On Quality

On August 4^th, 2010 CAST hosted an IT executive luncheon, bringing together leading Atlanta-area companies. Leading the discussion was The Coca-Cola Company, elaborating on how they measure quality and the velocity of change in their code base and use these metrics to deliver faster, at higher quality and lower cost.

Atlanta Luncheon

Here are the key themes that emerged from the luncheon:

1. Objective measurement of the software product itself is absolutely essential.
2. Objective measurement drives visibility — essential for early detection of structural quality problems that become prohibitively expensive to fix later.
3. Early detection of structural quality lapses shifts IT from a reactive to a proactive stance, improving it both internally and in the eyes of business partners.
4. When you measure the right structural quality metrics, you take control over the drivers of software cost and business risk.
5. Starting to measure quality is easier than you think and pays off faster than you think. Even companies without the resources of Coca-Cola can take small steps that significantly improve their ability to manage cost and risk.

Want to hear more? For a list of some more of our upcoming luncheons and events click here!

Eli attended the fun ThoughtWorks “Big Casino” night during the Agile 2010 conference in Orlando this week. ThoughtWorks, cleverly put together this event to generate money for charity and of course build brand awareness.

At the event, Martin Fowler, Chief Scientist at ThoughtWorks, delivered a powerful speech on corporate social responsibility and the changes at ThoughtWorks to reflect this commitment. The event was well attended and enjoyed by conference attendees as significant money ultimately donated to three different charities.

Forrester analyst Bill Martorelli spoke last week on the topic of Multisourcing in 2010: Best Practices for Managing Risk and Cost.

Bill Martorelli, Principal Analyst, Forrester

You can hear the presentation again by clicking here.

Bill presented the 10 commandments of multisourcing covering governance, SLAs, and best practices. Here are some salient points from his presentation.

• Be realistic.  You want vendor innovation and low cost and high quality. You can achieve all that, but it takes governance discipline and a focus on the right metrics.
• The core of governance is having transparency and visibility into the product delivered by vendors. Get to the right metrics to understand the true drivers of cost and business disruption risk.
• Measure and monitor these drivers to get predictive control over cost and risk.
• Beware of reducing cost without improving quality.

What are the right  KPIs to monitor? Which governance steps are essential? How should your multi-vendor SLA be structured?

To find out, click here.

We’ve been reading quite a bit the last few weeks about iPhone related issues that have had an impact on the security (Citi) and stability (AT&T) of customer data. Beyond the current arms race in the media to see who can write more frequently about Apple, there may actually be something there that spells real news for us in IT.

If you’re in charge of some mission critical systems at an IT-intensive consumer services company, like a bank or a telecom operator, you might be starting to feel a little more nervous than usual. Over the past couple years you’ve finally gotten accustomed to the fallout of the dot com boom that started 10 years ago, since you had to change your architectures, your release cycles, your technology mix, and your team’s (and maybe your own) attitude as your organization got dragged into connecting directly to the end customer. So by now you’re sort of comfortable with the concept that customers can interact directly with back-end systems, including yours. Well, now we have the iPhone, the Droid, the Treo (does anyone still use Palm?), and more real smart phones competition on the way from the likes of Microsoft and Nokia. Having just internalized last Tuesday’s WSJ article, this really does not bode well.

Well, maybe that’s putting too much drama into the equation, but clearly the boom in smart phones is changing the IT landscape. Mobile apps, and the competition around mobile outreach to the consumer, is taking the customer-facing stress to a new level. For IT, the line between the handheld device and the internal system is becoming more blurred. As we can see with some of the commentary coming out of the situation at Citi, the issue is not a straightforward iPhone problem. It’s a combination of factors that include the iPhone OS, the software from mFoundry, and Citi’s internal applications. The recent problems that AT&T had registering new iPhone customers has some similar characteristics. I don’t have any more information about these two companies than what I’ve read in the press, but what’s certain is that we are bound to see more issues like this in the near future.

