CISQ Seminar: Measuring and Managing Software Risk, Security, and Technical Debt

CISQ Seminar: Measuring and Managing Software Risk, Security, and Technical Debt

September 17, 2014

Hosted By: Consortium for Information & Software Quality (CISQ) in cooperation with the Center for Advanced Research in Software Engineering (ARiSE) at The University of Texas, IT Metrics & Productivity Institute (ITMPI), Object Management Group (OMG), and the Software Engineering Institute (SEI) at Carnegie Mellon University. 


Join us for the next CISQ Seminar at the OMG Technical Meeting on Wednesday, September 17, 2014 at the Sheraton Austin Hotel at the Capitol (701 East 11th Street) in Austin, TX USA.

The rising number of multi-million dollar computer outages and security breaches has made software quality a boardroom topic because of the risk and cost of these embarrassing failures. The Measuring and Managing Software Risk, Security, and Technical Debt 1-day master seminar will feature Dr. Bill Curtis and other national experts to address the measurement and management of software risk, security, technical debt, and related areas of software quality. 

This seminar is intended for IT Executives, application managers, software measurement and improvement specialists, quality assurance professionals, and others interested in using automated software measures.

Registration is US $50. Registration is now closed.

CISQ members can access presentations under “Event & Seminar Presentations.”

“If you’re concerned about technical debt, software quality, and software security, you need to come to this event!” – Dr. Bill Curtis, Director, CISQ



Time Session
8:00 – 9:00 am Registration
9:00 – 9:15 am Welcome and Introductions to CISQ and ARiSE
Dr. Bill Curtis, Director, Consortium for Information & Software Quality (CISQ)

Herb Krasner, Principal Researcher, ARiSE, University of Texas

9:15 – 10:15 am The State of Software Process and Quality in the State of Texas
Herb Krasner, Principal Researcher, ARiSE, University of Texas
Mr. Krasner will describe his work with Texas state government to assess the maturity of their development practices and establish improvement programs. He will report on the quality and cost of ownership of the portfolio of applications in several state agencies and what is being done to manage and reduce it.
10:30 – 11:30 am Technical Liability and Self-Insuring Software
Dr. Israel Gat, Director, Agile Product and Project Management Practice, Cutter Consortium
Dr. Murray Cantor, IBM Distinguished Engineer
By shipping software, an executive assumes the risk it will not cause a future event that creates significant liability. Thus, the organization is essentially self-insuring against future liabilities. A fair price of this insurance, the technical liability, reduces the economic value of the software. This talk discusses how to price this self-insurance, and use it in deciding to ship or to invest further in improving quality.
11:30 am – 12:00 pm The Global State of Software Structural Quality: Do Method and Source Matter?
Dr. Bill Curtis, SVP and Chief Scientist, CAST Software
Dr. Curtis will discuss results from the structural analysis of 1316 software systems from 4 continents comprising 700 million lines of code, including the effects of technology, development method, industry sector, and sourcing and shoring choices on the quality factors of robustness, security, performance, and changeability.
12:00 – 1:00 pm Lunch
1:00 – 1:45 pm Measuring and Managing Technical Debt
Dr. Bill Curtis, SVP and Chief Scientist, CAST Software
The various components of the technical debt metaphor will be defined and examples provided (principal, interest, liability, opportunity cost). An automated measure for estimating technical debt will be described along with empirical results from over 700 commercial applications. A process for managing technical debt will be presented along with several empirical case studies of successful cost reduction from controlling and removing technical debt-principal.
1:45 – 2:30 pm New Findings on Measuring the Effectiveness and Quality of Agile Projects
 Dr. William Nichols, Software Engineering Institute, Carnegie Mellon University
This session will present new research being released by the Software Engineering Institute (SEI) on the measurement of agile projects. The featured results from the SEI will present conclusions from a study of transactional data collected from an Agile life-cycle management platform. Results will be contracted with data from Team Software Process (TSP) projects. Findings include observations on some difficulties and limitations in measuring agile projects and the consistency of agile practices.
2:30 – 2:45 pm Break
2:45 – 2:45 pm Advances in Measuring and Preventing Software Security Weaknesses
Robert Martin, Director, Common Weakness Enumeration Repository, Mitre Corp.
Mr. Martin will describe the latest developments in the national cyber-security community to identify and measure security threat vectors and the weaknesses they exploit. He will describe the actions taken by this community to improve the state of software security and spread best security practices to the development community.
3:45 – 4:00 pm Standards and Automated Software Measurement
Dr. Bill Curtis, Director, Consortium for Information & Software Quality (CISQ)
Dr. Curtis will briefly describe the work of CISQ to supplement ISO standards with standards for automating the measurement of functional size and source code structural quality. Future work on standards for measuring technical debt and quality-adjusted productivity will described.


Registration is now closed. 

Thank you to CISQ Partners


Advanced Research in Software Engineering (ARiSE)

The Center for Advanced Research in Software Engineering (ARiSE) was established to create cutting edge basic and domain-specific software engineering research. ARiSE integrates research in the Departments of Electrical & Computer Engineering, Computer Science, Civil Engineering, and the School of Information Sciences at The University of Texas at Austin. ARiSE produces significant advances in software engineering paradigms, methods, techniques and technologies, as well as empirically evaluates new concepts.


IT Metrics & Productivity Institute (ITMPI)

The IT Metrics and Productivity Institute (ITMPI) has built the largest repository of online, on demand, mobile friendly, educational lectures anywhere in the world – specifically for IT and software professionals with an interest in metrics, quality, and process improvement. With 100s of expert presenters and hundreds of different topics, you will find everything they need – in one place – to meet all their continuing education needs. Your one year membership to the ITMPI is FREE with your CISQ-ARISE conference registration. That’s unlimited access for a period of one year— at no cost! Your coupon code for free membership will be included in your registration bag. Good luck and best wishes for your continued success!