Saturday, March 09, 2002

A Place for Everything, and Everything in its Place. Yesterday I made my debut by posting a short entry in Postcards from the Revolution to add to Mike's earlier discussions that touched upon knowledge management. Since this weblog is the one Mike and Linda intended as a diary into which interesting documents and links were to go, I am going to use this for its intended purpose.

Data Management. I am not an IT professional. I am, however, a knowledgeable (and demanding) user of IT services and have a keen appreciation of the tools that are made available by technology. The adage that a craftsperson knows their tools is applicable. I first want to share a collection of documents that introduce databases and data warehouses to any reader who does not routinely work with either (i.e., network support, technical writers and others in IT who know only the bare fundamentals). The first set of documents is in a Zip archive that contains four PowerPoint presentations that introduce database and data warehouses at a basic level.

The next document is a data mining tutorial, which will lay the groundwork for a more in-depth set of PowerPoint presentations about data mining and online analytical processing, which is a business intelligence specialist's most powerful tool set.

For the more technically inclined I've put together a collection of PowerPoint presentations about modeling and schemas that cover the basics, and discuss star vs. snowflake schemas, and get deeper into multidimensional databases.

General Interest. I have more to share than database-centric documents. One of the better presentations I've read lately is Building Business Intelligence Systems, which is an excellent overview of the issues you need to explore. Be aware that this presentation was designed to showcase a specific vendor product, but that does not diminish the value of the message and information in the first seventy-five percent of the document.

Another vendor-specific document that contains excellent information that can be applied in a vendor-neutral environment is eContent Management. Not all data is neatly housed in a data structure, and the overview of challenges that is provided in this presentation is invaluable.

Some Things Just Don't Fit. In parting I want to share three documents that do not fit the theme of this entry:

  1. eLearning Standards, which is surprising because the document was put together by Cisco, which most of us associate with networking and routers. A little research revealed much about Cisco, such as the company has a sophisticated customer relationship management approach, and is heavily involved in distance learning and other initiatives.
  2. On Enterprise Integration is more slanted towards Mike's Zachman Framework theme in Postcards from the Revolution, but with a little imagination and vision you can see how the data mining and OLAP topics I addressed above relate to this PowerPoint presentation. It's all the more valuable if you're an architect who is visualizing a big picture that includes business intelligence, CRM and knowledge management.
  3. I included Overview of the Internet and Data as a "101" presentation you may find useful as a tool for educating your end users.
Parting Note. If your interests are more focused on information warfare than competitive intelligence you should visit the Information Warfare page that Mike and Linda created. This page is on their IT Security site and covers the darker side of information intelligence in depth. My favorite link from that page is Robert D. Steele's OSS Net Whitepaper collection. Mr. Steele is also one of my favorite Amazon reviewers. I'm currently reading The Ends of the Earth by Robert Kaplan because of Mr. Steele's insightful 12 July 2001 review of this fascinating book.

Friday, March 08, 2002

Tidying Up. Today is one of those days when I feel as though I'm simultaneously juggling and trying to move forward. The problem is that for every two steps forward I'm being pushed one step back. Worse, some of the items I'm juggling are dropping. My solution is to take a deep breath, smell the roses and clear my mind. Before I enjoy the beautiful day here in Azusa, California, bathed in sunshine with the majestic San Gabriel Mountains as a backdrop, I want to share the fruits of my research during the past few days.

Manifestations. Kate Hartshorn's recent entry in Postcards from the Revolution is one of the clearest explanations of competitive intelligence I've read. Her supporting material on competitive intelligence, knowledge management and intellectual property law is overwhelming. Coincidently I was also reading about competitive intelligence earlier this week and want to contribute one more document to the impressive collection that Kate has shared: Applying Business Intelligence.

Directions. Mike has taken both weblogs into a direction that neither of us planned when we started this one and Postcards from the Revolution. This weblog was going to be a jumbled collection of documents and links that we wanted to share as we came across them in our research. Postcards from the Revolution was intended to be our soapbox from which we were going to preach professional improvement. Instead, both have become showcases for themes. The current theme in Postcards is the Zachman Framework, and the coming theme here is going to be policies, processes and procedures. That theme is good for a week of Mike's entries because he has much to share in the way of knowledge and experience on the topic.

