Requirements risks are among the most insidious risks threatening software projects. Whether it is having unclear requirements, lack of customer involvement in requirements development, or defective requirements, these troubles are a major culprit in projects that go awry. Project teams can make a difference by adopting and implementing agile practices. When implemented correctly, agile practices greatly mitigate the most common risks associated with requirements on software development projects.

Click here to continue reading this article at Sticky Minds.

When a software developer is acquiring a compiler, a primary consideration is the code quality produced by the compiler. But other features that are not required by the ANSI language description (that are tailored to embedded developer needs) can make the developer’s task simpler to maintain.

Click here to continue reading this article at  Embedded Computing Desing about some desirable features of compilers used in embedded application development, and some techniques for making use of these features.

The topic of coding standards is an emotive one among software developers, whose divergent opinions raise questions that range from “Why do we need such restrictions?” to “How could we possibly operate without them?”
Software engineering has always wrestled with standards, and the development of the C and C++ languages brought the issue into even sharper focus. These flexible and powerful languages are now deeply rooted in industrial and embedded environments. In the past decade, developers have accepted the need to control and restrict these languages for industrial, commercial, or other safety-conscious purposes.

Click here to continue reading this article at Embedded.com

Virtualization is a long established technology in the server world. It has been used for decades as an enabler for platform consolidation. In the recent years, the technology has also gained new public interest due to its availability for Desktop PC platforms. The fact that it can provide strong isolation between applications and that this level of isolation can be achieved with only a very small layer of trusted code has also raised interest from the security related field of applications.

The possibility to integrate multiple independent subsystems in a single physical machine could also prove beneficial for many safety-critical applications.However, in addition to the spatial isolation that virtualization readily provides, most of these applications also require some level of temporal determinism: Each subsystem typically interacts with a technical component and, consequently, it has to keep up with that component’s timing properties.

Click here to continue reading this article at Embedded Control Europe.

Considering how much information is available in log files, you’d think companies would pay more attention to them. Client computers, servers, firewalls, network devices, and other appliances generate reams of event logs every day, but these logs often go ignored.
Although it’s a security sin, it’s understandable on many levels. First, logs can contain vast amounts of uninteresting events. In fact, most logs are nothing but noise. With the rare exception, most logs are close to useless. At one current client, 1,000 computers and one perimeter firewall generate 25GB of log files on a daily basis. Out of that, in a typical week, not a single event is a true security issue requiring an immediate response. Oh, security events do happen, but when they do, they are normally buried in a sea of unimportant noise.
Click here to continue reading this article at InfoWorld.

Even though every new system rollout is, hopefully, accompanied by rigorous training and thorough documentation, it is obsolete by the next release or new hire. Most business-critical software (as opposed to desktop productivity tools like word processors and spreadsheets) exists in a constant state of change as the business adapts its technology to fluid competitive and customer demands.

Unfortunately, training classes usually can’t be justified for only one or two new features or new hires at a time, and pressure on delivery schedules doesn’t always allow for updating documentation and training materials. So, training becomes organic: Carla trains Darla, and by the time you get to Marla variances have crept in. It’s like the telephone game. The result, of course, is the very unpredictability that ends up distorting the test process.
But what if, instead of documenting the processes and training the users, we automated the processes that the users should follow? In other words, what if we trained the software, not the person?

Click here to continue reading this article at Sticky Minds

System design with open-source software has many advantages. Most notably among them is that development organizations can build systems faster, more flexibly, and more economically by tapping into this vast, free resource .
In this economy, it’s difficult to conceive of a scenario where anyone would start a development project with the plan to write it entirely from scratch. Numerous examples of open-source components including databases, kernels, stacks, report generators, XML parsers, utilities, tools, and platforms are available. They’re free and can easily be combined with other code to bring a system to market faster and more cost effectively. Developers can easily find code just using Google or by searching specialized sites for open-source code.

Click here to continue reading this article at Embedded.com

On the 11th of December 2008, the Consortium of the World Wide Web (W3C) published the second version of the Web Content Accessibility Guidelines (WCAG) 2.0.
This new standard will help designers and developers to create Web sites that consider the needs of elderly users and/or with disabilities. Based on the experience of the authors and the recommendations of the community of users, WCAG 2,0 updates the already excellent recommendations of the W3C to include new more exhaustive technologies and tests

Web Content Accessibility Guidelines (WCAG) 2.0 covers a wide range of recommendations for making Web content more accessible. Following these guidelines will make content accessible to a wider range of people with disabilities, including blindness and low vision, deafness and hearing loss, learning disabilities, cognitive limitations, limited movement, speech disabilities, photosensitivity and combinations of these. Following these guidelines will also often make your Web content more usable to users in general.

Know these recommendations

Increasingly in this modern world, we rely on systems where an error could cause financial disaster, organisational chaos, or in the worst case death. Software now plays a crucial role in these systems, but the disturbing fact is that the increasing use of embedded computers, controlling all sorts of devices, is moving us in the opposite direction.
Organisations like ‘Which?’ in the UK devote their energies to examining such devices. They test them thoroughly, but importantly they also examine and dismantle the devices to detect engineering defects, such as unsafe wiring. If they find a device unsafe it is rated as unacceptable and the public is protected against the dangerous device. But as soon as embedded computer systems are involved we have no such transparency. Cars, for example, are now full of computers and without access to the software details, there is no way to tell if these cars are ‘Unsafe at Any Speed’.

If you want to read Robert Dewar’s whole article at ESE Magazine, click here.

Code review checklists are usually a pain. They’re often ridiculous in length or content. They’re not fun to use. Checklists can be an excellent way of finding defects early in the development process, but most of the time, checklists are so impractical that they’re more of a hindrance than a help.
The problem is that people use the list as a general guide. They don’t consider every item in every file. Which items will they remember as they look at the code? Will it be the most important ones?

If you want to continue reading Jason Cohen’s article at Embedded.com, click here