Gordon Moore established himself in the pantheons of technology by his Moore’s Law and, of course, by founding Intel. His observation that the number of transistors on a chip doubles every two years revolutionized the way innovation is perceived. Can the warp speed of computer hardware advancement be topped?

Jaron Lanier, the virtual reality developer, may be onto something when he opined in a 2004 panel discussion, “Software inefficiency can always outpace Moore’s Law. Moore’s Law isn’t a match for our bad coding.” Commenting on programmers, he also added: ““We’re constantly teetering on the edge of catastrophe.”

Lanier might be jesting a bit when he mentioned catastrophe, but there is no joking about the consequences of some of the software bugs. It could have fatal consequences, as happened to more than 20 cancer patients in Panama. Cancer is one of the leading causes of death in Panama, and since 1997 the population afflicted with it has quadrupled, according to the National Cancer Institute of Panama.

The institute is a public hospital, and any Panamanian can go there for free treatment. Therefore, it was quite terrifying when a number of patients died in the early years of this decade. Most of these patients were exposed to massive overdoses of gamma rays from the Cobalt-60 teletherapy machine. These overdoses were blamed on the glitches in the software in the machine used to determine the amount of radiation to be applied on the patients.

An Age-Old Concern
In his seminal paper of 1986, Frederick Books put forth the argument that there is no silver bullet that could slay the werewolf of software code. Using the folklore of werewolves, Brooks compared the unexpected transformation of a familiar person into a horrifying wolf-like creature with the unpredictable transformation of a common software project into one that is managed in a crisis mode.

He wrote, “A familiar software project, at least as seen by the non-technical manager, has something of this character; it is usually innocent and straightforward, but is capable of becoming a monster of missed schedules, blown budgets, and flawed products.” Then he goes on to build a case that there is no technology or management technique--a silver bullet--that can bring the improvements in productivity, reliability and simplicity of software program.

Since then, many have analyzed Brooks’ paper and many have put forth other competing ideas. However, the main tenet of Brooks’ remain that there is no silver bullet that can fully eliminate the inherent danger of software projects missing deadlines, going over budget and including flaws. The industry experts also support Brooks’ hypothesis. Sustainable Computing Consortium reported that there could be as many as 20 to 30 bugs per 1,000 lines of software code.

In his book Software Quality: Analysis and Guidelines for Success, Capers Jones wrote that there are no 100-percent effective methods of removing software defects. He also adds that most types of testing are less than 30 percent effective and that the formal design and code inspection may eliminate an average of only 65 percent of defects.

Does It Stink Though?
Many users of software believe that it does. A panel of IT execs at a 2005 software conference alluded to this. Complaining about the quality of software that they get from vendors as abysmal, these execs also noted that the vendors use warranty provisions to wall themselves off from the users.

The IT departments also face a double whammy. In most companies, the responsibility of buying and maintaining software application rests with IT, but the majority of users come from the business units. The faulty software applications increase the maintenance and support activities, something that the IT department has to deal with directly and with vendors. The bad applications also disrupt business units, which in turn harangue IT for selecting unreliable systems.

The statistics coming from researchers also augments the case by the users of software applications. A 2004 study by Cutter Consortium said that 32 percent of organizations release software with too many defects. It also stated that 38 percent of organizations believe that they lack an adequate software QA program. Cutter also found that 27 percent of organizations do not conduct any formal quality reviews.

According to the U.S. Government’s National Institute of Standards and Technology, the consequences of poor quality have a cumulative effect. It estimates that developers spend about 80 percent of development costs on identifying and correcting defects and says that the financial impact of software bugs on the U.S. economy is more than $60 billion per year.

What to Do?
Quality always figures as one of the most important and critical factors that a company uses to differentiate its software products from competition. However, many times this does not translate into reality. Companies spend considerable amount of time and efforts in testing and removing defects but many of the activities are not tightly integrated to deliver a long-lasting respite from bugs. Their approach was captured quite well by a director of a testing and monitoring company, who said, “It is extremely expensive to build good software, and people do cut corners.”

