Category Archives: Software Engg

Free Online Courses from MIT For Java Web Applications

MIT OCW

[adsenseyu2] Following are 4 courses from MIT Open Courseware (OCW) that a newbie would consider for enhancing his concepts for working in Java web applications: Software Engineering for Web Applications:¬†The objective of the course is to enhance the familiarity of students with some of the following key concepts: Concurrency Unpredictable load Security risks Opportunity for wide-area distributed computing Creating a reliable and stateful user experience on top of unreliable connections and stateless protocols Extreme requirements and absurd development schedules Requirements that change mid-way through a project, sometimes because of experience gained from testing with users User demands for a multi-modal interface The entire course can be downloaded from following link: …

Continue reading

Posted in Freshers, Software Engg, Web.

Top 5 Bad Application Security Practices

bad security practices

We all come across good security practices and make ourselves familiar with them to develop secured code. However, it may also be good idea at times to know about some of the bad security practices such that we, for sure, try and avoid them. [adsenseyu2]   Following are top 5 bad practices you may want to know about: Do NOT interact with un-trusted programs: Make sure that the external programs that your program is invoking for reasons such as data or functionality, must have got reviewed and tested for security compliance. One of the common entry points into secured applications are these unsecured applications and hackers just love them. Hackers, …

Continue reading

Posted in Application Security, Code Review. Tagged with , .

Top Architecture & Governance Principles for 2014

architecture governance

Following are some of the key architecture and governance principles that you could adopt for your project for this year 2014. The architecture principles could be seen as “guiding principles” based on which team would want to design, develop and test the applications. Key Architecture Principles (Guiding Principles) Holistic approach to application security: Given that applications could be accessed from different channels including web and mobile devices, the attack vectors for hacker has increased to a great extent. Thus, traditional approach of applying perimeter level security and doing security penetration testing may not suffice. Instead, it may be a good idea to take a holistic approach towards application security as …

Continue reading

Posted in Architecture, Software Engg. Tagged with , .

Top 5 Computing Fundamentals to Learn for a Prosperous 2014

Happy New Year 2014

For those of you looking to find out what will be good to learn in this new year, it would be OK to believe that computing fundamentals has become more important than ever before and it would be good to learn the same in 2014 rather than any of the programming languages such as java, .NET, or languages belonging to open-source stack. Following are some key computing fundamentals to focus upon in the coming year: Performance Engineering: As every business is planning to move their applications to cloud for various different reasons including cost-cutting measures, it has become much more important to write efficient application which makes the optimized usage …

Continue reading

Posted in Freshers, Software Engg. Tagged with , .

Campus Bytes – New Initiative

college research and revelopment

We are starting on with a new initiative where we would like to review and write about the research & development going on in several engineering colleges across the country (India) and, how they could benefit different IT companies. This would include reviews on white papars published in different journals, college websites, interviews from paper authors, lecturers and professors. In addition, we would like to invite key stakeholders from different IT companies to present their views on these papers and any further research that they would want to fund in one or more areas from within colleges. If you belong to one or more colleges and would like to submit …

Continue reading

Posted in Software Quality. Tagged with .

Must-have Application Development Skills for 2014

technology trends 2014

Following are some of the key must-have skills, every developer would want to acquire in order to create applications which align well with the technology trends of the coming year, 2014: Cloud readiness: As many applications have started moving into cloud, you never know when the application you have been working on, would also need to be moved to cloud. However, could any application be moved to cloud just like that? Not really. Following are some of the key characteristics that application would need to have in order to be ready to be moved to cloud: High Performance: An under-performing application could end up utilizing lot of resources in the …

Continue reading

Posted in Software Engg. Tagged with .

What to Learn on Day One of Application Development

Day One

Well, I would surely not recommend you to go over the application code and look for things like classes, interfaces, data model, design patterns etc. It definitely has to be everything else than the application code. If you have just landed on to a new application development project and shall be going to start working on the application soon, you may want to understand some of the following on day one rather than nitty-gritties of the application itself: Business overview: The idea is to understand key business functions which is served by the application. The output of business overview can be functional decomposition which can be later related to one …

Continue reading

Posted in Software Engg. Tagged with .

Attention Developers: Take Care of Your Debts

Clear your technical debts

Hmm.. was the title intriguing enough for you to check out if you as a developer got any debts to clear (such as that represented below :-)? Well, I am talking about what is called as “technical debt” and that is it. ūüôā Believe me, there are high possibilities that most of the developers do have technical debts to clear which they (or someone else) introduce in the system while working on it over a period of time. Lets try and understand what/how/why/whens related with technical debt?   As Fowler writes in his blog, technical Debt is a wonderful metaphor developed by Ward Cunningham to help us think about this …

Continue reading

Posted in Agile Methodology, Software Engg, Software Quality. Tagged with , .

