Thursday, February 08, 2007

Change is good

I've accepted a new job with Envisage Technologies, a small software company in Bloomington. I'm excited about it as it's a company with a firm interest in agile principles:

Do ideas by the Gang of Four, Steve McConnell, Martin Fowler, Tom DeMarco and Kent Beck resonate with you? Join an experienced team of developers in an Agile environment...

So I'm no longer working in Indianapolis for the first time in more than ten years - I'm not sure what I'm going to do with all the extra time!

(I've also set up a LinkedIn account as per Guy Kawasaki's suggestion. Drop me a line if you want to connect to me.)

Tuesday, February 06, 2007

Prius anti-skid props

The problem with having six inches of snow dumped on us is that the hill that leads to our house has a slope that isn't quite a vertical wall, but that's pretty close. So as I was heading home my wife assured me she'd seen the plow go by, and I decided to take the hill, which in good weather would be five minutes, as opposed to going the long way round and taking half an hour.

Up I started, accelerating to about 25 MPH and getting at least 30 or 40 yards before realizing that the plow hadn't been by recently enough to make a difference. It was easily the worst snow I'd ever tackled on the hill before, and it's not fun having to back down that slope, let me tell you. Especially with the literal vertical drop on the side that sends you ten feet straight down before the drop is conveniently stopped by a tree.

But here's what the Prius does, straight from the brochure:

Motor Traction Control (TRC) – TRC uses sensors which automatically apply the brake to any slipping wheel while delivering more power to the wheels with greater traction.
Vehicle Stability Control (VSC)* – VSC senses oversteer (tail slide) and understeer (nose pushing forward), and managing the power delivered to each wheel.


It was a beautiful thing. I kept the accelerator right around 25 and the car took over from there. It never slipped sideways, never fishtailed, and actually applied acceleration to the wheels in bursts of a couple of hundred milliseconds at a time, followed by coasting to grab what little traction it could, and then accelerating again, and I was at the top of the hill as nice as pie. I only felt guilty for not stopping the cars I passed and telling them, "Your car got TRC? Got VSC? Then DON'T try the hill tonight! Just because my car can do it doesn't mean yours can!" What a beautifully engineered vehicle.

Thursday, February 01, 2007

WiX installer and Error 2708 (No entries found in the file table)

I had to add different versions of a file to my installer today. Seemed easy enough to do - the files were available in the right places and everything, so I added a version number on to the old file ID, added a new file with the new version number, and called it a day, right?

Not so fast. Compile up the install and run it:

Error 2708: No entries found in the file table.

Say what? Must have been a file system glitch. Open up the MSI with Orca and check the file table; well, yes, it has lots of entries, no trouble there. What's going on here?

Buried deep in the search results for the error code I found this page. The comment from Jane D pointed out that she'd seen this error while having problems with the Duplicate File table rather than the File table - and that jogged my memory. In a separate component I had a CopyFile element that was pointing to my file, and it still had the old file ID reference, now orphaned. Update the reference, recompile, and bingo. Working install.

I see this as a bug in the WiX linker: why did it build the MSI with this unresolved reference? I'll have to post something to the mailing list at some point.

Thursday, January 25, 2007

Credibility redux

Y'know, I'm not affiliated with Microsoft at all, although I own some stock and use their products happily. So I'd like to think that when I say something like, this Microsoft employee has credibility, it's because the employee actually has credibility and not because I'm biased or brainwashed towards the Borg.

I've been a loyal subscriber of Dare Obasanjo for at least a couple of years now, and a happy user of RSS Bandit, although I'm now evolving a bit into Google Reader for its mobile capabilities. So when I read his article about changing Wikipedia I didn't think much about it; mildly interesting but not a big deal, and his changes in the TechCrunch entry certainly deserved reverting under the Wikipedia "No experimenting" clause. But Michael Arrington's reaction was out of line:

A Microsoft employee, who took issue with this blog post, vandalized the TechCrunch Wikipedia entry and wrote about it on his blog.

