#46 – WHAT SOFTWARE PROJECT MANAGERS AND DEVELOPERS WILL HAVE BY 2023 – CAPERS JONES

Capers Jones pixIf you consider the common problems of major software projects such as outright cancellation, schedule slips, and cost overruns it is clear that project managers and developers need better tools and better data than is common today.

What will probably be available within 10 years are these fully integrated capabilities that combine predictive analytics and full project measures and advanced development from certified reusable materials:

  1. Early sizing and estimating prior to full requirements via pattern matching (available today).
  2. Formal taxonomies of both applications and feature sets.
  3. Automated metrics conversion between function point methods, story points, etc. (available today).
  4. Early predictions of probable requirements creep (available today).
  5. Early predictions of defects in requirements, design, code, and other sources (available today).
  6. Early predictions of probable security problems in software (available today).
  7. Early predictions of defect removal efficiency (DRE) against all defect types (available today).
  8. Early production of animated graphical project plans integrating requirements creep.
  9. Early acquisition and analysis of benchmarks of similar projects already completed.
  10. Early analysis of all similar projects completed within the past 5 years.
  11. Early acquisition of data on security attacks against similar projects already completed.
  12. Early security plan to avoid security flaws and optimize data security.
  13. Early predictions of necessary test cases and test scripts (available today).
  14. Early predictions of all necessary documents, sizes, and costs (available today).
  15. Early predictions of full staffing needs including specialists such as project office staff.
  16. Early risk analysis of all potential application risks prior to full requirements (available today).
  17. Early analysis of both available reusable components and novel components needing custom development.
  18. Dynamic, interactive, animated architecture and design documents for performance and security analysis.
  19. Acquisition of certified reusable components from commercial sources.
  20. Nomination of selected new features to become new certified reusable components.
  21. Semi-automatic construction of applications from certified reusable components.
  22. Semi-automatic construction of test scripts and test plans.
  23. Semi-automatic testing from unit test through system test.
  24. Semi-automatic tracking of project effort and costs as they accumulate (available today).
  25. Semi-automatic logging and tracking of defects found via inspection, static analysis, and testing (available today).
  26. Daily refreshed cost-to-complete and time-to-complete estimates.
  27. Daily refreshed quality and defect removal efficiency  (DRE) estimates.
  28. Running FOG and Flesch indices on all text documents to ensure clarity and readability.
  29. Formal inspections of all critical requirements and design features.
  30. Running text static analysis on all text documents to find errors and contradictions.
  31. Running code static analysis on all code changes on a daily basis.
  32. Daily runs of cyclomatic and essential complexity of all code segments.
  33. Daily runs of test coverage tools when testing begins.
  34. Daily status reports to clients and executives that highlight any critical issues
  35. Achieving defect potentials < 2.00 per function point.
  36. Achieving test coverage of > 95.0% for risks and paths.
  37. Achieving defect removal efficiency (DRE) > 99.5%.
  38. Achieving security flaw removal efficiency (SRE) > 99.9%.
  39. Achieving productivity rates > 100 function points per month.
  40. Achieving development schedules < 24 months for 10,000 function points.
  41. Achieving maintenance assignment scopes > 5,000 function points.
  42. Achieving certified reuse volumes > 75%.
  43. Achieving mean-time-to-failure of > 365 days.
  44. Achieving schedule and cost overruns of < 1.0% of plan for all applications.
  45. Achieving blockage of cyber attacks of > 99.99%.

Of these 45 needs about a third are already available in 2014, even if not yet widely deployed.  The toughest needs are those associated with fully certifying the reusable materials and making sets of reusable materials available as needed.   The cyber security goals are also tough, in part because cyber security during development is still not a critical-path topic for many companies and government agencies.

By contrast the current quantitative results of software projects circa 2014 are much worse than future results for topics 35 through 45, shown above.  What the industry has achieved in 2014 is about as follows:

  1. Defect potentials > 4.00 per function point.
  2. Test coverage of < 85.0% for risks and paths.
  3. Defect removal efficiency (DRE) < 90.0%.
  4. Security flaw removal efficiency (SRE) < 75.0%.
  5. Productivity rates < 10 function points per month.
  6. Development schedules > 48 months for 10,000 function points.
  7. Maintenance assignment scopes < 1,500 function points.
  8. Certified reuse volumes < 15%.
  9. Mean-time-to-failure of < 10 days.
  10. Schedule and cost overruns of > 25.0% for most large applications.
  11. Blockage of cyber attacks < 85.0%

These mediocre results for 2014 are unfortunately industry norms, in spite of agile, TSP, and other new methods and in spite of new languages such as C# and Go.

Custom designs and manual coding are intrinsically slow, expensive, and error prone and nothing will change that fact.  Software construction from certified reusable components is the only known method of elevating productivity, quality, and security at the same time.

Leave a Reply

Your email address will not be published. Required fields are marked *