Software Risk Analytics

www.proservicescorp.com

Independent Software Assessments

[RISK ANALYTICS]

©2013 proServices Corporation


Why – What is the Pain?

1

No Consistent Visibility into Software Risks

•Risk data might be known but is not socialized

No Consistent Means for Risk Measurement

•I have bought tools for my engineers but no one is using them.

“I Ask 5 People the Same Question & I Get 10 Answers!”

•Too many opinions and not enough facts.



Reality Sandwich [Bite #1]

2

Software‟s Great Equalizer!

Schedule Compression = Software Being Shipped to a Date



Based on 2010 Census Data (U.S. Department of Labor)

•There are 1,362,790 Computer software professionals in the U.S.

•There are 319,000 Mechanical & Electrical Engineers in the U.S.

2010 Revenue for Companies Marketing to Each:

•The top 4 CAD/CAM software companies total $4B in revenue

•The top 4 Software Tools companies total $850M in revenues.

What‟s the So What?

One could conclude there’s a much lower adoption of automation in

the software industry.

Interesting Factoid…

3



Reality Sandwich [Bite #2]

4

It‟s the DATA, not the tools.

Automation adoption is still immature in our industry because the focus

is on the right tools versus a sound data management strategy.



DETECT

Focus is on Software Quality

PROTECT

Focus is on Software Security

OPTIMIZE

Focus is on Software Performance

All services can be customized to internal, industry or customer

compliance requirements.

(C/C++, Java, C#)

Service Capabilities – Independent Software Inspections

5



CHECK-UP [General physical for your software]Broad and general analysis including but not limited to Architecture Review, Inspection Attributes, Structural Metrics, Code

Completeness, Complexity & Security and a Statistical (10% - 15%) Quality Analysis.

DEEP DIVE – [100% Bug Hunt]A 100% Quality Analysis of Instances that have escaped the code inspection & testing processes.

MEMORY LEAK DETECTION – [Memory Management Profile]Targets and identifies memory issues within the software leading to crashes.

TARGETED – [Custom Tuned to Your Risks]Custom analysis techniques & methods identify categories of software errors difficult to find and are outside the scope of

standard software automation products.

VERIFY – [Ensure Fixes have Been Correctly Implemented]Re-examines code that has been changed since the last review to determine defects previously identified have been

corrected in the „new‟ code base.

ITERATE – [Ensure Team is not Introducing More Risks]Examines the “additive” or new code against the code-base originally delivered for a prior assessment service.

DETECT [QUALITY]

6



BREACH POINT – [Software Security Threats & Vulnerabilities]Analyzes software source for vulnerabilities whether accidental or intentional and for potential interaction with other

software and hardware products in the execution environment.

PROTECT [SECURITY]

7

ACCELERATE [Speed Up Your Software]Identifies modifications in the software application which improve the performance and response times. Recommendations

are made based upon high value modifications with minimal architectural impacts.

TEST ATLAS – [Test Coverage Analysis]Maps the customer‟s current inventory of tests to the percentage of the software system‟s source code covered identifying

redundancy and insufficient testing.

OPTIMIZE [PERFORMANCE]



Customer Profiles – Who Benefits

8

Brand

Protection Compliance

M & A

Schedule

Compression

Code Red

Rapid

Prototyping

Legacy

Systems

Tomato Truck Mega Trends

Data

Overload



Sample Reports

9

Comparative Data by Industry & Sector

Defect Categories Defined

All Defects Are Identified to Their Location within the System Down to the

Line of Code



QuickCheck Service [sales process]

10

Capabilities Brief

QuickCheck Service

Contracts

You Are Here

ProposalBusiness Case

Proposal Contents:

• Statement of Work

• Price Quotation for Services

• PSC’s Services Agreement

Contracting:

• Firm Fix Price (FFP)

• Net 30 Payment

• Milestone(s)

Results Delivery

Business Case Development

• Which Profile Are You?

Determine Longer Term Relationship

Delivery Meetings:

• Review Analysis Results

• Executive Meeting

• Engineering Meeting

• Executive Wrap-up Meeting

• Discuss Software Process Implications

• Follow on Service Engagements

Discuss Strategies:

• Proactive Risk Management

• Technology Partnership

• Better, Cheaper, Faster

QuickCheck Service (Requirements)

• Who’s the Economic Buyer/Decision Maker

• Budget Confirmation

• Timeframe Established for Decision

• Yes or No

• Non-Disclosure Agreement Signed

• QuickCheck Service Feedback



Benefits – EXECUTIVE SUMMARY

• Historical ROI is 9.5x

• 3:1 cost savings of doing identical work using internal resources to achieve same results

• PSC Guarantees the data

• Independent & Objective analysis

• Fast project times

• Process does not distract project teams

• All services can be customized to meet your company‟s specific needs and objectives.

• Leverage state of the art multiple technologies in parallel for all services

• Management visibility into software risk data (Quality, Security, Testability, Maintainability…)

• PSC provides all of the benefits of automation without any of the headaches

• Increase your engineering productivity

• Free upfront QuickCheck analysis (No Risk)

• High security environment to protect client intellectual property.

• Professional, Courteous and Partners.

11

CLIENTS

Juniper Networks, Chrysler, Boeing, Motorola Mobility, JPMorgan, U.S. Army, U.S. Air Force, AT&T





Next Steps

• QuickCheck [Superior Intelligence, Superior Solutions]

PROCESS

– Sign a Non-Disclosure Agreement

– Upload Code or Snail Mail

– 24 – 48 Hour Report Turn Around

BENEFITS

– It‟s Free @ No Risk

– Pricing is based on your system‟s specific risks, not lines of code

– Report displays risks at a high-level

– PSC will provide multiple price quotes for data assessment

– Pricing is massively flexible to accommodate most budgets

– Report is available for purchase (without assessment) along with its data

– Provides powerful information on your system‟s accrued technical

debt.

13



Contact Us

Email: [email protected]

Phone: +1.609.847.0108

14