Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Software Risk Analysis

Systems continue to fail despite massive investments on testing because it can’t identify the weaknesses that result in 90% of system failures. CAST exposes the weaknesses in complex multitier systems undetected by testing.

peter pizzutillo

on 24 May 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Software Risk Analysis

Security Effective Software
Risk Analysis
Requires A Deeper Dive... Functional Testing is literally the tip of the...
well you know what. “The correctness of the code is rarely the weakest link.” “…a failure to satisfy a non-functional requirement
can be critical, even catastrophic…non-functional requirements are sometimes difficult to verify. We cannot write a test case to verify a system’s reliability…The ability to associate code to
non-functional properties can be a powerful weapon
in a software engineer’s arsenal.” Efficiency Performance Maintainability Adaptability Reliability Systems continue to run aground despite massive investments on functional testing, which can’t identify the weaknesses that result in 90% of system failures. To identify high severity engineering flaws undetectable by testing, CAST employs static code quality analysis, dependency analysis, and several other analytics to expose the weaknesses in complex multi-tier systems. The only way to survive is to see the WHOLE picture. The Impact of Architectural Complexity Detecting Architectural Complexity ARCHITECTURE - One of the most common causes of system failures is non-compliance to architecture standards. PERFORMANCE - If a system was not designed to handle data correctly, such as no pagination and cache mechanism, when the user provides a broad date range, a large number of records will be returned. If multiple users hit the database simultaneously, the heap size soars so quickly that the garbage collector cannot catch up, resulting in a JVM dump or a JVM freeze up. SECURITY - Hackers can inject malicious code or gain access to confidential information if secure programming practices, such as not validating the inputs correctly, are not followed. CAST's advanced data flow analysis finds the execution paths that create these hard to find high risk vulnerabilities. Architecturally Complex Defects are structural flaws involving interactions among multiple components that reside in different application layers. Although they are a small percentage of defects, they consume more effort and require more fixes to resolve. For example, all GUI pages should communicate to low-level component using only the business logic. While business logic should communicate to the database through data access components only. When this is violated, there is a very high likelihood that the system will fail, as the components may not have been written or tested to handle direct communication from unauthorized components. Clear sailing with CAST. Learn about rapid application assessment to expose risks and improve the security and performance of your critical systems. www.castsoftware.com - Code Quality, Diomidis Spinellis And...they are the root cause of 90% of systems failures!
Full transcript