Monday, August 13, 2012

Improving Code Quality - Scheduling Technical Debt and the Bucket Parable

Overview

Please read the previous post on improving code-quality using LCOM4 and Cyclomatic Complexity before reading this entry. Below I present two ways of thinking about technical debt in your organizations. The first is the old-school approach, and the second is the approach preferred once the vast amount of cyber-fraud was detected.

Old way of thinking

Before cyber-security became a large concern, software development companies thought differently than now about their approach to their applications.  In those days, if you'd run Sonar against your codebase, and  identified some areas where your source-code was butt-hurt and you wanted to fix it, you had a problem.  See, the viewpoint was that acknowledging flaws in your code was also acknowledging legal liability. So, companies would fix bugs in "maintenance releases" but would not acknowledge the specific security failures they were fixing.  This environment of subtlety safeguarded application developers, but exposed end-users to the prospects of security holes as a result of bugs.

The Reality

Currently, there are massive cyber attacks against companies around the world making companies more appreciative of an increased level of due diligence with their applications.  The mark of a successful company is not that they pretend problems don't exist in their code, it is in the fact they acknowledge it, fix it, and communicate it. To understand how to plan to include technical debt resolution, you must first understand the Bucket Parable.

The Bucket Parable.. a digression (bear with me, it pertains)

Back in the olden-days, there was a small village that had a very unique annual contest: the rocks-in-a-bucket contest.  The goal was to see who among the competitors could get the most rocks in their buckets.  Now, their buckets were all the same size;so, the only thing that differed was the size of the rocks.  In the first year's contest, a strong man named "Hugo" won the prize because he had managed to stuff 2 massive rocks into his bucket. The next year, a strapping gentleman on a horse won with 3 rocks, each weighing five pounds each.  And the third year?  Well, the next legendary player was Mike Van himself, and he was able to stuff over 400 rocks into his bucket.  But how, you say?  Well, while all the other folks were worrying about the big rocks, Mike Van paid attention to the little rocks too. So, whenever there was a gap between the big rocks, Mike Van filled them with the little rocks. As he began to build up his bucket, he noticed that the massive number of little rocks also gave the bucket extra weight, making it more formidable. Well, Mike Van was proclaimed the winner, after which he went into retirement from rocks-in-a-bucket, moving into a cave to knit "delicates" for poodles. He apparently feels it is a growth investment zone.

The Bucket Parable and Scheduling Technical Debt

If you've ever been on a good development team, you know about feast and famine. There are times that you have so much work to do there you have to work stupid long hours, and there are other times when you play Call of Duty with your co-worker cuz there aint squat.  It is this time that the Bucket Parable comes into play.

If you are delivering product, meaning software, on a schedule, that means you have a specific period of time to deliver a specific set of functionality.  Think of your timeline as the bucket in the bucket parable.  Now, each of your major tasks are going to take up some of the time of one-or-more of your developers.  These major tasks are your big rocks.  However, what will they do when they're complete?

After you've completed your Sonar analysis and have noted the weaker areas in your codebase, you should create tasks for each item to fix.  Then,. in your tracking tool, allow your developers to choose those "little rocks" they can do when/while they do their big rocks. At the end of the development cycle, not only have you completed all of the intended features, you've also completed a large set of smaller tasks including paying down  your technical debt. Customers like this. Its good. Do it, then drink beer with friends.

Summary

Using Sonar to develop the conceptual model of a "bucket-of-rocks" we are able to identify the most significant areas of risk associated with our technical debt, and manage it while creating a negligible impact on our customer's bottom line.

16 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. It verda Cybersecurity is complicated, because some companies have become big business, and this makes you lose credibility. Even us to doubt the quality, reliability, etc.. But there are other companies that make things very very well. Very good post, I give you 10 points!
    Regards,
    Joshua | Vudu

    ReplyDelete
  3. Find your post suitable for me and my website thanks for sharing your good knowledge with us dofollow social bookmarking list

    ReplyDelete
  4. This comment has been removed by a blog administrator.

    ReplyDelete
  5. “Congratulations Mike Van! Thank you so much for taking the time to share this exciting information.”
    Ozone laundry washing

    ReplyDelete
  6. This comment has been removed by a blog administrator.

    ReplyDelete
  7. This comment has been removed by a blog administrator.

    ReplyDelete
  8. Quite impressive post it is.I have got more information from your blog. Thanks for posting. Open Source Development

    ReplyDelete
  9. This comment has been removed by a blog administrator.

    ReplyDelete
  10. This comment has been removed by a blog administrator.

    ReplyDelete
  11. This comment has been removed by a blog administrator.

    ReplyDelete
  12. This comment has been removed by a blog administrator.

    ReplyDelete
  13. Good information and great post.  I like the website, and am sure to keep returning.
    container weighing services

    ReplyDelete
  14. Keep sharing. Your blog contains very good information,Nice explanation and very helpful blog for Open Source Development.
    Open source company in india

    ReplyDelete
  15. NATIONAL INSTITUTE OF DIGITAL EDUCATION established in 2010 with the mission of delivering training to professionals in Computer Training. We offer a wide range of quality computer training.

    All our training courses are taught by professionals in the field, allowing you the chance to learn from experts within their respected industry, which provides you with a quality computer training that will help you take your knowledge and career to new heights. We have different courses to shoot-up the requirement of the general youths of West Bengal. The duration of the courses are segregated in Six Months, One Year & 18 Months. Students are awarded by CERTIFICATE which will accept all over India.
    -----------------------------------------------------------------------------------------------------
    Email: info@nideindia.in / nidedirector@gmail.com

    Website : http://www.nideindia.in , Facebook : https://www.facebook.com/NIDEofficial/

    Twitter : https://twitter.com/nideindia , YouTube : https://www.youtube.com/channel/UCDvV-Fhx9Tz3jDmeZu4EOUw

    Android App : https://play.google.com/store/apps/details?id=com.ntss.nide

    ReplyDelete