SlideShare a Scribd company logo

Maturity of-code-mgmt-2016-04-06

B
Bogusz Jelinski

Losing control over source is not funny. Securing it is a bit more complicated than keeping it on a CD in a drawer.

Software
1 of 10
Download to read offline
1 Maturity of source code management – another approach to code quality Bogusz JELINSKI Abstract. Source code quality is often viewed only through the prism of the static analysis and good programming practices. But there are many other code characteristics which if treated carelessly can entail loss of the entire code or increased number of incidents in the production environment. The purpose was to depict the neglected traits of source code management (SCM) and to propose a tool which should address some process vulnerabilities – the encapsulation, in which the contamination of deployed code is prevented by limiting the input points and the dependency on humans are minimized. Additionally to the tool a metric has been proposed to measure the extent to which the process is made hermetic (SCM maturity), preventing code contamination. Finally statistical data is provided for the code integration pattern – one of the neglected trait of SCM. Keywords. Source code, quality, proces maturity, software process improvement, SPI, SCM. 1. Introduction Source code is a vital company asset – it is the core of the digital business. It determines the behavior of computer systems but is often not visible by the business staff and is not managed explicitly. When “good code quality” is required, “the compliance with good programming practices” is meant. It is overlooked that any perfect code can by outdated or licenses unconsciously used by developers can obligate code’s owner to share it with the whole Internet. The code can even be completely useless (any further change or maintenance blocked) as there might be no knowledge or tools to compile it. Missing know-how can effectively limit the competition between potential suppliers and can strengthen the negotiating position of the current one. One should also know that it is technically feasible to deliver a fully functional IT solution without having delivered the compiled part of the source code with all negative consequences for future development and maintenance. In less scary scenarios the way you use source code affects the efficiency of IT departments and the user experience. If you construct 90% of code during integration or user acceptance tests (see Section 7), either the tests are costly or the production environment is exposed to a serious threat. All three project dimensions - cost, time, scope/quality are badly affected. This article is based on author's experience in an implementation of the source code management process (SCM) in a large telecommunication company using hundreds of computer systems. The goal of the effort was to depict both threats arising from mismanagement of source code and ways to avoid negative consequences of the materialization of risks. The following key questions were formulated at the beginning of the research: 1. What configuration items should be managed to protect the source code? 2. What are the aspects of code quality? 3. What are the risks of a mismanagement? 4. How to design the SCM process in order to address these risks? 5. Can a performance indicator be proposed for the process? 6. Are there any other vital process metrics? For example – how much of the code is constructed during tests? As a result of the research a tool has been proposed, which addresses some process vulnerabilities – the encapsulation, in which the contamination of deployed code is prevented by
limiting the code delivery points and the dependency on humans is minimized by enclosing their knowledge into the process (eg compilation and deployment scripts and tools). The improving performance of the process can be measured using a commonly understood scale – maturity, which may be also a part of a customized software maintainability measure, as the ISO 25010 [1] sees it but does not operationalize it. The term “SCM maturity” was used in a similar context eg by Forester Consulting [2] and there were many other attempts to create a software maturity model [3], not to mention ISO/IEC 33004 [4]. The maturity scale is proposed in Section 6, two snapshots of its progress measured during a vast IT transformation are provided. It is worth mentioning that the scale was used not only for measurement itself but also as an improvement guide - a checklist of good practices, a target to be achieved by managers. The goal of the SCM transformation was to provide complete and up to date source code for a vendor consolidation programme, so the idea behind was to concentrate on the asset management, not on agility or efficiency. 2. Elements of source code Let us make a brief summary what “source code” actually is. It is made up of files containing one or more instructions executed in a specified order by a computer. These instructions determine functionalities of a system, regardless of the programming language - C/C++, Java, PL/SQL, PHP or HTML. The source code also includes SQL scripts eg scripts performing a rollback to the last, error-free software version. When transferred to the purchaser the source code should also be accompanied by: • a description of compilation sequence and all tools necessary to complete the compilation, • resources not considered as source code but required to compile and run the system eg properties and configuration files, Ant/Maven scripts, and libraries, • shell scripts used to compile, configure, run, manage, and monitor the system, • unit tests – numerous albeit small fragments of code which goal is to verify the correct operation of the code itself. 3. How does the quality of code manifest itself? The table below presents some operational characteristics linked to the quality of code. This is more a subjective business approach than an attempt to provide a complete categorization of software characteristics as proposed in ISO-25010 [1]. Trait Description If neglected up to date coherent with the production environment some functionalities missing complete containing all the elements indicated in Section 2. a blocker for development and maintenance compilable the software process (dynamic) perspective - should compile if complete. a blocker like above. If we do not know how to compile the code or do not have tools to do it we are unable to conduct any change in a computer system. Its
3 source code has then only a sentimental value for us. fully merged no change/functionality forgotten for a release (ISO functional suitability/completeness) some functionalities missing when the release goes live. well tested Had all expected functionalities been delivered before tests started? What does code integration pattern [5] look like? More issues on production likely to appear (see Section 7) coding standards obeyed ISO-9126-3 [6] (replaced by ISO- 25010) or other good programming practices conformed with. Security or performance issues, code hard to maintain open- source licenses obeyed One has to be sure that a software complies with open-source (BSD, ASL, …) and free software (GPL, LGPL) licenses, as these licenses are unconsciously used by developers. It can restrict the use of software. In the best case - you shall be forced to reveal your source- code. low IT debt that metaphor of the coding standards has gained momentum lately. It is an attempt to estimate how much would it cost to remove from the source code all violations of good practices. The methodology for the calculation of this measure is still in its infancy. The interest on the debt is the cost of bug-fixing eco friendly (green index) Yet another metaphor – how greedy for computing power a software is. It might combine the static analysis with a some run-time characteristics – memory and processor usage More energy consumed. more hardware to be purchased. code reused Avoid duplication of functionalities within one system (less copy-pastes) and across the organization - see ISO/IEC 25010 reusability. It can help reduce the cost of system development. Software harder to maintain. code covered what proportion of code is being tested by tests such as unit tests? Higher risk of bugs Table 1 – Traits of the good quality code. Three traits from the table will be discussed in more detail later on. Any discourse about code quality should (but very often fails to) start with its completeness (or integrity, if ISO terminology is to be followed) and being up-to-date. In order to protect these valuable characteristics it is proposed to meet a few requirements regardless to what extent the IT services have been outsourced: • take care of legal aspects, including the right to independently modify the source code if it
is reasonable. • store the code in your own repository (revision/version control system, in other words) or at least in one which is maintained by a trusted third party (escrow). • oversee your manufacturing process to be sure that your source code repository is consistent at least with your production environment. You can do it by encapsulation of the code management process (recommended, see below) or by a periodic comparison of the repository with runtime environments. • automate as many steps of the process as feasible. Get rid of the human factor. • review (inspect) your code manually or automatically and measure other process characteristics (the code integration pattern – see below). All source code should be conserved, not only that of the biggest or critical systems. It happens that a loss of source code of a seemingly irrelevant module, which is integrated (sometimes in an undocumented way) with crucial systems blocks an important change in these crucial systems. That was exactly the case that gave the author of this article the stimulus to take up the matter and to spend a few years on it. 4. Encapsulation of the SCM process Based on author’s intuition rather than having committed an extended research a technique has been proposed to ensure the completeness and timeliness of the source code - the self- deployment of production environments by the acquirer with its own repository, or carrying out this task by a trusted third party, thus avoiding any unauthorized, undocumented or just unknown changes to go live. If adapted also to tests environments and accompanied by some supervision of repositories' content it helps avoid the deployment of untested changes. Therefore, to avoid “contamination” of changes, the following preventive encapsulation is proposed: 1. the software supplier should be formally obliged to the provision of the complete source code (vide description, see Section 2) with an unequivocal documentation of compilation sequence and a deployment procedure, most preferably a script, eg a Jenkins job, 2. after the construction phase the supplier should submit the code to the acquirer's repository, by hand or by automated replication of the supplier's own repository. The decision on which stages of the project the code is to be delivered and whether the test environment should also be subject to the regime of this process depends on the particular organization and situation. 3. the supplier provides the address (location) of the source code (for Subversion in form of URL@REVISION). The location of each version should be stored in a Configuration Management Data Base (CMDB). This detail is important as there can be hundreds of branches in the repository and the withdrawal of changes due to the occurrence of unforeseen, negative occurrences requires the knowledge of the location of the previous version. A good practice is to appoint a person (a product owner) responsible for keeping CMDB up-to-date, even if the release history is supported by tools. 4. The code submitted by the supplier, which location is stored, is checked out from the repository under the supervision of a person who is loyal to the acquirer (if the process is not automated). 5. The code gets compiled as described in the compilation procedure under the same supervision; executables are produced. 6. The interpreted code and executables are deployed to runtime environments under
