“An airplane requires a specific authorisation to fly. There’s a guy who checks hundreds of technical characteristics to say, ‘Okay, here’s a quality stamp’,” says Vincent Delaroche, CEO of CAST Software. “It’s interesting because they certify everything but the software.”
Consumers are now used to the problems caused by businesses going digital without due diligence, from unreliable online banking services that frequently go down, cutting customers off from their funds, to compromised user interfaces that offer loopholes for hackers to exploit and steal sensitive customer information – a result of poorly put together software and lacking development processes.
CAST, a leader in software intelligence hopes to change this with what the company describes as an “MRI for software”.
CAST’s monitoring platform provides insight into software structure, software framework and source code – essentially the nuts and bolts of a businesses’ digital infrastructure. According to Lev Lesokhin, Executive Vice President of Strategy and Analytics at CAST, software intelligence “helps digital leaders communicate, make decisions, measure and drive teams, protect businesses and brands, continuously improve soundness and security, and better understand the complexity of critical systems”.
Speaking recently at CAST’s annual Software Intelligence Forum in Paris, France, Delaroche explained the company’s desire to bring about transparency in an increasingly digital world.
“Everything relies on software, so we as a people must know if our software sucks or not.
“If you look at our numbers from 2012 to 2016, we were doing well, but limited growth,” Delaroche said, suggesting that perhaps businesses have been slow to recognise the need for software intelligence.
CAST currently works with approximately 300 customers, made up of mainly large banking, financial services, insurance and telecommunications companies. However, with industries increasingly turning to software, an more informed public and regulation threatening to punish poor practice with costly fines, CAST expects the demand software intelligence to grow exponentially over the next decade.
“I am 100% sure of one thing, in ten years from now, five years if I am lucky, you will have in every single big company, every single big IT organisation, they will have someone in charge of software intelligence,” Delaroche said.
So how could software intelligence protect your business and save you money?
Software intelligence: Bettering businesses
Delaroche points to GNU General Public Licence v2.0 [GPL v2] as a cause for concern that is frequently overlooked by businesses, but can be discovered within a system by CAST’s software intelligence tools.
The GPL v2 terms states that “any modifications to or software including GPL-licensed code must also be made available under the GPL along with build & install instructions”.
“If you are developing software products and you are using a component under a GPL v2 licence, you plug this component into your software, the licence says if you use it, the entire software becomes open source,” Delaroche explained. “Every single CIO, CTO, CEO says the same: I don’t want this in my software.”
And yet, many times GPL v2 slips through the gaps, as evident by the numerous lawsuits that have been brought against violators over the years. In 2017, for example, a $100m case was brought against in-flight entertainment provider Panasonic Avionics Corporation for violating the GPL licence among other claims.
For those that allow components under the GPL licence to slip through, their options are limited: rewrite your software or make it open source. Both costly outcomes that would have been avoided had software intelligence been used before the software’s release.
“It’s legally extremely dangerous”, Delaroche said. “On our side, we analyse continuously what we call pre-production, we do a quality check and we notify you if it’s good or bad.”
Cybersecurity is an area of major focus for businesses, with the market forecast to grow to $250bn by 2023. Yet, many businesses continue to leave themselves vulnerable to attackers by ignoring the health of their software.
Open source offers organisations opportunities to increase productivity and save money, as resources do not have to be spent developing software that is already publicly available and free to use. On the other side, it offers malicious cybercriminals opportunities to cause damage, given how difficult it is to know who has produced this software and how it could affect a system.
“It’s open. This is not your own developers,” Delaroche said. “You have millions of developers, including hackers, including terrorists, who are modifying this online. It’s all online – it’s on Github and so on – and everybody is using it.”
This is where CAST is key, ensuring that systems aren’t compromised before they enter production.
“You can’t expect to have poor quality in your software and have good behaviour in cybersecurity. That’s absolutely not possible,” Pierantonio Azzalini, chief technology officer at multinational shipbuilder Fincantieri, told Verdict.
Should you be considering software intelligence?
According to the Success Personified in the Fourth Industrial Revolution report recently published by Deloitte, some one in four business leaders cite funding as one of the biggest challenges that put them off making investments in the digital age.
Yet, Azzalini believes that the benefits far outweighing any potential costs.
“This is not a multi-million euro project. You can really start with some hundred thousand euros,” Azzalini told Verdict at the Software Intelligence Forum. “I don’t believe that this could be an excuse.”
“If you have a large company, the total cost of ownership of your application software is in the ballpark between €50 to €100m per year because of direct cost, the infrastructure that you’re running, and overhead.
“You run your project in a normal cycle of investment, it lasts ten years – so if you really have to do a transformation, then it’s easy to say here is €1bn. Just think that a saving of 10%, which is nothing, is €100m.”
Better yet, Azzalini says, in an increasingly fast-paced business world, you will start to reap the rewards of CAST’s software intelligence tools faster than other potential solutions.
“Sometimes when you do something new, changing a department or doing a transformation, it’s painful because you start looking at the result in one year, one year and a half. Nowadays that’s really difficult for any person or company to wait a year for a result.
“I remember when I first introduced CAST, after three months I already had quite interesting insight.
“It’s not something that can kill the initiative, it’s not something that you have to wait too long, so I can’t find any excuse [not to buy into software intelligence,” Azzalini concluded. “The only reason is usually that there are people that prefer not to know.”