Architecture. Some of the material I've amassed this week will support Mike's and Kate's entries. In particular, architecture, which plays nicely into Mike's Zachman Framework topic. The Action Guides for the Enterprise Architect, which I downloaded from Bredemeyer Consulting site, blends process and systems architecture into a coherent approach. Another source of architecture information that takes the same approach is Enterprise-Wide IT Architecture (EWITA).

Business Issues. Regardless of how deep we get into the nuts and bolts of technology we need to remain constantly aware of the business aspects. IT exists to enable business processes and to support users. Period. To that end I have four documents that will refocus attention on business issues:

  1. Winning the E-Race
  2. Making a Business Case for E-Commerce Project Selection
  3. E-Commerce Success Models
  4. Quality of Experience
On the Process Front. We never stray far from software engineering in this weblog, and I don't intend to make an exception today. Among the documents that were caught in my research net this week are:Additional documents include: a PowerPoint presentation on ISO 9000:2000, and the differences between it and the 1996 version, a best practice in the form of a PowerPoint presentation that describes SAIC's change management practices, and a Software Risk Management Guide in MS Word format.

Project Management. When projects are correctly managed careers light up. Ed Yourdon's 246-slide PowerPoint presentation titled, Managing Internet-Time Projects has advice that can propel you into the fast track. If, on the other hand, your career is looking shaky because of a project gone sour, Nightmare on Project X is a PowerPoint presentation that shows how to get projects back on track. It might just contain the redemption you're seeking.

Odds and Ends. I'm going to end with two documents that don't fit anywhere else: Introduction to Erlang B and C, which is essential to managing queues. You'll need to thoroughly understand the concept behing Erlangs if you model help desk staffing, telecommunications capacity and any other model that involves queues (including how many checkers are required in a supermarket for a given number of shoppers). If you're in QA you'll appreciate the two PowerPoint presentations on regression testing. They cover the process of regression testing, and how to prioritize regression test cases.

I'm off to enjoy the sun and the rest of the day.

Thursday, March 07, 2002

Setting the Stage. I've been focusing on the Zachman Framework and business rules in my latest Postcards from the Revolution entries. Since that theme is going to continue for a few more days I want to use this weblog as a vehicle for discussing process models.

Catalyst. The reasons why I want to discuss process models are:

Since Linda and I use these weblogs to share information the reasons cited above provide ample justification for a series on process.

Prelude. I've gathered material that will accomplish two things: (1) give background information about domain specific processes, such as supply chain management, software process improvement, etc., and (2) provide common standards and techniques. The material is diverse and is more valuable when studied to see how the embedded processes were derived. To be sure, it will take careful study to accomplish that; however, if you're feeling ambitious you may want to see how the processes, models and standards in the material fit within the Zachman Framework described in the last three Postcards from the Revolution entries.

The background material is as follows:

End Note. In earlier entries Linda and I discussed the state of software engineering at the international level. If you're interested in Asian initiatives the whitepaper titled, Software Entrepreneurism in Korea is worth reading, as is the collection of reports and presentations from the 14th Asian Forum for the Standardization of Information Technology.

Wednesday, March 06, 2002

On a Tangent. My current topic in Postcards from the Revolution is the Zachman Framework, and I want to stay focused on that topic and two closely related topics: enterprise architecture planning and business rules. So, I'm going to use this entry to address a wider view of architecture.

Being Rational. Although I've discussed the Rational Unified Process (RUP) in previous entries, I have some PowerPoint presentations that tie the RUP to architecture:

All That's RUP is Not Gold. Or, put another way, the RUP is but one way to look at architectures. It is also not the final word on processes either. While I happen to be both a fan and advocate of the RUP, I look for best practices anywhere I can find them. Requirements is one of my areas of professional interest. I tend to collect any artifacts I come across, and I've recently discovered three, which I've zipped into an archive of requirements artifacts that contains a requirements engineering process, an elicitation worksheet and a whitepaper about requirements quality. There is an outstanding book on requirements management within the RUP titled, Managing Software Requirements: A Unified Approach.