That is a misuse of the word vandalized by any stretch of the imagination. Dare added maybe a couple of sentences with a dry, unemotional tone. He put up an apology in the comments, too, but in two or three comments (which have now disappeared) Arrington repeated the vandalism charge, and he's showing no signs of backing down. IMO, there is a serious credibility gap in repeating an emotionally charged word like that in response to some rather minor issues. I'd never heard of Arrington before, or read TechCrunch. This little flap doesn't make me want to, either. Michael Arrington joins Andrew Orlowski in my credibility book.

Wednesday, January 24, 2007

B2B 2.0

Chris has left LibraryThing. I don't know him, but apparently he's done some really good work for one of my favorite Web 2.0 plays; a social site based around book collecting.

There are lots of definitions of Web 2.0, but at least one of the principles that seems to define it is "Online Community". Flickr, YouTube, Yahoo! Answers. Online communities have been around since the beginning, of course, at first through mailing lists and NNTP servers, later through applications and, eventually, web sites. When we at Sunstorm were working on a version of Deer Hunter that was going to have a multiplayer mode - we had only the vaguest idea how that might work - I went to a seminar at the Game Developer's Conference on the topic of building online communities. We did a little work towards it; our web site ran some decent forum software, but in 1998 the Deer Hunter target market did not actually overlap with people who spent a lot of time online, which was hampering.

At least we had a good size target market. Combine the lush outdoor scenery of Deer Hunter 3 with a visionary concept of online communication, and we might have had our own version of Second Life on our hands, five years before anyone else. But of course, we didn't have the vision thing. It's still the hardest part of launching a consumer oriented web site. Wal-Mart tried it. Xanga was hip for a while. Not much there there, now.

But what about an online community as part of a B2B play? Not a corporate MySpace, but a self-selecting group made up of users of your product. If your target is geeks you might have a leg up here; Kinook has a nice online forum. Axosoft has forums and bloggers. The forum we put up at Interactive Intelligence seems to be buzzing along nicely. When I was there the customer base was very technical; that may be less so as their customer base has grown. But I think an actual, product-based online community is very workable for a business-to-business company. More later.

Thursday, January 18, 2007

The blogging split

I got into a discussion with someone concerning the blogosphere and its effect on corporations today. Here's something I hadn't really thought about in a couple of years: when was the last time someone was dooced? It's been a while, I think; or at least when it does happen it's not much of a story and the mainstream media doesn't pick it up.

So what happened? Did everyone just sort of "get it" ? I would say more that the world is sort of partitioning itself off now. On the corporate side, corporations are splitting into sort of "New Media" companies, Microsoft and Sun, where bloggers are allowed almost free rein, and "Old Media" companies, Wal-Mart say, or GM, where they feel it's very important that the company try to keep absolute control of the image of the company and don't allow their employees much say. That's not to say there isn't crossover; I understand one Microsoft division wanted Robert Scoble fired after he said something critical about the company, while GM actually has a blog...a rather corporate-oriented one, to be sure, but it does allow comments and they don't appear to censor them for criticizing the company.

On the other hand bloggers, or better I should say people, are splitting off as well. You see a lot of blogs around where someone started the blog, posted a few things, then apparently dropped off the face of the earth. Or possibly they write an article once a month or so apologizing for not blogging more and promising to do better from now on. Hey, blogging is hard, and most of us aren't getting paid for it. I've been known to go a month or two without posting. So there's more of a split between people who blog and people who read.

So I suspect what's happening is that people who blog, are moving over to work for companies who support blogging! Maybe not a momentous insight, but I can't think of anyone else who's come out and said it. People who don't blog, can stick around with the companies that are trying so hard to control their messages. That's why, I suspect, that you haven't heard much noise about doocing recently. People have sorted out where they belong; companies have clearer policies about what they expect and employees have a clearer understanding of what they're looking for.

(If they don't, I guess they'll have to buy Shel Israel's new book to clarify things.)

