The affordable health care web site failure is constantly on the news and there are some interesting articles:
There will be more like this and we should learn from the mistakes of the past, but do we?
As I read Matt’s article, I am struck by how many of the things he cites as being things I’ve heard before. Further many of these are not technical failure, but what I would call management issues. We talk about better skills in testing and development. Maybe, we need to educate people better in school what is possible with computers. Some people expect to much from software, but as the young generations (who grew up with computers) come into leadership, hopefully we’ll have less of these events. Unfortunately, I really expect such situations are human nature, so we will always have them.
So I am back after 3 weeks in Europe with minimal time and internet connection, so I did not get any time for posting.
During my trip, this interesting article was published. Check it out:
So my writings and teaching are in part aimed to give teams the testing tools to get information that might avoid such articles. I have minimal insight to specific companies, but the ones I have worked with want to avoid such press and legal actions. Many managers and leaders of companies working with embedded software devices do not always seem to see the importance of good testing, including approaches such as attack based testing (what my book is about). I was lucky because many places I work valued testing as part of their information gathering. They ran scared and needed as much info as possible. True, you can not test everything, but embedded and mobile software can be complex and simple testing only partially works for complexity.
I wish everyone to balance basic check tests and more advanced attacks. The bugs cited in the article match the general error taxonomy history I have worked on for years and confirm the validity of many of the attack patterns in the book.