Beginning of September I attended SafeCOMP 2009 in Hamburg to hold a talk on the challenges of object oriented programming languages in safety critical applications. One major point which was driven home again and again was that object oriented programming can certainly be used in safety-critical areas but it needs strict development rules which need to be followed rigorously. The topic by itself – software development in safety relevant applications – is incredibly complex. Just look at the DO-178B certification standard: its successor, the DO-178C has been under inspection and development for quite a while now. One of the biggest obstacles to overcome is, that changes and additions to the standard need to be done unanimously. Since there are so many interested parties involved in the standard’s development (anyone who wants to participate may do so, no particular prerequisite is required), it takes a lot of time to resolve discussions.

Any kind of software development team may learn a good deal from safety-related coding guidelines and recommendations, simply because it also has impacts in regards to stability, security, reliability and last but not least maintainability. One of the primary issues of object oriented technology in regards to safety is dead and deactivated (unused by “design”) code. For instance, when you think about complex software packages like JBoss 5, not many applications can say of themselves that they are truly using 100 percent of the functionality offering of its middleware framework. The thing is, that the more additional features there are – no matter if they are used or not – they can produce unexpected errors and problems.

A very good example is outlined in TWIT’s Security Now podcast episode 211. Developing “single-use” appliances with a Windows machine or a general PC underneath opens up so many potential attack routes that they are hard to manage and can barely be called secure or trustworthy to begin with. Every additional program or functionality stone you heap upon that pile of preexisting “conditions” aggravates the problem one or more degrees. For instance, just today I read about security attacks made possible due to lack of maintenance and security awareness. There are so many nobs you can turn in a Linux system, it can be overwhelming for some people. The result is insecure systems because people weren’t even aware of the potential risks and problems.

However, it’s not just the frameworks we are using, it’s also very much about the programming language we choose. While C++ will treat the programmer like a consenting adult, Pascal will treat her like a child and Ada like a criminal. C++ is a complex and powerful language, but this power can be misguided. We all know there are people who live the “it was hard to code, it should be hard to read” approach, but even if you try to write legible C++ code it happens quite often that a few lines of code can have ambiguous meaning. A misplaced bracket can wreak havoc, literally.

I worked on Flash- and Flex-based interactive kiosk-applications myself which were then deployed on Windows and Mac OS. Did it work? Sure it did. Were there safer alternatives? For sure, however sometimes time and budget constraints require you to choose a technology which has already many of the required functionality built-in. Even though this comes with additional, unnecessary functionality, it permits you to boost your development cycle and produce stable and good applications if done properly. I won’t recommend it for building an airplane navigation system but for a simple kiosk app it is certainly a good thing. This kind of trade-off between using preexisting packages, frameworks and libraries and avoiding dead and deactivated code by building your own specialized niche product will always be looming over IT.

I guess the point of this post is, that when doing software development, very much like running your own servers and applications, it is important to keep safety, security, reliability and maintainability in mind. To exaggerate the point a little: noone wants to crash in his car, because he changed the radio station…

Further references

• In regards to securing JBoss, I can recommend the JBoss Wiki and related Sourceforge article which have a good outline on what should be done before putting a server life.
• There is a really great HOWTO for hardening FreeBSD at bsdguides.org.
• SANS.org has produced a list of top 25 programming errors

There are a various standards and methods in regards to project management. Trying to grasp them all at the same time can make one’s head spin. Particularly due to their different vocabulary covering basically the same things.

For instance, there are the two well known project management certification paths and associated methodologies by PMI and by the IPMA. Their principles are very similar – at least from what I’ve seen so far – but they differ in wording.

PMI’s definition of project management is separated into different knowledge areas:

Project Integration Management: defining the charter and scope statement plus a viable project plan; monitoring and controlling project work

Project Scope Management: creation and planning, protection and fulfillment of project scope, includes creation of work breakdown structure (WBS)

Project Time Management: definition of activities, their properties and how they fit into the project schedule; prioritize and put them into order, define how long they take and decide how long the project will take

Project Cost Management: planning, estimating, budgeting and control of costs; remember the iron triangle: bound to time and quality and scope

Project Quality Management: planning and controlling quality in a project

Project Human Resource Management: staffing or more general staff acquisition and team development (this alone could fill a book)

Project Communication Management: details about how to communicate in the project; defining repetitive communication and outline escalation channels, etc.

