“Take nothing for granted,” is the mantra of every software tester. Add localization to the mix and the level of vigilance goes into hyperdrive. In the spirit of helping others avoid needless pain, I launched this Lessons learned from localization series. In Part 1, we explored documentation pain and coping strategies. Part 2 was development discomfort and solutions. In this final installment, we explore the lessons learned by our testing department, who are known for being generous to a fault, as in “here’s a PR for you, and you, and you…” For this post,
Read More »
Instead of fomenting dissent (that barely exists) in a brazen attempt to boost readership, I’m changing tactics to look at ways in which testing and development are complementary, beyond their common goal of releasing quality software products. What can I say? After my previous post, How developers drive testers nuts–let’s count the ways, I’m clearly getting less edgy. I approached our newest addition to the Klocwork development team, Michail Greshishchev. While he’s a new full-timer, Greshishchev is not a new face around here. The recent Carleton University engineering graduate did two co-op terms here–one in professional
Read More »
In my last post, I took us back in time to an era of bad fashion, questionable music, legendary television shows, and source code analysis tools that were made specifically for software developers. It was the 1970s. In this post, I fast forward to just after the turn of the century to discuss the next evolution of static analysis tools. The Early 21st Century Not long after we first viewed hairy-footed Hobbits on the silver screen, and the sham that was affectionately known as Y2K, a new generation of source code analysis tools emerged to
Read More »
Our marketing people here at Klocwork like to see me racking up frequent flyer miles and expending CO2 at roadshows, conferences and tradeshows. Whenever I’m out speaking, I always like to gauge audience familiarity with Static Code Analysis. I’m happy to say that SCA knowledge has definitely increased over the years, but it is still not up to levels enjoyed by unit testing or integration testing. What I plan to do over the next three weeks is to provide you with a history lesson on how Static Code Analysis has evolved over the past few
Read More »
At daily standup meetings, they eye each other from opposite sides of the room. Sitting on the same side of the cubicle wall is unthinkable. They’re united only by their desire to produce quality software products and their appreciation for coffee and energy drinks. What’s good to one side can be anathema to the other when it comes to code. I’m talking, of course, about testing and development teams. In the interests of generating more comments improving dialogue between two very important functions in a software organization, our marketing director asked me to interview our
Read More »In a previous post I discussed the process where we practice dogfooding. This is the process of using Klocwork on Klocwork (KonK). We started this program several years back with the hopes that we would learn some valuable lessons about usability, performance and anything else that would give us an edge. The truth is that KonK has consistently allowed us to test our design assumptions early by allowing our own developers to use Klocwork as part of their development. One of the unexpected results was inadvertently uncovering data that further validated for us the importance
Read More »
I had a chance to speak with Bruce Swope, the VP of Engineering at SterlingTech, an ISO13485 Registered full-service medical device software organization offering software development and validation services. SterlingTech has developed software for an array of medical products including implantable devices as well as external support and monitoring equipment. Their team has worked on Class I, II, and III devices that resulted in successful FDA 510(k)s, PMAs, and CE submissions. Bruce has extensive experience in medical device software development and he is an expert in leading Class III medical software products to commercial release. His depth
Read More »We are starting to see a large amount of Android phones such as the Droid and Xperia X10 (see a review here) and the (soon-to-be-released) first Google phone, Nexus One. With this, expect the number of apps to increase significantly. So with the increased number of apps, do these developers have the right tools to find and fix bugs? Take a look at the leader of phone applications-iPhone. There have been several posts (here and here) that recommend using the Clang static analyzer. Apple has taken it one step further, apparently rejecting iPhone apps that
Read More »Next week I’m heading out to the Software Assurance Forum (use SOF96945 for the conference code) in Washington D.C. (well, actually Arlington, Virginia, but D.C. sounds more glamorous). If you’re not familiar with what the SWA is, in a nutshell, its key objective is to encourage software developers to raise overall software quality and security from the start, rather than relying on applying patches to systems after vulnerabilities are discovered. Anyways, while I’m there, I’ll be taking part in 2 speaking opportunities. The first will be as part of a 6 person panel discussion entitled
Read More »
I have always loved “I’m gonna write me a new minivan” from Scott Adams. To me, it never gets old. Originally published in 1998, the theme that applied then still does today: driving 100% of defects or bugs out of the code-base is a laudable goal, but is it really the right one? I would have to argue no. There’s no silver bullet out there that will find all software defects and solve issues automagically, and until there is, software development will continue to struggle with prioritization. Unfortunately, we live in a world of finite resources and constantly evolving demands,
Read More »
