development

Better Software Magazine Articles

When Software Smells Bad

Most software needs to be "maintainable" and have high "internal quality." But what does that mean in practical terms? Code smells form a vocabulary for discussing code quality and how well suited code might be to change. The smells also provide good indications as to what to refactor and how.

Understanding and Using Code Metrics

Have you heard any of these from your development staff or said them yourself? "Our software and systems are too fragile." "Technical debt is killing us." "We need more time to refactor." Having quality code is great, but we should understand why it matters and specifically what is important to your situation. Joel Tosi begins by defining and discussing some common code metrics-code complexity, coverage, object distance, afferent/efferent coupling, and cohesion. From there, Joel takes you through an application with poor code metrics and shows how this application would be difficult to enhance and extend in the future. Joel wraps up with a discussion about what metrics are applicable for specific situations such as legacy applications, prototypes, and startups. You'll come away from this class with a better understanding of code metrics and how to apply them pragmatically.

Joel Tosi, VersionOne, Inc.
Implementing a Security-focused Development Lifecycle

Assaults against digital assets are unquestionably on the rise. If you create applications that handle valuable assets, your code WILL be attacked. In addition to lost revenue and productivity, the consequences of compromised systems can include loss of trust, a tarnished reputation, and legal problems. Much like quality assurance, it’s important to have a holistic approach to security that unifies people, process, and technology. Cassio Goldschmidt introduces defense techniques that measurably reduce the number and severity of software vulnerabilities. These include secure coding techniques, minimizing the use of unsafe functions, use of compiler and linker security options, and specialized static analysis tools. Enrich your development lifecycle with threat modeling, security code review, penetration testing, and vulnerability management.

Cassio Goldschmidt, Symantec Corporation
Avoiding Over and Under Design

The question of how much design to do up-front on a project is an engaging one. Too much design often results in overkill, complexity, and wasted work. Too little design results in insufficient system structures that require rework, additional complexity, and wasted effort. How can we know what the right balance is? Alan Shalloway shows how to use the advice from Design Patterns coupled with the attitude of not building what you don't need from Agile. The trick is in discovering what you don't know, how it may affect you, and then how to isolate these risks in your code in a simple manner. Alan describes the essence of emergent design–that is, starting with a simple design and letting it evolve as the requirements evolve. He also demonstrates how to refactor to better designs and how this is different from refactoring bad code.

Alan Shalloway, Net Objectives
Prefactoring: Extreme Abstraction, Extreme Separation, and Extreme Readability

Developers often run into the same issues on every project. As the software is created, design problems start to creep in-causing maintenance releases with no new features, project delays, and worse. While some of these problems can be resolved by simple refactoring, others can be fixed only by a complex code restructuring effort. But you can avoid most these issues in the first place with prefactoring-using your experiences in previous projects and the experiences of others to help in early detection of common design errors and problems.

Ken Pugh, Net Objectives
Mobile App Development: It's Harder Than You Think

You're thinking of creating a mobile application to take advantage of the sky-rocketing potential of mobile phones and other smart devices. Serious and critical choices must be made. Which platforms and technologies do you support? Are web-based applications the best approach? What sort of testing will you need-from whom, when, and how much will it cost? Do you want to create applications that take advantage of the mobile platforms’ capabilities such as location-aware features? Since there are at least fifteen major platforms, including several that use disparate semi-proprietary programming languages, making the right decisions early is critical. Wrong decisions will result in wasted time, effort, and money and increase the likelihood of failure.

Julian Harty, ebay, Inc.
Coding for Keeps: How to Write a Function

Functions are the basic building blocks of computer systems. Object-oriented classes are a way of packaging functions with shared data. Inheritance and polymorphism essentially are all about finding the right function. It’s all about functions! Get the picture? Chuck Allison explains that functions come in many varieties: static functions, polymorphic functions, generic functions, nested functions, higher-order functions, generator (aka stream) functions, coroutines, function closures, delegates, etc. Functions can handle arguments in different ways: by value, by result, by reference, by sharing, and by need, to name a few. Do you know how and when to use which? Functions should also be resource-friendly and robust should something hit the proverbial fan. Are your functions error-safe? Reusable? Maintainable? Do you know-really know-how to write a function? Come join Chuck and find out.

Chuck Allison, Utah Valley University
Testing for Web Accessibility

Because 10% to 20% of the general population has disabilities that can impact their ability to use software, systems should be developed to accommodate their needs. Even though web accessibility requirements are included in many development projects, they are often not fully understood and verified during testing. Join David Leistner as he examines the Web Accessibility Initiative and Section 508 of the Rehabilitation Act. First, David explains what web accessibility is, its importance, and who it affects. Next, he introduces the types of technology available for testing compliance and shows how to use analysis tools in testing for accessibility. Gain an understanding of the issues and alternatives with web accessibility development and ways that testers can ensure that people with disabilities can access the web and Internet-access they deserve and, in some cases, are entitled by law to have.

David Leistner, National Archives and Records Administration
Questioning Measurement

When we consciously measure something, we try to measure precisely and often assume that our measurements are accurate and useful. However, software development and testing activities are not subject to the same kinds of quantitative measurements and precise predictions we find in physics. Instead, our work is like the social sciences, in which complex interactions between people and systems make measurement difficult and precise prediction impossible. Michael Bolton argues that all is not lost. It is possible and surprisingly straightforward to measure development and testing accurately and usefully–even if not precisely. You can measure how much time is spent on test design and execution compared with time spent on interruptions, track coverage obtained for each product area, and more.

Michael Bolton, DevelopSense
Continuous Integration and the Automated Database Update Process

Developers must have good feedback to ensure productivity. Most shops have a continuous integration (CI) build process that allows the developer to quickly know if a build failed, and some shops have an automatic deploy of the CI build to provide website feedback. Lance Lyons writes about an approach to automating the update of databases in a CI environment.

Lance Lyons

Pages

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.