Wednesday, January 10, 2007

Building a cathedral

A traveler visited a city where many stone cutters were working. Approaching several, he asked the same question: "What are you doing?" The first stonecutter he met replied, "I'm cutting stone. It's dull work, but it pays the bills." A second stonecutter responded, "I'm the best stone cutter in the land. Look at the smoothness of this stone, how perfect the edges are." A third pointed to a foundation several yards away, and said, "I'm building a cathedral."

Thanks to Grady Booch and Joe Marasco for the story!

Wednesday, December 13, 2006

New Technology High School

This High School is a model for high tech high schools that's being pushed by the Gates Foundation and probably some other places, and they're thinking about trying one out in Bloomington, or at least they've gotten 50 G's in order to study the possibility. Some of the money went to bringing in a speaker to discuss the possibility, so along with a couple of hundred other people, I went to check it out. My initial reaction is, Groovy. I hated high school, and it's only ten years from now that my son will start it. I'd like him to have some choices about where to go, and this model seems pretty nice. They want to keep it to 400 students, as opposed to the thousand or so at each Bloomington high school now. I've commented elsewhere about not really understanding the Indiana charter school system; I suppose this would be one of those.

I'm hearing some contradictory things about the school, though. For example, a questioner asked last night about the per-student cost of the school. The response was that the school doesn't get any more from the state than any other school would get, and that technology was the biggest expense. But the little handout we got actually says, small school and class size allows students to take responsibility for their own learning...So I wonder which it is. I'd guess that any school would find that graduation rates would inversely correlate to class size. Also, two separate articles in the paper (subscription required) tell us that the school (a) caters to students in the job market, and (b) most graduates go on to higher education. What the heck does that mean?

The speaker explained a little bit of what the school was about; all very nice; focus on communication skills and working as a team, computers for everyone, community internships. I think you can have two kinds of high schools: the kind where kids are motivated and enthusiastic about doing stuff, and the kind where the kids are biding their time until they can get out and go do something else. When you have the first kind, the students are going to be self-selecting - they have to want to go to the school. This is why I think charter schools and school choice are good ideas. So for that reason alone I think this school would be a good idea.

But the audience had a lot of good questions; some sublime; some ridiculous; all very practical. The inevitable "What about sports?" question was asked, which of course really means, "What if my kid wants to go there but he's also a basketball star?" The responder didn't really pick up on that dynamic, mentioning that the schools in California play Ultimate Frisbee against each other. Yeah, great. But the local guy did mention that allowing the students to play on the big school teams was a possibility.

A lot of the questions made me think, though, that either by state law or by educator attitudes, the school system isn't really ready to shift paradigms. I don't necessarily blame them; it's not an easy thing to do. But there were questions about honors degrees and demographics. The California panelist pointed out that an honors degree is a pretty divisive thing, and how can you teach teamwork in that sort of environment? The local panelist said that he thought the demographics would have to mirror those for the local high schools, so this school would have the same proportion of special needs students, minorities, gifteds, etc. I don't see how they can do that and still have the students be self-selecting, not to mention I find it extremely irritating when people are classified into "black", "poor", "special ed" or groups, even when the goal is to create balance.

So there's plenty to think about still. But I hope they do it. And if I'm still around town in ten years, I'll probably be pushing my kid to go there. If you see a chance, take it.

Thursday, October 26, 2006

The Guerrilla Guide to Interviewing

Joel's latest article on interviewing is up. It makes some good points, although he continues with the down-to-the-metal idiosyncracy that I posted about last year. But here are the things that I thought were really good points:
  • Hire/No-Hire . Make a decision. If you don't know, the answer is No Hire. I've run into this before when interviewing an entry-level guy for a position that required more skills than that. We recommended he be hired for Support instead. I'm not sure that that wasn't the right decision, but as a principle I like this one.
  • You want people who are smart, and who get things done. Joel describes people who fail at one or the other, and I think I've worked with most of them before.
  • A programmer should understand pointers, and recursion. Joel comments that a lot of people are coming out of school without learning a language that requires pointers, which is a problem. Less so with recursion. He says that pointers are an aptitude rather than a skill.