Another of my passions is project management. I'm always on the lookout for best practices, documents, forms and templates and new techniques. I've zipped up two new discoveries, the Department of Energy project management guide, and a project planning questionnaire, both of which are in MS Word format. These project management artifacts can be tailored to your specific organizational requirements. Walker Royce's excellent book titled, Software Project Management: A Unified Framework. If you're working with the RUP you'll want this book. I personally found the approach and techniques to reflect best practices in software project management, and recommend this book regardless of whether or not you're using the RUP.

Other Topics. I'm going to take a shotgun approach and share a few links and documents that I discovered earlier in the week. These are random and loosely related, so there is sure to be something for everyone:

End Note. Linda and I are in a race to post a review of Rich Schiesser's book, IT Systems Management: Designing, Implementing, and Managing World-Class Infrastructures. The book is about processes, and includes application acceptance, change control and other essential service delivery topics. In my opinion this is the best book so far among the excellent titles in the Harris Kern Enterprise Computing Series. Bravo Mr. Schiesser!

Tuesday, March 05, 2002

I've just added an entry on database security in Postcards from the Revolution to supplement Mike's recent security and tools entries. I also wanted to complement his enterprise architecture planning theme that he started. My entry here connects to security and tools, starting with Handbook of Information Security Management, which is an online version of the print version that's available from Amazon.

Another resource is Security Architectures for Large-Scale Distributed Collaboratory Environments. Combined, these two documents will provide QA practitioners with ample background information for developing test strategies that include security.

We live in a connected world, so understanding network security testing is a skill that QA professionals need to add to their knowledge base. I have a network design guide in MS Word format that will get you up to speed in network technologies if you need to understand more than the bare basics. An additional resource is The Art of Network Testing, which Mike reviewed on Amazon on 16 September 2001.

More specific security issues which all IT professionals should understand include internet vulnerabilities. Architects and QA should be aware of these exposures so that designs and test strategies can proactively address them at all stages of a system's life cycle. By reverse-engineering Modeling Internet Attacks you can see what needs to be designed into a system, as well as what needs to be tested before the system is deployed. You can use the same strategy by using the materials I provided earlier today in Postcards from the Revolution about database security.

Another area that needs attention in all phases of the system life cycle is Denial of Service Attacks. The PowerPoint presentation on DoS attacks is a good starting point. There is a new twist on this type of attack called Distributed Reflection Denial of Service reported and documented by Steve Gibson.

Idea Generator. I'm always looking for ways to succinctly convey information. While browsing DARPA's site earlier today I came across one of the best examples, which is shown on a project summary page. The project itself was of little interest, but the way it's summarized is nicely done. What I especially like is the Quad Chart format that captures the entire project in a single visual quadrant, with the other three quadrants for new ideas, impact and schedule. It's compact, conveys an incredible amount of information and is more effective, in my opinion, than ten or fifteen PowerPoint slides. I've archived three example quad charts for three different projects. Take a look and judge for yourself.

Fair is Fair. I provided security tools in my 3 and 4 March entries in Postcards from the Revolution. I'm going to provide advanced testing tools here to even things out. These tools will be of value to performance and capacity planners, as well as members of QA teams involved in conformance testing.

Network Test Tools and Simulators. The tools listed below are free, but you will be required to fill out a request form before you can download them. The form is used for internal project justification purposes. After you complete the request form(s) you will be immediately given a link to download the tool. Also note that many of these tools are provided as source code (usually C or C++).

Integration Tool. WebSubmit is a Web-based utility providing access to applications on a collection of heterogeneous computing resources. Its goal is to make it easy to use computing resources via the Web without requiring knowledge of the specifics of unfamiliar operating systems and dynamic application environments. Users can effectively log into distinct computing environments and perform tasks without needing a detailed knowledge of their operating environment.

