Re: [SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

From: Steve Tockey < >
Date: Wed, 2 Mar 2016 19:30:18 +0000

Les,
You wrote:

"It's worth reflecting on the process whereby software gets to the state of
"it sucks"."

"Changes that fixed one problem would create many
more. The guy who wrote the code was a good man, very knowledgeable in the process technology and smart. Unfortunately he did not have a professional education."

Exactly. At the root of most problems I see in software is simply an utter lack of PROFESSIONAL software engineering education. One of the threads we're on here talks about Cyclomatic Complexity. Tom McCabe published the original paper in 1972. 1972, for chrissakes!!! And yet, when I'm working with developers in my customer organizations, before we talk about cyclomatic complexity I ask who has ever even heard about it before (let alone actually pay attention to it in their code). I usually have about a 10% positive response rate. 90% of so-called professional software developers have no idea it even existes.

Now, move on to things like cohesion & coupling, TRUE encapsulation (which is simply not possible unless one is doing Design by Contract), Design-to-Invariants & Design-for-Change, etc. Again, utter cluelessness, but even higher percentages than for cyclomatic complexity.

Somehow, hiring managers seem to think that being able to follow some programming language's syntax rules is enough to make one worthy of the salaries paid in this industry.

I wrote an article about this for IEEE Computer that went out in the November, 2015 issue:
https://www.computer.org/csdl/mags/co/2015/11/mco2015110096-abs.html

"It saddens me that humanity takes so long to learn."

Yes, me too. But as I wrote before on a related list:

Whether you knew it or not, many of the regulations in air transport today can be traced back to a single event: the crash of TWA Flight 599 in Kansas on March 31, 1931. That crash killed Knute Rockne, then coach of the Notre Dame football team. Quote
(http://en.wikipedia.org/wiki/Knute_Rockne):

"The national outcry over the air disaster that killed Rockne (and the 7
others) triggered sweeping changes to airliner design, manufacturing, operation, inspection, maintenance, regulation and crash-investigation--igniting a safety revolution that ultimately transformed airline travel worldwide, from the most dangerous form of travel to the safest form of travel."

I suppose we simply have to wait for the software equivalent of TWA 599 before we can expect to see any improvement. Sigh.

-----Original Message-----
From: Les Chambers <les_at_xxxxxx Date: Tuesday, March 1, 2016 3:43 PM
To: Steve Tockey <Steve.Tockey_at_xxxxxx <systemsafety_at_xxxxxx Subject: RE: [SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Steve
It's worth reflecting on the process whereby software gets to the state of
"it sucks".

Some years ago I was a member of a team of 12 working on the start-up of a latex reactor system. We were working around the clock on 12 hour shifts. The core reactor control algorithms were not working as planned. That is, not complying with what we called the English language description of the reactors stepwise operation. In those days we called requirements the English language (as though they belonged to an alien race from another planet who could only speak English and who should probably stay there and leave us alone).
Critical discussions were occurring at the shift changeover meeting when the
code would be handed off to the incoming shift. We were all having a problem
understanding the code. Changes that fixed one problem would create many more. The guy who wrote the code was a good man, very knowledgeable in the process technology and smart. Unfortunately he did not have a professional education. He had been trained in the use of the state engine but I suspect did not love or respect the model and chose to take some logical shortcuts which resulted in the classical heavily nested if-then-else statements. We had administered the state engine Kool-Aid but only by mouth. This guy's lack of a professional background indicated that a drip would have been a more effective, straight to the bloodstream. The other thing we failed to do
was conduct more in-process review of his work. As the light thickened the 12 good men and true resolved to nurture his code
- fix it with a tweak here and a bug fix there. We were under a lot of pressure day and night from the night's black agents (the sales guys) who were running out of product to sell. When you do a major plant upgrade you usually fill the storage tanks and plan on a one-month shakedown and testing
period once all the equipment including software is in place. We were running out of time. The feckless bug fixing went on for four shifts (48 hours non-stop). At the fourth shift change meeting we all looked at each other and finally accepted the truth: this was a hack, what we were doing was dangerous and unsustainable. The code would not be understood by future maintainers and was likely to have more bugs than we had found. And as the crows made wing to the rooky wood, under extreme pleasure (the sales guys could care less about the beauty of our code) we resolved to rewrite sections of the code. The thing was it only took a 12 hour shift to do. We kicked ourselves for not making this decision on day one.

