At a recent Security and Exchange Commission (SEC) Technology Roundtable, participants discussed the necessity of having in place more rigorous peer code review for software used in trading and other financial transactions, MNI News reported.
Software development expert and MIT professor Nancy Leveson addressed the gathering, criticizing financial sector companies for adding complexity to trading and exchange software even as other industries have limited complexity as a best practice, according to MNI.
The roundtable participants discussed peer review broadly, in regard to how software is developed and used by traders, the news source reported.
"As the morning panel concluded, the discussion appeared to converge on the concept of industry peer review to bring firms to converge on best practices, as more effective than trying to standardize software safeguards," wrote reporter Denny Gulino.
The regulators in attendance – including SEC Chair Mary Schapiro – did not make any announcements regarding rule changes. However, MNI pointed out that Schapiro and her colleagues not only heard from attendees, but also received written recommendations from organizations such as the New York Stock Exchange and Nasdaq.
The need for code of the highest quality in this realm is apparent, given the rise of computer-driven speed trading. In September, CNNMoney quoted MIT professor Andrew Lo as saying financial firms "have been badly stubbing their toes on the technology."
CNNMoney identified a number of instances in which computer-driven trades have gone awry, including an August trading glitch caused by a "rogue algorithm" that cost Knight Capital Group $440 million.
About the Author: Chris Bubinas
With over a decade spent in web process analysis and optimization I now manage the web presence and online marketing channels for Klocwork. I love to follow technology, privacy and security issues online and am a technology geek at heart. I will try to post interesting news and developments in the software security industry. Dovahkiin! Related Posts
-
Does a password tool’s encryption weakness highlight the need for more code review?
A guessing technique that leverages a design flaw in the popular 1Password password manager tool has sparked widespread... -
What software security lessons can companies learn from open source projects?
Open source software projects have long been celebrated for their role in driving innovation, their low cost to users, their... -
Three peer code review practices to build better software
A technique such as peer code review or even collaborative, paired coding can be an effective way to meet goals that are...