End Note. Outsourced software development is a reality. I am not going to open Pandora's Box by expressing my opinions on the problems in the US software industry, but am going to share a whitepaper I found titled, Applying Software Quality Assurance to Outsourced Software Development.

Monday, March 04, 2002

I was reading through a message thread on a forum in which Mike was debating the state of our industry. Basically it's the same old story: those users have the audacity to treat us dismissively. I am not going to become embroiled in the debate, and personally think Mike is wasting his time since most of the debaters are developers who probably spend their lives doing heads-down coding.

Many of the debaters also seem to come from small company/small-to-medium client environments--the wild, wild west. The issue seems to boil down to professional standards, or the lack thereof.

There are professional standards, which Mike mentioned in some of his posts. I think the most promising professional organization is the International Council on Systems Engineering, which has technical standards committees and working groups, and international influence. They are organized and are actively promoting professionalism in their community. So it can be done. I just don't think it is going to get done by a group of independent consultants.

Interestingly, Mike mentioned in a different discussion thread that the US was being left behind because of quality and professionalism issues. Naturally there was a lot of heated push-back about that. A little research on my part yielded the following fact that deflates the naysayers' arguments: a Canadian organization called CIPS (Canadian Information Processing Society) is taking the initiative by establishing professional standards and a certification called I.S.P (Information System Professional). The CIPS mission statement is strongly worded and shows both national leadership on the part of Canada and an example of how to go about establishing professional standards and certifications:

CIPS, through the work of the Certification Council is dedicated to establishing a registered and regulated information systems profession in Canada as well as to establishing the groundwork for a fully licensed profession. The council works to determine, develop and maintain the integrity, credibility, and competence of individuals active in the IT field.
I've made a CIPS presentation available in PowerPoint format if anyone is interested in the history and a summary of objectives.

I came across four PowerPoint presentations that augment recently discussed topics here and in Postcards from the Revolution:

  1. HIPAA Readiness for those who are in the health care industry.
  2. ebXML Update.
  3. XML and E-Business.
  4. Internet Commerce: Understanding Payments, Security and Storefronts.
That last presentation has 234 slides. Good evening from Azusa, California.

Sunday, March 03, 2002

Testing ... testing .... This theme allows me to tie together assurance from my last entry here and security topics from my recent Postcards from the Revolution entries.

Statistically Speaking. Testing and quality require knowledge of statistics, and ready reference to this dry subject is a good resource to have close by. I recommend bookmarking the Engineering Statistics Handbook, which will always be available as a reference if you can connect to the web.

If you're doing statistical analysis with a spreadsheet you will soon run into limitations. You may want to obtain a copy of Dataplot, which is a free, public-domain, multi-platform (Unix, Linux, PC-DOS, Windows NT, etc.) software system for scientific visualization, statistical analysis, and non-linear modeling. The price is certainly right.

The "M" Word. Yes, it stands for Microsoft. Manisha Saboo of eRunway shared two links that will be of interest to anyone who is in a Microsoft-centric environment, either by choice or by necessity. The first link is a page devoted to Load Testing Tools for Windows DNA Solutions. The second link is to an article titled, Why Believes in Testing the Web. It's a well-written article. Given the ongoing stream of patches coming from Microsoft's application and operating system folks perhaps they can learn a lesson from their dot com brothers and sisters.

Compliance. The 28 Feb 2002 issue of has an update of the NuSphere/MySQL issue that is the first court case to test the validity of the GPL. This is a clear signal to anyone who is developing open source software. If you are an open source developer you should check Lineo's GPL Compliance Tool.

Other Testing Resources. Data Network Penetration Testing is a short whitepaper in MS Word format that adds to the QA body of knowledge by providing guidance for conducting penetration tests.

Testing Software Product Lines is just what the title implies. Software Test Performance Benchmarking in MS Word format is an interesting whitepaper that will provide ideas about test process improvement.

I'm including A Risk Driven View of Electronic Contracting because I forgot to add it when I wrote my previous entry. This document can be used as an assurance tool for electronic contract transactions.

End Note. If you're looking for test tools and artifacts try QA Downloads which is an excellent repository for QA professionals.

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]