This is a microcosm of how crap code gets into production. It is not conceived and developed against sustainable models, grows like Topsy and it's "suckiness" is discovered too late for a major rewrite. There simply isn't the money in the pot even if you are a large corporation. There are several large corporations in the same position as your unnamed word processor vendor. For example a well known purveyor of document reader software has a committed team that would just love to rewrite the product but is unable to assemble the funds. Right now they are flat out staving off
attacks from Russians who have found vulnerabilities that allow them to crash and invade PCs running the software at a high level of security.

Perhaps by now the uninitiated may appreciate how irrelevant a collegiate debate on the ambiguity of a standard is to situations such as these. I wonder if any standards bodies ever do a 360 review on what the profession thinks of their standards and how they are used, or if they are used at all.
I recently had the opportunity to review the curriculum of the University of
Queensland's Electrical Engineering and Computer Science Department. The curriculum guy had never heard the number 61508. In Bristol last year I attempted to get a sneak peek of ISO standards work and asked PBL about the process of signing up as an industry reviewer. He regarded me with horror. I
stood by for the gush of boiling oil from the top of his silo.

It saddens me that humanity takes so long to learn. Shakespeare knew about the ramifications of piling bad on bad in 1605 when he had Macbeth say:

Light thickens, and the crow
Makes wing to th' rooky wood.
Good things of day begin to droop and drowse; Whiles night's black agents to their preys do rouse. Thou marvel'st at my words: but hold thee still. THINGS BAD BEGUN MAKE STRONG THEMSELVES BY ILL. Cheers
Les

PS:
By the way I'm not against Fagan reviews, they can be good value when used as designed. I wrote an essay on my first exposure to them here: http://www.systemsengineeringblog.com/extreme-review-a-tale-of-nakedness-al s
atians-and-fagan-inspection/

... but they are designed for inspection of completed deliverables, they are
the end game not the arc of the story.

-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces_at_xxxxxx Steve Tockey
Sent: Wednesday, March 2, 2016 5:07 AM
To: Derek M Jones; systemsafety_at_xxxxxx Subject: Re: [SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Derek,
An interesting position, but please consider this alternative view:

I'm using a popular word processor for writing my new book. I've seen reports from credible people who have evaluated that code base, they all report, "it sucks". I know people who work for that company, they freely admit "our code sucks". No question, it's bad code.

As a user, I have already logged 93 unique defects against the product. The most serious defect is that it can go into an infinite loop after a Paste. When it does, I have to go to the operating system control panel to kill the process as it is consuming 100% of one CPU and not listening to any user input. My habit now is to Save-Cut-Paste instead of the normal Cut-Paste to minimize lost work (it's supposed "saved" version is up to 20 minutes of editing behind). Web searching reveals that this infinite-loop-on-Paste defect has been in the product since 2011 and has still not been fixed. I can't think of any other way to put it, it's bad code.

But here's the deal, I can't invest anything in that code. It's not my code to invest in. I'm just the poor hapless user who has to deal with their crap because that's what the publisher wants.

Your position is fine from a supplier-side perspective, but what about the consumer-side? Shouldn't we have a say? At best, all I can do economically is be true to my vow of never spending another penny with that vendor. They've gotten enough of my money over the years for their schlock software. No more.

It's not my option to invest in their code. All I can do is make it obvious that I refuse to spend any more with those schmucks.

Regards,

-----Original Message-----
From: systemsafety <systemsafety-bounces_at_xxxxxx on behalf of Derek M Jones <derek_at_xxxxxx Organization: Knowledge Software, Ltd
Date: Tuesday, March 1, 2016 8:13 AM
To: "systemsafety_at_xxxxxx <systemsafety_at_xxxxxx Subject: Re: [SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Steve,

> My point is that it's not a simple thing to precisely define "bad code", > neither is it a simple thing to detect it or repair it.

Bad code can be precisely defined by the amount of resources you are willing to invest in finding and fixing any problems it might contain.

If the code might contain problems that you are not willing to invest in doing anything about, then it is obviously good enough.

How you choose to invest the resources you have in finding/fixing problems is a technical issue. There is not a lot of hard data available to help make the optimal use of resources, so people tend to follow the herd and sprinkle in a few of their own preferences.

-- 
Derek M. Jones           Software analysis
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com
_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx

_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx



_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx
Received on Wed Mar 02 2016 - 20:30:30 CET

This archive was generated by hypermail 2.3.0 : Tue Apr 23 2019 - 01:17:08 CEST