450 likes | 462 Views
Discover the key factors for successful software projects, including cost, quality, risk, and speed. Learn about the importance of requirements analysis, design principles, and coding practices. Avoid common failures and optimize your software development cycle.
E N D
Software Team Development Practices based on Java Development Teams at CERN Derek Mathieson, James Purvis, Rostislav TitovCERN
The reality today Failure • 31.1% of IT projects will be canceled before they ever get completed • 52.7% of projects will cost 189% of their original estimate • More than 50% of software projects fail today. Success • Only 16.2% software projects that are completed on time and on budget • In the large companies only 9% of their projects come in on time and on budget. • Catastrophe • Ariane 5 (7bn dev, 500 million) – numerical conversion error • Mars Climate Orbiter ($125 million) – metric conversion error • Mars Polar Lander ($165 million) – design error
Typical Failures • User requirements not Met • Software unreliable • Too late (You took so long that our requirements have changed…) • It works great for me, now deploy it for 10,000 users… • You did what I asked. but I didn’t say what I meant… • Projects completed by the largest American companies have only approximately 42% of the originally proposed features and functions.
Factors • Four interdependent factors • Not possible to have best of all four • Cannot have cheap, high quality, little risk & built quickly • You can achieve 2 successfully and other 2 have to be managed • Risk and quality are most important: The system must work and successfully meet user requirements. This leaves speed (time) and cost (money) to be adjusted accordingly Cost Quality Risk Speed Fast Choosetwo Good Cheap
The answer Q :What is the key to running a successful software project? A: Don’t believe in Magic! There is no silver bullet …But there are some step that can be carried out at each step in the process…
Software Development Cycle • Analysis “Failing to build the right thing” • Design “We didn't have time to do a design." • Implementation “Do you want it on time or documented?” • Test “It's not a bug, it's a feature”
Requirements Analysis “Writing software from Requirements is like walking on water – its easier when frozen”
Analysis • State Goal “send a man to the moon before end of the decade & return him safely to Earth”, JF Kennedy • Specify the problem not the solution • Classification M MustoS ShouldC Could0W Would • Concept of Operations document “This is my understanding of what you want” • Beware of requirements ‘gold plating’ • 80/20 rule • Verifiable : use-cases
Design One of the things that tools can do is to help bad designers create ghastly designs much more quickly than they ever could in the past
Example Failures • Ariane 5 (half billion dollars) • Y2K bug • F-16 & equator • Mars Climate Orbiter • Mars Polar Lander
Reasons • Too complex • “We didn't have time to do a design." Jumping into the coding • Architect: Someone who knows the difference between that which could be done and that which should be done. • One of the things that tools can do is to help bad designers create ghastly designs much more quickly than they ever could in the past
Good Design Principles • Consider alternative approaches Not tunnel vision • Traceable to the requirements Correct & complete • Not reinvent the wheel Use a pattern • Adaptability Accommodate Change • Maximize Cohesion • Minimize Coupling • Understandabilty A design must be understandable if it is to support modification.
Good & Bad design Good Design Change in one part of the system doesn't always require a change in another part of the system. Every piece of logic has one and one home. The logic is near the data it operates on. System can be extended with changes in only one place. Simplicity Bad Design One conceptual change requires changes to many parts of the system. Logic has to be duplicated. Cost of a bad design becomes overwhelming. Can't remember where all the implicitly linked changes have to take place. Can't add a new function without breaking an existing function. Complexity
The Cost of Change CERN AIS Cost Time
Design First • Design team (>1) • Design requires different skills • Collaborative • Informal design reviews • Standards based • Patterns • Maxims • Storyboard • Metaphor – vision • Class Responsibility
Lessons Learned • It’s not always right first time • Refactoring is OK • Keep the vision simple • Automate repetitive tasks • TEST the design • By modifying the problem
Coding “It doesn’t matter if I write poor code… the compiler will tell me if there is problem” “It doesn’t matter if I make a mistake… it will come out in testing”
Bugs • Experienced software engineers inject one defect in about every 10 lines of code. • The programmers aren't incompetent or lazy - they're just human. • All humans make mistakes, but in software, these mistakes result in defects. • This means that a modest-size program of 100,000 lines of code typically would start with about 10,000 defects. • Examples : INTEL Pentium : no more than 80-90 Bugs Cell Phone (200 000 loc) up to 600 errors. Windows-95: 10 Mill. loc: up to 200 000 errors.
