Technology

Eurocenter DDC awarded CMMi certification

The Sri Lankan software engineering company, Eurocenter DDC has been awarded the Capability Maturity Model Integration (CMMi) certification, one of the highest internationally recognised standards for assessing and evaluating software development practices.

Eurocenter DDC is the first Sri Lankan software company that achieved this international certification. It has received the CMMI Level 3, version 1.2 standard. The CEO of the company Mano Sekaram said that this recognition is a boost to the Sri Lankan software industry.

Explaining the new accreditation, Sekaram said that developers in the software industry should deliver high value high quality software products and services. When you say your software is of high quality, you have to prove it and you should be able to explain and demonstrate it.

Three components

In the Eurocenter we have three components to assess the quality of our products and services; delivery, increase internal productivity and zero defects or free of bugs. To ensure the quality of the software we need a process to monitor these three components.

Over a long period of time Eurocentre has improved its software development process to ensure the quality requirements in its main markets in Europe. With all the hard work done, the company has achieved a schedule variation test (that measures efficiency in delivery), less than 5%. This means over 95% of the projects undertaken by the company is delivered on time.

The effort variation, the second component of the quality measure is maintained at less than 10%. Effort Variance is a 'measurement' which highlights the discrepancy in a project with regard to Actual Effort against the Planned Effort (estimation). The third component Rework Percentage, that measures the rework has to be done to ensure that the software is bug free and is maintained at less than twenty per cent.

Quantitative analyses

This quantitative analyses, monitoring and evaluation have been possible due to Eurocenter's unique 'Spider' software - a Project Management and Tracking System that tracks and monitors tasks at each stage of the project life cycle, Sekaram said.

Eurocenter which has its offices in Colombo and Oslo, Norway is a global provider of Software services.

This quality initiative was sponsored and partly funded by the Information and Communication Technology Agency (ICTA) under their ICBP Program to raise the competence of the Sri Lankan software development companies.

The Capability Maturity Model Integration (CMMI) of the Carnegie Mellon University's Software Engineering Institute (SEI), is an internationally recognised standard for assessing and evaluating software development practices. For an organisation to achieve CMMI certification, external appraisers must test whether their processes and systems comply with the process areas prescribed by the standard.

The appraisers also check the management systems to ensure whether there is any ongoing monitoring, review, and improvement in the system.

Eurocenter's appraisal was conducted by a SEI certified lead appraiser from Quality Assurance Institute (QAI), a global leader in consultation and evaluation services.

Achievement

Sekaram said that this achievement is a result of the long and hard effort of the employees.

They had to work day and night and were engaged in the implementation of this process after they completed their usual work. It is also a costly process and we had to hire international consultants and train the staff, Sekaram said.

Four years ago the Company launched its EC Process version 1 as its core development process to deliver software engineering services. This process was based on Rational Unified Process (RUP) and agile best practices. It was ISO 9001:2000 certified in 2005 and is being continuously audited and certified. Eurocenter's desire to improve its processes evolved into the launching of EC Process version 2 in 2008 which now conforms to CMMI practices.

Testimony

"The CMMI endorsement is testimony to our continued commitment towards aligning our processes to enhance customer value. Quality improvement is a continuous journey at Eurocenter. Today we have reached a maturity stage of managing our business based on quantitative measurement thus helping us to predict the outcome.

This helps us maintain the promise of delivering 'high quality software services' consistently", Sekaram said.

Process Specialist and Senior Project Manager of Eurocenter DDC Shehani Seneviratne said that the CMMI certification will enable the company to leverage on its key strengths, reputation and best practices in design and development and serve its clients in a professional, economic and efficient manner.

GW

APCERT nails cybercrimes in annual drill

The Asia Pacific Computer Emergency Response Team (APCERT) successfully completed its APCERT Drill 2008 last week.

A scenario of cyber attacks by the professional cybercriminal groups targeting at the Asia Pacific economies was simulated to put pressure on the participating teams in APCERT to test their response capability in addressing cyber threats.

The APCERT Drill 2008 focused on how to effectively mitigate the impact of cyber attacks involving large scale attacks and malicious programs propagation.

The simulated attacks were themed to be deployed by the professional cybercriminal groups who trade stolen data or malicious online service in the underground economy. The online underground economy is growing and the cybercriminal groups are becoming organised and scattered across border, impairing the healthy economic activity and political stability.

The exercise, which lasted from 2300 GMT to 0800 GMT across five time zones, challenged the participating teams' incident response capability in dealing with large scale cyber attacks involving local and international scenarios.

The participating teams include 14 teams representing 13 economies in the Asia Pacific region, namely Australia, Brunei, China, Hong Kong, India, Japan, Korea, Malaysia, Singapore, Chinese Taipei, Thailand, Sri Lanka and Vietnam.

The objective of the drill is to prepare, test and evaluate procedures and processes within and across the Computer Emergency Response Teams.

The APCERT Drill 2008 was planned and coordinated by the Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia, in collaboration with the Australian Computer Emergency Response Team (AusCERT).

APCERT chairman Husin Jazri said, "The APCERT Annual Drill has been held since 2005.

This year's exercise is to test the participating teams' communication capability, particularly in its ability to communicate and relay information across physical borders and time zones, to enable effective decision-making and to coordinate swift response with the aim to assist neighbouring economies to reduce the impact of underground cyber attacks.

Cybercriminal groups can hide behind legitimate service providers and prevent investigations into attacks from being carried out.

Strong networking and local presence among national CERTs help to improve information sharing among trusted parties in curbing online crime".

"We believe the APCERT Drill has reinforced collaboration among participating economies and further streamlined the communication framework. Our hope is that the teams will benefit in terms of testing or proving the efficacy of their procedures in meeting the objectives set for the drill," Husin said.