5 supervision or in an automated way. Let us repeat – the only executable allowed to be deployed is the one produced in step 5 (the interpreted code checked out in step 4) 7. in further phases stabilization and maintenance fixes are delivered (and new change requests, new functionalities) – the process iteratively returns to step 2. Encapsulation does not mean here creating a black box, hiding implementation details. The idea is to restrict human interference which would mean adding some undocumented knowledge, complicating repeatability of the process. If you pursue that process at least for production environments then you get confidence of having up-to-date and complete source code. With one crucial exception – this process does not guarantee the delivery of source code for libraries other than open-source software and commercial third-party stuff. We mean libraries with ordered functionalities for which no source code is provided, deliberately or mistakenly. Human intervention is required, periodically or every time – the verification of changes in the list of libraries required for the purpose of compilation. Unfortunately, sometimes we discover the lack of code for a library many years after an implemented change, when you need to change the functionality delivered by the library, often when its author is not available or the agreement frees him from liability. Such a library or a part of it is to be implemented from scratch. As stated before, this is not always due to malice intent of software provider, they may also have competency gaps, as well as their sub-contractors. 5. An alternative for encapsulation While studying various SCM process implementations the author noticed two alternatives to the implementation of the above-described approach to source code management (as a method of achieving completeness of the code): - performing at certain intervals a comparison of code archive with the content of production environments. - deploying the production environment from the repository periodically or at the end of an outsourcing contract, with extensive regression tests. These methods allow to dispense with keeping excessive human resources on the acquirer’s side. However: • such ad-hoc actions must be conducted or supervised by a competent and loyal third party, usually a highly paid consultant. • due to the nature of technology it is not always possible to determine the conformity of the object code (executables), even if they are formed from the same source code. • The restoration of the production runtime environment from the repository is generally not accepted by the business side because of the risk of downtime and requires costly regression testing of the whole system. • an efficient, repeatable process, subjected to self-optimization, in which people act in a quasi-automatic, learned way, is usually much less expensive (and often even unnoticed) than single audits, requiring escalations and interfering with the course of other business processes in the company. • postulated in Section 4 techniques and tools do not imply the creation of any new process or process instance, but they only shift already functioning activities in terms of supervision, roles and tools towards the acquirer. The resulting costs are already incurred and included in the price, the acquirer pays for them (eg for the repository storage for developers) as the supplier is not a charity organization. So the postulated change is
mainly about the loyalty of supervisors, ownership of tools and procedures and their location. 6. The SCM process maturity It is suggested that you can't control what you can't measure [7]. For the needs of a transformation of source code management within a vast collection of systems (197 systems, some of them counting 1M+ lines of code) the author developed an assessment model [8] with a process maturity measure (see Fig. 1) which described the degree of encapsulation. In this way it was possible to report transparently (eg with suggestive colors) and numerically the progress of expected organizational changes and to report aggregated values per department or functional area. The idea was to assign a number to qualitative attributes that described the achievement of an important milestone, as follows: • level 0 (black): lack of source code, unknown location of code • level 1 (red): source code in a drawer, in a server, not in a repository under version control • level 2 (orange): code under version control, known location stored in CMDB but unable to compile it – no knowledge, no tools or no hardware. A case where there is the knowledge and tools but they are not used for deployment is also classified as Level 2. Here we have no certainty that the code is coherent with the production environment (eg environments are deployed from supplier’s repository). That is probably the most common case in the business with an outsourced IT - a semblance of having complete source code. • level 3 (yellow): the production environment is deployed from code owner’s repository (the process is supervised) but compilers are owned or managed by the supplier or the compilation is an arduous process – no single build script. In other words – we have much more trust in the content of a repository but there might be some knowledge missing how to use it. This situation might be very risky too – old versions of tools might be hard to get, threats arising from a migration to new compilers might be hard to accept by the business owner. For the interpreted code this level could be the first to be labeled “code under control” as level 4 and 5 are compilation oriented. • level 4 (green): compilation/build of a system might still be conducted „by hand” but it is carried out in business owner’s environments (not in suppliers’ premises) and a single build script exists – the build knowledge is stored in form of a computer algorithm/sequence, not stored in someone’s head or an ambiguous text description. Executables produced by this script are deployed to the production environment. In other words – we have the code, compilers and most of the knowledge, we use them but there is little automation. • level 5 (light blue): automated build, compilation is carried out eg. by a continuous integration tool - there is a front-end with the “build” button and build history. It is an important step because of getting rid of the human factor and due to the repeatability of the process. • level 6 (navy blue): the production environment is deployed automatically with no human intervention, the executable is distributed by a script/robot. That is the last place for a human to monopolize the knowledge and a vital step towards increased operational efficiency.
7 Fig. 1. Levels of maturity of source code management When the transformation started more than half of the code was not in the repository. After fifteen months nearly all compiled systems had their own compilation automation, many compilation scripts were written from scratch as suppliers did not want to provide them or there was not any contract relationship with any supplier at that time. About one third of systems (71 of total 197) stayed at the level 3 as they had no compiled components. Fig. 2. The progress of code maturity within a SCM transformation carried out by the author – the share of maturity levels within 197 systems. 7. The code integration pattern – have the changes been well tested? There is a trait of code that requires special attention and which characterizes both the trust in code and the quality of the whole SCM process. The following questions may be raised during a software project: - were all changes planned for the next release ready to be merged to the integration branch before starting tests? - in other words - did the changes have the opportunity to be tested? - were all functionalities expected by business owner developed? At least developed before the code affected a test case? This might resemble the “fully merged” trait (see table 1) but it is not about forgetting to conduct a merge but about an intentional behavior – a decision to start integration or acceptance tests without having closed the development. Unfortunately the practice to construct source code
during tests is very common and may be caused by poor requirements management or inadequate volume of human resources (developers, testers). This is a pathological phenomenon - a disease which should be fought as it ruins quality. When there are fixed release deadlines it implies running untested functionalities. The source code repository lets you easily, quickly and cheaply measure the percentage of source code delivered at each project phase. If you use Subversion then 'svn diff' does the trick. If a reasonable threshold is exceeded you can analyze the causes and risks. This is feasible provided that also the test environments are made hermetic (encapsulated; see Section 4), not only the production ones. This metric is like a clinical thermometer, it aggregates all the pathologies which pollute today’s software processes. The concept to pay attention to the extent of code being constructed during particular project phases is not new. The code integration pattern was mentioned by Stephen Kan [5] as a “simple and useful project management and quality management tool” (see also [9]). The author measured the percentage of code constructed during integration and user acceptance tests during eighty-one projects, which changed five systems. The value (see table 2) is underestimated by at least ten percent points as in most cases there was a delay in the code delivery to the repository or indicated code revisions were late. On average 43% of the code was constructed during tests. System Number of projects Average [%] System1 5 56,3 System2 12 40,5 System3 14 33,9 System4 10 50,7 System5 40 43,8 Table 2. Average percentage of code constructed during tests Moreover, the number of projects with the value exceeding 80% was nearly the same as these below 20%. Fig. 3. Frequency of particular code integration patterns (the percentage of code constructed during tests) This data is presented to visualize the scale of the problem within modern companies, which aspire to become “digital” ones.
9 8. Some other interesting topics Many other interesting aspects related to the management of source code have been omitted here, which are a source of potential risks and opportunities, for example: • organization of work in the repository, including issues so meticulous as permitted directions of promoting bug fixes in the project branches, regime of code merges, naming of branches. • measurement of size changes in a software (backfired function points) • monitoring of code delivery and its impact onto work efficiency (Hawthorne effect [10]) • which programming language to choose to reduce lock-in to suppliers or meet expected performance goals? Summary There are many code characteristics which if treated carelessly can entail loss of the entire code or increased number of incidents in the production environment. Most of the risks described above are due to innate imperfect human nature. Software suppliers and employees will always want to have a better negotiating position by monopolizing know-how wherever possible. By automating tasks we can make the software process repeatable and self-documenting and the negative consequences of losing an employee are mitigated. Instead of a vague Word document XML files are used (eg. Jenkins jobs). The automation is often already used by software suppliers, mainly to oversee the work of subcontractors and their employees. No additional effort to be claimed and reimbursed! Therefore, the code management is not just a matter of engineering – it helps maintain competition in the supply of software and exerts pressure on the suppliers bids, thus it assists in building competitive advantage. References 1. ISO/ IEC CD 25010, Software Engineering: Software Product Quality Requirements and Evaluation (SQuaRE) Quality Model and guide. (2008) 2. Continuous Delivery: A Maturity Assessment Model. Forrester Consulting (2013) https://info.thoughtworks.com/Continuous-Delivery-Maturity-Model.html [16 March 2016] 3. Schweigert T., Vohwinkel D., Korsaa M., Nevalainen R., Biro M.: Agile maturity model: analysing agile maturity characteristics from the SPICE perspective. Journal of Software: Evolution and Process. DOI: 10.1002/smr 4. ISO/IEC 33004 2nd Edition, Information technology — Process assessment — Requirements for process reference, process assessment and maturity models. (2015) 5. Kan, S. H.: Metrics and Models in Software Quality Engineering. pp. 242, Addison-Wesley, Boston (2004) 6. ISO/IEC TR 9126-3, Software Engineering - Product Quality - Part 3: Internal Metrics. (2003) 7. DeMarco, T.: Controlling Software Projects: Management, Measurement and Estimates. pp. 3, Prentice Hall, Upper Saddle River (1982) 8. Wagner S.: Software Product Quality Control. pp. 36, Springer-Verlag, Berlin (2013) 9. Laird, L.M., Brennan, M.C.: Software Measurement and Estimation: A Practical Approach. pp. 186, IEEE Computer Society Press, Los Alamitos (2006)
10. Landsberger, H. A.: Hawthorne Revisited: Management and the Worker, Its Critics, and Developments in Human Relations in Industry. Ithaca, Cornell University (1958)