But this need not be. Cutter Consortium connects the quality improvement to management and processes, recommending five steps to address the issues of QA. Similar to most business initiatives, the success of the initiative to improve QA is dependent upon the management commitment, which is driven from the top. Establishing an organization with resources and a mandate to institute processes for improvement also helps; so does the training of not only QA people, but also developers in proper QA processes and techniques. Collecting data and its analysis completes the feedback loop, which is highly needed for the improvement of QA processes. Finally, the most important step is listening to customers and users or the software.

User Participation Is Critical
User involvement improves the quality. This is driven by the premise that the more invested the users are in their software applications development, the more concerned they will be in finding and fixing potential errors. Almost all industries are becoming deeply dependent upon software and computer technology for their business operations and product offerings. No longer can a company succeed by just mastering the traditional core competencies of its industry. In some shape or form, software and IT is slowly creeping in the group of critical core competencies responsible for the success of a company.

The auto industry is a classic example. The carmakers built their reputation based upon the engineering and mechanical aspects of their vehicles. Their talk about quality used to center around the performance, speed, engines, drive trains, parts breakdown, etc. Most of the problems used to happen due to screws, nuts, faulty assembly, production processes, etc. To fix those problems--or to avoid them--the manufacturers used to pay careful attention to tooling, design and assembly of automobiles.

True, the auto quality still revolves around about almost the same measurables and most of the breakdowns still happen because of mechanical and electrical components. Manufacturers today also have to address many other areas, including computer modules used in different component systems of an automobile. For example, in 1999, Ferrari recalled the 360 Modena F1 model sports car--a $150,000 vehicle--in the United States due to a software programming error in the integrated electronic instrument cluster, which could affect the brake system warning.

The software is gradually becoming a big part of automobiles. The number of microprocessors controlling different operations of an auto is increasing with every new model. Small software modules have become an essential part of systems like cruise control, brake systems, emission systems, fuel systems, etc. Automakers are adopting software for cost, performance, efficiency and convenience reasons. They are also becoming concerned about the software quality.

The cost--both tangible and intangible--of a recall or parts malfunction could be substantial for automakers. So, it behooves the automakers to be more involved in the development of software modules being used in their vehicles. They are closely monitoring the suppliers to ensure the software development and testing procedures adhere to their quality standards. The result is that the involvement of automakers--the users in this case--is improving the software quality.

Standardized Processes
The standard and repeatable processes are critical to the success of a fast food restaurant franchise. Once the franchisor has perfected the process to acquire raw material and prepare and deliver food to the customer, then its franchises just have to follow those procedures to ensure that they produce a similar-tasting food item for each customer.

By developing standard processes, the franchisor reduces the meal making to a few simple steps so that the quality of food is not dependent upon the culinary skills and talent of the cook, but on the cook’s skills in mastering the standard procedures. Through these standard processes, the franchisors and the franchisees can control the quality of their food. Standard software processes also allow the companies to control the quality of their products.

Process improvement approaches like CMMI help organizations improve processes across projects, divisions and organizations. They provide elements of effective processes that help reduce defects and improve software reliability. CMM offers various level of certification. The highest is CMM 5, which extends the traceability to individual programmer level so that a specific developer is held accountable for the defects in his or her code. The results of CMM are quite significant. The code defect in a CMM Level 1 organization is 7.5 defects per 1,000 lines of code. This drops to one defect per 1,000 lines of code in a CMM 5 organization.

Software applications have become ubiquitous and are controlling increasingly larger number of critical activities. Their increased use is accompanied by more chances of failure. A flaw in a software module installed in a Harley Davidson motorcycle could have the power shut off without warning, resulting in loss of control of the motorcycle by the rider and possible serious injury or death. Ensuring the quality and reliability of software is important as the consequences of their malfunctions are also increasing in magnitude.

Sunil is the CEO of Cerebral Works, a sales and marketing company that implements marketing communications and custom publishing solutions that help clients acquire new business and enhance relationships with stakeholders. An avid mountain climber and runner, Sunil has climbed Mt.Kilimanjaro and various peaks in Himalayas and finished the Detroit marathon. He holds an MBA degree from the University of Michigan, Ann Arbor, and a BS in Electronics and an MS in Mathematics from the BITS, Pilani, India. He can be reached via voicemail at (703) 713-1425 or via e-mail at sunil2@cerebralworks.com.

Ah, But Your Software Quality Stinks