Search
Close this search box.

Strengthening Software Resilience: Learning from CrowdStrike’s Update Flaw

Table of Contents

A Billion-Dollar Lesson in Software Testing

On July 19, 2024, CrowdStrike, a leading cybersecurity firm, released an update for its Falcon sensor for Windows. Intended to enhance the sensor’s functionality, this update inadvertently introduced a critical flaw, leading to a massive global outage. The bug triggered a logic error that caused affected machines to display the infamous Blue Screen of Death (BSOD), signalling severe system failures.

Airport-Outage

As one of the largest cybersecurity firms in the U.S., serving more than half of the Fortune 500 companies, CrowdStrike’s faulty update had far-reaching and expensive ramifications. Approximately 8.5 million devices worldwide were impacted, disrupting various sectors including healthcare, financial services, and transportation. Hospitals experienced critical system failures, potentially endangering lives, financial institutions faced halted ATM transactions and online banking services, and airlines encountered extensive flight cancellations and delays.

In Malaysia, Kuala Lumpur International Airport (KLIA) and KLIA2 were notably affected. The outage forced airline passengers to check in manually, with booking systems down and boarding passes issued by hand. This led to significant delays and confusion among travellers, particularly affecting AirAsia flights more than those of Malaysia Airlines and Firefly.

The Necessity of Rigorous Testing Protocols

The CrowdStrike incident starkly illustrates the critical need for rigorous testing protocols and a robust testing culture within organizations. The widespread impact and severity of the outage underscore how even a seemingly minor update can lead to catastrophic consequences if not thoroughly vetted. This serves as a stark reminder of the growing risk of single points of failure (SPOF), critical bottlenecks in system delivery that, if impacted, can cause outsized effects on the entire system. Sectors like healthcare and aviation, which require 24/7 availability, are particularly vulnerable due to their lack of robust redundancies.

The root cause of the CrowdStrike incident was identified as a testing bug in their Content Validator, an error within their test automation tool. This flaw led to the release of a faulty update that caused widespread system failures. This incident underscores the importance of not only rigorous manual testing but also the need for robust automated testing tools and processes that can reliably detect and prevent such critical errors.

The financial implications of the outage were substantial. Businesses relying on affected virtual machines (VMs) experienced significant downtime, leading to lost sales and productivity. For large enterprises, this downtime translated into millions of dollars in lost revenue per hour. Additionally, the costs associated with IT support—including diagnosing and resolving the issues—were considerable, encompassing both in-house IT staff and external support services. The total cost of the outage is still being calculated, with some estimates suggesting losses could exceed USD 1 billion.

Tech-Support

The incident also caused long-term reputational damage to CrowdStrike. Trust issues with clients emerged as businesses questioned the reliability of CrowdStrike’s services. This erosion of trust could lead to potential loss of business as affected companies might seek more reliable cybersecurity solutions. Despite CrowdStrike’s swift response and remediation efforts, the reputational damage could have lasting effects on their client relationships and market position. Overall, the CrowdStrike incident highlights the critical need for comprehensive and robust testing protocols to prevent such widespread disruptions and ensure the reliability and security of IT systems.

The Role of Testing in Software Development

The CrowdStrike incident underscores the critical importance of robust testing practices in software development. To ensure software functions correctly and reliably under all conditions, both functional and non-functional testing are essential.

Software Testing
Functional and Non-Functional Testing: Definitions and Importance

Functional testing focuses on verifying that the software performs its intended functions correctly. It involves testing the software against functional requirements and specifications to ensure that all features work as expected. This type of testing is critical for identifying and fixing bugs that could prevent the software from meeting its objectives and satisfying user needs. Key benefits of functional testing include:

  • Compliance validation
  • Early issue detection
  • Enhanced user confidence
  • Quality assurance
 

Non-functional testing, on the other hand, assesses the performance, usability, reliability, and other non-functional aspects of the software. It ensures the software performs well under various conditions, such as heavy loads, stress, and security threats. This type of testing is crucial for:

  • Ensuring a positive user experience
  • Meeting performance standards
  • Maintaining system reliability
 
Importance of Rigorous Testing Protocols and Patch Management

The CrowdStrike outage highlights the necessity of rigorous testing protocols and effective patch management. Testing protocols must be comprehensive, covering both functional and non-functional aspects to ensure updates do not introduce new issues. Automated testing tools can help continuously validate the software’s functionality and performance, reducing the likelihood of bugs slipping through the cracks.

Effective patch management involves not only deploying patches promptly but also thoroughly testing them before release. This process helps identify and mitigate potential issues that could lead to system failures, as seen in the CrowdStrike incident. Regular audits and reviews of the testing and patch management processes can further enhance the robustness of software systems, ensuring they remain reliable and secure.

