January 29, 2011 by mensming.

I was reading an article when I saw a reference to how NASA’s Jet Propulsion Laboratory (JPL) was using 10 simple coding guideline to develop safe code. The article referenced the following URL: http://spinroot.com/p10/. Going to this site, you will discover that the work was originally published in the June 2006 issue of IEEE Computer in The Power of Ten – Rules for Developing Safety Critical Code by Gerard J. Holzmann.

The paper and site describes 10 rules:

1. Restrict to simple control flow constructs.
2. Give all loops a fixed upper-bound.
3. Do not use dynamic memory allocation after initialization.
4. Limit functions to no more than 60 lines of text.
5. Use minimally two assertions per function on average.
6. Declare data objects at the smallest possible level of scope.
7. Check the return value of non-void functions, and check the validity of function parameters.
8. Limit the use of the preprocessor to file inclusion and simple macros.
9. Limit the use of pointers. Use no more than two levels of dereferencing per expression.
10. Compile with all warnings enabled, and use one or more source code analyzers.

Check the site and the paper out.

Posted in software engineering, process improvement, security | No Comments »

January 27, 2011 by mensming.

I have long been a proponent of making sure that someone less familiar with a feature take the lead on testing it immediately before release. My general reasoning was that a new set of eyes will notice the issues that everyone else has accepted.

Jono Bacon in his book The Art of Community has a a great description of this phenomena in a sidebar on page 123 entitled “The Risks of Autopilot”

A common problem that can occur when observing how people use software is when the user knows of a particular quirk in a product and works to naturally avoid triggering the quirk. This is common with software developers, and before release, the software typically is not used in the same manner as it is by normal users after release.

Thanks Jono for such a great description of this issue.

Posted in system testing | No Comments »

January 1, 2011 by mensming.

RT @TechCrunch: What 20 Minutes On Facebook Looks Like: 1M Shared Links, 2.7M Photos Uploaded, 10.2M Comments … http://tmi.me/4Tdm3
Fri 31 Dec 2010

Will 2011 be the year of mobile malware? - http://bit.ly/g08Ori
Fri 31 Dec 2010 06:42:18 AM PST

2010: The Year in Downtime - http://bit.ly/h9TrL3
Thu 30 Dec 2010 06:51:35 AM PST

The Small Business Year in Review and Outlook 2011 - http://bit.ly/gv5y9r
Wed 29 Dec 2010 07:32:23 AM PST

DARPA Goal for Cybersecurity: Change the Game - http://bit.ly/fvg9MK
Tue 28 Dec 2010 07:46:22 AM PST

Best Careers 2011: Computer Software Engineer - http://bit.ly/dEuHbg
Mon 27 Dec 2010 06:21:57 AM PST

12 programming mistakes to avoid - http://bit.ly/gaU718
Thu 23 Dec 2010 07:25:04 AM PST

What social networks reveal about interaction - http://bit.ly/ho4lbT
Wed 22 Dec 2010 06:08:10 AM PST

Complete Map of Optimal Tic-Tac-Toe Moves - http://xkcd.com/832/
Tue 21 Dec 2010 05:59:56 AM PST

When computers go wrong - Stewart Mitchell charts the world’s ten most calamitous computer cock-ups - http://bit.ly/i8ZBjO
Fri 17 Dec 2010 07:21:40 AM PST

Special Report - The State of Computer Science Education - http://bit.ly/eBMJGf
Thu 16 Dec 2010 09:33:51 AM PST

The 12 Days of Christmas (for Start-ups) - http://bit.ly/g2jE7d
Wed 15 Dec 2010 07:19:26 AM PST

Goldman Sachs predicts tough times ahead for Microsoft in 2011 - http://bit.ly/gFgYnK
Tue 14 Dec 2010 07:06:58 AM PST

Guinness Helps Feisty Lady Keep Going Strong at 107 - http://aol.it/dNrmj2
Mon 13 Dec 2010 09:30:41 AM PST

After being tricked by phishing email, most credentials harvested within hour - The golden hour of phishing attacks - http://bit.ly/ebr0J2
Fri 10 Dec 2010 08:36:35 AM PST

Microsoft Research Develops Zozzle JavaScript Malware Detection Tool - http://bit.ly/gN4TS0
Thu 09 Dec 2010 07:51:42 AM PST

Newsweek - Dotcom Bubble 2.0 - Are we headed for another hangover? - http://bit.ly/em4UMI
Wed 08 Dec 2010 07:05:22 AM PST

Open Source Investment - Microsoft quietly invests in IBM emulator TurboHercules - http://bit.ly/g0rtB8
Tue 07 Dec 2010 07:09:17 AM PST

Linus on branching… - http://bit.ly/gJAWss
Mon 06 Dec 2010 07:16:27 AM PST

I think they are underestimating - How Much Does It Really Cost to Raise a Kid? - http://bit.ly/henZmB
7:55 AM Dec 3rd

Java 7 and 8 Begin to Take Shape: What’s In, What’s Out? - http://bit.ly/gp1Bzm
6:19 AM Dec 2nd

Modern software if installed via floppy disks - http://bit.ly/f8GB5O
9:57 AM Dec 1st

Posted in twitter | 1 Comment »