software _auditMeasurement & Reporting

In a world driven by economics, anecdotally doesn’t work – we need measurement and meaningful interpretation that we can use to demonstrate the fruits of our labour and show the return on our investment. Emenda tools provide the measurements and data-points needed, so the only remaining question is how would the data be best presented to fulfil the needs or your organisation or your customers. Emenda can provide near turnkey solutions for project, department or organisation-wide reporting of quality metrics, architectural erosion, compliance gaps and technical debt, using a variety of dash-boarding solutions from Open Source tools (such as SonarQube) to commercial tools (such as SQuORE).

ToolContinuous Improvement

The starting point is often an understanding of the current and quantifiable goals representing ‘ideal’, or steps along that path. Once we have an appreciation of the now, and have implemented systems to improve, it is important to have regular, and management visible updates highlighting progress. Step 1: regular, automated, repeatable measurement – naturally. Whether you use Jenkins, Bamboo, TeamCity, TFS, or some other build management platform – and note that we’re not yet talking Continuous Integration (CI) but rather regular time-based ‘milestone’ builds of ‘MAIN’ – adding analysis and testing to the ‘broken build’ checks are a logical enhancement to process.

MedicalStop the Bleeding

Once there is an appreciation of the problems and the rate of deterioration, we’re often overwhelmed by the task ahead. Tackling the deterioration first allows us to focus on preventing the problems, efficiently, and freeing up spare resource then to look at the backlog as a separate and more cautiously undertaken task. Emenda delivers the tools and expertise required to help manage the backlog and focus teams on where they can have the most impact for the least amount of investment.

 

QualityShift-Left

When detecting problems, the faster the feedback is received, the more efficient the dealing with those problems and the lower the risk of introducing new issues elsewhere. This is where Continuous Integration (CI) joins the mix. While continuously checking for changes that break the build, why not also be checking for the impact of those changes upon the security analysis, dynamic tests and coverage analysis, or the functional safety compliance goals? Emenda provides fast, efficient and scalable solutions for continuous analysis, continuous testing and continuous compliance.

Some of these tasks can be shifted left once more and actually brought to the developer’s desktop. Tools like Klocwork are capable of pre-check-in, partial incremental analysis (pre-flight analysis) so that changes can be checked, understood and validated even before those changes make it to the source control system.

Training_CertBetter Developers

Continuous checking and continuous feedback, when married to a comprehensive and detailed help text system, also has another benefit in that is acts as a perfect on-the-job training tool for developers. Emenda can further extend this appreciation of the quality rights and wrongs, with standards-specific functional safety training (for example ISO 26262, IEC 61508, DO-178b/c, IEC 62304, CENELEC).

 

Software_validationSingle Source of Truth

To ensure that what you think you are delivering is exactly what you are delivering, it is important that whatever mechanisms and systems development teams use for their day-to-day source code management, that there is ultimately a single source of truth for exactly what a given release and all associated quality documentation includes. Emenda specialises in provision of configuration management systems that are capable of doing this at scale, with multiple locations and multiple ground level source control systems.


For more information, please fill out the contact form below:

Full Name (required)

Work Email (required)

Title

Company

Contact number

Priority
HighResearch

Product
KlocworkUnderstandPerforceLattixSecurity InnovationSemiosCloneTracker

Platform
CC++C#JavaPythonPerlPHPOther Language

Certificate Standard(s)

Additional information