An executive describes the importance of testing, verifying, and securing software: Lives and businesses depend on software quality and security.
Has the need for software test and verification tools grown?
Absolutely. Companies can no longer afford to have their devices or systems fail, be compromised, or recalled by a regulatory authority because of a software failure. Lives and businesses are at stake and, in some markets, the manufacturers of critical devices and systems are now being held accountable for the quality of their products.
Is software as important as hardware in a system?
A failure in either the software or hardware can cause an equally catastrophic result. That said, given the flexibility and power of implementing functionality in software makes the process of ensuring the quality, reliability, and security of software a much more difficult and costly task without the help of test automation and strong analytical tools, combined with a high-quality safe and secure software-development life cycle.
What are the risks of using open-source software code?
The challenges and inherent dangers of using open source are more significant than most want to admit. The reality is that open source can provide significant benefits for application developers in markets where time-to-market, flexibility, and "user experiences" are important. Open source can potentially enable systems to be developed faster and with more expandability. But with that flexibility, whether in an operating system or an open source application, comes a typical degradation in performance and, in most cases, the potential for security vulnerabilities to be exploited.
For critical application development where applications are honed for performance and operating systems are constructed from the bottom up with safety and security in mind, open source is not able to meet these needs.
Can you compare the cost of a software verification workflow with the cost of not implementing such measures?
For most organizations developing safety- and security-critical applications, the cost of NOT implementing an effective verification workflow can far outweigh the investment in tools, process, and training of staff. With the availability of strong static and dynamic analysis tools, automation of verification, and the ability to trace requirements easily throughout the software development workflow, organizations are able to significantly reduce their risk and, more importantly, the time and money spent using traditional painstaking manual verification.
What is your best piece of advice?
Ensure that software quality is the top priority in your senior management and that the people managing the development effort understand the value of integrated, traceable, quality tools and processes.
NAME: Jim McElroy
TITLE: Vice president of marketing
ROLE: Provider of software that automates code analysis and software testing for safety-, mission-, security- and business-critical markets