Seven steps to safer software

Seven steps to safer software

The Cast annual CRASH report into the global state of software quality has been released. The study looked at over 1 billion lines of code pulled from over 300 organisations in eight countries.

Given the explosion in the amount of digital technology used by businesses, perhaps it isn't surprising that the overall result of the study is that too many mission-critical systems are "poor" when it comes to quality. This exposes businesses, and their customers, to damage from software that crashes, fails to function as designed, or leaks data.

Financial services organisations are singled out for criticism in the report, as is the UK which performs worst among all the regions (France is rated the leader).

One important learning from the study is that smaller teams (under 10 people) perform far better than larger ones (over 20 people).

There is also insight into project management. By combining up front analysis and design of application architectures with rapid feedback on defects during short, iterative coding sprints, hybrid methods produce higher structural quality than Agile or Waterfall methods alone.

Cast offer some useful advice to organisations that want to improve their software development processes:

  1. Train your staff in secure coding practices and incentivize their use
  2. Augment your development staff with advanced measurement and analysis technology
  3. Avoid creating teams of over 20 developers. Teams of less than 10 are optimal.
  4. Shift testing left in your software development cycle
  5. Set measurable goals to adopt mature development practices from CMMI Levels 2 and 3.
  6. Adopt hybrid methods for developing large, business-critical applications.
  7. Analyze your software regularly to detect structural flaws early. Assess applications with CISQ size and quality measures.

You can find the details of the report here (registration required).


Cast Software is a leader in software analysis and measurement and introduces fact-based transparency into application development and sourcing to transform it into a management discipline.


Photograph copyright maciek905 under licence from Thinkstockphotos.co.uk

Copyright Lyonsdown Limited 2021

Top Articles

Hacker selling Domino's India database on the Dark Web for 10 BTC

Domino's India database containing the personal data of over 1m Indians has been put up for sale on the Dark Web for 10 BTC (£396,000).

New England's largest energy supplier Eversource suffers major data leak

New England’s energy provider Eversource suffered a massive data leak in March that compromised the personal information of thousands of customers.

Remote workers use personal tech to avoid monitoring

A quarter of UK remote workers use personal tech over work devices to avoid being watched.

Related Articles