The Care and Feeding of Software: Planning for Code Maintenance

Author: Steve York

Custom software can help streamline your business and provide great benefits for getting ahead of the competition. However, many companies fail to answer one basic question: What happens once that software is in place? Regular code maintenance must be a part of any software cycle.

In the early days of programming, software was created mostly from scratch. Developers had to write nearly every line of code. The upside was that the developer had visibility and control over every aspect of the system. The downside was that it took a lot of work to create and maintain those systems, writing not just the core business logic but also the mundane code to handle logins, logging, error handling, etc.

Now, nearly all software consists of “building blocks” of third-party components and utilities. These components handle many of those mundane functions, allowing developers to focus on the business logic. Components can come from large and stable companies like Microsoft or Google. On the other hand, some may be niche components from a small open-source team or even a single developer.

Having a vast array of pre-written components available for use cuts down development time and adds capability, but it too comes at a cost. Modern software systems can be made of literally hundreds of these third-party components, each of which has its own lifecycle.

Code doesn’t change over time. It doesn’t “rot” or degrade. But the systems it interacts with do change. Operating systems are upgraded, security vulnerabilities are discovered and mitigated, bugs are fixed, and features are added or deprecated. Often, these changes are backward compatible — but not always. Failure to keep up with these changes can cause problems, including hidden security risks.

Development tools change as well. As new technologies arrive, older ones fall out of favor. Over time, developers tend to migrate to newer technologies and their old skills fade away. It becomes harder to find staff willing or able to work with older technologies.

With any software system, it is important to perform regular “checkups” of your code to make sure it is up to date with the environment around it. Many security breaches have been the result of vulnerabilities which had already been fixed in various components, but the systems built around those components hadn’t yet been updated. Building code maintenance into software development cycles keeps you more efficient and secure.

The design of software systems can play an important role as well. For example, if you use a microservice architecture, it divides large software systems into smaller, more manageable pieces.  Adding a layer between core business logic and third-party components can reduce dependencies and can make it easier to substitute another component when the need arises.

In some cases, when a system is very old or has been poorly maintained, the best answer might be to replace or rebuild it with something using modern methods and practices, making it easier to maintain and secure. However, this can be an expensive proposition.

When you are considering budgets and best practices for your software development efforts, think beyond enhancements and new features. Be sure to allocate time for upgrades and maintenance. Spending a little bit of time keeping up to date with tooling changes, security upgrades, and bug fixes on a regular basis will reduce exposure to vulnerabilities, help keep your systems reliable and efficient, and can reduce the lifetime cost of the application.

Unsure where to start with your code maintenance? Contact us to discuss your options.

Steve York is an Application Architect with RevGen Partners. He is passionate about creating quality, maintainable software systems.