The Synopsys Software Integrity Group is now Black Duck®. Learn More

From Problem to Solutions

Software continues to grow, proliferate, and enhance our digitally enabled lives. As organizations undertake digital transformations, software-based innovation and development rapidly expand. The result is a balancing act for organizations as they try to deliver value at high speed without sacrificing quality. But too often, software quality lags behind other objectives.

The lack of primary attention to quality comes with a steep cost, and that is the focus of this report, released by the Consortium for Information & Software Quality™ (CISQ) and cosponsored by Black Duck.

This year’s report cites an increase in the cost of poor software quality (CPSQ) in the U.S. to at least $2.41 trillion—up from $1.31 trillion two years ago.

Three main problem areas contribute to CPSQ

  • Cybercrime losses due to software vulnerabilities rose 64% from 2020 to 2021; those losses have not yet been determined for 2022.
  • Software supply chain problems in underlying third-party components rose significantly, and the number of failures due to weaknesses in the open source software supply chain increased by 650% from 2020 to 2021.
  • Technical debt has become the biggest obstacle to making changes to existing codebases, with the principle now at roughly $1.52 trillion. 

The report focuses on three solution areas for finding and fixing software deficiencies

  • Quality standards / software problem taxonomies
  • Tools for understanding, finding, and fixing deficiencies / technical debt
  • Artificial intelligence / machine learning tools 

Download the report for details on these problems and their solutions, as well as specific recommendations around open source software components, DevOps, developer training, and creative ways of dealing with the shortage of software professionals. 

Download the report now