Saturday, February 02, 2002
The following books are my favorites on the software risk management: Managing Risk: Methods for Software Systems Development, Software Engineering Risk Management and Risk Management Processes for Software Engineering Models. If you're looking for an introductory book on project risk I recommend Project & Program Risk Management: A Guide to Managing Project Risks and Opportunities, which covers the basics well.
Harshal Laddha who is a good friend at Thinking Minds's India office shared another outstanding resource: Sridhar Iyer's IIT web page Mr. Iyer is an Assistant Professor at the School of Information Technology, Indian Institute of Technology. His page contains a wealth of information for anyone who works with network technologies.
The presentations, tutorials and papers on this page span wireless and fixed networking technologies, with an emphasis on WAP, M-Commerce and mobile computing. There are also presentations and papers on internet technologies, including tutorials on TCP/IP, routing, network security and other topics. You'll have to dig through the material carefully because some of the links lead to other topic areas that point to yet more material. I spent an hour going through the page and associated links and was thoroughly impressed with the quality of information and the large number of valuable resources.
Friday, February 01, 2002
- Software Test and QA resources
- Software QA and Testing Resource Center - Everything from basic definition and articles on how to test Web applications to comprehensive lists of Web tools to links to other informative sites.
- Cem Kaner's page - Mr. Kaner is unique in that he's an attorney and a software quality professional. He's also the author of Testing Computer Software, Bad Software: What to Do When Software Fails and a new book published in December 2001, Lessons Learned in Software Testing.
- Testing Craft Wiki Forum Where Software Testers Share Techniques, and the associated mailing list.
- Requirement Management in Testing, which is an 8-page PDF document that addresses an important topic for QA professionals.
Another topic that is worthy of discussion is software measurement. I recently wrote about resources available from Data & Analysis Center for Software (see my 30 January entry) and want to highlight measurement-related information that is also available, starting with their collection of Software Measurement Literature and a list of related sites. You'll also want to explore the official website of ISO/IEC JTC1/SC7, which is the ISO committee responsible for developing ISO standards in the area of Software and System Engineering. Data & Analysis Center for Software also maintains a page devoted to Cost Estimation. Project managers and SQA professionals will find a wealth of material in the Insight Newsletter, which is the Army's Software Metrics Newsletter and one of the best sources of software measurement information.
At the risk of drifting too far off topic I want to share an online book by Martin Fowler titled Information System Architecture. Mr. Fowler is one of my favorite authors with a number of books on patterns, Extreme Programming and UML to his credit. If you're a design patterns advocate his online book will not disappoint.
Please note that this weblog only tells half of the story. If you want the full picture of our thoughts and information we have to share I encourage you to also read Postcards from the Revolution. We use that weblog to balance the technical entries here with the realities of how technology applies to IT and the business.
Thursday, January 31, 2002
A logical starting point is a presentation titled LDAP and Security for two reasons: (1) directory services such as LDAP (lightweight directory access protocol) are key to an enterprise-wide security infrastructure, and (2) this presentation is a good introduction to LDAP. A more technical presentation is Simplified Management of Hosted Services through LDAP in which the power and utility of LDAP becomes apparent. Drilling down into more technical aspects, The LDAP Protocol presentation explains the protocol itself.
If you're serious about implementing LDAP you should be aware of the open source version and a free LDAP Browser. Moreover, if you're using Java to develop your infrastructure or associated services, then the LDAP and Java Naming Services presentation will spark ideas.
LDAP in and of itself can quickly become a hairball unless you design your services intelligently. The key is to understand role-based access controls (RBAC), which in turn requires an understanding of set theory. The best resource for RBAC is the National Institute of Standards and Technology RBAC page. You'll find a plethora of tools, papers and other artifacts, including the Draft RBAC Standard. Another excellent source of information is at George Mason University's Laboratory for Information Security Technology.
Still on the topic of enterprise architectures, a technology worth exploring is JXTA. This is a set of open, generalized peer-to-peer protocols that allow any connected device (cell phone, to PDA, PC to server) on the network to communicate and collaborate. The home of Project JXTA has all of the resources you need to evaluate and/or employ this technology. JXTA, by the way, is short for Juxtapose, as in side by side. It is a recognition that peer to peer is a juxtaposition to client server or Web based computing
Digging deeper into issues we always bump into QA. Issues in Testing Java Applets and a related source, Automating the Java build and test process address some aspects of Java QA. Another interesting resource is JUnit, which is a regression testing framework written by Erich Gamma and Kent Beck. Also take the time to visit IT Toolbox's Java page for a wealth of resources.
