Feeds

CASE becomes ALM and consolidates

Developing on a legacy

SANS - Survey on application security programs

Comment Ever since Rational got three development automation gurus in the same room to agree on UML (Unified Modelling Language) and put an end to those pointless arguments about what shape the boxes in an analysis/design model should be, what used to be called CASE (Computer Aided Software Engineering) has been on a bit of a roll.

Well, with the sort of people who believe that you can automate the process of developing computer software, anyway.

Now, perhaps driven by the need to be able to demonstrate corporate governance (and, since everything is built on automated systems these days, this has to include IT governance) to third parties such as regulators and shareholders, it is becoming mainstream, although it is usually called something different these days. The concept is also being extended to cover computer assistance for the delivery, management, and operating of automated business systems, not just software engineering.

We are thus seeing a new focus on Application Lifecycle Management (ALM) as vendors realise that only end-to-end governance with transparency to stakeholders outside of the IT group really makes any sense. And there is plenty of product/vendor consolidation as the established leaders flesh out the bits of the lifecycle they’ve neglected in the past with best of breed products.

The missing bit is often Requirements Management. After all, the saddest thing in software development is seeing someone craft a high-quality piece of software which solves the wrong problem.

So, for example, we see Compuware acquiring Steeltrace, one of the more innovative Requirements Management product vendors, which has been a Compuware partner for some time.

The important part of this is the complimentary nature of the products now in the Compuware portfolio. It already has a strong Model Driven Architecture (MDA) story, transforming “Platform Independent Models” (PIM) into code, via OptimalJ, but MDA has been weak, in the past, on the “Computationally Independent Model” (CIM) part of the story.

The CIM looks at the complete business system regardless of which bits of it you’ll automate. However, MDA explained, for example, which is co-authored by Wim Bast of Compuware, only devotes part of one page (out of 150) to the CIM. There is, in fact, a real problem with automatically transforming a CIM into a PIM because a human decision has to be made as to where the man-machine boundary is placed, which (as MDA is all about automatic transformation of the different models) may explain the limited use of the CIM so far. Now, however, Andrew Watson (technical director of the OMG) seems to see business process modelling as implementing the CIM.

Steeltrace requirements management, however, could also address this potential hole in the MDA story, by providing for a structured analysis and refinement of business requirements, some of which may never be automated.

Compuware also acquired the Changepoint product in 2004, which addresses IT Governance in general. This could also complement its latest Steeltrace acquisition. The ultimate failure in IT Governance is to waste money on a technology which doesn’t address a business requirement; resulting in a cancelled project or, worse, a dysfunctional project that is forced into production.

QACenter is yet another Compuware technology which supports automated risk-based testing – and it is well-known that early testing is cost-effective testing. With Steeltrace, testing could effectively start at the requirements stage and trace through into automated test cases run against the coded system. It could even continue into the operational use of the system, as you check that the working system continues to satisfy the business’ requirements.

To my mind, the cheapest and most effective place to remove defects is during requirements analysis. This is when unnecessary requirements can be eliminated, the business stakeholders can be questioned as to their understanding of their business processes (sometimes, what the user asks for isn’t what the user really meant to ask for) and the most cost-effective man-machine boundary can be drawn. Sometimes, a manual decision made by an experienced human being is more cost-effective than developing an automated artificial intelligence solution.

Compuware’s main task now is to meld all these different products into a coherent whole, addressing the Application Management Lifecycle in its entirety, but the signs are that it will succeed in doing this. However, Compuware certainly isn’t the only game – or the only tool consolidator – in town and the others also have their strengths.

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.