Project Risk Management: assessment of risk; planning, analysis, monitoring and control of risk

Project Procurement Management: make or buy decisions; procurements and contract management

It’s a beautiful structure which gives guidance and is easy to understand. IPMA’s competence baseline document (download here or a German version here) in comparison splits into different competence areas:

Technical competence: the foundation of project management procedures like requirements management, risk management, controlling and so on

Behavioral competence: soft skills required for project management; attitudes and inter-personal relationships between project members

Contextual competence: anything relating to the context of projects – the relationship between the project manager and the overall organization and management

From what I’ve read so far, the ICB looks a lot like a glossary of terms outlining all the important project management terms – from startup and writing a charter to project closure (or close-out as it is called in the ICB). It’s a good read but it will not give you any practical advice since this is one of the things the ICB is defined not to be: it is not meant to be a cookbook full of recipes but instead lay the foundation that any organization may pick up to develop into its actual project management implementation. A whole chapter is dedicated to the certification and re-certification procedure. I highly recommend it to anyone considering joining the IPMA or PMI.

A particular nice feature of the ICB is, that the IPMA clearly permits national chapters to add up to 10 percent in content and methods for nation-specific details when building a national competence baseline (NCB).

Overall I think that both programs – IPMA’s and PMI’s – work well even if combined. IPMA’s ICB is certainly more theoretical while PMI’s PMBOK sides more on the practical toolset side – even if just a tiny bit (e.g. by taking into account procedures like EVA and more practical applications in regards to risk management and scheduling).

I’m currently working on a feature comparison between IPMA’s and PMI’s methodologies and certification processes. While this itself takes up a good amount of time, I’ve been attending SafeCOMP 2009 in Hamburg last Tuesday. I held one of the talks in regards to object oriented programming in safety-critical applications. The preparation filled what was left to be filled in my schedule. However, SafeCOMP was a very exciting experience. Usually one does not really appreciate how much effort goes into it software development wise when one rides the train or takes an airplane. I understand the papers and presentations will be published in the next days, so I’ll hopefully be able to post a link for anyone interested.

IBM has built a virtual replica of China’s Forbidden City in collaboration with the palace museum. The budget for the whole venture is said to have been around 2 million dollars. They named it “The Forbidden City: Beyond Space and Time,” and it’s built using a service-oriented architecture, according to IBM’s director of citizenship and technology, John Tolva. It’s free to download and use and gives you a chance to walk around in the Forbidden City as if you were really there. You can even see other users roaming the premises and interact with them. Really amazing – especially because of the unusual SOA approach.

Over the last couple years, agile development methods have been picked up by more and more companies. Many of the ideas and concepts which were created out of the principles outlined by the agile manifesto have proven useful and can be used not only in agile development but in day-to-day practice independent of the business’ working area.

One of those methods adopted by many organizations worldwide is “standup meetings”. The basic idea: a meeting is being held with all participants standing, not sitting down. As long as some constraints are fulfilled, meetings become more effective. They take less time and get results faster. There’s even special furniture which can be used to hold such meetings. (more…)

ORF’s Futurezone posted a feature article today about Google’s G1 successor – the HTC Hero. There has been another review some time ago by Engadget including a lot more meat regarding the details and handling of the device. As long as there aren’t any reviews by regular users here in Austria, the judges are out, I guess – especially when it comes to coverage/battery lifetime/feature combination. At least none of the Austrian service providers is a “big, steaming heap of failure“. After all, there shouldn’t be any surprises like for instance with the iPhone in the States where a lot of AT&T customers had to realize they were out of luck in regard to MMS support anytime in the future. (more…)

Imagine the following situation: you are sitting down with Bob, one of your project managers, to discuss his ongoing training efforts, to talk about options of certification and courses he might take etc. The company is currently in a tight spot and just a couple of weeks ago the IT budget has been cut. You have limited resources but you are nonetheless dedicated to get people training and create opportunities for personal development. (more…)

During my time in New York I was relatively active at writing my blog, so it is kind of a deja-vue experience for me to return to this kind of media. In sort of a coincidence I stumbled across an article at smashingapps.com showcasing a couple of corporate websites in their 90’s looks. With the help of The Internet Archive the possibilities seem endless or at least endlessly embarrassing: from an – in today’s standards – anything else but inviting McDonalds site to your personal Geocities homepage – you name it, you’ll find it there. (more…)

I’ve always been a fan of ebooks. On the one hand, they are a lot easier to carry – they do not add to the weight of my notebook harddisk – and they can be stored without taking up space on my already limited shelve space. On the other hand – reading books on a computer screen usually has been a major pain in the neck. (more…)