Recommended

Swe notes
Swe notesSwe notes
Swe notesMohammed Romi
 
Ian Sommerville, Software Engineering, 9th Edition Ch 4
Ian Sommerville, Software Engineering, 9th Edition Ch 4Ian Sommerville, Software Engineering, 9th Edition Ch 4
Ian Sommerville, Software Engineering, 9th Edition Ch 4Mohammed Romi
 
Requirements engineering
Requirements engineeringRequirements engineering
Requirements engineeringJennifer Polack
 
Ch4 req eng
Ch4 req engCh4 req eng
Ch4 req engsoftware-engineering-book
 
Software engg unit 1
Software engg unit 1 Software engg unit 1
Software engg unit 1 Vivek Kumar Sinha
 
Software Engineering- Crisis and Process Models
Software Engineering- Crisis and Process ModelsSoftware Engineering- Crisis and Process Models
Software Engineering- Crisis and Process ModelsNishu Rastogi
 
SE Unit 1
SE Unit 1SE Unit 1
SE Unit 1UmaMaheswariBHCInfor
 
Ian Sommerville, Software Engineering, 9th Edition Ch1
Ian Sommerville, Software Engineering, 9th Edition Ch1Ian Sommerville, Software Engineering, 9th Edition Ch1
Ian Sommerville, Software Engineering, 9th Edition Ch1Mohammed Romi
 

Recommended

Swe notes
Swe notesSwe notes
Swe notesMohammed Romi
 
Ian Sommerville, Software Engineering, 9th Edition Ch 4
Ian Sommerville, Software Engineering, 9th Edition Ch 4Ian Sommerville, Software Engineering, 9th Edition Ch 4
Ian Sommerville, Software Engineering, 9th Edition Ch 4Mohammed Romi
 