Code Review Example Can you understand the following? public class ba { public static final String cur = “USD"; public void dep (int i) { bal -=i; } public void wit (int i) { bal +=i;} public String get () { return Integer.toString (bal) + "" + cur } private int bal; } And identify the defect?
The same code public class BankAccount { public static final String CURRENCY = “USD"; private int m_balance; public void deposit (int amount) { balance = balance - amount; } public void withdraw (int amount) { balance = balance + amount; } public String getBalance () { return Integer.toString (bal) + " " + CURRENCY; } }
Now imagine you have A multi-domain, multi-lingual horizontal software application supporting 10,500 users in 42 countries composed of : 1.2 million Lines of Code 6,000 Java classes 10,000HTML templates many other files Welcome to EDH!
EDH: Good Old Days (1991-98) “Imagination rules the world” Mac or PC or Unix? C or C++ or ? University atmosphere Freedom & Individualism Choice, choice, choice...
Results • Healthy outside, but unhealthy inside • Evolution from freedom to Chaos! Development Platform : Mac, PC & Unix Code : C,C++,Python, Prolog, ProC, PL/SQL, Perl... Comments : Spanish, Italian, French & English... Bugs : “Y2K don’t care” • Obvious code never reviewed : Why would you show your code to anybody? Never did at university... Results count! • Consequence : Maintenance became the primary resource-consuming activity
The “authoritarian” new days (1998...) • Autocratic • You will use a PC • You will use the chosen IDE • You will use Version Control • You will develop in Java • You will adhere to coding standards • You will show your code to others • Production Environment is Sacred • Scheduled Deploys • Team decision, No individual actions • No unreviewed code goes live • Doesn’t sound very motivating?Ironically it is more motivating!
From University to Industry Freedom of Choice for Development Environment Free selection of tools Choice of language & technology Individual Code Responsibility (& blame) Quality of the Product Individual Development Practices Team Development Practices Uniform development environment Common set of tools Single technology choice Common Code Ownership (& learning) Quality of the Process ... driven by the members of the team (not management imposed)
Requires Concrete Practices • Code Reviews • Coding Standards • Design Reviews • Mentoring • Uniform development environment • Coherent set of development & deployment tools • Single language & Technology • Test procedures, unit testing & usability studies
Coding Standards – why? Why ? • 80% of the lifetime cost of a piece of software goes to maintenance. • Hardly any software is maintained for its whole life by the original author. • Code conventions improve the readability of the software, allowing engineers to understand new code more quickly and thoroughly. Cannot review unless you have standards... • endless debate – was driving too fast? Cannot answer without defined speed limits • Recommend best practices, avoid bad practices • Maintainable & reliable software is key Produces • Common Code Ownership
Code Reviews - guidelines • Form • Product is guilty until proven innocent • Producer is innocent because he/she is not on trial • More likely to find bugs if you assume they are there • Evaluate product not producer • Emphasize "review" aspect; do not "fix it here". • Raise problems. Do not discuss solutions
Code Reviews - guidelines • Format • Three people minimum, seven people maximum • Roles : • Author • Moderator • Scribe • Reviewer(s) • Preparation • Short & businesslike (2 hrs max) • Not off-site. No telephones or interruptions • Donuts or other home goodies • Dismiss the guru who wants to demonstrate that their way is better
Code Reviews - guidelines • Management Involvement • NONE! • Not a manager's status meeting • Management is not represented during inspections • Inspections must not be used as a tool to evaluate workers • … Not a committee, not a working group, not a status report & not an appraisal instrument …
Benefits • Primary objective • remove defects as early as possible in the development process • Other benefits : • Early Testing • Project Tracking • Educational – share best practices • Training of new/junior programmers • Improved Communication • Improved Individual Quality • Cross-training • Process-improvement • Shared Responsibility – no individual blame
