Tag Archives: Software Development

Development Testing for Compliance Seminar in DC

I’m doing a free seminar next week in the DC area “Development Testing can help you comply with government regulations and security guidelines”. Entry is free and you can register here

This will be an informative lunch seminar on Thursday, May 16th from 10am to 12pm at FCN, Inc in Reston, VA. During this event we will be discussing trends, strategies and best practices for NIST compliance.

Discover how to best utilize your company investments to deliver compliance throughout your organization. Participate in a presentation by industry expert Arthur Hicken as he facilitates a discussion on how to continuously integrate software quality into the development process with Parasoft’s comprehensive Development Testing platform.

What you will learn:

  • Consistently apply static analysis, unit testing, peer code review, coverage analysis, runtime error detection, etc.
  • Accurately and objectively measure productivity and application quality
  • Drive the development process in the context of business expectations – for what needs to be developed as well as how it should be developed
  • Gain realtime visibility into how the software is being developed and where it is satisfying expectations
  • Reduce costs and risks across the entire SDLC

Following the presentation Parasoft will demonstrate Parasoft’s development testing solutions for C/C++, Java and .Net applications.

Hope to see you there. If you’ve always wanted to meet the CodeCurmudgeon in person, sign up here.

What Went Wrong with Outsourcing

globe_exclamationThe demand is steadily going up for engineers, developers and programmers. These are jobs that are not being filled fast enough. In other parts of the world, there are skilled workers just waiting to be put to good use – which is why people want to do outsourcing.

According to the Information Services Group, the value of IT outsourcing contracts in the fourth quarter last year fell 37 percent from the same period in 2011. The $2.9 billion decline was largely the result of a reduction in contracts for new services. In spite of that, in 2013, there will probably be another surge in outsourcing, and providers are starting to look at emerging markets for new contracts.

Some say that the American software Industry is depending on outsourcing to survive. Is this true? Not entirely. Lots of companies have tried outsourcing, but frequently it hasn’t worked out that well for them.

Our economy is based on both action and attitude. Neglecting one will generally reflect poorly on the other. This way of thinking, when used to survey outsourcing, should help clear some of its apparent mysticism.

When you view outsourcing exclusively as an attitude, it will almost always seem like a bad idea. (Roll the tape, where the boxer tells his manager that ‘he has nothing left’). When you view outsourcing exclusively as an action, it creates similar imagery. (Roll the tape, where the boxer’s manager throws in the towel).

When you look at the bigger picture, you realize that the keeping a company alive is actually a good thing. Even if there was a slight chance of long-term profit. It shouldn’t stop. The outsourcing process is good for everybody. It brings the world together. It has the unexpected benefit of helping make the world a more peaceful place as well. When a country has a large inflow of cash from other countries, it is unlikely to alienate them to their own detriment.

While I expect that outsourcing will continue, there are several pitfalls that can easily trip companies up. For software, the code has to be delivered on-time, with the correct functionality and be bug-free and secure. This is a tall order for every software organization and is made more difficult by the outsourcing process.

Make sure to keep these all-to-common outsourcing pitfalls in mind once you finish your planning and actually embark upon your outsourcing project.


One of the reasons, is that it often disrupts communication between a company and its clients. This could prevent a company from building solid relationships with their customers, and often leads to dissatisfaction on both sides. There is also the danger of not being able to control some aspects of the company, as outsourcing may lead to delayed project implementation.

The outsourced developers may also not understand your requirements. They say they do, but they don’t. In the end, they think that they have done a good job for you. But, what they have actually done is write something that you do not want. Requirements must be well defined, written down, and connected using a good requirement and project management system so that you can be sure you get what you need.

Security when outsourcing

Any sensitive information is more vulnerable, and a company may become dependent upon its outsource providers. Should the outsource provider back out on their contract suddenly, this will become an immediate problem. Make sure that you have proper contracts and infrastructure to handle such issues.

Modern methods

Leaders of many overseas development organizations do not recognize the value of automation and development tools. Such organizations have build their strategy around low cost labor, but are blind to the fact that not every task can be effectively completed with manual labor. They believe that a large number of developers with relatively low salaries can achieve the same effect as software development tools, so they do not budget for or invest in an infrastructure that automates and streamlines critical software development tasks.

They do not realize that no matter how many developers or testers you add to a project and ask to complete critical software verification tasks by hand, they will not be able to perform many of these tasks as thoroughly, uniformly, and effectively as an automated tool can. However, without automation of practices such as coding standard checking, test case creation, regression testing, performance verification, and so on, it is virtually impossible to build software that functions correctly, does not crash or behave strangely in exceptional conditions, performs acceptably, and resists security threats.


It is not rare for an outsourced developer to overbook projects for him- or herself, like any contractor would. When outsourced developers do this, they end up scrambling to catch up, and ultimately do not deliver code on time. If the reason for not delivering code on time is not due to overbooking, the situation could be that they remain idle for too long or are working at too slow of a pace. Get regular status updates that let you follow the progress of your project. Make sure milestones are well-defined – outsourcing a waterfall project is almost guaranteed to fail.

Quality when outsourcing

An outsourcer may write code that is not up to your standards. The repercussions of
this problem are that you end up with code that is buggy, code that is inflexible, and code that does not easily integrate with what you already have. Make sure that you have measurable quality controls in your system, such as an agreed upon set of static analysis rules with regular reports, coverage guidelines and reports, etc.

In short, making sure that you do all of the things should be doing at home to produce software will help ensure that your outsourcing projects go well. Strong SDLC controls and governance provide the necessary structure to ensure that your projects don’t go wrong.

How To Optimize Your Existing Regression Testing

I spoke at the Quest 2012 conference in Chicago last week. The topic was “How To Optimize Your Existing Regression Testing”.

My presentation covers some very practical and pragmatic tips for dealing with regression testing, especially if you have legacy test suites. It’s not product centric, so it should be helpful to anyone working with regression testing. As much as possible I’ve tried to keep the suggestions abstract rather than from a developers perspective.

Take a look for yourself. If you have any comments or suggestions, feel free to mention it in the comments, or email me or reach me on twitter.

(powerpoint) (mp3 audio)

Download (PPTX, 831KB)


Who’s Your Code’s Daddy?

Polling Station © by Martin Bamford
As part of my ongoing efforts to keep up with what source control, SCM, Software Configuration Management that people are using, I’ve put up a poll. I see there is a lot of talk these days about Git. If you’re using that, let me know what kind of project, is it business or open-source?

For those of you still using more than one system, you can either pick the one you use most, or you can put up to 3 answers.

I’ve got a pretty comprehensive list, but there is a place to add one I’ve missed. Anything you want to add sound off in the comments or via twitter.