Requirements engineering
Requirements engineeringRequirements engineering
Requirements engineeringJennifer Polack
 
Ch4 req eng
Ch4 req engCh4 req eng
Ch4 req engsoftware-engineering-book
 
Software engg unit 1
Software engg unit 1 Software engg unit 1
Software engg unit 1 Vivek Kumar Sinha
 
Software Engineering- Crisis and Process Models
Software Engineering- Crisis and Process ModelsSoftware Engineering- Crisis and Process Models
Software Engineering- Crisis and Process ModelsNishu Rastogi
 
SE Unit 1
SE Unit 1SE Unit 1
SE Unit 1UmaMaheswariBHCInfor
 
Ian Sommerville, Software Engineering, 9th Edition Ch1
Ian Sommerville, Software Engineering, 9th Edition Ch1Ian Sommerville, Software Engineering, 9th Edition Ch1
Ian Sommerville, Software Engineering, 9th Edition Ch1Mohammed Romi
 
Software engg unit 3
Software engg unit 3 Software engg unit 3
Software engg unit 3 Vivek Kumar Sinha
 
Software engineer
Software engineerSoftware engineer
Software engineerSocial Development Club
 
Unit1..
Unit1..Unit1..
Unit1..Pokuri BharathKumarChowdary
 
CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2SIMONTHOMAS S
 
SE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software DevelopmentSE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software DevelopmentAmr E. Mohamed
 
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17Michael Roy
 
Cots integration
Cots integrationCots integration
Cots integrationSaransh Garg
 
Whitepaper Omnext
Whitepaper OmnextWhitepaper Omnext
Whitepaper Omnextmeijerandre
 
Ch8-Software Engineering 9
Ch8-Software Engineering 9Ch8-Software Engineering 9
Ch8-Software Engineering 9Ian Sommerville
 
T24 Temenos Methodology Overview
T24 Temenos Methodology OverviewT24 Temenos Methodology Overview
T24 Temenos Methodology OverviewMichael Gowlett PMP, Prince 2 Practitioner
 
[EN] Success story Herakles
[EN] Success story Herakles[EN] Success story Herakles
[EN] Success story HeraklesItris Automation Square
 
Fundamentals of software development
Fundamentals of software developmentFundamentals of software development
Fundamentals of software developmentPratik Devmurari
 
Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8Mohammed Romi
 
[EN] PLC programs development guidelines
[EN] PLC programs development guidelines[EN] PLC programs development guidelines
[EN] PLC programs development guidelinesItris Automation Square
 
Software engineering lecture notes
Software engineering lecture notesSoftware engineering lecture notes
Software engineering lecture notesAmmar Shafiq
 
Advanced topics in software engineering
Advanced topics in software engineeringAdvanced topics in software engineering
Advanced topics in software engineeringRupesh Vaishnav
 
Introduction to Software Engineering SE1
Introduction to Software Engineering SE1Introduction to Software Engineering SE1
Introduction to Software Engineering SE1koolkampus
 
Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23koolkampus
 
Notes on software engineering
Notes on software engineeringNotes on software engineering
Notes on software engineeringErtan Deniz
 
Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020 Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020 MuhammadTalha436
 
3Audit Software & Tools.pptx
3Audit Software & Tools.pptx3Audit Software & Tools.pptx
3Audit Software & Tools.pptxjack952975
 
Ensuring code quality
Ensuring code qualityEnsuring code quality
Ensuring code qualityMikhailVladimirov
 

More Related Content

What's hot

CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2SIMONTHOMAS S
 
SE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software DevelopmentSE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software DevelopmentAmr E. Mohamed
 
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17Michael Roy
 
Whitepaper Omnext
Whitepaper OmnextWhitepaper Omnext
Whitepaper Omnextmeijerandre
 
Ch8-Software Engineering 9
Ch8-Software Engineering 9Ch8-Software Engineering 9
Ch8-Software Engineering 9Ian Sommerville
 
Fundamentals of software development
Fundamentals of software developmentFundamentals of software development
Fundamentals of software developmentPratik Devmurari
 
Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8Mohammed Romi
 
[EN] PLC programs development guidelines
[EN] PLC programs development guidelines[EN] PLC programs development guidelines
[EN] PLC programs development guidelinesItris Automation Square
 
Software engineering lecture notes
Software engineering lecture notesSoftware engineering lecture notes
Software engineering lecture notesAmmar Shafiq
 
Advanced topics in software engineering
Advanced topics in software engineeringAdvanced topics in software engineering
Advanced topics in software engineeringRupesh Vaishnav
 
Introduction to Software Engineering SE1
Introduction to Software Engineering SE1Introduction to Software Engineering SE1
Introduction to Software Engineering SE1koolkampus
 
Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23koolkampus
 
Notes on software engineering
Notes on software engineeringNotes on software engineering
Notes on software engineeringErtan Deniz
 
Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020 Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020 MuhammadTalha436
 

What's hot (20)

Software engg unit 3
Software engg unit 3 Software engg unit 3
Software engg unit 3
 
Software engineer
Software engineerSoftware engineer
Software engineer
 
Unit1..
Unit1..Unit1..
Unit1..
 
CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2CS8494 SOFTWARE ENGINEERING Unit-2
CS8494 SOFTWARE ENGINEERING Unit-2
 
SE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software DevelopmentSE_Lec 04_Agile Software Development
SE_Lec 04_Agile Software Development
 
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
Caught in a COTS Project - Strategies for Requirements Success 2011MAY17
 
Cots integration
Cots integrationCots integration
Cots integration
 
Whitepaper Omnext
Whitepaper OmnextWhitepaper Omnext
Whitepaper Omnext
 
Ch8-Software Engineering 9
Ch8-Software Engineering 9Ch8-Software Engineering 9
Ch8-Software Engineering 9
 
T24 Temenos Methodology Overview
T24 Temenos Methodology OverviewT24 Temenos Methodology Overview
T24 Temenos Methodology Overview
 
[EN] Success story Herakles
[EN] Success story Herakles[EN] Success story Herakles
[EN] Success story Herakles
 
Fundamentals of software development
Fundamentals of software developmentFundamentals of software development
Fundamentals of software development
 
Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8Ian Sommerville, Software Engineering, 9th EditionCh 8
Ian Sommerville, Software Engineering, 9th EditionCh 8
 
[EN] PLC programs development guidelines
[EN] PLC programs development guidelines[EN] PLC programs development guidelines
[EN] PLC programs development guidelines
 
Software engineering lecture notes
Software engineering lecture notesSoftware engineering lecture notes
Software engineering lecture notes
 
Advanced topics in software engineering
Advanced topics in software engineeringAdvanced topics in software engineering
Advanced topics in software engineering
 
Introduction to Software Engineering SE1
Introduction to Software Engineering SE1Introduction to Software Engineering SE1
Introduction to Software Engineering SE1
 
Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23Software Cost Estimation in Software Engineering SE23
Software Cost Estimation in Software Engineering SE23
 
Notes on software engineering
Notes on software engineeringNotes on software engineering
Notes on software engineering
 
Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020 Software Engineering Solved Past Paper 2020
Software Engineering Solved Past Paper 2020
 

Similar to Maturity of-code-mgmt-2016-04-06

3Audit Software & Tools.pptx
3Audit Software & Tools.pptx3Audit Software & Tools.pptx
3Audit Software & Tools.pptxjack952975
 
SPS IPC Drives 2015 - Itris Automation paper
SPS IPC Drives 2015 - Itris Automation paperSPS IPC Drives 2015 - Itris Automation paper
SPS IPC Drives 2015 - Itris Automation paperItris Automation Square
 
Constructing Enterprise Applications
Constructing Enterprise ApplicationsConstructing Enterprise Applications
Constructing Enterprise ApplicationsGem WeBlog
 
Pm soln9416141129710
Pm soln9416141129710Pm soln9416141129710
Pm soln9416141129710Nikhil Todkar
 
How to save on software maintenance costs
How to save on software maintenance costsHow to save on software maintenance costs
How to save on software maintenance costsFrancisJansen
 
IRJET- Development Operations for Continuous Delivery
IRJET- Development Operations for Continuous DeliveryIRJET- Development Operations for Continuous Delivery
IRJET- Development Operations for Continuous DeliveryIRJET Journal
 
term paper for cbd models
term paper for cbd modelsterm paper for cbd models
term paper for cbd modelsSukhdeep Singh
 
Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Thierry Gayet
 
Work of art practices in software development.
Work of art practices in software development. Work of art practices in software development.
Work of art practices in software development. Communication Progress
 
Software engineering introduction
Software engineering introductionSoftware engineering introduction
Software engineering introductionVishal Singh
 
Software Lifecycle Management
Software Lifecycle ManagementSoftware Lifecycle Management
Software Lifecycle ManagementAnkit Jain
 
Modern Software Testing Techniques: A Practical Guide for Developers and Testers
Modern Software Testing Techniques: A Practical Guide for Developers and TestersModern Software Testing Techniques: A Practical Guide for Developers and Testers
Modern Software Testing Techniques: A Practical Guide for Developers and TestersLucky Gods
 
ppt on sOFTWARE DEVELOPMENT LIFE CYCLE
ppt on sOFTWARE DEVELOPMENT LIFE CYCLE ppt on sOFTWARE DEVELOPMENT LIFE CYCLE
ppt on sOFTWARE DEVELOPMENT LIFE CYCLESwarnima Tiwari
 
Things most people don’t know about coding.pptx
Things most people don’t know about coding.pptxThings most people don’t know about coding.pptx
Things most people don’t know about coding.pptxharmanscott
 
Elementary Probability theory Chapter 2.pptx
Elementary Probability theory Chapter 2.pptxElementary Probability theory Chapter 2.pptx
Elementary Probability theory Chapter 2.pptxethiouniverse
 
Software Engineering Important Short Question for Exams
Software Engineering Important Short Question for ExamsSoftware Engineering Important Short Question for Exams
Software Engineering Important Short Question for ExamsMuhammadTalha436
 

Similar to Maturity of-code-mgmt-2016-04-06 (20)

3Audit Software & Tools.pptx
3Audit Software & Tools.pptx3Audit Software & Tools.pptx
3Audit Software & Tools.pptx
 
Ensuring code quality
Ensuring code qualityEnsuring code quality
Ensuring code quality
 
SPS IPC Drives 2015 - Itris Automation paper
SPS IPC Drives 2015 - Itris Automation paperSPS IPC Drives 2015 - Itris Automation paper
SPS IPC Drives 2015 - Itris Automation paper
 
Unit iv
Unit ivUnit iv
Unit iv
 
Constructing Enterprise Applications
Constructing Enterprise ApplicationsConstructing Enterprise Applications
Constructing Enterprise Applications
 
Pm soln9416141129710
Pm soln9416141129710Pm soln9416141129710
Pm soln9416141129710
 
How to save on software maintenance costs
How to save on software maintenance costsHow to save on software maintenance costs
How to save on software maintenance costs
 
IRJET- Development Operations for Continuous Delivery
IRJET- Development Operations for Continuous DeliveryIRJET- Development Operations for Continuous Delivery
IRJET- Development Operations for Continuous Delivery
 
term paper for cbd models
term paper for cbd modelsterm paper for cbd models
term paper for cbd models
 
Qa analyst training
Qa analyst training Qa analyst training
Qa analyst training
 
Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)
 
Work of art practices in software development.
Work of art practices in software development. Work of art practices in software development.
Work of art practices in software development.
 
1506.08725v1
1506.08725v11506.08725v1
1506.08725v1
 
Software engineering introduction
Software engineering introductionSoftware engineering introduction
Software engineering introduction
 
Software Lifecycle Management
Software Lifecycle ManagementSoftware Lifecycle Management
Software Lifecycle Management
 
Modern Software Testing Techniques: A Practical Guide for Developers and Testers
Modern Software Testing Techniques: A Practical Guide for Developers and TestersModern Software Testing Techniques: A Practical Guide for Developers and Testers
Modern Software Testing Techniques: A Practical Guide for Developers and Testers
 
ppt on sOFTWARE DEVELOPMENT LIFE CYCLE
ppt on sOFTWARE DEVELOPMENT LIFE CYCLE ppt on sOFTWARE DEVELOPMENT LIFE CYCLE
ppt on sOFTWARE DEVELOPMENT LIFE CYCLE
 
Things most people don’t know about coding.pptx
Things most people don’t know about coding.pptxThings most people don’t know about coding.pptx
Things most people don’t know about coding.pptx
 
Elementary Probability theory Chapter 2.pptx
Elementary Probability theory Chapter 2.pptxElementary Probability theory Chapter 2.pptx
Elementary Probability theory Chapter 2.pptx
 
Software Engineering Important Short Question for Exams
Software Engineering Important Short Question for ExamsSoftware Engineering Important Short Question for Exams
Software Engineering Important Short Question for Exams
 

More from Bogusz Jelinski

Dispatching taxi cabs with passenger pool
Dispatching taxi cabs with passenger poolDispatching taxi cabs with passenger pool
Dispatching taxi cabs with passenger poolBogusz Jelinski
 
Dispatching taxi / minibuses - about Kabina project
Dispatching taxi / minibuses - about Kabina projectDispatching taxi / minibuses - about Kabina project
Dispatching taxi / minibuses - about Kabina projectBogusz Jelinski
 
Dividend portfolio – multi-period performance of portfolio selection based so...
Dividend portfolio – multi-period performance of portfolio selection based so...Dividend portfolio – multi-period performance of portfolio selection based so...
Dividend portfolio – multi-period performance of portfolio selection based so...Bogusz Jelinski
 
