CISQ Publishes the Cost of Poor Software Quality in the US: A 2022 Report
Defining solutions to mitigate staggering software deficiencies
BOSTON, MA – DECEMBER 6, 2022 – The Consortium for Information & Software Quality™ (CISQ™) today published the Cost of Poor Software Quality in the US: A 2022 Report. The report states that the cost of poor software quality in the US has grown to $2.41 trillion. What’s more, the accumulated software technical debt (the cost of reworking suboptimal software) has grown to approximately $1.52 trillion.
The 2022 edition of the Cost of Poor Software Quality in the US report focuses on three areas: cybercrime losses due to existing software vulnerabilities, software supply chain problems, especially concerning open-source components, and the impact of technical debt on software development.
“We hope that the readers of this series of reports recognize the magnitude of the cost of poor software quality within their organizations,” said report author Herb Krasner. “We also hope they adopt the solutions suggested for software conception, development, production, operation, and evolution processes. We’d like to see everyone from the C-suite to IT/software engineers make software quality a first-class citizen. They must address the weaknesses and vulnerabilities that lead to failures, improve the process of preventing, understanding, finding, and fixing bugs, and recognize and reduce the burden of technical debt.”
Proposed solutions to improving the quality of software include the use of:
- Quality standards/software problem taxonomies
- Tools for understanding, finding and fixing software deficiencies and technical debt
- AI and machine learning tools to speed software engineering
“Every organization uses open-source software. In fact, on average, open source makes up more than 75% of almost every codebase used in the world,” said Dr. Anita D’Amico, Synopsys Software Integrity Group VP of Cross-Portfolio Solutions and Strategy and CISQ Board Member. “A single vulnerability in one of those open-source components could affect thousands of software applications in just one organization. But to fix it, you need to know which of your apps has it. A software bill of materials (SBOM) provides just that. It’s an inventory of an application’s components that an organization can use to find the vulnerable components for remediation.”
“Developers spend excessive time debugging, which negatively impacts developer productivity,” said Undo Founder Greg Law. “This CISQ 2022 report confirms that finding and fixing bugs is the largest single expense component in a software development lifecycle. Thankfully, the author puts some concrete solutions on the table.”
For more information, you can download the Cost of Poor Software Quality in the US: A 2022 Report from the CISQ website. Synopsys and Undo sponsored the report.
The Consortium for Information & Software Quality™ (CISQ™) is an industry leadership group that develops international standards for automating the measurement of software size and structural quality from the source code. The standards written by CISQ enable organizations developing or acquiring software-intensive systems to measure the operational risk software poses to the business, as well as estimate the cost of ownership.
CISQ was co-founded by the Object Management Group® (OMG®) and Software Engineering Institute (SEI) at Carnegie Mellon University.
Note to editors: CISQ is an Object Management Group program. For a listing of all OMG trademarks, visit http://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.