Friday, January 12, 2007

Spaf on security

Here's streaming audio and video of Spaf being interviewed about "US Computer Insecurity". This is a nice layman's level discussion.

I was going to try to joke about how the next interview in the series is about "Redefining Masculinity" and how much more interesting it would be if the producers had mixed up the guests for the two weeks, but I refrain.

In the spirit of my recent postings about HICSS, here's some trivia: I first met spaf at HICSS-22 in 1989. As I recall, someone in his posse was collecting our unused drink tickets. Allegedly.

Disclaimer: I wouldn't have written the two previous paragraphs if I didn't know about spaf's tolerance of bad attempts at humor. Judging from his recent post to Web-Heads about a man and a dead horse, I think he's still warped :)

Wednesday, January 10, 2007

HICSS slides

Hal Abelson's slides (promised in a previous post) from his distinguished lecture are posted, along with other HICSS-40 highlights.

Sittin' on a plane

I'm glad I wasn't on this plane from FAT-DFW, or the infamous SFO-DFW flight that was also diverted to Austin for hours and hours.

Saturday, January 06, 2007

Using Information: New Technologies, Ways & Means: How to Have a Great HICSS Experience

A few more notes from HICSS:
  • I went to a session about development of secure software. There were statements about how it's not feasible to formally specify and verify something as complicated as an operating system. Hmm. Well, in before 1980 aspects of UCLA secure Unix was formally specified and verified. In fact, work on "multilevel secure operating systems" is one of the most developed example of formal V&V of real, complicated (and really complicated) systems. And, work on multilevel secure operating systems paid for a lot of my UCSB education :)

    In any case, this is all related to the infamous Orange Book.
  • Yesterday's plenary by Hal Abelson was good. It was essentially a pitch for Creative Commons, and how the knowledge-creation community should shun commercial publishers and some professional associations such as the American Chemical Society :) I will post a link to his slides when they are posted.
  • I'm currently in a session about automated testing. Also here is my former UCSB professor, and father of design-by-contract, and Eiffel, Bertrand Meyer. It was nice to say hello.

One thing I like about HICSS (my first one was 21 years ago!) is if you make good selections about what to attend you'll hear some great ideas. Looking through the program I see the following software engineering names in addition to Bertand: Shari Lawrence Pfleeger, Barry Boehm (HICSS distinguished lecturer two years ago), John Carroll, et al.

Jonathan Grudin has a blog about HICSS and Using Information: New Technologies, Ways & Means: How to Have a Great HICSS Experience

Friday, January 05, 2007

Do you aspire to be a Scrum Master?

Steve's post about stand-up meetings (see the three questions at the end of his post) reminded me about the HICSS session I am attending today on agile development techniques, Scrum and XP in particular.

Some very interesting comments made by the speakers such as
  • in one industrial case study presented about the use of pair programming, very few defects were found by the "navigator" of the pair.
  • you can use rock-paper-scissors at the beginning of each day to determine who starts driving and who starts navigating.
  • a Scrum case study (about 1000 KLOC) showed "linear or better" productivity increases by adding people. Note this is opposite to Brooks' "adding people to a later project makes it later". The general claim by the speaker was that by going to Scrum you can double productivity, in contrast to outsourcing which he claimed gives a 20 percent productivity increase.

Other impressions: There's actually been quite a bit of research done on pair programming, from a software development productivity point of view and from a cognitive approach. The industry people seem to be reinventing the wheel on some of these basic things. Not surprising since it feels good to reinvent a good idea like the wheel :)

Seriously though, I recommend that software engineers flip through Barry Boehm's slides from his ICSE 2006 keynote slides (ICSE is the big practitioner-academic yearly conference). He notes (on slide 7) that we are losing our history:

Median ICSE 2005 paper has no reference before 1984-85
77% have no references before 1980

In any case, everyone should look at his figure on slide 9.