A surprising find is a site I just discovered called Quality Assurance & Software Testing Downloads. I thought I knew where every test and QA site on the web was until I found this gem. Although I haven't fully explored it, the content and downloads I did look at seemed to be high quality stuff. Before leaving the topic of QA and testing I'd be remiss if I didn't mention XPractices, which is a page devoted to extreme programming practices. There is a lot of test material here that any XP practitioner, development manager or QA professional will find useful.
I'll come full circle back to enterprise architectures in general and end this entry with a recommended whitepaper titled Web Services, Business Objects and Component Models by Philippe Mougin & Christophe Barriolade of Orchestra Networks.
Wednesday, January 30, 2002
On the topic of business-enabling technologies, there are two publications that are worth reading if you're an architect:
- XML: The Time is Now, which is a GartnerGroup presentation that makes a compelling business case for XML. This document is slanted towards healthcare and HIPAA, but is generic enough to be applied to any enterprise architecture initiative.
- Progress Report: HR-XML Implementations describes the progress to date by the HR-XML Consortium on schemas and DTDs supporting human resources. This consortium is an independent, non-profit organization dedicated to the development and promotion of standardized XML vocabularies for human resources.
A bit of digging in my usual haunts yielded resources that are focused on what Manisha wanted:
- When I'm looking for software engineering processes the first place I go is SPARWAR's Systems Engineering Process Office (SEPO) Process Asset Library. This site has an overwhelming array of artifacts, including process documents, presentations, guidelines and procedures. Within a few minutes I found the following procedures: Software Process Improvement Tracking and Oversight and Software Quality Assurance, both of which were in MS Word format. I also found a PowerPoint presentation on the Integrated Product Team Process.
- The Software Technology and Support Center (home of CrossTalk Magazine) had a Word document titled Process Tailoring for Software Project Plans that fits within organizational communications plans. The site has a library of documents that anyone serious about software engineering process improvement should bookmark.
- Concurrent Engineering and Software Development (PowerPoint format) ties integrated teams and software engineering together.
- Strategic marketing and integrated product and process management is an interesting presentation on the integration of technical teams and business strategies. This type of material should be more widely read among the technical folks because marketing generates the revenue. It goes without saying that without revenue we would not get paychecks.
- An Assurance Framework: Can Process Replace Evaluation? doesn't completely fit the theme of this entry, but I found it to be interesting. I included it because it addresses aspects of organizational communications plans.
- I also included The CMM Integration Project presentation because it directly supports organizational communications. Indeed, CMMI requires a coherent organizational communications plan.
Tuesday, January 29, 2002
- DevelopSense, which is run by Michael Bolton and Nichola Lenehan is distinguished by a wealth of Testing & QA Resources and some exceptionally well-written Software engineering essays.
- Thomas B. Cox's page is an Oracle DBA's dream come true. Among the resources that set this site apart are: DBA Maturity Model and a large number of papers on backup and recovery, DBA checklist and more. If you're a DBA you'll love the site.
- Luigi Buglione's page has a cache of quality-related content in the Publications and presentations sections. Many of the documents and presentations are in Italian, but many are in English. An interesting feature is the page devoted to QEST & LIME models. QEST stands for Quality factor + Economic, Social and Technical dimensions, and LIME stands for LIfecycle MEasurement. If you've been following my references to ETVX you can also download a PDF document on the ETVX process model from this site.
Moral: A fool and his [her] data are soon parted. Fortunately we back-up after every change, and migrate those back-ups to CD ROM. If you're not doing the same thing ask yourself how long it would take to recover from a complete loss of all files and content on your personal page. Sobering, isn't it?
Monday, January 28, 2002
Prior to starting this weblog and its companion Postcards from the Revolution we had spent a lot of time creating single-topic web pages. Mike and I share a compulsion to promote professionalism and to share resources with anyone who values them. The problem with putting up so many repositories is after a point keeping them up-to-date with news, new content and the such is time consuming. In fact, what we managed to create was a potpourri of pages that morphed into a giant hairball from a management point of view. Worse, two of these pages were newsletters (Infrastructure Technology Management and Project Management).
We were grappling with the problem of how to breathe new life into these, and decided that what we needed was an interactive discussion forum to make the information exchange a living thing instead of static pages. We reasoned that this would also draw in knowledge and opinions from others, so we created the IT Operations Management Discussion Forum to augment the Infrastructure Technology Management newsletter and Project Management Discussion Forum to augment the Project Management newsletter. For good measure I created the Women in Information Technology Discussion Forum with the goal of mentioning younger women who are in the profession, as well as providing a forum for women in the industry to exchange ideas and advice. None of the forums generated much interest, which is evidenced by the dearth of posts and participation.
