TEAM Zarate Tarrani Notes From the Field

Dangling Thoughts. Yesterday and the day before I made entries here that only briefly touched upon topics. The 20 February entry touched upon project management, and I've picked up where I left it in 22 February Postcards from the Revolution entry. I moved the discussion there because the theme is more suited to that weblog's goal: improving IT professionalsim.

In my last entry here I opened Pandora's Box with respect to what I claim to be the real war--the very real shifting of economic power from the US, and eroding competitive advantage of the US software industry. This entry will flesh-out my thoughts on this important topic.

Situational Analysis. The situation is, in a word, a hairball. Worse, it's a hairball of our own making. Here is how I see it:

1. Microsoft's monopoly has stifled the US software industry.

   This isn't an opinion--it's a fact that came out of the DOJ vs. Microsoft trial. However, I have opinions about how it came to be, and one opinion is it is not Microsoft's fault. On the contrary, Microsoft is a publicly held company and the company officers have a legal responsibility to protect shareholder value. The manner in which they protected this value was at the expense of any company that challenged what Microsoft perceived to be a market in which they wanted to capture, which, over time, led to their monopoly.

   This didn't happen overnight, nor was Microsoft subtle about what they were doing. That they were able to evolve into a monopoly is the fault of the Department of Justice for allowing the situation to reach the point it did.

2. UCITA (Uniform Computer Information Transactions Act) has implications that make what Microsoft's monopoly did to the health of the software industry pale in comparison.

   I first mentioned UCITA in my 2 January entry here, and followed-up with my 17 January entry, which discusses UCITA ramifications in greater detail, and my 8 February entry in Postcards from the Revolution.

   In essence, if UCITA were to pass in its original form the US software industry will not be held to standards of quality that the Uniform Commercial Code requires of all other products. Consumers would suffer, but worse, the US economy would suffer because companies that develop software have no incentive to assure quality. If you look at any company in the technology sector--software, hardware of services--the key to competitive advantage is driven by time-to-market. The pressures are enormous. Put yourself in the shoes of a CEO of such a company - at which point is a product good enough to ship? Not perfect - good enough. Quality almost always loses. Remove legal liability for quality, which UCITA would do, and it doesn't take much foresight to predict that the security vulnerabilities and code defects in software that is shipping today would only get worse.

3. One of the world leaders in high quality software is India. How did they achieve this? By espousing the Capability Maturity Model, which was developed in the US with Government funding, and other standards and methods. Why hasn't the US software industry adopted these? Outside of the Department of Defense and the contractors that cater to it, and a few large companies, the US industry cannot be bothered by something that many claim to be a hindrance. All you have to do is go to Amazon and read reviews of the CMM books.

   The point is that the US software industry is losing leadership because it does not take quality seriously. If you don't think it can happen take a look at what happened to the US steel, automobile and consumer electronics industry - all world leaders when I was growing up.

4. The EU is more than a collection of European countries - it's an economic bloc that uses the same currency and an open trading system among its members. One could say that there is a certain amount of protectionism as well. That's nothing new - Japan's trade practices make it impossible for an outside company to penetrate the Japanese market. The EU could easily go that way too. The EU is also leading in quality initiatives that cover not only software, but services.

Checkpoint. This entry has grown into an essay, and I am not going to finish it tonight. I'll recap what I've asserted during the past two days:

• we're in a war, but it isn't a war against terrorism
• our opponents are not trying to conquer us, but they are driven by self-interests, as are we; and that's as it should be
• our [elected and appointed] government allowed a monopoly to become established that has stifled the development of our software industry and potential innovations
• a free market will choose quality and our software industry has stiff competition from India and the EU
• the market is global and we may get locked out of it to a large extent

to be continued ...

Mixed Feelings. I am no fan of Microsoft for a number of reasons, but the foremost is their insecure and flawed software. As someone who specializes in service delivery certain qualities and characteristics are important - reliability and availability are the top two.

