Why isn't software quality orders of magnitude better than we've come to expect ?
Question:
software,
checksums on the software,
audit trail of changes,
test case generator software,
test cases,
etc.
(Question inspired by the following :
"POLONIUM-210 is a rare isotope that can be created only in highly guarded government nuclear laboratories.
So how did it get out? Or who let it out?"
)
Answer:
1) Complexity of the problem
Expressing solutions to a complex problem in a language that a computer understands is quite an undertaking. Generating appropriate workflow, business rules, and interface strategies is more complex than creating the unit tests and maintaining quality in the code itself. Customers find it difficult to express what they want in a way that a software architect can interpret for a design.
2) Necessity to ship
After a certain number of hours have been spent developing an application, the entity must ship the software or suffer a loss (in time, money, exposure, etc.) A tradeoff may be releasing software with known bugs that are minor and offering patches later, so as to meet a quota, ship under a certain fiscal quarter, beat a competitor, etc.
3) Unknown problem set
Yes, unit tests can be created, and the industry is getting better at recognizing secure design patterns, but there is still the impossibility of testing the result of every input case. Developers try to anticipate every input situation, but certain situations go unnoticed or aren't even realized until someone digs deep into the inner workings of the application and discovers the flaw.
Why isn't software guarded and tested like Polonium 210? Because Polonium 210 is never safe, and software is eventually assumed to be safe. Polonium 210 has no public purpose. Software does. Polonium 210 kills people. Software does not (or rarely).
More Questions & Answers...