It is tough to pick out the top three biggest challenges facing those who are engaged in enterprise mobile ALM (application lifecycle management). That's like trying to choose the three most important legs on a centipede. This is new territory for everyone and there are no true mobile ALM sages right now. So, we've been talking to a broad spectrum of experts in fields that overlap mobile ALM to see if we can build a composite picture of what's going on. We've gleaned some very interesting perspectives about areas where enterprise may not be fully aware of the scope of the challenges ahead.
Integration creates diversity
Mik Kersten, CEO of TaskTop Technologies, spoke with us at length about the way mobile is changing the ecosystem of app development. Developers are gaining more and more choices in the tools they use, and that makes mobile ALM incredibly complicated. However, restricting tool choice and funneling all developers into a single shared platform for ALM still doesn't simplify the underlying issues.
As Kersten pointed out, "mobile is driving the API economy." Integration on the server side with solutions like Layer 7 and Mashery that federate data and services from disparate sources give businesses the ability to do much more with mobile development. However, the related proliferation of APIs is also driving more heterogeneity in lifecycles. "If you are building a mobile app on four different REST services, you actually care about the lifecycle of those four different software suppliers for your REST services. You've got no way of hooking up the software supply chain right now – other than grabbing REST API specifications and copying open source code into your stack."
Hidden risks plague open source for ALM
What about all that lovely, cost effective and helpful open source code you're using for mobile development? Kersten cautions that enterprises are getting in bigger and bigger trouble as mobile drives incredibly rapid evolution of APIs. The CEO's smartphone full of vulnerable data getting lost in an airport isn't the worst case scenario for businesses. Imagine that there's a security defect in one of the open source APIs that is related to some critical customer data your enterprise is holding. If you aren't paying very close attention to issue tracking, you could be facing a huge amount of exposure. The fact that these open source API projects are public means they are ripe for exploitation.
And that's not even counting other risks such as OSS non-compliance. Choosing the wrong open source software license, restrictive vs. permissive, could mean an enterprise can't even claim its own derivative code as proprietary. This aspect of mobile ALM alone is giving rise to consulting agencies to help enterprise understand and manage licensing for app development.
Testing is a case study in complexity
It's not an exaggeration to say that testing is the number one area where mobile ALM is several orders of magnitude more complex than traditional ALM. The recent Mobile Application Development Primer whitepaper from IBM describes just a few of the factors that come into play. "The same model of device may function in a subtly different way when connected to a different carrier network. Also, the quality of the network connection can have a profound impact on the behavior of a mobile application. Even the movement of the mobile device itself may be an important factor in the behavior of the application."
This means the enterprise must be prepared to use every trick in the book including simulators, emulators, manual testing, automated manual testing, and device-cloud testing with hardware made available as resources on a consumption based billing model. Even then, they will still be missing a lot of critical information. Crowd-sourced testing is the newest method that's sprung up to fill the need for more accurate feedback.
Roy Solomon, cofounder of uTest, has put together an entire business model around this concept. He says, "At the end of the day, you're going to have issues once you go into the app store because of the fragmentation problems, because you have different kinds of users who do different kinds of things. You can't really think about all these variables when you are doing testing in the lab." Testing must include a huge array of different devices, networks, and geographic locations. That's the only way to see if apps behave as expected when they are accessed by real end users.
How are you addressing the challenges of mobile ALM? Let us know.