At the end he says, confidently,

If your resume and phone-screening process is working, you’ll probably have about 20% hires in the live interview.

True at FogBugz, no doubt. I've not really seen it here in Indianapolis, where the local talent pool is so small. But you never know, we might get lucky!

Want a job at an up-and-coming medical imaging company? Drop me a line!

Wednesday, October 25, 2006

Bloggers are people too

Ordinarily for me, reading and writing blogs is an intellectual exercise. I'm more comfortable and interested in discussing software processes, languages, testing than I am with the emotional appeal of the typical network news sob story. So when worlds, and cars, collide, I find it affects me especially. I envision my own five-year old son coming home from his karate class and I feel like crying. Good luck to you, Nick and Josh.

Tuesday, October 17, 2006

IQAA: Regression Testing

Dr. Hanna's Practice #8: Perform regression testing that is based on impact analysis. The first practice in the list that you can't just nod your head at, since you have to have a good idea of what regression testing is (I do) and what impact analysis is (I didn't.) But I did like Practice #7: Testers should attend design and code reviews. It's not something I had heard before, but it's obviously a good idea if you are interested in faciliating communication within your company.

So what should a tester do at a code review? Primarily they will want to come up with test ideas; examine the code paths; ask how each one can be exercised. But also they can ask a very fundamental question: What other parts of the code is this project going to affect? This is an impact analysis. If I remember correctly, it was recommended that this analysis be done formally, as in developers have to write up a statement or report analyzing what other parts of the product will be affected. Not a bad idea, but probably not for smaller companies like Prosolv.

So based on the Impact Analysis, testers should be able to come up with a set of requirements that need to be retested, and there's your regression suite. Of course, every build that goes to testing should be tested on the critical path (or as I prefer, the "Happy Path"). Dr. Hanna suggested a 90% pass goal, but I'm not sure why that should be. Some tests will be showstoppers, others will be...well, whatever. I suppose if you have more than 10% "whatevers" failing, you've got an issue, though.

Just a couple of other notes:

- Regression testing doesn't do any good if you do it at the beginning of a project - it is certainly to be hoped that there will be few failures then!

- Impact analysis is also necessary when a requirement is changed. Go to a developer if necessary!

- Which led to the question, what if the developer doesn't know? Dr. Hanna's response: Find new developers ;)

Monday, October 16, 2006

IQAA: Integration Testing

Dr. Hanna's Practice #3: Test for both functional and quality requirements. I would have thought state charts and truth tables were familiar to everyone, but I think the typical Indianapolis tester has a lot less experience than, say, one in San Jose, so there were a lot of people who they weren't familiar to. But Dr. Hanna had some good advice on turning a requirement, written in English, into a model by splitting it up into actions and results. He took a typical requirement statement, teased four predicates and four consequences out of it, and showed the truth table that it resulted in, with the 16 possible states of the predicates and the expected consequences of each. I was a bit itchy here, because I always feel that you can go through and test your application like this, but then go through and test a separate bit of your application which contradicts it. To help my understanding, I went on the second day to a talk on integrations testing, which I thought would more or less cover my confusion. You've got one requirement, you've got another requirement, testing them both is integration testing, right?

Well, no. Integration testing is the actual bit where you take two components of the system and make sure they talk to each other properly. Testing the input/output of one component is mostly a unit test, since they usually are easily testable and verifiable based on the automated testing that should have been written by the developer. But you need integration testing to avoid the "operation was successful but the patient died" phenomenon, where the interface of component A is not clearly understood by the developer of component B, so he writes and tests a very nice component that doesn't do at all what component A expects.

But with that clarification, I guess I see the real issue: the thing that is worrying me are two contradictory requirements. Given a clear requirements document, it is no longer the tester's problem, and it is no longer the developer's problem. It's a business problem, and someone with knowledge of the problem domain is required to clarify the contradictory requirements, which allows us to update the requirements doc, and guess what - now the testers can redesign their test plan and the developers can redo their code.

