No Silver Bullet – Essence and Accident in Software Engineering Mike Ballou“There is no single development, in either technology or management technique, which by itself promises even one order-of- in simplicity.”Abstract “All software construction involves essential tasks, the fashioning of the complex conceptual structures that compose the abstract software entity, and accidental tasks, the onto machine languages within space and speed constraints.”Abstract “Most of the big gains in software productivity have come from removing artificial barriers that have made the accidental tasks inordinately

technologies and operations, including the challenges associated with information assurance. Agile development practices can help the DoD to transform IT acquisition by delivering capabilities faster and responding succeed in an increasingly complex environment. Agile has emerged as the leading industry software development methodology, and has seen growing adoption across the DoD and other federal agencies. Agile the program characteristics. Agile development can achieve these objectives through:  Focusing on small, frequent capability releases  Valuing working software over comprehensive documentation

Myth—DevOps is Just “Infrastructure as Code” or Automation: g. Myth—DevOps is Only for Open Source Software: 2. Foreword xix 3. Imagine a World Where Dev and Ops Become DevOps: a. THE CORE, CHRONIC CONFLICT and poor quality 3. Consider when we have an annual schedule for software releases, where an entire year’s worth of code that Development has worked on is released to production deployment. Like in manufacturing STREAM 1. In the book Implementing Lean Software Development: From Concept to Cash, Mary and Tom Poppendieck describe waste and hardship in the software development stream as anything that causes delay

and when we realize that the costs and risks of custom development have been radically reduced, the economics often now favor custom development. Governance and Oversight: Governance has traditionally uncertainty by planning and analysis. Agile teams tend to drive out uncertainty by developing working software in small increments and then adjusting.  Waterfall plans are made at the moment of greatest uncertainty—the Cross-functional and team-based: It used to be natural for ops specialists to do ops, developers to do development, and testers to do testing. Now, crossover skills are increasingly important. On a delivery team

DevSecOps – Defined by DoD CIO DevSecOps is an organizational software engineering culture and practice that aims at unifying software development (Dev), security (Sec) and operations (Ops). The main characteristic characteristic of DevSecOps is to automate, monitor, and apply security at all phases of the software lifecycle: plan, develop, build, test, release, deliver, deploy, operate, and monitor. In DevSecOps, built simultaneously. Key Measures Mean-time to production: the average time it takes from when new software features are required until they are running in production. Average lead-time: how long it takes

critical areas. ii. Michael Nygard, author of Release It! Design and Deploy Production-Ready Software, “If you do not design your failure modes, then you will get whatever unpredictable—and usually ii. Public knowledge versus private knowledge from emails b. AUTOMATE STANDARDIZED PROCESSES IN SOFTWARE FOR RE-USE i. Don’t store standards and processes in Word or non-actionable documents; leads to NFRs. Codify these into the tests and pipeline f. BUILD REUSABLE OPERATIONS USER STORIES INTO DEVELOPMENT i. Goal – make recurring work as repeatable and deterministic as possible; standardize and automate

production instances v. Keep developers’ environments most current e. MODIFY OUR DEFINITION OF DEVELOPMENT “DONE” TO INCLUDE RUNNNING IN PRODUCTION-LIKE ENVIRONMENTS i. In general, the longer the interval consistent and repeatable wayiii. Building a deployment pipeline 1. Commit stage – build & package software, runs automated unit tests, and code quality (static analysis, coverage, style, etc.) 2. Package frequently as possible i. WRITE OUR AUTOMATED TESTS BEFORE WE WRITE THE CODE (“TEST DRIVEN DEVELOPMENT”) i. TDD – Kent Beck as part of Extreme Programming 1. Ensure the tests fail – “Write a test

feasible.  History – How I Got Here?  Contentious relationship existed between development and operations.  Left development because I was frustrated that it took so much time to get my products into production team wasn’t the same as the game time team.  Segregated technical and business functions  Development  Operations (Operational Waterfall)  Infrastructure Ops  Product Ops  Product Management related to product configuration and deployment  Built a strong relationship with development (built empathy)  Development began to see operational issues, and usability problems  The relationship is

INFRASTRUCTURE i. Remove the silos of information – Developers don’t just log what’s interesting to development. Operations don’t just monitor what’s up or down. ii. Modern Monitoring architecture 1. Data AND FILL ANY TELEMETRY GAPS i. Expand metrics from business, application, infrastructure, client software, and deployment pipeline levels 1. With every production incident identify missing telemetry that iii. More exotic - Fast Fourier Transforms or Kolmogorov-Smirnov 4. Ch. 16 – Enable Feedback So Development and Operation Can Safely Deploy Code a. USE TELEMETRY TO MAKE DEPLOYMENTS SAFER i. Actively monitor