COVID-era demand for faster digital transformation may have opened software engineers’ eyes to the benefits of agile software development, but new figures suggest many transformations are progressing slower than expected because it is taking much longer to test software than to write it.

Today’s enterprise applications are so complex that software testing processes are harder than ever to maintain, according to a new Tricentis report of 100 Fortune 500 companies that found the average organisation is running 900 different applications, with single transactions touching 82 different technologies.

Each time part of an application is updated or changed, software testers must check the functioning of every element to ensure that the quality and reliability of the whole solution have been maintained.

That process has become so burdensome, the study found, that completing a testing cycle is now taking an average of 23 days – compared to the average software release cycle of around two weeks or less.

This makes today’s software testing “shockingly ill-suited for today’s fast-paced development cycles,” the report’s authors note.

“With such lengthy test cycles, testing inevitably lags behind development.”

The problem with slow

Shorter release cycles are generally seen as a competitive advantage, and many software engineers have been pushing hard to adopt DevOps methodologies to tighten the links between developers and the infrastructure supporting their work.

Automated software testing has emerged as a key tool to make this happen, with increasingly intelligent, AI-driven tools able to source human-written source code for changes, dependencies, and even potential security issues.

Few companies are achieving the greater than 75 per cent automation rate that signifies mature software development processes, the report notes, while most lack supporting testing technology like service virtualisation and test data management.

Yet most companies are still relying on manual processes to vet their source code, the report found, with the average company automating just 39 per cent of its testing – and 22 per cent of issues coming up as false positives that waste additional time to investigate.

These figures suggest software engineers still have a long way to go before their source-code testing processes are mature enough to keep up with the accelerating pace of digital transformation: an ideal false-positive rate, for example, is less than 10 per cent.

Also concerning was the finding that the average software testing suite is only covering 25 per cent of the regulatory requirements and business risk it is meant to assess – compared with an ideal of 100 per cent.

Fixing this is a challenge encompassed in in-demand DevOps and DevSecOps, the security-focused spinoff that has enjoyed increasing support amongst software development organisations where security is increasingly being baked into software processes from the ground up.

“Software testing is a complex task that has an incredible amount of approaches which has made it underestimated and underappreciated to organisations for too long,” said Tricentis director of customer experience strategy Jori Ramakers in launching the report.

“However, many top organisations have transformed testing into a catalyst for digital transformation.”

Hastening that transformation, however, will require ongoing investment in software-testing tools and methodologies to help ensure that software engineers can keep development working in lockstep with other parts of the IT organisation.