What is MISRA? More Irrelevant Software Requirements Again…uh no but certainly the sentiment of many developers. MISRA (Motor Industry Software Reliability Association) is a coding standard, which first released MISRA C in 1998 and has since been revised. Obviously, this came out of the automotive sector with a clear focus on helping software systems to be more reliable and maintainable. MISRA has since grown. Now you see more and more industries adopting these standards. In 2008, MISRA released the C++ equivalent standard. So the obvious question is, should I apply this to my software source
Read More »In my previous post I discussed where I thought Agile really falls flat. The problem I have is working remotely. Several times now I’ve misinterpreted what exactly we covered in remote meetings. These have been mostly minor things but they do add up. But here is where there is just a massive difference between Waterfall versus Agile. By far the biggest lesson for me and why I love Agile is all based on visibility. Having a working product in one simple iteration means the world. So even though I was ranting in my previous post,
Read More »Since the goal of Agile development is to have working software early, source code analysis enables developers to analyze the quality and security of code from day one of coding ” one of the earliest points in the software development process Source code analysis (sometimes called “static analysis”) is a technology which analyzes source code for the purpose of detecting defects, understanding architecture, collecting statistics on the software and more. One of the most prominent commercial uses of static analysis is for defect detection. Vendors like Coverity, Klocwork, Fortify Software and others have sophisticated products
Read More »Integrated support for CWE, CERT and SAMATE initiatives helps developers eliminate exploitable security issues BURLINGTON, Mass. – Mar 23, 2010 – Klocwork, Inc., the global leader in automated source code analysis solutions for improving developer productivity, today announced the enhancement of its security vulnerability analysis capabilities with support for the Common Weakness Enumeration™ (CWE), the CERT Secure Coding Initiative, and the Software Assurance Metrics and Tool Evaluation (SAMATE) project. Integrated support for these initiatives ensures Klocwork’s security reporting features align with industry and government best practices for identifying, understanding, and remediating security coding issues. Common
Read More »
The importance of code reviews has already been well covered by lots of smart people like Jack Ganssle and Jason Cohen. Recently, the subject has become more important around here, so we want to offer our take. In particular, we’re looking at the best way(s) to incorporate code reviews into an overall software verification strategy and how automated tools (such as static analysis, no shock there) can help unleash the benefits of peer code review. More on that angle another time, first the bigger picture. Klocwork recently commissioned a survey conducted by Forrester research on
Read More »Unlike Todd who is this blog’s main Agile expert, I’m pretty new to agile. I’ve gone through the typical training (CSPO) and all the other good stuff, so I’m drinking the Kool-aid. But I thought I would provide my perspective, now that I’ve been working in an Agile shop for a while and tell you what I think really sucks. I’ve read lots of warnings why Agile can fail and I’ve tried to stay focused on overcoming the hurdles. Being a product manager, one of the things that is really ringing true to me is where
Read More »
As I write this, I’m sitting at the Dallas airport, suffering through a 3 hour delay on my flight to Washington D.C. to present at our 2nd Agile in Action Roadshow with our friends from Electric Cloud, Perforce, and VersionOne. As I have the time, I’ve been reflecting on my time here in Dallas, and the phrase “Everything is big in Texas” is bang on. Before I get to that though, I have to say that I do love Dallas…I’m not totally sure, but I truly believe I’m treated a little more special because of
Read More »Part III – Joy is All Around Us When you think of a social activity, what do you think of? Perhaps a rave? Or maybe a quiet bridge foursome is more your style? Or even a Matrix-style meet-and-greet complete with latex and contortionists? Ahem… Or maybe you’ve finally let go of this old-world requirement to actually be in the presence of an individual to enjoy a social encounter with them, and instead have embraced the reality of the 21st century, that society and social interactions no longer require physical presence, and instead surround us every
Read More »
At the risk of sounding like a co-dependent, in this post I discuss coping mechanisms that a “big picture” technical writer (say, like my friend Beulah) can use to adjust to working in the granular conditions of an agile environment. Don’t give up the big picture When you work on a bunch of stories or tasks, it’s trees, trees, trees everywhere you look and not a forest to be found. This means that a nice concise how-to could be a long way off while you document myriad features. My advice is to finish
Read More »