Here's a list of books recommended at the conference.

Friday, October 13, 2006

IQAA: Changing Requirements

The whole conference I was at this week for me revolved around the requirements management process. Partly because many companies I've worked at had trouble with this part of the process; that is, they followed the process of creating a requirements document, then they shut it away in a drawer and never look at it again while developers and testers go along their merry way and code up a mishmash of the requirements, what they think the requirements might mean, and any customer requests that aren't too difficult and/or are from important customers.

But I think a main thrust of Dr. Hanna's talk was that the requirements document is very important. I'm used to this very static, dull requirements document, and so I kept wanting to raise my hand and say, "How can you do that when the requirements phase is already complete?" But I have to conclude that he doesn't think it is static at all, and that it has to be dynamic and updated continually. (It was interesting that he said several times that testing is a process, not a step in the process, but he never said requirements were too.)

The typical software company tends to communicate rather informally. Write up a vague requirements document, then have the developers implement it any ol' way that seems right. If they're good, or at least social, developers, they'll talk to customers or managers or somebody that can clarify the requirement. A lot of developers will just guess, though. (Combined with receiving fast feedback from a Customer, this is just fine, of course.) But this is why the developer/customer communications need to be with testers (in a typical software environment ) or part of the process (in a regulated environment or one with traceability requirements. When it is part of the process, the correct process, I think, is to modify the requirements doc based on the customer communication. This gives testing a chance to update their tests. Dr. Hanna came back many times to the diagram:

Requirement -> Test Scenario -> Test Case -> Script

So if the Requirements are up to date, the tests can be up to date as well.

I'm not sure that every attendee thought this was the emphasis, but I also went to a couple of talks on this topic.

Thursday, October 12, 2006

IQAA: Quality enrichment conference

I've posted about the IQAA before, and I regret that I haven't been able to make it to their talks regularly. There is a bit of a disconnect between the organizers and the members, I think, because the organizers are creating a fair amount of high-quality content, and I'm not sure that the Indy software testing scene really is vibrant enough to appreciate it. Today I'm attending a free seminar given by Dr. Magdy Hanna of the IIST on Software Testing Discipline and Software Testing Management, and it's very good.

The intent was for Dr. Hanna to give two seminars, one in the morning more or less aimed at testers, and one in the afternoon aimed at test managers, but in practice they all sort of collapsed together. The majority of attendees were there for both sessions; which was good, because they ran together pretty much. Dr. Hanna is a good, knowledgable, and confident speaker, and when you have one of those you're guaranteed to run over. We got to hear a little more than half of the practices before lunch, and a couple more afterwards, so what was billed as the "afternoon session" started around 2:00. But it covered basically the remaining practices anyway, and around 3:15 he looked up, said, "How much time do we have left?" and burned through the rest of his slides as if they were a kaleidoscope :) I'll put together a few posts over the next few days on my impressions of the conference and speakers. I'm not going to summarize all of the practices he named; just some of things that made me think. For example,

Practice 1: Requirements are crucial, with the couple of subheaders: You can't test what you don't know, and Users will always change their minds, and this was the point when he went all Steve Yegge on us, and explained how he was opposed to the agile movement. Of course, as is usual in such cases, we find out that he's not actually opposed to the practices of agile, or at least many of them, but only to calling it agile, or something. (I've never been quite clear on what exactly the opposition is to).

I mention this in passing because it seemed to me that those two headers absolutely contradict each other. How do you know what to test, when the users are calling the developers daily with new requirements? But his overall point, I concluded, was that (a) requirements documents should be kept accurate and up-to-date, and (b) they should be your main avenue of communication between developers and testers. I had assumed, when he said he didn't approve of agility, that he wanted nice static requirements docs before testing ever started. This, of course, never happens in the real world. More later.

