Companies, organisations and institutions are required to systematically check the quality of the software they produce.
Today, software is part of our daily routine and its use is undoubtedly an important part of our lives. Software is used in various areas, such as electronic transactions, the stock exchange, health sector, for monitoring and developing government infrastructure, construction and the real-time control of critical systems that have to be fail-safe etc. But do we really know what it consists of and can we really say that it is reliable and safe?
As in other industries or sectors (e.g. construction, automotive), in an effort to meet the requirements of stakeholders and end-users, software (or more precisely software products or systems) should be developed based on strict time and cost constraints. Regardless of the conditions of its development, purchase or operation, it should meet certain functional and non-functional characteristics and properties, such as maintainability, reliability, security, availability, portability and others, as determined by international standards and practices (e.g. ISO25010).
The challenges of software quality
Quality management should start from the beginning of the software’s development or purchase and cover its entire lifecycle. Although this seems self-evident (especially if we think about other sectors and industries), in reality the software development industry is not used to this process and the quality of a product is usually a lesser (if not the last) priority. This means that any corrections made to a software system to ensure it meets quality and safety criteria are time-consuming (and costly), while not always reliable.
Therefore, organisations must strive for the development of quality software to become a routine embedded in their culture. Below we’ll discuss how easy this is and the challenges it entails.
First of all, the increasing complexity of modern systems has created a set of particular challenges that makes it difficult for software engineers to meet the need for higher and better-quality software. The main reasons for this complexity are constant changes in requirements, improperly applied design processes, the unequal allocation of human resources, budget constraints and unreasonable delivery expectations for systems, based on tight schedules. So, in the presence of all (or some) of these factors, making changes to software can become extremely burdensome and lead to all kinds of complex problems. On the other hand, when properly designed, software can be easily modified and/or scaled up.
Another reason is the continuous emergence of new technologies that drive software engineers to try to assimilate and use almost all of them at the same time. In some cases, however, emerging technologies cannot fully replace old ones. Thus, certain software systems must be able to operate and communicate with legacy systems, designed with older methodologies and technologies. This results in software engineers and architects using multiple design methodologies and styles, all in the same set (or portfolio) of software systems.
In addition, we observe that in order to meet today’s digital demands, companies, governments and public institutions, which do not have the necessary resources for internal development, choose to outsource software development projects to vendors. In turn, (mainly due to budget constraints) vendors outsource the development or part thereof to countries where software developers usually do not follow the required standards that are aligned with those of accredited bodies and are limited to their local experience and knowledge, which, in many cases, renders the software they produce of questionable quality.
In any case, however, the questions companies, governments and public bodies should ask for every technological modernisation or digital transformation project must include:
Are we doing things the right way?
Are we choosing the right technology/system and vendors?
Do we control the software develop ment quality of our vendors?
Should we rebuild or upgrade existing systems where this is of course possible?
How can we undertake proper control of the system after the delivery of the project?
However, public bodies and companies cannot be expected to have all the IT know-how necessary to answer such questions correctly and it is almost impossible in many cases to fully understand the cost, quality, security and time for a service to be made available for use. Many stakeholders are involved in the creation and maintenance of software: the company that uses it, the IT department that develops it, the security teams, the architects of the solutions and finally the development teams. It is particularly complicated to have everyone on the same page and to work effectively and efficiently together. In our experience, even experienced software development companies find it difficult to do it properly.
The devastating consequences of bad code
To better understand the importance of good quality software, you only need to know that when you hear or read that the system is temporarily out of service or that security has been breached, it actually involves incidents which (either most or all of them) are due to the poor quality of its (software) code. The biggest software failures in recent history, including ransomware attacks, IT system interruptions, and data leaks have caused devastating consequences for banks, airlines, national health and safety systems, social media, etc. The damage is not limited to the financial aspect (which can reach millions of euros) but also concerns the company’s brand. For example, Boeing’s bad software was responsible for destroying the 737 max aircraft and taking 346 lives. Software failure was also the cause of the Airbus A400M crash, etc.
Therefore, the quality of software systems should be a major concern for those who develop, maintain, improve, acquire or use them. The technical quality of software products is related to the ease and speed with which the software allows its modification to keep pace with the changing needs of its users or other stakeholders and with security.
It is therefore necessary for companies, governments and public institutions to turn to independent specialised organisations that have the tools, knowledge and experience to give answers to the above questions, by inspecting and evaluating the code in the proposed technologies and providing practical advice, combining their know-how with scientific software methodologies for measuring, monitoring and analysing the source code and architecture of applications in any technology. Furthermore, they must carry out detailed analyses including the economic consequences of all available options in terms of cost, quality, architecture and risks for all stakeholders.
Quality assurance has a cost, but lack of quality has an even higher cost and its impact far exceeds the cost of good quality. The cost of external errors is much higher and has greater and more adverse consequences for the organisation, such as loss of market, business operation, loss of customers, lawsuits, complaints and the payment of guarantees.
Many of us have felt the effects of poor software quality, in banking, ticket purchases, etc., where system delays occur, response times are very long and this means a waste of time and money. However, the impact is usually much more serious if the failure of a system causes economic, environmental, social or even human loss.