This article may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. To maintain the flow of the article, we've left these URLs in the text, but disabled the links.
.gif)
xTreme Programming
Karen Watterson
If you're like me, you go through phases of introspection about what it means to be a programmer and developer (or manager). Most often, it's a dysfunctional coworker or a doomed project that ignites a new phase, but sometimes it's a new book that everyone's talking about.
Kent Beck's eXtreme Programming eXplained (ISBN 0-201-61641-6, $29.95) seems to have generated the requisite buzz this spring. (See, for example, http://www.xprogramming.com and http://c2.com/cgi/wiki?ExtremeProgrammingRoadmap to find out more about Kent Beck, Ward Cunningham, and Ron Jefferies, the "three extremos," and to sample Ward Cunningham's Portland Pattern Repository, a.k.a. Wiki.) In it, Beck describes his Extreme Programming (XP) software development methodology as "lightweight" and intuitive. XP generalizes some common-sense premises that most of us can agree with. For example, Beck recommends pair programming ("If code reviews are good, we'll review code all the time") and integrated, ongoing testing-"If testing is good, everybody will test all the time (unit testing), even the customers (functional testing)"-to the extent of even integrating and testing several times a day.
Beck, who owns First Class Software, Inc., has helped pioneer patterns for software development, CRC cards, the HotDraw drawing editor framework, the xUnit unit testing framework, and claims to have helped pioneer the rediscovery of test-first programming. He's written scores of articles on programming and two books on Smalltalk.
As he explains, "When I first articulated XP, I had the mental image of knobs on a control board. Each knob was a practice that from experience I knew worked well. I'd turn all the knobs up to 10 and see what happened. I was a little surprised to find that the whole package of practices was stable, predictable, and flexible." Beck's been around long enough to realize that there's no such thing as a one-size-fits-all recipe for making great software, however, and admits that XP, which is geared towards small- to medium-sized projects and teams, might seem absolutely crazy to some people. He even goes so far as to say that XP might appeal only to teams that are in such bad shape they need a radical new blueprint. I don't think so. I think his ideas are worth thinking about.
The outsourcing thing
The March 6th Computerworld had a pair of columns that set me thinking, too. In one, Frank Hayes, who was reflecting on the headline-making denial of service attacks that had just recently occurred, suggested that "the more we outsource, the less we know about the people who'll get elbow-deep into our systems. They could be terrorists, industrial spies, or crackers.…" According to Hayes, the irony is that, in order to save time and money by outsourcing, we'd better plan on spending money to have serious background checks done on potential contractors and spending time to do serious testing of contractors' code. Makes sense to me.
In the other editorial, Paul Strassmann (http://www.strassmann.com), who's president of The Information Economics Press and senior advisor to the Science Applications International Corporation (SAIC)-and has also served as Director of Defense Information, and as Principal Deputy Assistant Secretary of Defense for Command, Control, Communications, and Intelligence-suggested that IT executives should plan to phase out "the wasteful insistence on IT self-sufficiency." Strassmann calls this the "medieval guild phase of systems construction." His advice: "Prepare to rent systems services from huge services corporations to spread the costs of an increasingly expensive and risky systems infrastructure that only giant integrated firms will be able to afford."
What do you think? Do you think programmers serve guild-type apprenticeships? Did you? Is this good or bad? Do you think firms should outsource more or less? And if they do consider outsourcing, what should they outsource: infrastructure, application development, testing, documentation, and/or application hosting? Of course, there aren't any easy answers. Worse yet, making the wrong decision could bankrupt the company-and everyone would know where to point the finger. So if you're a coder who sometimes resents how much your CIO gets paid, think how stressful it must be making these kinds of decisions.
Another recent article-this one by Yair Alan Griver, CIO of Hackensack, NJ-based Flash Creative (http://www.flashcreative.com), who's widely recognized both as an early adopter and evangelist of object-based programming and as a Visual FoxPro expert-also set me thinking about software development, but at a more granular level. In the first issue of the quarterly Code Magazine (http://www.code-magazine.com), Alan advocates thinking in terms of a Windows DBA development pattern language. According to Griver, there are five fundamental stereotypes in a Windows DNA application: resources, resource managers, data sources, validation objects, and process objects. After reading the article, I had one of those "aha!" moments that helped crystallize my understanding of the Windows DNA monster. Think patterns.
Healthy paranoia
You don't have to be in the outsourcing game to worry about security, hackers, terrorists, and so on. I subscribe to several security mailing lists, but one of my favorites is the RISKS Digest. It's been around for two decades (longer than I've been a subscriber), and it's moderated by SRI's Peter Neumann, a well-known figure in the industry who has a wonderful dry wit. You can subscribe either directly through your newsserver (comp.risks) or via e-mail by sending a message to risks-request@csl.sri.com with the word "subscribe" in the message area. RISKS is published about weekly, as are CERT mailings (http://www.cert.org). You probably already subscribe to Microsoft's own security bulletin service. If not, you'll find a list of current bulletins at https://www.microsoft.com/technet/security/current.aspx.
To find out more about Visual Basic Developer and Pinnacle Publishing, visit their website at http://www.pinpub.com/
Note: This is not a Microsoft Corporation website. Microsoft is not responsible for its content.
This article is reproduced from the July 2000 issue of Visual Basic Developer. Copyright 2000, by Pinnacle Publishing, Inc., unless otherwise noted. All rights are reserved. Visual Basic Developer is an independently produced publication of Pinnacle Publishing, Inc. No part of this article may be used or reproduced in any fashion (except in brief quotations used in critical articles and reviews) without prior consent of Pinnacle Publishing, Inc. To contact Pinnacle Publishing, Inc., please call 1-800-788-1900.