I swear to fulfil, to the best of my ability and judgement, this covenant:
I will respect the hard-won scientific gains of those programmers in whose steps I walk, and gladly share such knowledge as is mine with those who are to follow.
I will apply, for the benefit of the users, all measures that are required, avoiding those twin traps of time and cost.
I will remember that there is art to software as well as science, and that warmth, sympathy, and understanding may outweigh the programming toolsets or coding standards.
I will not be ashamed to say “I know not,” nor will I fail to call in my colleagues when the skills of another are needed for a project’s success.
I will respect the privacy of my users, for their problems are not disclosed to me that the world may know. Most especially must I tread with care in matters of life and death. If it is given me to save a life, all thanks. But it may also be within my power to take a life; this awesome responsibility must be faced with great humbleness and awareness of my own frailty. Above all, I must not play at God.
Under what circumstances, if any, can adding team members to a software development project that is running late result in a reduction in the actual ship date with a level of quality equal to that if the existing team were allow to work until completion?
There are a number of things that I think are necessary, but not sufficient, for this to occur (in no particular order):
- The proposed individuals to be added to the project must have:
- At least a reasonable understanding of the problem domain of the project
- Be proficient in the language of the project and the specific technologies that they would use for the tasks they would be given
- Their proficiency must /not/ be much less or much greater than the weakest or strongest existing member respectively. Weak members will drain your existing staff with tertiary problems while a new person who is too strong will disrupt the team with how everything they have done and are doing is wrong.
- Have good communication skills
- Be highly motivated (e.g. be able to work independently without prodding)
- The existing team members must have:
- Excellent communication skills
- Excellent time management skills
- The project lead/management must have:
- Good prioritization and resource allocation abilities
- A high level of respect from the existing team members
- Excellent communication skills
- The project must have:
- A good, completed, and documented software design specification
- Good documentation of things already implemented
- A modular design to allow clear chunks of responsibility to be carved out
- Sufficient automated processes for quality assurance for the required defect level These might include such things as: unit tests, regression tests, automated build deployments, etc.)
- A bug/feature tracking system that is currently in-place and in-use by the team (e.g. trac, SourceForge, FogBugz, etc).
One of the first things that should be discussed is whether the ship date can be slipped, whether features can be cut, and if some combinations of the two will allow you to satisfy release with your existing staff. Many times its a couple features that are really hogging the resources of the team that won’t deliver value equal to the investment. So give your project’s priorities a serious review before anything else.
If the outcome of the above paragraph isn’t sufficient, then visit the list above. If you caught the schedule slip early, the addition of the right team members at the right time may save the release. Unfortunately, the closer you get to your expected ship date, the more things can go wrong with adding people. At one point, you’ll cross the “point of no return” where no amount of change (other than shipping the current development branch) can save your release.
I could go on and on but I think I hit the major points. Outside of the project and in terms of your career, the company’s future success, etc. one of the things that you should definitely do is figure out why you were late, if anything could have been done alert you earlier, and what measures you need to take to prevent it in the future. A late project usually occurs because you were either:
- Were late before you started (more stuff than time) and/or
- slipped 1hr, 1day at time.
Hope that helps!
Continue reading “Project Management is difficult – like running a ship”
This series of blog posts goes through the additions made to the default ASP.NET MVC template to build the ASP.NET MVC Boilerplate project template. You can create a new project using this template by installing the Visual Studio template extension or visit the GitHub site to view the source code.
What is CSP?
For a true in-depth look into CSP, I highly recommend reading Mozilla‘s documentation on the subject. It really is the best resource on the web. I will assume that you’ve read the documentation and will be going through a few examples below.
Content Security Policy or CSP is a great new HTTP header that controls where a web browser is allowed to load content from and the type of content it is allowed to load. It uses a white-list of allowed content and blocks anything not in the allowed list. It gives us very fine grained control and allows us to run our site in a sandbox in the users browser.
CSP is all about adding an extra layer of security to your site using a Defence in Depth strategy.
The idea behind the defense in depth approach is to defend a system against any particular attack using several independent methods
It helps detect and mitigate Cross Site Scripting (XSS) and various data injection attacks, such as SQL Injection. Continue reading “Content Security Policy (CSP) for ASP.NET MVC”
After the long-winding road of discussion and deliberation, revision, disagreements and adjustments, the Open Web Application Security Project (OWASP) are updating their venerable Top 10 list of the most critical web application security risks since 2013. This update brings with it three new entries to the list, based on data OWASP collected and analyzed. Here’s all you need to know about OWASP Top 10 2017.
Continue reading “OWASP 2017 Update”
Execute a Python script
In the following example we will write a variation of the mandatory “Hello World” script:
>>> print "It's easy to write a Python script!"
It's easy to write a Python script!
Continue reading “Beginners Guide to Python”