Requirements risks are among the most insidious risks threatening software projects. Whether it is having unclear requirements, lack of customer involvement in requirements development, or defective requirements, these troubles are a major culprit in projects that go awry. Project teams can make a difference by adopting and implementing agile practices. When implemented correctly, agile practices greatly mitigate the most common risks associated with requirements on software development projects.

Click here to continue reading this article at Sticky Minds.

When a software developer is acquiring a compiler, a primary consideration is the code quality produced by the compiler. But other features that are not required by the ANSI language description (that are tailored to embedded developer needs) can make the developer’s task simpler to maintain.

Click here to continue reading this article at  Embedded Computing Desing about some desirable features of compilers used in embedded application development, and some techniques for making use of these features.

The topic of coding standards is an emotive one among software developers, whose divergent opinions raise questions that range from “Why do we need such restrictions?” to “How could we possibly operate without them?”
Software engineering has always wrestled with standards, and the development of the C and C++ languages brought the issue into even sharper focus. These flexible and powerful languages are now deeply rooted in industrial and embedded environments. In the past decade, developers have accepted the need to control and restrict these languages for industrial, commercial, or other safety-conscious purposes.

Click here to continue reading this article at Embedded.com

Have you heard any of these lately?
“The testers are finding too many bugs and holding up the project.”
“Anyone can test. We just have to give them the right process to follow.”
“Our test cases will provide complete system coverage.”
Not one of these common statements about testing is true. At least one of them could have been said by a tester.
Delivering and promoting accurate communications about testing is essential to the tester’s and test manager’s job. We have a responsibility to dispel myths and misconceptions about good testing and what it can and cannot do. We must also be alert to and prepared to address distortions or attempts to spin the message about testing from any source—including ourselves.

Click here to continue reading this article at Sticky Minds.

Virtualization is a long established technology in the server world. It has been used for decades as an enabler for platform consolidation. In the recent years, the technology has also gained new public interest due to its availability for Desktop PC platforms. The fact that it can provide strong isolation between applications and that this level of isolation can be achieved with only a very small layer of trusted code has also raised interest from the security related field of applications.

The possibility to integrate multiple independent subsystems in a single physical machine could also prove beneficial for many safety-critical applications.However, in addition to the spatial isolation that virtualization readily provides, most of these applications also require some level of temporal determinism: Each subsystem typically interacts with a technical component and, consequently, it has to keep up with that component’s timing properties.

Click here to continue reading this article at Embedded Control Europe.

Considering how much information is available in log files, you’d think companies would pay more attention to them. Client computers, servers, firewalls, network devices, and other appliances generate reams of event logs every day, but these logs often go ignored.
Although it’s a security sin, it’s understandable on many levels. First, logs can contain vast amounts of uninteresting events. In fact, most logs are nothing but noise. With the rare exception, most logs are close to useless. At one current client, 1,000 computers and one perimeter firewall generate 25GB of log files on a daily basis. Out of that, in a typical week, not a single event is a true security issue requiring an immediate response. Oh, security events do happen, but when they do, they are normally buried in a sea of unimportant noise.
Click here to continue reading this article at InfoWorld.

Even though every new system rollout is, hopefully, accompanied by rigorous training and thorough documentation, it is obsolete by the next release or new hire. Most business-critical software (as opposed to desktop productivity tools like word processors and spreadsheets) exists in a constant state of change as the business adapts its technology to fluid competitive and customer demands.

Unfortunately, training classes usually can’t be justified for only one or two new features or new hires at a time, and pressure on delivery schedules doesn’t always allow for updating documentation and training materials. So, training becomes organic: Carla trains Darla, and by the time you get to Marla variances have crept in. It’s like the telephone game. The result, of course, is the very unpredictability that ends up distorting the test process.
But what if, instead of documenting the processes and training the users, we automated the processes that the users should follow? In other words, what if we trained the software, not the person?

Click here to continue reading this article at Sticky Minds

One of the challenges in real time systems, especially in multitasking OS based implementations, is defect fixing. To resolve the defect one has to be aware of the program flow during the defect or faulty condition. Normally, this is done by using in-circuit emulators (ICE) along with the break point feature available in the environment of the emulator.
However, the ICE support may not always be available for the system under consideration. Considering the case that ICE is available for the system under consideration, and the ICE hits a breakpoint, then the dynamics of the system is lost.
All the interactions the system was having with some networks or other systems/modules are stopped at once. Therefore it again may be difficult to reproduce the defect or anomaly exactly. Though some makes of ICE provides a feature of real-time trace function, but that is also limited by the ICE memory.
At times it is required to stop the system in some logical trigger, so that the condition of the system can be analyzed at that point. This feature is also not common in normal debugging systems.

Click here if you want to read the whole article at Embedded.com.

System design with open-source software has many advantages. Most notably among them is that development organizations can build systems faster, more flexibly, and more economically by tapping into this vast, free resource .
In this economy, it’s difficult to conceive of a scenario where anyone would start a development project with the plan to write it entirely from scratch. Numerous examples of open-source components including databases, kernels, stacks, report generators, XML parsers, utilities, tools, and platforms are available. They’re free and can easily be combined with other code to bring a system to market faster and more cost effectively. Developers can easily find code just using Google or by searching specialized sites for open-source code.

Click here to continue reading this article at Embedded.com

Despite virtualization’s obvious appeal to embedded software developers and OEMs, adoption of the technology may stall due to inherent limitations in virtualization platform architecture. Here is a look at the limitations and how they can be overcome by a different approach to building embedded virtualization software.
Over the last five years virtualization has evolved from an obscure technology to become a key enabler of enterprise server and desktop applications. More recently, virtualization has begun to play a comparable pivotal role in embedded development and deployment.
If you want to continue reading Gernot Heiser’s article at Embedded.com, click here.