Code red for program accuracy – media release by Colleen Dardagan, Mercury, 4 June 2014

Too¬†little, too late was how Professor Barry Dwolatzky of Wits last week described tests to eliminate mistakes in computer programming written and designed by South Africa’s software engineers.

Better known as code writers, software engineers develop, design and write the thousands of lines of complex code that make up computer programs. These programs result in something as insignificant as a computer game or are used in critical sectors such as banking, security or the government. For example, online air ticket booking or online banking systems – in fact any activity supported by computer software is written by code writers.

Dwolatzky, professor of software engineering and the director of the Joburg Centre for Software Engineering at Wits University, said the economy was losing billions of rands as computer programs were thrown out because of untraceable errors or sloppy code writing.

“Not only does it cost money but we are putting lives at risk; the world is underpinned by software. A major fail could make 9/11 look like a walk in the park,” he added.

At a function hosted by Hillcrestbased software development company Dev2, attended by more than 100 code writers and related companies last week, Dwolatzky said 31 percent of software programs commissioned by business and industry in South Africa ended up trashed because of untraceable code errors.

“It is costing the economy billions of rands,” he said.

Computer hackers looked for weaknesses in codes and that was how they managed to break into on line banking systems.

He said the software engineering industry was renowned for projects that exceeded budgets, did not meet deadlines and were cancelled.

“And these are big projects,” he said. “We have a lot of unhappy customers. Software engineering is not a very efficient industry. “Very few program developers can quote key things in terms of their performance. Measurement and feedback – I know it’s boring, but we just aren’t doing it,” he said.

Dwolatzky said it was critical that industry standards were introduced to eliminate the errors. “The stats show for every 1 000 lines of code written in the design phase there are at least 100 defects. Of those, 50 percent will not be found.” A so-called “completed” project of 50 000 lines of code could hold 50 defects in the planning stage, which compounded to about 500 defects in the design phase, with a fugal compound total at completion of the project of 5 000 defects in the code. “If 50 percent of those errors are found during the testing phase which is usually at the end of the code writing phase – that: means 2 500 errors are waiting there for someone to find. If we say just 50 percent of those 2 500 errors are found, the client gets a software program with about 22 defects for every 1000 lines of code.

We are the only industry that relies on testing alone for accuracy and it is not good enough,” he said. He said the manner in which the process was tested was time consuming and costly. “To find a missing bracket or letter, often put there by someone else who may have left the company or gone on to another project, is almost impossible. “Each code writer should have a personal checklist and, at each stage – planning, designing, coding everything should be checked. A missing comma or bracket could cost an entire day in productivity.

After a recent visit to Mexico, Dwolatzky said software development companies paid incentives of up to $30 000 (R320 000) for each defect found. “We can’t measure exactly how much an error costs in rands and cents, but the fact that a company is prepared to pay that much for an error found shows you that the cost is pretty much as long as a piece of string – it is immeasurable.

“It is not only about money, but mistakes that could cost lives or even a major security breach,” he said. Barney Buchan, the chief executive of software engineering company Dev2, said the accuracy, quality and speed of the software being developed in South Africa were “realities for the developer industry”. “The software developer community in KwaZulu-Natal is tiny and generally badly supported by business in the province. “That is why we have these developer evenings. We want to provide regular forums where developers have an opportunity to interact with the latest trends and technology, as well as each other,” he said.

Barry Dwolatzky, professor of software engineering at Wits University and director of the Joburg Centre for Software Engineering, chats to Barney Buchan, the chief executive of software engineering company Dev2, at an information evening arranged by Buchan in Hillcrest last week. Dwolatzky said there was a cost of billions of rands each year because code accuracy was not being properly tested.

Colleen Dardagan

Mercury

4 June 2014