So, security issues aside, flaws such as memory leaks that require therapeutic reboots and blue screens of death are anathema to someone with my background. Lest we forget, the 'patch-o-rama' in which system administrators engage to keep up with the latest defect and security vulnerability fixes (some of which introduce more defects and vulnerabilities) is unique to enterprises that heavily use Microsoft products. TCO? Down the drain. Compute the lost productivity that accrues from unscheduled maintenance (those patches, er, service packs, need to be installed), scheduled maintenance (until Microsoft I had never heard of a 'therapeutic reboot'), and the extra support staff and equipment to support buggy, resource hungry software and total cost of ownership becomes a joke. And not a funny one at that.

Are We Fighting the Right War?. You would think that the recent news that the EU Grid Project is emerging as an open-source .NET competitor (see Wired News' article, The Grid Draws Its Battle Lines) would be well received by someone with my opinions. On one hand it is. On the other hand, though, it is an indicator of future trouble.

Before proceeding I am going to give my view of what's happening in the world today. Most Americans believe that we're engaged in a battle against terrorism. We are sending troops to places many Americans never knew existed before 11 September. However, the real war [in my opinion] is not one that is being fought with bullets and bombs - it's being fought with value migration, economic unity and power, and maneuvering. You catch occasional glimpses of this very real war, but rarely does it look like a war. Consider the recent Wired News report, EU Approves Net Tax Rules. Is it significant? In and of itself, no. It is, however, an indicator of increasing economic maneuvering.

Who is the Enemy? Am I faulting the EU? No. They have understandable self-interests and are doing a remarkable job of looking after those interests. I am alarmed at how exposed the US software industry is, because we've allowed a company to attain a monopoly position built on products and practices that give the EU a rationale for imposing protectionist measures. These would impede the US software developers' efforts to grow market share among EU customers, and ultimately hurt our economy.

For some historical parallels and additional issues see my 17 January 2002 entry here that's timestamped 6:31 AM. More on this topic at a later time.

Genuine Good News. I am delighted to see that the industry is becoming serious about an alternative to Microsoft's Passport. For once the other players are actually acting instead of spewing forth rhetoric, but never coming up with viable counter-solutions. The ZD Technet news proclaiming, More joining the Liberty Alliance shows that we have real choices for a critical piece of web-based computing. We need to choose wisely, because there are significant differences between Liberty and Passport, as explained in Robert Lemos' article titled, Liberty Alliance, Passport Miles Apart.

End Note. Kate Hartshorn and I will be talking more about the political and economic issues I touched upon here in a site she and I will be maintaining on business intelligence.

Fast Takes. I had a short conversation with Unmesh Laddha, Thinking Minds, Inc. CEO, about properly managing projects. The short version is effective project management boils down to a few simple steps and a lot of mundane--but important--attention to small details.

I am not going to go into specifics today, but am going to provide background material on processes that are reasonably easy to manage if you have a disciplined project manager and team.

Key to Success. The key word is discipline; i.e., people who will take the time to do proper up-front planning and estimating, work from checklists, and measure actual costs and work against planned baselines.

The first source is my 19 February entry in Postcards from the Revolution where I provided a presentation and whitepaper supporting 16 critical software practices. The second source is an article describing a streamlined version of the Rational Unified Process (RUP). If you're not familiar with the RUP I have a PowerPoint presentation that will quickly summarize the process.

A streamlined version of the RUP is described in an article by Gary K. Evans titled A Simplified Approach to RUP. You can also download the article in PDF format.

Another approach is evolutionary rapid development, which is described in an MS Word whitepaper. No, these resources do not teach project management, but they do provide frameworks and advice that are the foundation of development projects. At a later time I'll write a short article on the bare essentials for managing projects.

Failure and Prevention. The NIST Draft Software Fault and Failure Handbook is a valuable resource for project managers, system architects and SQA professionals. In addition, the associated Guidance on Errors in C++ and Classification of Object-Oriented Faults should be read and closely followed by your entire project team if your project involves C++ and/or OO.

