columns
Crisis Management
“We are different.” I hear this all too often. Of course everybody is different as is every organization. But, at least in the software business, we share a great many common problems. Generally, saying “We’re different” is a way of saying “Don’t bother me, I’m busy.” The two likely reasons for this are that your boss is either a plodder or is too preoccupied with the current crises to think about anything else. With plodders as bosses, you only have two choices: outwait them or leave. The crisis case is when your boss is so enmeshed in the current crises that he or she doesn’t have the time or energy to think about anything else. This is the case most of us need to think about, either as workers trying to get the attention of busy bosses or as bosses who are too busy to think about anything but surviving. This column discusses how to handle such situations so that you can have a reasonable chance of actually starting an improvement effort.
The Place of Architecture in a Crowdsourced World
Yochai Benkler, in his book The Wealth of Networks, puts forth a provocative argument: that we are in the midst of a radical transformation in how we create our information environment. This change is at the heart of the open-source software (OSS) movement but OSS is only one example of how society is restructuring around new models of production and consumption of services. The aspect that is most startling, Benkler writes, “is the rise of effective, large-scale cooperative efforts—peer production of information, knowledge, and culture ... . We are beginning to see the expansion of this model not only to our core software platforms, but beyond them into every domain of information and cultural production.” The networked information environment has dramatically transformed the marketplace, creating new modes and opportunities for how we make and exchange information. “Crowdsourcing” is now used for creation in the arts, in basic research, and in retail business. So what is the place of architecture in a crowdsourced world? There are a number of characteristics of crowdsourced systems that challenge existing models of system development.
Requisite Agility
The ability of software-intensive systems or organizations to respond rapidly to changing demand is a key determining factor in their achieving business or mission objectives. Because of the primacy of achieving objectives to all organizations—in the U.S. Department of Defense (DoD), civilian government, and industry—understanding of the agility needed to respond to changing demand is a key challenge on the research agenda of the SEI Integration of Software Intensive Systems (ISIS) initiative. The ISIS team is developing the SoS Navigator, a growing set of modeling techniques that offer insights into the relationship between systems or organizational structure and agility.
Appraisals Across the CMMI Constellations
As the door opens for appraisals using the CMMI for Acquisition methodology (CMMI-ACQ) in addition to CMMI for Development (CMMI-DEV), questions arise about multiple-constellation appraisals. This column addresses our current thinking about these options.
Making SIMPLE Decisions about Software Product Lines
Some of the most frequently asked questions about software product lines involve whether there will be a cost benefit to using the product-line approach. So researchers from the SEI, Siemens, the Fraunhofer Institute for Experimental Software Engineering, and Clemson University collaborated on a model that can be used to predict software product line costs and benefits under a variety of real-world situations and that can be used easily by product line decision-makers who may not be skilled in intricate economic theories.
SIMPLE is the Structured Intuitive Model of Product Line Economics, a general-purpose business model that supports the estimation of the costs and benefits in a product line development organization. SIMPLE helps in decisions such as whether to use a product line strategy in a specific situation, the specific strategy to apply, and the appropriateness of acquiring or building specific assets.
Tackling the Growing Botnet Threat
A botnet is made up of compromised hosts, which are commonly referred to as bots or zombies. Botnets are collections of compromised hosts, centrally managed, or managed from multiple points, but they’re logging into a location that’s easily manageable.
It’s hard to say with absolute certainty why botnets are ongoing and rising. The simple fact is the code is out there, it’s very easy to use, and if anybody has any questions, there’s free support on the Internet to assist in trying to get botnets to run, operate, or exploit vulnerable machines.
This column is based on a podcast recorded with Nick Ianelli and posted to CERT’s Podcast Series: Security for Business Leaders. Nick Ianelli is a member of the CERT Coordination Center, conducting artifact analysis on malicious code. Julia Allen, who interviewed him, manages CERT’s Podcast Series and conducts research in security governance and software assurance.