Mobile development in 2020
Mobile development in 2020 Mobile development in 2020
Mobile development in 2020 Bogusz Jelinski
 
Home security with Raspberry Pi
Home security with Raspberry PiHome security with Raspberry Pi
Home security with Raspberry PiBogusz Jelinski
 
A few solvers for portfolio selection
A few solvers for portfolio selectionA few solvers for portfolio selection
A few solvers for portfolio selectionBogusz Jelinski
 

More from Bogusz Jelinski (8)

Dispatching taxi cabs with passenger pool
Dispatching taxi cabs with passenger poolDispatching taxi cabs with passenger pool
Dispatching taxi cabs with passenger pool
 
robotaxi2023.pdf
robotaxi2023.pdfrobotaxi2023.pdf
robotaxi2023.pdf
 
Dispatching taxi / minibuses - about Kabina project
Dispatching taxi / minibuses - about Kabina projectDispatching taxi / minibuses - about Kabina project
Dispatching taxi / minibuses - about Kabina project
 
Dividend portfolio – multi-period performance of portfolio selection based so...
Dividend portfolio – multi-period performance of portfolio selection based so...Dividend portfolio – multi-period performance of portfolio selection based so...
Dividend portfolio – multi-period performance of portfolio selection based so...
 
Mobile development in 2020
Mobile development in 2020 Mobile development in 2020
Mobile development in 2020
 
Jakt i-polen
Jakt i-polenJakt i-polen
Jakt i-polen
 
Home security with Raspberry Pi
Home security with Raspberry PiHome security with Raspberry Pi
Home security with Raspberry Pi
 
A few solvers for portfolio selection
A few solvers for portfolio selectionA few solvers for portfolio selection
A few solvers for portfolio selection
 

Recently uploaded

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 

Recently uploaded (20)

