Computerworld - Washington
A group of 18 organizations from all sectors of the economy has teamed with Carnegie Mellon University in Pittsburgh to form a technology consortium dedicated to improving the reliability and security of commercial software.
Armed with $30 million in seed money from grants from private institutions, the new Sustainable Computing Consortium (SCC) announced this week will work to initiate public policy debates and create new standards and techniques for developing more reliable software.
In addition to the university, SCC founders include Microsoft Corp., Oracle Corp., American International Group Inc. (AIG), Cisco Systems Inc., Mellon Financial Corp. and NASA.
"Software systems have become the critical infrastructure of our nation and economy. Unreliable software has profound consequences," said William Guttman, director of the Pittsburgh-based SCC. He added that the loss of a single cellular telephone network node due to a software failure could cost a company $18,000 or more per minute.
In fact, statistics recently released by the Washington-based National Research Council show that U.S. companies spent $175 billion last year to repair damages caused by software defects and $12.3 billion to repair systems affected by computer viruses. SCC officials said those costs are likely to rise this year.
Taking Action
However, the software industry is still in its infancy when it comes to taking action on reliability and security issues, said Jim Morris, dean of the school of computer science at Carnegie Mellon.
Steve Perkins, senior vice president of Oracle's public-sector and homeland security division, agreed. "Software, as an industry, is pretty immature," Perkins said. "We lack the metrics, the standards and the discipline, [and] these kinds of capabilities cannot be architected [into software] after the fact."
"We now have all of the players who can address these problems," said Morris. He added that the SCC will be actively recruiting other companies to take part.
However, questions were raised during a press briefing regarding the incentives that exist for software vendors to improve the reliability and security of their systems. Many companies, such as Oracle, use the unique security features of their software as selling points and marketing tools against competitors.
Ty Sagalow, chief operating officer at New York-based AIG's eBusiness Risk Solutions group, one of the largest U.S. insurance companies that offers security risk insurance, said the insurance industry will play an important role in promoting "positive behaviors" in software developers.
However, Sagalow added, the SCC will be key in helping the industry quantify cyberrisks. "We must act now," he said. "There is a business need to create a cycle of risk management."
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