Tips for Gathering Security Requirements of your Web Application Project

web security

Gathering security requirements in relation with a project, sprint (if agile) is key to deliver secured applications. This is because security requirements would lead to appropriate design in relation with security. Following are key topics to consider for gathering security requirements: Authentication & password management: This is mostly a one-time activity and done as the start of the project and not in every sprint. One may want to ask questions such as following in relation with authentication and password management: Password policies: This is important to ask to avoid dictionary attack in relation with user credentials. Password hashing: This is important to make sure password is encrypted with appropriate encryption …

Continue reading

Posted in Application Security, Software Engg. Tagged with .

Atlassian Confluence-JIRA Integration to Strengthen Agile Portfolio

atlassian jira confluence integration

Earlier this week, Enterprise software toolmaker Atlassian announced tighter integration between its¬†JIRA¬†issue tracking application and its¬†Confluence¬†team collaboration platform. With this move, they have further strengthened their agile portfolio. Following is the list of software in their agile portfolio: Confluence:¬†Confluence pages are used to maintain requirements (stories), technical specs, design guidelines, etc. Confluence pages are linked with JIRA thus linking requirements/technical specs to stories. JIRA: JIRA is used to maintain¬†epics/stories and issues. There are several blueprints in JIRA created to manage status reports, retrospective meetings etc.¬†The new JIRA Report Blueprint allows development teams to create an ad-hoc status report or a change log in Confluence.¬†The new Retrospective Blueprint gives scrum masters, …

Continue reading

Posted in Agile Methodology, News. Tagged with , .

Top 4 Java Static Code Analysis Tools

Static Code Analysis

[adsenseyu2] Before going over some of top static code analysis tools for Java, lets quickly look at why do we need static code analysis in the first place? Following are some of the reasons: Rules compliance: Pre-defined rules can be set as per the coding standard and automated static analysis could be run to figure out rules violation. This does cut down on the manual code review for the related rules. Code quality metrics: The static analysis could be used to measure some of the following based on which software code quality can be measured: Code complexity Unit test coverage Re-usability Duplication Reports: Creates management reports that can be used …

Continue reading

Posted in Software Quality. Tagged with , .

What does Agile Team Composition Look Like?

agile team

[adsenseyu2] If you are starting on new on agile methodology for application development, the question on what does agile team¬†composition look like is a commonly asked one? The article presents the agile team composition for SCRUM development model. Given the fact that there will be multiple agile teams which may work towards release one or more products in an organization, following questions get tricky: Do we need one business analyst for each SCRUM team? How to deal with performance engineers? Should there be one in each team, or should there be centralized team? How to seal with security specialists? Again, should there be one security specialists for each team, or …

Continue reading

Posted in Agile Methodology. Tagged with .

Testing Early, Testing Often for Greater Success in Agile SCRUM

testers and developers collaborate

In my experiences, I have found two different approaches taken towards testing in Agile SCRUM: Testers creating test plans while interacting with BAs, as like in waterfall model, in the beginning of each sprint, and executing those tests once the development is done. In this model, testers and developers still managed to survive successfully in their own islands/worlds and things used to move. However, there is not much interaction and collaboration between developers and testers during development phase. There are chances of usual conflicts that happens in the world of development and testing. Testers creating test plans with help of BAs, collaborating on test cases, related with user stories, with …

Continue reading

Posted in Agile Methodology, QA. Tagged with , , .

How to Address Application Performance in Agile Scrum Teams

application performance in agile scrum teams

Given the nature SCRUM, two quality characteristics that takes back seat and considered as implicit are performance and security. I shall discuss the approach on how to address application performance while working with agile SCRUM teams. Before I go and list down the tips and techniques, let’s understand some of the constraints: Not all developers working in SCRUM teams are very familiar with application performance aspects It may get difficult to do performance testing at the end of each sprint. It may get difficult to articulate performance related user stories in each sprint. Given above constraints, it becomes much more important to address performance related issues in SCRUM model. Following …

Continue reading

Posted in Agile Methodology, Performance Engineering. Tagged with , .

Code Conversion from C++ to C#: Tips & Techniques

Migration

Following are some of tips & techniques for doing code migration of your C++ application to C#: Conversion using Tool: One strategy can be to use some of the existing tools such as that provided by Tangible Software Solutions or sourceforge project on c++ to C# code conversion. Once the code gets migrated, you may want to look out for traps which may lead to error while code migration. Given that C# looks a lot like C++, there are areas (traps) you may want to review to make sure that code conversion took care of those so-called traps. This is not known on how effective these tools do the automated …

Continue reading

Posted in Migration, Software Engg. Tagged with , .

How to Address Application Security in Agile Scrum Teams?

Agile SCRUM Team Composition and Application Security

One of the concerns that takes the back burner while setting up the agile SCRUM teams is application security. One other area that gets similar behavior like security is performance which shall be addressed in later articles. However, performance gets addressed quickly as it is key quality characteristic and gets noticed by end users very quickly. In the traditional waterfall based development model, security gets fair attention as the non functional requirements related with security gets captured in the initial stages and the team gets composed of at least one security officer/specialist/architect to take care of security requirements. However, having a security specialist/officer in each SCRUM team is not feasible …

Continue reading

Posted in Agile Methodology, Application Security. Tagged with , , .