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 

Maturity of-code-mgmt-2016-04-06

  • 1. 1 Maturity of source code management – another approach to code quality Bogusz JELINSKI Abstract. Source code quality is often viewed only through the prism of the static analysis and good programming practices. But there are many other code characteristics which if treated carelessly can entail loss of the entire code or increased number of incidents in the production environment. The purpose was to depict the neglected traits of source code management (SCM) and to propose a tool which should address some process vulnerabilities – the encapsulation, in which the contamination of deployed code is prevented by limiting the input points and the dependency on humans are minimized. Additionally to the tool a metric has been proposed to measure the extent to which the process is made hermetic (SCM maturity), preventing code contamination. Finally statistical data is provided for the code integration pattern – one of the neglected trait of SCM. Keywords. Source code, quality, proces maturity, software process improvement, SPI, SCM. 1. Introduction Source code is a vital company asset – it is the core of the digital business. It determines the behavior of computer systems but is often not visible by the business staff and is not managed explicitly. When “good code quality” is required, “the compliance with good programming practices” is meant. It is overlooked that any perfect code can by outdated or licenses unconsciously used by developers can obligate code’s owner to share it with the whole Internet. The code can even be completely useless (any further change or maintenance blocked) as there might be no knowledge or tools to compile it. Missing know-how can effectively limit the competition between potential suppliers and can strengthen the negotiating position of the current one. One should also know that it is technically feasible to deliver a fully functional IT solution without having delivered the compiled part of the source code with all negative consequences for future development and maintenance. In less scary scenarios the way you use source code affects the efficiency of IT departments and the user experience. If you construct 90% of code during integration or user acceptance tests (see Section 7), either the tests are costly or the production environment is exposed to a serious threat. All three project dimensions - cost, time, scope/quality are badly affected. This article is based on author's experience in an implementation of the source code management process (SCM) in a large telecommunication company using hundreds of computer systems. The goal of the effort was to depict both threats arising from mismanagement of source code and ways to avoid negative consequences of the materialization of risks. The following key questions were formulated at the beginning of the research: 1. What configuration items should be managed to protect the source code? 2. What are the aspects of code quality? 3. What are the risks of a mismanagement? 4. How to design the SCM process in order to address these risks? 5. Can a performance indicator be proposed for the process? 6. Are there any other vital process metrics? For example – how much of the code is constructed during tests? As a result of the research a tool has been proposed, which addresses some process vulnerabilities – the encapsulation, in which the contamination of deployed code is prevented by
  • 2. limiting the code delivery points and the dependency on humans is minimized by enclosing their knowledge into the process (eg compilation and deployment scripts and tools). The improving performance of the process can be measured using a commonly understood scale – maturity, which may be also a part of a customized software maintainability measure, as the ISO 25010 [1] sees it but does not operationalize it. The term “SCM maturity” was used in a similar context eg by Forester Consulting [2] and there were many other attempts to create a software maturity model [3], not to mention ISO/IEC 33004 [4]. The maturity scale is proposed in Section 6, two snapshots of its progress measured during a vast IT transformation are provided. It is worth mentioning that the scale was used not only for measurement itself but also as an improvement guide - a checklist of good practices, a target to be achieved by managers. The goal of the SCM transformation was to provide complete and up to date source code for a vendor consolidation programme, so the idea behind was to concentrate on the asset management, not on agility or efficiency. 2. Elements of source code Let us make a brief summary what “source code” actually is. It is made up of files containing one or more instructions executed in a specified order by a computer. These instructions determine functionalities of a system, regardless of the programming language - C/C++, Java, PL/SQL, PHP or HTML. The source code also includes SQL scripts eg scripts performing a rollback to the last, error-free software version. When transferred to the purchaser the source code should also be accompanied by: • a description of compilation sequence and all tools necessary to complete the compilation, • resources not considered as source code but required to compile and run the system eg properties and configuration files, Ant/Maven scripts, and libraries, • shell scripts used to compile, configure, run, manage, and monitor the system, • unit tests – numerous albeit small fragments of code which goal is to verify the correct operation of the code itself. 3. How does the quality of code manifest itself? The table below presents some operational characteristics linked to the quality of code. This is more a subjective business approach than an attempt to provide a complete categorization of software characteristics as proposed in ISO-25010 [1]. Trait Description If neglected up to date coherent with the production environment some functionalities missing complete containing all the elements indicated in Section 2. a blocker for development and maintenance compilable the software process (dynamic) perspective - should compile if complete. a blocker like above. If we do not know how to compile the code or do not have tools to do it we are unable to conduct any change in a computer system. Its
  • 3. 3 source code has then only a sentimental value for us. fully merged no change/functionality forgotten for a release (ISO functional suitability/completeness) some functionalities missing when the release goes live. well tested Had all expected functionalities been delivered before tests started? What does code integration pattern [5] look like? More issues on production likely to appear (see Section 7) coding standards obeyed ISO-9126-3 [6] (replaced by ISO- 25010) or other good programming practices conformed with. Security or performance issues, code hard to maintain open- source licenses obeyed One has to be sure that a software complies with open-source (BSD, ASL, …) and free software (GPL, LGPL) licenses, as these licenses are unconsciously used by developers. It can restrict the use of software. In the best case - you shall be forced to reveal your source- code. low IT debt that metaphor of the coding standards has gained momentum lately. It is an attempt to estimate how much would it cost to remove from the source code all violations of good practices. The methodology for the calculation of this measure is still in its infancy. The interest on the debt is the cost of bug-fixing eco friendly (green index) Yet another metaphor – how greedy for computing power a software is. It might combine the static analysis with a some run-time characteristics – memory and processor usage More energy consumed. more hardware to be purchased. code reused Avoid duplication of functionalities within one system (less copy-pastes) and across the organization - see ISO/IEC 25010 reusability. It can help reduce the cost of system development. Software harder to maintain. code covered what proportion of code is being tested by tests such as unit tests? Higher risk of bugs Table 1 – Traits of the good quality code. Three traits from the table will be discussed in more detail later on. Any discourse about code quality should (but very often fails to) start with its completeness (or integrity, if ISO terminology is to be followed) and being up-to-date. In order to protect these valuable characteristics it is proposed to meet a few requirements regardless to what extent the IT services have been outsourced: • take care of legal aspects, including the right to independently modify the source code if it
  • 4. is reasonable. • store the code in your own repository (revision/version control system, in other words) or at least in one which is maintained by a trusted third party (escrow). • oversee your manufacturing process to be sure that your source code repository is consistent at least with your production environment. You can do it by encapsulation of the code management process (recommended, see below) or by a periodic comparison of the repository with runtime environments. • automate as many steps of the process as feasible. Get rid of the human factor. • review (inspect) your code manually or automatically and measure other process characteristics (the code integration pattern – see below). All source code should be conserved, not only that of the biggest or critical systems. It happens that a loss of source code of a seemingly irrelevant module, which is integrated (sometimes in an undocumented way) with crucial systems blocks an important change in these crucial systems. That was exactly the case that gave the author of this article the stimulus to take up the matter and to spend a few years on it. 4. Encapsulation of the SCM process Based on author’s intuition rather than having committed an extended research a technique has been proposed to ensure the completeness and timeliness of the source code - the self- deployment of production environments by the acquirer with its own repository, or carrying out this task by a trusted third party, thus avoiding any unauthorized, undocumented or just unknown changes to go live. If adapted also to tests environments and accompanied by some supervision of repositories' content it helps avoid the deployment of untested changes. Therefore, to avoid “contamination” of changes, the following preventive encapsulation is proposed: 1. the software supplier should be formally obliged to the provision of the complete source code (vide description, see Section 2) with an unequivocal documentation of compilation sequence and a deployment procedure, most preferably a script, eg a Jenkins job, 2. after the construction phase the supplier should submit the code to the acquirer's repository, by hand or by automated replication of the supplier's own repository. The decision on which stages of the project the code is to be delivered and whether the test environment should also be subject to the regime of this process depends on the particular organization and situation. 3. the supplier provides the address (location) of the source code (for Subversion in form of URL@REVISION). The location of each version should be stored in a Configuration Management Data Base (CMDB). This detail is important as there can be hundreds of branches in the repository and the withdrawal of changes due to the occurrence of unforeseen, negative occurrences requires the knowledge of the location of the previous version. A good practice is to appoint a person (a product owner) responsible for keeping CMDB up-to-date, even if the release history is supported by tools. 4. The code submitted by the supplier, which location is stored, is checked out from the repository under the supervision of a person who is loyal to the acquirer (if the process is not automated). 5. The code gets compiled as described in the compilation procedure under the same supervision; executables are produced. 6. The interpreted code and executables are deployed to runtime environments under