While we felt that we were not making much of a contribution through the forums, site statistics for each of the single-topic pages and each of our home pages did indicate that these sites were popular. We also started tracking hits on the weblogs and discovered that this one, Notes from the Field, is frequently visited and read. For some reason Postcards from the Revolution does not enjoy the same number of visitors, but the traffic has picked up. Another contributing factor is that weblog was created on 21 January and is still relatively new.
This brings me to the single-topic pages that we have. One thought was to eliminate them altogether, but they are popular and don't require any effort to leave them in place. If you haven't already checked them out the following whirlwind tour will add some clarity to the virtual hairball that we've created:
- My personal page - divided into
- Mike's personal page, which is a gateway to other sites and resources that I'll describe below. He also has an about this site page and a page titled knowledge through reading. If you are diligent and click on graphic elements on the opening page you'll also be whisked to Mike's book reviews on Amazon.
- Software Quality Assurance is little more than an unannotated list of SQA resources.
- Software Engineering and IT Operations is a collection of resources. It also mixes topics (as bad as mixing metaphors), but does have valuable content for both topics.
- Software Change and Impact Analysis is a highly focused collection of resources that software engineering and IT operations management professionals will find valuable.
- Service and Application Delivery is another mixed topic collection that addresses development and operations. There are some gems here, but their descriptions are terse.
- Performance and Capacity Planning is a good source of materials for both performance analysis and planning, and capacity planning. The topics are distinctly different to practitioners, but are related at a meta level. The content here is tersely described, but invaluable to the right audience.
- Information Technology Security - this is the opening page to three pages devoted to different aspects of infosec:
- Life Cycle, Project & Infrastructure Management Page, which is Mike's original web page. Highlights are the Tools & Documents and Links sections. If you want to know more about Mike click the About Mike Tarrani link.
- Business and Strategic Planning Resources is devoted to promoting business knowledge in the IT professional ranks.
- Technical Communications Resources is a page of resources for technical writers, consultants and, frankly, anyone who wants to improve their ability to communicate ideas and information. There are writing and illustration resources that everyone, in and out of IT, will find useful.
- Sprint's presentation (PowerPoint format) on implementing TINA-C (Telecommunications Information Networking Architecture Consortium) is an approach that has promise as a customer/vendor process standard in the Managed Service Provider (MSP) world. If you are interested and want more information visit the TINA-C site. Another source of information that serves as a model for MSP is the Telemanagement Forum. This international organization has a number of projects and standards that can be adapted to the MSP domain with minimal effort. I have a collection of key Telemanagement Forum documents on one of my older sites in the Tools & Documents section - see Telecommunications on the page. Finally, if you are interested in processes and standards for MSPs (and ISPs), perhaps the TL 9000 standard that is sponsored by QuEST Forum (Quality Excellence for Suppliers of Telecommunications) is a good starting point. I reviewed a book on the topic titled TL9000: A Guide to Measuring Excellence in Telecommunications - my comments in the review will reveal the possibilities.
- On the topic of MSPs, check HostingTech's articles on the legal issues associated with hosting from vendor and customer viewpoints.
- There is an excellent article on disaster recovery that applies to service providers and in-house data centers.
- Although software configuration management does not fit the theme of this entry, I do want to share an excellent web page on software configuration management and the associated SCM PowerPoint presentation.
Resources and Documents
- PowerPoint presentation on project scheduling and tracking
- Detailed explanation of the Goal-Question-Metric technique. This GQM presentation gives a quick overview of the technique.
- Using Paired Comparison to Achieve Consensus is an in-depth document on paired comparison techniques. You may also want this summary of the paired comparison process and the accompanying paired comparison worksheet.
- First Things First: Prioritizing Requirements by Karl E. Wiegers is a well-written article that anyone involved with governance or requirements will find useful.
- Patching the blind spot in IT process model implementation is an interesting paper on integrated service management.
- RealScope is a project management framework that Mike Tarrani developed in 1997. We updated it and corrected portions of this framework in 2001. It remains a work in progress.
- Root Cause Analysis is a succinct set of guidelines for performing root cause analysis. This document is not IT-specific, but can be easily adapted to fit within IT, especially in service delivery and QA.
- Lessons Learned from Tool Adoption by Karl E. Wiegers reinforces the fact that you need a process before you look at tools.
- Seven secrets of a successful project office is must reading if you're running, or thinking about establishing, a PMO.
- Performance Management and Monitoring Dynamics by the Newport Group IT gives insights about leadership and performance in IT and is one of those whitepapers that will provoke thought and perhaps significantly influence your approach to IT management.
Subscribe to Posts [Atom]