Thursday, October 05, 2006

WIX, IIS, and CPPUnit Nano

Shoutouts to a couple of pages that have made my life easier in the last few days. We use CPPUnit to run unit tests on some of our VC6 applications, but now it's time to start compiling those applications, and their tests, in Visual Studio 2005 . I messed around with trying to get CPPUnit to compile and link in in VS2005 for a while, but was unsuccessful; and in any case CPPUnit isn't getting any love from anywhere any more. So what's a unit tester to do? Enter Nano CPP Unit, a little unit testing page with all of the source right there on the page. Copy it in to the correct files, change a few other lines, and a bunch of tests were running right off. Very handy.

Second, trying to configure IIS through an installer built with WIX. The docs explain more or less clearly how to set up the custom actions, so I did that using the codes below, ran the installer, and...nothing.

<WebSite Id="MyWebServer"
Description="My Web Server"
Directory="MyLicenseServer">
<WebAddress Id="LicenseManagerWebAddress"
Port="80"/>
<WebVirtualDir Id="LicenseManagerVirtualDirectory"
Directory="MyLicenseServer"
Alias="LicenseServer">
<WebApplication Id="MyLicenseServer"
Name="MyLicenseServer" />
</WebVirtualDir>
</WebSite>


I ran across this Strange Blog entry detailing more or less how to do the same thing, but a comment in the post also mentioned the bit I hadn't seen before: Link in the provided object file sca.wixlib to set up all the custom action scheduling the way you need it. Thanks to that commenter, the Strange Blog author, and the author of Nano CPP Unit for their help!

Friday, August 04, 2006

Evidence open source project

I got a CodePlex project approved, whee. I'm pretty sure I must have grandfathered in since I submitted my request a couple of weeks ago - it's just an idea in my mind, not an actual project, and therefore it probably doesn't come under the latest requirements:

Most project requests that we approve have two or more project admins, two or more committed developers, and a recent history of active check ins, opened and closed work items, and at least one release. We sometimes make exceptions for individual project applicants (with or without code) who have a proven history of success in creating successful online development projects, or startups.

Uh, yeah, that's me all right. But, my project idea has to do with genealogy and collaboration; it's an attempt at raising the standards of online genealogical research. As I wrote on the project wiki:

The typical Internet genealogical researcher today works as follows:
  1. Search on genealogy sites for published databases that have matches for someone already in their database
  2. Copy the information to their database
  3. Publish the database

So there's a lot of room for improvement. I'll write more about my ideas soon - right now I have to go figure out how one checks in code using Team System...

Drop me a line if you're interested in the project!


Wednesday, August 02, 2006

Credit card frauded

Crud! I got a call from MBNA to verify some "suspicious activity" on my credit card, and sure enough someone managed to get to their online banking site, use my account number to log in, change my address to somewhere in Maryland, and buy an $11,000 dollar computer from Dell.

Luckily Dell was on the ball and asked MBNA to verify the purchase, so the account will be closed immediately. Still, I wonder how they came up with the number? A little scary; but changing that account number is something I should have done years ago, as I use it for way too much stuff. (Which is exactly why I haven't changed it.)

When I called MBNA they asked for my mother's maiden name as verification. I bet that's easy to find - wonder if the online banking site used that same security?

Hopefully changing the account number is the end of it. Then I need to start splitting up my accounts: one credit card for online purchases, one for monthly charges, one for gas, etc. Be careful out there!

Monday, July 31, 2006

Death of NDOC

I caught the news first from Bill Wagner's blog that NDoc 2.0, the documentation tool for .Net developers, was losing its main developer and motivating force, Kevin Downs. (And incidentally, I never saw anything useful on either Digg or Technorati about it. Simple Google is still the best place to look.) Here's what Kevin had to say in an email that was quoted in dozens of blogs:

As some of you are aware, there are some in the community who believe that a .Net 2.0 compatible release was theirs by-right and that I should be moving faster – despite the fact that I am but one man working in his spare time...

This came to head in the last week; I have been subjected to an automated mail-bomb attack on both my public mail addresses and the ndoc2 mailing list address. These mails have been extremely offensive and resulted in my ISP temporarily suspending my account because of the traffic volume.


