This article summarizes some of the core principles, best practices, and my common sense for governing the Software Development Life Cycle. These SDLC ideas are applicable for both products and projects. I look forward to discussing these ideas with the wider community.
|
Category |
Principles and Practices |
|
Feasibility |
Identify the product/project investors, business sponsor, and key stakeholders. Establish economic model with costs and benefits spanning average and best/worst cases. Write a clear mission and vision statement. |
|
Requirements |
Document requirements for Minimum Viable Product (MVP). Document user stories, data model, 3rd party constraints, as well as the why, not just the what. Prototype UI and MVP concepts; get feedback from key users and domain experts. |
|
Project Management |
Define delivery of the project or product into large milestones and smaller iterations. Use 3-4 weeks per iteration and sprint. Plan sprints as a team. Schedule daily scrums and weekly meeting to review progress, obstacles, and scope. Define change control process that connects stakeholders with cost/benefit tradeoffs of change. Create work breakdown structure; define and sequence activities. Get labor and material cost estimates from engineering - not management or marketing. Establish a single point of accountability for technology, process, and business matters. Plan and distribute communications. Manage stakeholder expectations. Report performance. Identify top 10 project/product risks. Monitor and communicate risk assessment throughout. Identify core team of 3-5 people (e.g. size of large pizza) including business, engineering, and QA. Publish planning documents for managing costs, risks, QA, team, procurement, and requirements. |
|
Architecture |
Define major building blocks including their responsibilities and interfaces (Miller’s Law: < 9). Visualize the solution architecture for shared understanding using UML diagrams. |
|
Design |
Single Responsibility - components should have only 1 reason to change and exist. Encapsulation - share only what is needed; hide the details. Cohesion - gather and release related components, functions, and data together. Dependency Inversion - depend on abstractions, not concretions to manage change. Simplicity - make components/systems as simple as possible; minimize complexity. Stability - use stable abstractions, dependencies, and interfaces. Consistency - use consistent naming conventions, code styles, etc. DRY - Do not Repeat Yourself. YAGNI - You Ain’t Gonna Need It. Things Change. Plans change. Avoid gold plating. KISS - Keep It as Simple as poSsible. But no simpler. Refactor during maintenance iterations. Design does not end in one phase. Consider domain specific languages to represent flexible logic and rules. Consider reflection, attribute-based programming for dynamic feature surfaces. Consider microservices to reduce monolithic system into modular components. Consider concurrency and scaling to multiple processors and machines. Consider portability and migration to other platform/infrastructure environments. Consider localization and internationalization. |
|
Security |
How is the solution secured? Consider users, data, and system itself. How are users authenticated and authorized? Does data need to be encrypted in storage and transmission? Grant minimum privileges to users and service accounts. Use enterprise identity management systems (e.g. Active Directory, ) that federate. Avoid inventing your own user/group/password management and encryption systems. |
|
Database |
Is ACID necessary? Then perhaps SQL/RDBMS. Or does scalability suggest NoSQL? Visualize logical entities and their relationships using diagrams. Use primary keys and foreign keys for referential integrity. Use default and check constraints for column data integrity. Use indexes for large tables (1M+) and partitions for larger data sets (1B+). Use NoSQL, document oriented databases for very large data sets (1T+). Avoid cursors, triggers, and dynamic SQL. Use them sparingly and consciously. Secure access through groups and roles. Plan for growth and disaster recovery. Stress test for performance and reliability. |
|
Artifact Control |
Manage source code, binary references, and documentation using Version Control System. Prefer GIT; TFS and Subversion are OK though. Secure access to artifacts through groups and roles. Plan for several people working on system over time, perhaps at same time. Source code is not owned by one person; it is collectively owned by the team. |
|
Quality Control |
Code defensively. Check parameters. Use assertions. No broken windows. Are there tests for Correctness? Integration? Performance? Security? UX? Define automated unit tests such as MSTest, NUnit, jUnit, or RUnit. Assign manual beta testing driven by checklists to independent group of power users. Review designs before coding. Review code before production deployment. |
|
Devops |
Where will the solution run? desktops? Mobile? On Prem? Cloud? How will you deliver system updates and changes over time? Maintain separate environments for Development, Test, and Production. How do you log system activity especially errors and end-user usage? Automate builds and deployments using VSTS, Chef, Octopus, PowerShell, bash, etc. |
|
Support |
How will users contact you regarding features and defects? Track past, present, and future work in an online backlog. Use JIRA, VSTS, or a similar system. Avoid spreadsheets and email. |
|
Customers |
Delight users. Under promise and over deliver. Prioritize system feedback from power users who influence others and are passionate. Key users should be part of project and product teams and available - onsite, daily. |
|
Peopleware |
Align team member interests with work assignments. Create workspaces that support thoughtful, focused, un-interrupted work. Avoid open offices. Establish accountability and responsibility for decisions by making people put skin in the game. Take time to celebrate achieving milestones and performing post-mortems. |
|
Metaphors |
Cone of uncertainty - explore risk areas and learn to reduce uncertainty over lifecycle. Triangle of constraints - cost, scope, and quality. Pick 2 out of 3; it’s tough to have it all. Tracer bullets - use prototypes and feature spikes to find the moving target in the dark. Microstones - track progress on smaller units work to keep team focused within milestones. |
|
Proverbs |
Work with users to think like a user. Don’t gather requirements like scattered seeds; dig for them like buried treasure. You will fail, if there is no plan, no one following plan, and no change to plans when things change. Abstractions live longer than details. Test early, often, and automatically. Provide options; don’t give lame excuses. The word of someone else’s mouth sells better than opening yours. Good architectures with conceptual integrity should manage complexity and change. Do not assume something to be true; try to prove it. Sign your work; take pride in quality and craftsmanship. If you found it painful more than twice, then automate it. The cost of “quick and dirty” often lasts longer and gets dirtier than the quick win’s benefit. The best and the perfect are the enemy of the good. You don’t make money by developing software, but by delivering and selling software. Leverage 80/20 rule - finish 80% of requirements before design and 80% of design before coding. |
References
● Feasibility/Requirements
○ Lean Enterprise by Humble, Molesky, and O’Reilly
● Design/Construction
○ Extreme Programming by Kent Beck
○ Pragmatic Programmer by Andrew Hunt and Dave Thomas
○ Code Complete by Steve McConnell
○ Design Patterns by GoF
● DevOps
○ Release It by Michael Nygard
● Project Management
○ Essential Scrum by Ken Rubin
○ PMBOK by Project Management Institute
● SDLC
○ Software Project Survival Guide by Steve McConnell
○ Peopleware by Tom DeMarco and Tim Lister
○ 12 Steps to Great Code by Joel Spolsky
No comments:
Post a Comment