End Note. For the QA professionals among you, the following real-life performance test plan is an example of how to develop this kind of test strategy and associated test cases.

I've been busy catching up on the backlog of books I'm reviewing, so entries for the rest of the week are going to be fast takes such as this one and my most recent entry in Postcards from the Revolution. Bear with me because when I do resurface I'll have a lot to say about many topics.

For my QA & SQA Colleagues. The latest issue of the IBM Systems Journal is devoted to Software Testing and Verification. The article I most liked is The Software Testing Automation Framework, which explores the opportunities for reuse and automation in test organizations. For more information about the Software Testing Framework see the STAF Page.

Tool Update. The Software Process Dashboard Initiative has released Process Dashboard version 1.4. This tool supports the Personal Software Process There are a large number of new features in version 1.4.

The Software Process Dashboard Initiative also supports the Team Software Process with a companion tool called Team Process Dashboard.

Both of these tools are free and are written 100% in Java.

Models and Methods. SoftQual Consulting has a nicely done page on Standards & Models that describes the more common quality standards and models, and points to additional WWW resources.

If you're doing open source development the Open-source software development methodology (PDF format) is an interesting approach that gives a coherent framework.

End Note. I added Ed Yourdon's weblog to the list of blogs we read and recommend. We IT pros with grey hair grew up reading Ed Yourdon's books (and others published by YOURDON Press). Ed also has a web page that is worth a visit.

A Promise Kept. Yesterday I promised to cover XML conformance in today's entry, and have many valuable artifacts on the topic to share. But first things first: I want to extend a heartfelt and sincere happy birthday wish to my friend and colleague Linda Zarate. Linda's entries here, her role in the family of web pages we maintain, and her collaboration on countless projects, papers and deliverables showcase her talent. She is also a well respected and prolific book reviewer, but most of all, my cherished friend.

On Standards Making. In my Wednesday, 13 February entry I expressed some concern about the fact that the ebXML standard was under the cognizance of Organization for the Advancement of Structured Information Standards (OASIS) and the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT). The concern was that the World Wide Web Consortium (W3C), which has cognizance over the XML standard, was not involved with the ebXML standard.

As it turns out, OASIS has a powerful collaborating partner: NIST. My concerns have been greatly assuaged. In addition, NIST and OASIS have teamed to develop XML conformance tools, which directly support their ebXML initiative.

Conformance and Testing - Tools and Documents. Among the most valuable artifacts to come out of the OASIS/NIST collaboration is the XML Conformance Test Suite. This suite is consistent and compatible with the W3C XML Coordination Group's XML 1.0 (Second Edition) Recommendation.

The NIST side of the collaboration is driven by their Software Diagnostics and Conformance Testing Division, which has an impressive collection of general and specific conformance test documents that are publicly available. Examples of initiatives from NIST include the conformance test suite for XMLSchema Part 2: Datatypes and their Web Technologies Group work with XML, XSL and DOM.

Related Resources. Other sources of XML and ebXML information that I've been using in my research include:

• Lisa Rein's website. Ms. Rein is an acknowledged XML expert with an impressive record of accomplishments and contributions in the XML domain. I also recommend regular visits to her weblog to find out what she's thinking because what she has to say about a number of topics is worth a listen.
• Xegis, which is a weblog that covers XML and related technologies. It's regularly updated and is one of my primary sources of information.
• XML-Dev. Another weblog that is regularly updated and is a good source of XML (and related topic) news and commentary.
• XML Hack. Yet another weblog that provides developer news from the XML community.

Ending Notes. I'll end this with some miscellaneous resources that I found worth bookmarking: Intranet Journal is an online news source for intranets. The focus is infrastructure and the content is fresh and useful.

WebMacro, which is a 100% Java open-source servlet framework, is worth a look. I'm mentioning this open source tool/framework because it explicitly supports separation of concerns, which is the key goal of aspect-oriented software development (see my 8 February entry).