Measuring and Managing Software Risk,
Security, and Technical Debt

Wednesday, September 17, 2014


8:00 9:00am Registration
9:00 - 9:15am Welcome and Introductions to CISQ and ARiSE
  Dr. Bill Curtis, Director, Consortium for IT Software Quality (CISQ)
Herb Krasner, Principal Researcher, ARiSE, University of Texas

View Presentation

9:15 - 10:15am The State of Software Process and Quality in the State of Texas
  Herb Krasner, Principal Researcher, ARiSE, University of Texas

Mr. Krasner will describe his work with Texas state government to assess the maturity of their development practices and establish improvement programs. He will report on the quality and cost of ownership of the portfolio of applications in several state agencies and what is being done to manage and reduce it. 

View Presentation

10:30 - 11:30am Technical Liability and Self-Insuring Software
  Dr. Israel Gat, Director, Agile Product and Project Management Practice, Cutter Consortium
Dr. Murray Cantor, IBM Distinguished Engineer

By shipping sofrware, an executive assumes the risk it will not cause a future event that creates significant liability. Thus, the organization is essentially self-insuring against future liabilities. A fair price of this insurance, the technical liability, reduces the economic value of the software. This talk discusses how to price this self-insurance, and use it in deciding to ship or to invest further in improving quality. 

View Presentation

11:30 - 12:00pm The Global State of Software Structural Quality: Do Method and Source Matter?
  Dr. Bill Curtis, SVP and Chief Scientist, CAST Software

Dr. Curtis will discuss results from the structural analysis of 1316 software systems from 4 continents comprising 700 million lines of code, including the effects of technology, development method, industry sector, and sourcing and shoring choices on the quality factors of robustness, security, performance, and changeability. 

View Presentation

12:00 - 1:00pm Lunch
1:00 - 1:45pm Measuring and Managing Technical Debt
  Dr. Bill Curtis, SVP and Chief Scientist, CAST Software

The various components of the technical debt metaphor will be defined and examples provided (principal, interest, liability, opportunity cost). An automated measure for estimating technical debt will be described along with empirical results from over 700 commercial applications. A process for managing technical debt will be presented along with several empirical case studies of successful cost reduction from controlling and removing technical debt-principal.

View Presentation

1:45 - 2:30pm New Findings on Measuring the Effectiveness and Quality of Agile Projects
  Dr. William Nichols, Software Engineering Institute, Carnegie Mellon University

This session will present new research being released by the Software Engineering Institute (SEI) on the measurement of agile projects. The featured results from the SEI will present conclusions from a study of transactional data collected from an Agile life-cycle management platform. Results will be contracted with data from Team Software Process (TSP) projects. Findings include observations on some difficulties and limitations in measuring agile projects and the consistency of agile practices.

View Presentation

2:30 - 2:45pm Break
2:45 - 3:45pm Advances in Measuring and Preventing Software Security Weaknesses
  Robert Martin, Director, Common Weakness Enumeration Repository, Mitre Corp.

Mr. Martin will describe the latest developments in the national cyber-security community to identify and measure security threat vectors and the weaknesses they exploit. He will describe the actions taken by this community to improve the state of software security and spread best security practices to the development community.

View Presentation

3:45 - 4:00pm Standards and Automated Software Measurement
  Dr. Bill Curtis, Director, Consortium for IT Software Quality (CISQ)

Dr. Curtis will briefly describe the work of CISQ to supplement ISO standards with standards for automating the measurement of functional size and source code structural quality. Future work on standards for measuring technical debt and quality-adjusted productivity will be described. 


Hosted in cooperation with The Center for Advanced Research in Software Engineering (ARiSE)
 in the School of Engineering at the University of Texas (UT)

Advanced Research in Software Engineering (ARiSE)


Hit Counter
Copyright © 1997-2017 Object Management Group, Inc. All Rights Reserved. For questions about the WEBSITE , please contact
For TECHNICAL questions, please contact
Contact BD for info on joining OMG at
Explorer versions 6.0 or later or any browser capable of viewing JavaScript and CSS 2.0. The site is using
DHTML JavaScript Menu By