To me the key question here is what is IT management and customer service line management doing to ensure they stay on top of these problems? Do they take a proactive stance to track their risks to security or stability exposure? Or do we collectively “outsource” or “delegate” the responsibility deep into the IT organization or to our vendors. Collective responsibility is always a winning formula.

As mobile apps come online to be the direct customer interface, the overall IT system we’re customizing to enable our business to compete becomes far-flung. That has an impact on construction and architecture, and the overall structure of these sprawling IT systems. The additional exposure – both in terms of PR and direct customer experience – make these structural issues more important for management to measure and stay on top of.

You could hide security and quality issues when IT was all internally focused. These days badly designed software is going to become more and more of a publicly visible liability. The smart IT managers are getting in front of these issues.

Seldom do the worlds of mainstream network television programming and IT collide. But when they do … it’s comedy. Or at least NBC thinks so. The network is promoting a sitcom called ‘Outsourced’ about an American thirty-something who goes to India to manage a call-center.  Inevitably, comedic culture clashes ensue. Cringe-worthy clip here (SFW but not funny).

Because we’re ahead of the mainstream (not to mention the experts on software quality), the world’s leading outsourcers and biggest IT organizations have been coming to CAST for help with their Outsourcing strategies and practices for years. In fact, hundreds of IT executives ‘tuned in’ to the Season 1 webinar, “Outsourcing with Forrester” starring Bill Martorelli, principal analyst.  A lot has changed in the IT world since 2009.

In Season 2, Mr. Martorelli will reprise his starring role in a webinar on July 27th.   In “How to Multisource”, Mr. Martorelli will explain how the most successful companies decide what to outsource, how to measure the quality of what is outsourced and when it’s time to consolidate vendors.

We can’t promise a hilarious comedy about “where Midwest meets the exotic East” (their words, not ours), but you will learn what the latest trends and practical tips guaranteed to improve your Multisourcing.

So grab the popcorn and put down the remote – “Outsourcing with Forrester” is on!

To tune in on July 27th,  click here.

Industry data demonstrate that code reviews are highly effective.

Out-Sized Effectiveness of Code Reviews

The problem, however, is that code reviews are time consuming, expensive, and difficult to get right.

To be effective, code reviews require the following:

1) Software engineering expertise

2) An objective basis for evaluating code

3) Comprehensive code coverage

4) A repeatable method that produces reliable results

5) Practical guidance on how to prioritize and fix problems found, and

6) A way to quantify improvement (and hence the effectiveness of code review activities)

As you can see, these are very difficult to set up in any organization. It quickly becomes too expensive, cumbersome, and unworkable.

So how do you get both low cost AND effective code reviews that overcome all the usual stumbling blocks (1 -6) that otherwise prevent companies from effective code reviews?

Check out the webinar on automating code reviews on the DCG website!

C.K. Chesterton wrote, “The word ‘good’ has many meanings. For example, if a man were to shoot his mother at a range of five hundred yards, I should call him a good shot, but not necessarily a good man.”

“It’s the qualifier ‘necessarily’ that shows Chesterton possessed a truly philosophical mind”, write Thomas Cathcart and Daniel Klein, in their book Plato and a Platypus Walk into a Bar (p.81).

Yes indeed.

There’s something so neat-o about making distinctions. Good distinctions don’t simply classify — they illuminate and clarify.

Lev at the Forrester Office in Dallas

I was reminded of that during a recent visit to Dallas to spend some time with Forrester analyst Mary Gerush. (That’s my colleague Lev Lesokhin, breaking into an off-the-charts-spinal-tap-volume-11 smile because he’s finally out of the Dallas heat and inside the cool Forrester digs.)

Let’s distinguish three kinds of business risk :

• Delivery Derailment Risk – risks that add IT cost or stop business revenue due to delayed launch or cancellation.
• Business Case Risk — risks that affect the quality of a delivered application; even though the application works, it doesn’t work as well as it should.  The number of successful transactions per unit time cannot be completed to fulfill the benefits articulated in the business case.
• Business Opportunity Risk — risks that make the application hard to maintain and change in the face of pressing business demand. The resulting loss of agility damages future business revenue.

