Improve product quality using Escape Defect Analysis

Escape Defects are issues that are identified by customers after the product has shipped, and as such have also been missed by the test teams. Defects identified after a product has shipped have the most significant cost impact to a business, both in development costs (find, fix & update) and impact to brand. Escape Defect…

Read More

Prevent “Quality Deficit” in your Software Products

We can consider that the software quality deficit gap is the time taken to evolve a product from initial release until perceived as being of good quality. It is variable depending on the number of copies of the software in circulation, how thoroughly it is used, and more importantly, the number of iterations required to…

Read More

Five principles for engineering high quality software to take into the New Year

Experience has taught users to avoid the latest versions of software applications until the inevitable maintenance releases, and patches have been released. This post discusses five actionable ideas to help development groups close the quality gap.

Read More

Actionable Intelligence For Software Security

It’s a commonly held belief that applying static analysers alone can help spot and eradicate common security issues. However, with the high number of false positives reported when using static analysis, it makes knowing if you have detected a real error a time-consuming process, and the mitigation plans put in place might have just hidden the error under a false negative. But what are the alternatives?

Dynamic analysis can be used for detecting potential vulnerabilities in today’s embedded environments. And pairing dynamic and static analysis creates ‘actionable intelligence’ for developers, and allows them to quickly ascertain the absence of obvious reliability issues.

Read More

Vast Majority of Java Apps Susceptible to Widespread Attacks from Known Security Defects!

“The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications — making many of them breachable with a single exploit,” said Chris Wysopal, CTO, CA Veracode.

Read More

Illuminating System Integration

If you don’t know what your sending and receiving over an interface, then other than through pure luck, or an extended integration phase composed of ‘tiger teams’ and an infinite budget, don’t expect the problem solved quickly. In today’s market, the once simplistic embedded processor with a few interrupts now has every interface conceived to man compressed into a single microchip no bigger than your thumbnail. Without a strategy to attack this problem, the harsh reality is that your project is doomed to fail.

Read More