Hangout for experimental confirmation and demonstration of software, computing, and networking. The exercises don't always work out. The professor is a bumbler and the laboratory assistant is a skanky dufus.

Recent Items
 
The Important Software Standards: Quality, Performance, and Diligence
 
Virtual Classrooms Model Social/Collaborative Software Direction
 
Microsoft Cracks Open the Word, Excel, and PowerPoint Formats in XML
 
A Litany of Lists: Creatiing Secure Applications
 
As Complex as Necessary and no More.
 
The Same Old Mistakes, Over and Over Again
 
Sorting the Mail: Agile Databases, Vulnerable Applications, and Optimized Code
 
SSH and Known_Hosts Vulnerabilities Threaten Grid
 
Service Research: Focusing on Requirements for Technology, not the Technology
 
TiddlyWiki: Ohmygosh, I'm in Love.

Archives
2004-06-13
2004-06-20
2004-06-27
2004-08-29
2004-09-05
2004-09-12
2004-09-19
2004-10-10
2004-10-24
2004-11-07
2004-11-28
2004-12-05
2004-12-12
2004-12-26
2005-01-30
2005-02-06
2005-03-06
2005-03-13
2005-03-20
2005-04-03
2005-04-10
2005-04-17
2005-04-24
2005-05-01
2005-05-08
2005-05-15
2005-05-29
2005-06-05
2005-06-12

Automated Authentication of Programming Standards?

CM News Service: Automatic Source Code Review is Development Tools’ Next Frontier.  NIST is developing SAMATE (you think it’s say-mate, or sam-awty, or same-awty or …), Software Assurance Metrics and Tool Evaluation.  The idea is to introduce tools into the software development lifecycle for “assessment, auditing, and acceptance.”

This raises an interesting issue in the development of trustworthiness: do we accept the assessment of an automated tool as an attestation, or do we want the attestation of the software engineer that supervised and reviewed the results of using the tool?

Another factor is whether or not these tools will be found insanely pedanntic in their issuing of warnings and raising of alarms about deviations.  It would seem that some sort of screening by a skilled developer, and a record of what the allowed deviations are, has to be part of the deal.  I’m sure there are those who see a bureaucratic nightmare in all of this.  It will be interesting to see what the practical trade-offs become.

Peter Coffee’s 2005 June 6 eWeek article leads out with the cautionary charge, “Coding standards should leave room for innovation.”  Peter links to Paul Black’s SAMATE page, currently in a provisional state and already providing a nice compilation of tools and perspectives.  As an examples of the kinds of coding standards, Coffee mentions the High Integrity C++ Coding Standards Manual, a valuable find.

This column is apparently a companion to the same-day article I discussed as The Important Software Standards: Quality, Performance, and Diligence.  Taking the two together provides more context on what standards mean—and how they are valuable—in this context.

I also think this all figures in how desirable it is to find a way to evolve trustworthiness as an ongoing approach to delivering and supporting software in a dependable way.

posted by orcmid at 6/15/2005 11:20:26 AM, rating data by NewsGator Online