On Wed, Jun 09, 2004 at 10:37:45AM +0200, Florian Weimer wrote:
> I don't think this is correct.  The costs for fixing bugs is higher
> later in the product lifecycle (and the article cites confirming
> data), but these costs might never materialize.  Only a fraction of
> all bugs are found, and the vendor doesn't even have to fix all those
> which have actually been discovered.

While this is true that only some of the bugs are fixed that fixing can
have unexpectedly high price tag attached. No matter how do you look
at this it _is_ cheaper to fix bugs as soon as possible in the process
(or not introduce them at the first place).

> I've never seen any hard evidence that investment into proactive
> measures during development (or call it "increased software quality")
> pays off in the end, at least in the area of applications which are

Personally, I do not see how this can be easily measured. The only way
we can do that is to say that we used to have so many bugs previoulsy
and fixing them cost that many. Then say that now we have so many
fewer bugs and that brought saving of whatever amount. But all of that
is just a guesswork and not the hard data. The conclusion is that you
can accurately only measure how much fixing cost (and only the technical
part, without trying to estimate lost opportunites and lost customer
confidence) but can not measure the absence of bugs.

The other interesting bit is that, at least at my place, we are seeing
fewer "simple" bugs but more of "complex" one. Not necessarily "complex"
in a sense of how hard is to fix them (but, occasionally, that too) but
that they tend to be more fundamental and far reaching then "simple"
ones. The consequence of it is that, while you may have fewer bugs, the
cost of fixing them stays the same or is even greater then fixing many
"simple" bugs.


Damir Rajnovic <[EMAIL PROTECTED]>, PSIRT Incident Manager, Cisco Systems
<http://www.cisco.com/go/psirt>      Telephone: +44 7715 546 033
200 Longwater Avenue, Green Park, Reading, Berkshire RG2 6GB, GB
There are no insolvable problems. 
The question is can you accept the solution? 

Reply via email to