Establishing a Robust Testing Culture

Creating a robust testing culture is essential for ensuring the reliability and quality of software products. This involves a holistic approach where all stakeholders are engaged, continuous training is emphasized, and best practices are rigorously followed. 

Essential Steps

1

Involvement of All Stakeholders in the Testing Process

A successful testing culture requires the involvement of all stakeholders, from developers and testers to project managers and end-users. This collaboration ensures that everyone understands the importance of testing and contributes to the quality assurance process. Effective communication and transparency are crucial in fostering this collaborative environment. Organizations should encourage feedback and actively involve stakeholders in testing activities to promote a sense of ownership and responsibility for quality.

2

Continuous Training and Certification for Testers

Continuous education is vital for maintaining a high standard of testing. Certifications such as the Certified Tester – Foundation Level from ISTQB® (International Software Testing Qualifications Board) and the Certified Professional for Requirements Engineering from IREB (International Requirements Engineering Board) provide standardized approaches and methodologies that enhance the skills of testing professionals. These certifications ensure testers are equipped with the latest techniques and best practices, contributing to more effective and efficient testing processes. Custommedia Academy offers comprehensive training programs and certifications, helping organizations keep their testing teams well-trained and up to date.

3

Adopt Best Practices for Testing and Quality Assurance

  • Use of Sandbox Environments for Testing Updates: Sandbox environments are isolated spaces where new updates and features can be tested without affecting the production environment. This practice allows testers to identify and fix issues in a controlled setting, ensuring that only stable and reliable updates are deployed to production. It helps minimize the risk of disruptions and enhances the overall stability of the software.
  • Regular Review and Updating of Testing Procedures: Regularly reviewing and updating testing procedures is crucial for maintaining effective quality assurance. This involves integrating feedback from previous projects, staying updated with the latest testing methodologies, and ensuring that testing processes evolve with technological advancements. This continuous improvement cycle helps in addressing new challenges and maintaining high testing standards.

Adopting a Structured Approach With TMMi

The Test Maturity Model Integration (TMMi) framework provides a structured approach to improving testing processes. It consists of five maturity levels that organizations can progress through to enhance their testing practices systematically:

Testing is ad hoc and unstructured.

Basic testing processes are established and managed.

Testing processes are standardized and integrated into the software development lifecycle.

Testing processes are quantitatively measured and controlled.

Continuous process improvement and defect prevention are emphasized.

TMMi

Implementing TMMi helps organizations in several ways:

Reduction in Product Risks

By identifying and addressing potential problems early, TMMi helps reduce the likelihood of serious flaws and failures in software products.

Cost and Time Savings

Structured testing processes lead to more efficient use of resources and faster time-to-market for software products.

Defect Prevention

Emphasizing defect prevention rather than detection helps reduce the overall defect rate, ensuring higher software quality.

Improved Customer Satisfaction

Delivering high-quality software that meets or exceeds customer expectations improves customer satisfaction and strengthens client relationships.

Lessons Learned and Recommendations

The CrowdStrike bug incident, which caused massive global outages, underscores the critical importance of comprehensive pre-release testing. Thorough testing must cover all functional and non-functional aspects to ensure software updates do not introduce new issues. Implementing a robust testing framework like TMMi can help organizations systematically improve their testing processes.

The disruptions caused by the CrowdStrike incident also highlight the necessity of having robust disaster recovery plans. These plans should include strategies for rapid response and recovery from software failures, minimizing downtime and mitigating the impact on critical services.

Testing Culture
Recommendations for Enhancing Testing Protocols

Implement Automated Testing Tools

Conduct Regular Audits and Stress Testing

Integrate TMMi and IBM ELM for Process Improvement

Conclusion

The CrowdStrike incident underscores the paramount importance of a robust testing culture and rigorous protocols in software development. Comprehensive pre-release testing, disaster recovery planning, and the adoption of structured frameworks like TMMi are crucial for preventing widespread disruptions and ensuring the reliability and security of software products. Automated tools like IBM ELM enhance these processes by providing efficient, comprehensive test management and real-time insights, further strengthening an organization’s testing capabilities.

To prevent future incidents, businesses must commit to continuous improvement in their testing practices. This involves regular audits, stress testing, and the integration of advanced tools to automate and streamline testing processes. The combination of TMMi’s structured framework and IBM ELM’s powerful test management solutions offer a holistic approach to enhancing software quality and reliability.

Custommedia stands as a reliable partner in this journey. With over 30 years of experience in software testing and development, we provide comprehensive training and certification programs through Custommedia Academy. Our independent validation and verification services ensure your software meets the highest standards of quality. As a TMMi consultancy and an IBM Silver Partner in Malaysia, we offer end-to-end services to implement IBM ELM solutions tailored to meet the unique needs of our clients.