  • 5. 5 supervision or in an automated way. Let us repeat – the only executable allowed to be deployed is the one produced in step 5 (the interpreted code checked out in step 4) 7. in further phases stabilization and maintenance fixes are delivered (and new change requests, new functionalities) – the process iteratively returns to step 2. Encapsulation does not mean here creating a black box, hiding implementation details. The idea is to restrict human interference which would mean adding some undocumented knowledge, complicating repeatability of the process. If you pursue that process at least for production environments then you get confidence of having up-to-date and complete source code. With one crucial exception – this process does not guarantee the delivery of source code for libraries other than open-source software and commercial third-party stuff. We mean libraries with ordered functionalities for which no source code is provided, deliberately or mistakenly. Human intervention is required, periodically or every time – the verification of changes in the list of libraries required for the purpose of compilation. Unfortunately, sometimes we discover the lack of code for a library many years after an implemented change, when you need to change the functionality delivered by the library, often when its author is not available or the agreement frees him from liability. Such a library or a part of it is to be implemented from scratch. As stated before, this is not always due to malice intent of software provider, they may also have competency gaps, as well as their sub-contractors. 5. An alternative for encapsulation While studying various SCM process implementations the author noticed two alternatives to the implementation of the above-described approach to source code management (as a method of achieving completeness of the code): - performing at certain intervals a comparison of code archive with the content of production environments. - deploying the production environment from the repository periodically or at the end of an outsourcing contract, with extensive regression tests. These methods allow to dispense with keeping excessive human resources on the acquirer’s side. However: • such ad-hoc actions must be conducted or supervised by a competent and loyal third party, usually a highly paid consultant. • due to the nature of technology it is not always possible to determine the conformity of the object code (executables), even if they are formed from the same source code. • The restoration of the production runtime environment from the repository is generally not accepted by the business side because of the risk of downtime and requires costly regression testing of the whole system. • an efficient, repeatable process, subjected to self-optimization, in which people act in a quasi-automatic, learned way, is usually much less expensive (and often even unnoticed) than single audits, requiring escalations and interfering with the course of other business processes in the company. • postulated in Section 4 techniques and tools do not imply the creation of any new process or process instance, but they only shift already functioning activities in terms of supervision, roles and tools towards the acquirer. The resulting costs are already incurred and included in the price, the acquirer pays for them (eg for the repository storage for developers) as the supplier is not a charity organization. So the postulated change is
  • 6. mainly about the loyalty of supervisors, ownership of tools and procedures and their location. 6. The SCM process maturity It is suggested that you can't control what you can't measure [7]. For the needs of a transformation of source code management within a vast collection of systems (197 systems, some of them counting 1M+ lines of code) the author developed an assessment model [8] with a process maturity measure (see Fig. 1) which described the degree of encapsulation. In this way it was possible to report transparently (eg with suggestive colors) and numerically the progress of expected organizational changes and to report aggregated values per department or functional area. The idea was to assign a number to qualitative attributes that described the achievement of an important milestone, as follows: • level 0 (black): lack of source code, unknown location of code • level 1 (red): source code in a drawer, in a server, not in a repository under version control • level 2 (orange): code under version control, known location stored in CMDB but unable to compile it – no knowledge, no tools or no hardware. A case where there is the knowledge and tools but they are not used for deployment is also classified as Level 2. Here we have no certainty that the code is coherent with the production environment (eg environments are deployed from supplier’s repository). That is probably the most common case in the business with an outsourced IT - a semblance of having complete source code. • level 3 (yellow): the production environment is deployed from code owner’s repository (the process is supervised) but compilers are owned or managed by the supplier or the compilation is an arduous process – no single build script. In other words – we have much more trust in the content of a repository but there might be some knowledge missing how to use it. This situation might be very risky too – old versions of tools might be hard to get, threats arising from a migration to new compilers might be hard to accept by the business owner. For the interpreted code this level could be the first to be labeled “code under control” as level 4 and 5 are compilation oriented. • level 4 (green): compilation/build of a system might still be conducted „by hand” but it is carried out in business owner’s environments (not in suppliers’ premises) and a single build script exists – the build knowledge is stored in form of a computer algorithm/sequence, not stored in someone’s head or an ambiguous text description. Executables produced by this script are deployed to the production environment. In other words – we have the code, compilers and most of the knowledge, we use them but there is little automation. • level 5 (light blue): automated build, compilation is carried out eg. by a continuous integration tool - there is a front-end with the “build” button and build history. It is an important step because of getting rid of the human factor and due to the repeatability of the process. • level 6 (navy blue): the production environment is deployed automatically with no human intervention, the executable is distributed by a script/robot. That is the last place for a human to monopolize the knowledge and a vital step towards increased operational efficiency.
  • 7. 7 Fig. 1. Levels of maturity of source code management When the transformation started more than half of the code was not in the repository. After fifteen months nearly all compiled systems had their own compilation automation, many compilation scripts were written from scratch as suppliers did not want to provide them or there was not any contract relationship with any supplier at that time. About one third of systems (71 of total 197) stayed at the level 3 as they had no compiled components. Fig. 2. The progress of code maturity within a SCM transformation carried out by the author – the share of maturity levels within 197 systems. 7. The code integration pattern – have the changes been well tested? There is a trait of code that requires special attention and which characterizes both the trust in code and the quality of the whole SCM process. The following questions may be raised during a software project: - were all changes planned for the next release ready to be merged to the integration branch before starting tests? - in other words - did the changes have the opportunity to be tested? - were all functionalities expected by business owner developed? At least developed before the code affected a test case? This might resemble the “fully merged” trait (see table 1) but it is not about forgetting to conduct a merge but about an intentional behavior – a decision to start integration or acceptance tests without having closed the development. Unfortunately the practice to construct source code
  • 8. during tests is very common and may be caused by poor requirements management or inadequate volume of human resources (developers, testers). This is a pathological phenomenon - a disease which should be fought as it ruins quality. When there are fixed release deadlines it implies running untested functionalities. The source code repository lets you easily, quickly and cheaply measure the percentage of source code delivered at each project phase. If you use Subversion then 'svn diff' does the trick. If a reasonable threshold is exceeded you can analyze the causes and risks. This is feasible provided that also the test environments are made hermetic (encapsulated; see Section 4), not only the production ones. This metric is like a clinical thermometer, it aggregates all the pathologies which pollute today’s software processes. The concept to pay attention to the extent of code being constructed during particular project phases is not new. The code integration pattern was mentioned by Stephen Kan [5] as a “simple and useful project management and quality management tool” (see also [9]). The author measured the percentage of code constructed during integration and user acceptance tests during eighty-one projects, which changed five systems. The value (see table 2) is underestimated by at least ten percent points as in most cases there was a delay in the code delivery to the repository or indicated code revisions were late. On average 43% of the code was constructed during tests. System Number of projects Average [%] System1 5 56,3 System2 12 40,5 System3 14 33,9 System4 10 50,7 System5 40 43,8 Table 2. Average percentage of code constructed during tests Moreover, the number of projects with the value exceeding 80% was nearly the same as these below 20%. Fig. 3. Frequency of particular code integration patterns (the percentage of code constructed during tests) This data is presented to visualize the scale of the problem within modern companies, which aspire to become “digital” ones.
  • 9. 9 8. Some other interesting topics Many other interesting aspects related to the management of source code have been omitted here, which are a source of potential risks and opportunities, for example: • organization of work in the repository, including issues so meticulous as permitted directions of promoting bug fixes in the project branches, regime of code merges, naming of branches. • measurement of size changes in a software (backfired function points) • monitoring of code delivery and its impact onto work efficiency (Hawthorne effect [10]) • which programming language to choose to reduce lock-in to suppliers or meet expected performance goals? Summary There are many code characteristics which if treated carelessly can entail loss of the entire code or increased number of incidents in the production environment. Most of the risks described above are due to innate imperfect human nature. Software suppliers and employees will always want to have a better negotiating position by monopolizing know-how wherever possible. By automating tasks we can make the software process repeatable and self-documenting and the negative consequences of losing an employee are mitigated. Instead of a vague Word document XML files are used (eg. Jenkins jobs). The automation is often already used by software suppliers, mainly to oversee the work of subcontractors and their employees. No additional effort to be claimed and reimbursed! Therefore, the code management is not just a matter of engineering – it helps maintain competition in the supply of software and exerts pressure on the suppliers bids, thus it assists in building competitive advantage. References 1. ISO/ IEC CD 25010, Software Engineering: Software Product Quality Requirements and Evaluation (SQuaRE) Quality Model and guide. (2008) 2. Continuous Delivery: A Maturity Assessment Model. Forrester Consulting (2013) https://info.thoughtworks.com/Continuous-Delivery-Maturity-Model.html [16 March 2016] 3. Schweigert T., Vohwinkel D., Korsaa M., Nevalainen R., Biro M.: Agile maturity model: analysing agile maturity characteristics from the SPICE perspective. Journal of Software: Evolution and Process. DOI: 10.1002/smr 4. ISO/IEC 33004 2nd Edition, Information technology — Process assessment — Requirements for process reference, process assessment and maturity models. (2015) 5. Kan, S. H.: Metrics and Models in Software Quality Engineering. pp. 242, Addison-Wesley, Boston (2004) 6. ISO/IEC TR 9126-3, Software Engineering - Product Quality - Part 3: Internal Metrics. (2003) 7. DeMarco, T.: Controlling Software Projects: Management, Measurement and Estimates. pp. 3, Prentice Hall, Upper Saddle River (1982) 8. Wagner S.: Software Product Quality Control. pp. 36, Springer-Verlag, Berlin (2013) 9. Laird, L.M., Brennan, M.C.: Software Measurement and Estimation: A Practical Approach. pp. 186, IEEE Computer Society Press, Los Alamitos (2006)
  • 10. 10. Landsberger, H. A.: Hawthorne Revisited: Management and the Worker, Its Critics, and Developments in Human Relations in Industry. Ithaca, Cornell University (1958)