, and the government for a number of years.

As a leader in networking technology, the last thing you want to hear is that a tech powerhouse like Juniper has found an application security problem. Two security issues were identified after a code review session outside of the company’s normal evaluation cycle. Security continues to remain a primary concern as more companies, government agencies, and even individuals rely on technology providers to manage data or maintain smooth operations.

Was Lack of Proper Code Analysis Tools a Root Cause of Juniper Networks Security Backdoors?

As reported in a recent article by InfoWorld, a high profile privacy driven smartphone provider located a security hole capable of exposing their devices to attacks. Blackphone is a specially designed smartphone developed by SGP Technologies, who operates as a subsidiary of Silent Circle. The phone uses VPN for Internet access and runs on a modified Android version titled “SilentOS”. A third-party component Silent Circle used as part of the device design was capable of exposing the secure smartphone to outside attacks.

What Was the Security Issue?

The vulnerability made it possible for an attacker to control the modem functions of the phone. Researchers brought this problem forth when they identified an open socket accessible on the phone during a reverse engineering exercise. Currently, Blackphone is one of the most secure phones on the market because it uses built-in encryption to deliver secure:

  • Voice Calling
  • Text Messaging
  • Video Conferencing
  • File Transfers
Blackphone Update Removes Critical Security Threat: Did Code Quality Issues Contribute to the Problem?

IT leaders from throughout the federal government discussed the value of how software measurement can positively impact their development process at CAST’s recent Cyber Risk Measurement Workshop in Arlington, VA – just outside of the Washington, D.C. area. The event brought together more than 40 IT leaders from several governmental agencies, including the Department of Defense and Department of State, system integrators and other related organizations. The group shared their experiences in how their respective organizations are driving value to end users and taxpayers.

IT Leaders Address the Value of Software Measurement & Government Mandates Impacting Development

Application portfolio analysis was at the center of discussion as Forrester Research Vice President and Principal Analyst, Margo Visitacion, presented how Agile development is affecting the application development process and IT’s portfolio planning. Ms. Visitacion explained that in the “Age of the customer,” they want more for less and expect companies to fluidly change based on their needs and demands. As companies shift their attention to customers’ experiences rather than production figures, it’s leading directly to higher revenue and a longer-lasting relationships.

Key Discussion Points from Forrester Webinar: Agile Portfolio Management Requires Rapid Transparency

Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Software Risk: Executive Insights on Application Resiliency

In the current tech scene, it has become common practice to refer to programmers as engineers. It seems that if you aren't part of sales or marketing teams you are now entitled to being designated as an engineer. However, what has been forgotten over the 50 years of looking to turn software development into a legitimate engineering practice, is that we still haven't reached the aspiration of being just that: a legitimate engineering practice. Traditional engineers have to go through stringent regulation, certification, and apprenticeships in order to gain the title. This creates an implicit responsibility of providing reliability and public safety. Software development hasn't reached this point yet - software quality and standards are not universally valued.

So why is the tech industry using the engineering title to describe its technical workers?

Faltering Software Quality and Standards: Why Programmers Should Stop Calling Themselves Engineers

Southwest Airlines is the latest victim of the airline scandal. What scandal? It’s the one where airlines continue to cause travel delays due to poorly managed IT systems. It’s the one that caused Southwest to delay 836 flights on Monday and distribute HAND written tickets to passengers because of a ‘software glitch’. Southwest isn’t alone. United Airlines grounded hundreds of flights in July and American Airlines did the same in September and April. How long will consumers have to wait before these organizations figure out that the glitches are caused by bad software quality, which creates bad service?

Bad Software Quality Crashes Airlines’ IT Systems, Again: When Is Enough Enough?