The “Yes, buts...” • I don’t have time for this... • Good programmer’s code doesn’t need reviewing • Its only a ‘minor’ piece of code • Code Changes, then what? • 2nd pair eyes rule • Pair programming
Coding: Tools • Atlassian JIRA • Issue tracking and project tracking • EDH: every change must have a JIRA • Process should be as lightweight as possible • Atlassian GreenHopper • Agile project management (Scrum) • EDH: 2-week sprints • Atlassian Confluence • Documentation (WIKI style)
Coding: Tools (2) • Atlassian Crucible • Online code reviews • EDH: Every production line of code must be reviewed • Atlassian FishEye • Browse version control repository (CVS, SVN) • Real-time notifications of code changes • Web-based reporting, visualisation and code sharing • Atlassian Bamboo • Continuous integration • Atlassian Clover • Java code coverage metrics
Testing Bugs • Standard Software: 25 bugs per 1000 lines of program. Good Software: 2 errors per 1000 lines. Space Shuttle Software: < 1 errors per 10000 lines. Example Handy (Cellular Phone): 200 000 lines of program: up to 600 errors. Windows-95: 10 Mill. lines: up to 200 000 errors. • Sept 24 2004 – Jpeg buffer overrun bug in MS windows “an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges” Defects • Testing ≠ Debugging You may have zero bugs, but s/w may not meet requirements, scale, respond-in time…
What do you test? • Correctness testing • Security testing • Reliability testing • Stress testing • Scalability testing • Performance testing • Usability testing
Testing • Software testing is an art : requires a tester's creativity, experience and intuition, together with proper techniques. • Most of the testing methods and practices are not very different from 20 years ago. • Testing is more than just debugging. • Testing is expensive. Automation helps. • Complete testing is infeasible. Tradeoff • Testing, while essential, may not be the most effective method to improve software quality.
And after that? Sofware Maintenance • 80% of lifetime of software • The Legacy Crisis • The relative cost for maintaining software and managing its evolution now represents more than 90% of its total cost. • Example costs • Annual software maintenance cost in USA has been estimated to be more than $70 billion • Y2K : $8.38 billion US dollar, $90 million for Nokia • 50% of their time is spent in the process of understanding the code!!!
Legacy Code • An average Fortune 100 company maintains 35 million lines of code • These companies add in average 10% each year only in enhancements • As a result, the amount of code maintained doubles in size every 7 years • E.g. 70% or more of the still active business applications are written in COBOL (at least 200 billion lines of COBOL-code still existing in mainframe computers alone)
Types of Maintenance • Corrective Maintenance (21%) • A process that includes diagnosis and correction of errors. • Adaptive Maintenance (25%) • Activity that modifies software to properly interface with a changing environment (hardware and software). • Perfective Maintenance (50%) • Activity for adding new capabilities, modifying existing functions and making general enhancements. • This accounts for the majority of all effort expended on maintenance. • Preventive Maintenance (4%) • Activity which changes software to improve future maintainability or reliability or to provide a better basis for future enhancements. • Still relatively rare.
Results Maintenance Costs • Typical software organizations spend anywhere from 40 to 70 percent of all funds conducting maintenance. • Maintenance-bound organizations result : loss or postponement of development opportunities. • Customer dissatisfaction when requests cannot be addressed. • Reduction in overall software quality as a result of changes that introduce latent errors in the maintained software.
Your challenge ! • Come in the 9% of projects on time & in budget • Engineer your software (design, review & maintenance in mind) • Are you an artist, scientist or engineer? • Art or Science? • Control the spiraling IT costs & improve the reputation of the industry
Thank You For More Information E-mail:Rostislav.Titov@cern.ch