You lie awake at night worrying about project derailment risk and pay scant attention to the other two.

Watch out!

For the third year in a row, CAST is pleased to be featured as a key IBM business partner at IBM Innovate 2010. Come visit us in pedestal “L” in the partner pavilion to see Rational and CAST AIP in action!

We have demos and high-powered engineering talent at your disposal.

Take a survey and enter a drawing to win an iPad!

Drawing closes this Friday, June 11 at 5PM Eastern Daylight Savings Time.

Good luck!

I heard from an old friend, Shyam Nadig,  who had a question about the previous post — in particular, how the CAST for ERP solutions compare with products like SAP’s Solution Manager.

Thanks for the question Shyam. Here’s the answer.  Readers, please keep in mind that this is specifically about CAST functionality.

While there’s some overlap with SAP’s Solutions Manager, CAST’s automated analysis and measurement of the SAP environment complements SAP’s solution. Here are a handful of key points where we add distinct value.

End-to-End Coverage of the ERP Environment

1) We measure the product itself, not the process by which it is customized. Specifically, we accurately quantify the quality and size of customization and upgrades done by internal or outsourced teams.

2) Our coverage of the SAP environment goes beyond all the SAP-related technologies. These additions (like SQL calls to an Oracle RDBMS) are often critical to the performance and stability of ERP systems in the production environment.

3) Finally, and probably most importantly, the types of problems CAST detects go beyond those that can be detected in functional and non-functional testing. These are problems that have to do with the structural quality — the way in which the system is architecturally put together. The problems here can remain deeply hidden and have serious consequences. We’ve studied this carefully in a number of our customer environments and have developed a reliable way to quickly find and fix these difficult problems.

Running an ERP system? Having any of these problems?

• Erratically performing applications
• Escalating maintenance and enhancement costs
• Lack of visibility over the deliveries made by internal or outsourced teams
• Upgrade paralysis

CAST takes the entire enterprise business application into account

Getting your arms around an ERP system to find and fix the root causes of these problems is notoriously difficult. No single person, however knowledgeable, can fathom it from end to end. Automated analysis and measurement are absolutely essential.

ERP systems are highly data intensive. The efficiency, performance, and maintainability of ERP systems are tightly connected to how well database calls are handled. In a recent CAST study of over 30 SAP systems we found that more than 80% of database calls were improperly handled, resulting in erratic performance and instability.

These calls quickly outrun the ERP vendor’s proprietary language to include other languages (Java, C++,…), frameworks (J2EE, .NET, …), and relational databases (Oracle, DB2, …). This mélange of technologies aggravates performance, stability, and maintainability. Add in the deceptively high amount of customization in these systems, and things become even more complex.

In these complex environments the manual measurement of quality, too expensive and time consuming, let alone possible.

What follows refers specifically to CAST’s ERP capabilities.

CAST’s automated analysis and measurement of SAP, Siebel, and PeopleSoft addresses the growing need for consistent, objective measurement to eliminate costly customization errors of ERP systems.

Listen to the CAST for ERP Podcast.

CAST’s coverage of ERP systems is both broad and deep. This extensive coverage is a must.

So how does CAST eliminate costly ERP customization errors?

1. CAST’s automated analysis and measurement of ERP systems is based on a very detailed understanding of the architectural structure of the system – what the components are and how they’re interconnected. We build this architectural model from the ground up in intense detail.

2. CAST’s sophisticated pattern-matching algorithms are specifically tuned to measuring quality (performance, stability, and maintainability) in the ERP environment. Specifically for ERP systems, CAST has about 100 pattern matching rules each for SAP and Siebel and about 400 engineering rules specific to PeopleSoft.

3. CAST detects changes between the original core application and the customized application, or between a patched and un-patched version of the same application. Along with detailed architectural visibility and objective measures of quality hot spots, CAST gives IT organizations and system integrators a detailed, practical roadmap for sequencing their development, maintenance, and upgrade tasks.

Details? Check out our SAP , Siebel, and PeopleSoft solutions.