The standard line of bloggers has been, more or less: What a shame, what a loss to the community, why aren't these mailbombers contributing, that's what happens to open source projects.

It certainly is a big loss. But to be honest, I don't see it as a huge deal. Bill sees it as a problem with the whole open source software model, which I disagree with - I think the Asterisk project is one counterexample. The email, to me, has a bit of a defensive tone, like the writer's lost all his enthusiasm for the project and is looking for an excuse to get out of it. (I've sure been in that position, and it's got nothing to do with open source!) Is NDoc really that heavily used? Doxygen has the advantage of working with more languages, so it's my preferred tool, but I would think if there are that many people interested in using it, surely someone can step up as a new administrator, even if the project languishes for a while. And a mailbomb attack? Do those really still work? I would have thought any administrator would have been able to block some IP's and stop it. I guess it was the product of someone's bot army; but that brings up another point: anyone can launch a mailbomb or DOS attack. You can make one person mad online, even for a perceived rather than an actual insult, and the attack can come. If you're a small organization, you just have to weather the storm and move on.

I'm not saying Mr. Downs made the wrong decision; far from it. It's his life and his work and we should be grateful for whatever he is willing to donate to the community. But let's accept it and move on without getting huffy about it.

Oh, and maybe I better see if Doxygen could use any extra coders...




Customer Affinity and UI design

Martin Fowler discusses the importance of being attuned to the business side of software development. I especially liked this quote:

I've often heard it said that enterprise software is boring, just shuffling data around, that people of talent will do "real" software that requires fancy algorithms, hardware hacks, or plenty of math. I feel that this usually happens due to a lack of customer affinity.

I've heard this too, in spirit at least. and one of the reasons is that those people of talent don't believe that UI design is "real" software. Of course, the place you have the most opportunity to affect how the customers work and whether they enjoy your software is in the user interface. In the last few years, UI design has started to gain a little more respect in the community, but the fact remains that it is one of the areas of software design that really remains an art, rather than a science. What are your favorite sites for discussing UI design?

Tuesday, July 18, 2006

Finding holes in the process

Ever done a process review? It's one of those things that gets done, formally or informally, when a software company is trying to grow from small to large. In my experience, the most likely way it happens is, a manager or two or three get together and decide on some tool that they like, or have used before, and that they think would be useful for source control, or bug tracking, or building, and then they pass the edict down to the programmers: "Okay guys, from now on we use OnTime for all bug reports." The programmers nod politely and get on with the business at hand, and may even enter a few things into OnTime if they remember.

Ina few months, the managers realize that nobody's paying much attention to OnTime, and they go and bug the programmers. "Hey guys, let's use this bug tracker, ok? We paid a lot of money for it." The programmers start entering a few more things into OnTime, if they remember, but they grumble about it. Why waste time on this busywork, they think? The programmers aren't happy, the managers aren't happy, and communication is breaking down badly.

How do you avoid this? Don't just nod politely when the tool is introduced; attack it. Of course, if it's a tool you've not used before, you won't be able to see what any weaknesses are. But try to understand the workflow. Bug the manager until he makes it clear for you. He'll probably end up saying something like "Each bug goes from Entered to Accepted to Fixed to Tested to Released".

That's a pretty standard workflow. But now you can start to poke holes in it. Has anyone thought through the failure steps?

"Okay, so what if it's a bogus bug? I'm not going to accept it then."

"Hmm, that's true. Maybe we should add a Rejected state."

"Sounds good. What if Testing fails?"

"Umm, the test group should just set it back to Entered, and it can cycle through again."

"Okay, but what if that happens the week before the release? Do we need to put off the release until the bug gets fixed? Or can we hold off on it until the next release?"

"Ummm..."

Processes tend to break down around the failure points. If every bug took the path Find/Fix/Test/Release, software development would be very simple, and the workflow would be completely linear. But on every step of the line, it needs to be clear what will happen on a failure. Does it go back to previous step? Farther? Can we ignore it? A clear workflow with known failure paths will go a long way towards making any software project smoother.