The signs of poor quality software can be obvious: bugs, errors, complaining customers, and the inability to execute projects because tools aren’t up to the task.
But the financial costs of these flaws can quietly add up. Software quality issues cost U.S. businesses $2.41 trillion in 2022, according to a report from Synopsys and CISQ. That’s nearly double the cost of the U.S. budget deficit.
These costs come from cyberattacks that target existing vulnerabilities, software supply chain issues, and the growing impact of accumulating technical debt.
“This is not just about having better functioning software. It’s about having software that actually works the way it’s supposed to,” said Anita D’Amico, vice president of cross-portfolio solutions and strategy for the Synopsys Software Integrity Group.
Fixing software can be an expensive undertaking, but one that will only get worse if ignored. That can cost enterprises in terms of lost opportunities and — potentially — customers. But it’s possible, starting with reconfiguring the development process, and tackling the biggest issues first on the road to software redemption.
Poor software quality can be a consequence of relegating security and quality assurance to the last stages of the development process.
Both criteria should be considered before the software is designed and developed. They are part of architectural analysis and threat modeling, said D’Amico. “It would be like designing a house without thinking whether or not you’re going to need air conditioning.”
That strategy might require a paradigm shift, especially since software quality and security are not required courses in college, she said. Plus, “people are in a rush to get code out,” with efficiency, performance and scalability taking precedent.
Problems with software quality can also become evident once a product is released before being tested at real-world scale, said Brian Alletto, a director in the technology practice at West Monroe.
“Things may work at a very small proof of concept stage, but then when you scale up to a larger enterprise, to even internet scale, you find the technical decisions you made for the small scale system just don’t work,” he said.
Considering issues like reliability, security, and scalability during the development process can address these issues before they run amuck.
Testing and quality tools should be “put into the developers’ hands as part of their development process,” said D’Amico. “Once you put it into the pipeline, you can break a build because [of] security, quality or compliance issues.”
Fixing poor quality software can be expensive, not just in having to repair issues, but in the time and effort required for those repairs — which could have been spent on something else.
“All that time that your developers are doing the workarounds for this poorly designed system is time that they could have been working on a new feature of a new project,” said D’Amico.
Constant bug-hunting can take a toll on developers. More than 2 in 5 developers said fixing bugs is their biggest pain point, according to Rollbar’s 2021 State of the Software Code report. The report also found 2 in 5 respondents spent 25% of their time fixing bugs. Even more alarming, 88% of respondents said that bugs and errors were first found by customers.
Problems being obvious to customers is why poor software quality is also an immediate business risk for CIOs, D’Amico added. “If that system is a must-have and it really isn’t functioning properly … the customer might not be happy,” she said.
A good place to start is by doing inventory on underlying platforms and technology components.
That approach can help CIOs identify products running on older versions of commercial or open source software, said Alletto.
“You can start finding things, just from an age perspective, that are pretty strong indicators of technical debt,” he said. CIOs can also look for trends in operational history, and look for an increase in errors and indications of customer dissatisfaction.
Finding where poor quality software lives can help create a road map to prioritize “what are we going to tackle, what is really impacting innovation, what is impacting services?” said Alletto.
While the best time to fix poor software was during development, that’s not going to help CIOs stuck with poor quality software now, said D’Amico.
Once there’s a clear picture of what technical debt looks like, the next step is to prioritize the issues which could cascade and have the biggest impact, she said. That way, CIOs can address technical debt by “paying it down faster than it’s accumulating.”