BOOK: The Mythical Man Month

https://www.amazon.com/gp/aw/d/0201835959/ref=pd_aw_sim_14_3?ie=UTF8

Quoting:
"Few books on software project management have been as influential and timeless as The Mythical Man-Month. With a blend of software engineering facts and thought-provoking opinions, Fred Brooks offers insight for anyone managing complex projects. These essays draw from his experience as project manager for the IBM System/360 computer family and then for OS/360, its massive software system. Now, 20 years after the initial publication of his book, Brooks has revisited his original ideas and added new thoughts and advice, both for readers already familiar with his work and for readers discovering it for the first time.

 

The added chapters contain (1) a crisp condensation of all the propositions asserted in the original book, including Brooks' central argument in The Mythical Man-Month: that large programming projects suffer management problems different from small ones due to the division of labor; that the conceptual integrity of the product is therefore critical; and that it is difficult but possible to achieve this unity; (2) Brooks' view of these propositions a generation later; (3) a reprint of his classic 1986 paper "No Silver Bullet"; and (4) today's thoughts on the 1986 assertion, "There will be no silver bullet within ten years.""

Methodologies: Test Driven Development

https://martinfowler.com/bliki/TestDrivenDevelopment.html

Quoting:
"Test-Driven Development (TDD) is a technique for building software that guides software development by writing tests. It was developed by Kent Beck in the late 1990's as part of Extreme Programming. In essence you follow three simple steps repeatedly:

Write a test for the next bit of functionality you want to add.Write the functional code until the test passes.Refactor both new and old code to make it well structured.

You continue cycling through these three steps, one test at a time, building up the functionality of the system. "

The book (by Kent Beck):
https://www.amazon.com/gp/product/0321146530?ie=UTF8

DIGEST: Modelling Tools tasks and Sparx Systems EA Documentation (UML Modelling Tool)

And the proper freshly linked links are indeed these ones:

• Modelling tasks (what do I need to be able to do to be a modeller?): http://silvaonsoftware.blogspot.pt/2016/07/tools-modelling-tools-hot-topics.html

• Initial EA tasks: http://silvaonsoftware.blogspot.pt/2016/11/modelling-ea-initial-management-tasks.html
• Using EA for analysis and modelling (PDF): http://silvaonsoftware.blogspot.pt/2017/01/tools-modeling-with-sparx-systems-ea.html
• Using EA for Data Modelling (building the physical data model for a RDBMS): http://www.sparxsystems.com.au/downloads/whitepapers/Database_Modeling_In_UML.pdf
• User Manuals, Getting Started and similar PDFs: http://silvaonsoftware.blogspot.pt/2016/07/resource-ea-additional-documentation.html

Is this enough?

Conferência: Agile Portugal 2017 (PT)

Every good boy (read, every good country) must have one.

In Portugal this is (was) it:

• Agile Portugal 2017

Quoting:

"Agile Portugal is the premier international conference in Portugal about agile software development and its practices, technologies, attitudes and experiences. Created with both experts and beginners in mind, Agile Portugal is the place where the Portuguese agile community comes together to exchange and share their experiences about agile development approaches."

The presentations can be found here (PDF).

Software Construction: Static Analysis - why is it important and a possible list of candidate tools

Static analysis is an important part of software construction and you as a developer should know some of them well (and use them).

• It'll give you an extra insight on your code (as well as others code).
• Good tools will collect some measures automatically and point you to good candidates for rework / refactoring 
• Automatically collected data include can include Lines of Code / LOC per unit, cyclomatic complexity, etc. 
• Good tools will also allow you to configure the measures and KPIs you want to analyse (e.g. Allow you to configure the KPI "cyclomatic complexity <=5" which could be synonym of "good code" for this particular project)
• Kiviat charts are useful for analysing the source code modules, typically one chart per source code file
• For some markets the use of these tools is not optional. For instance, we could not be allowed to deliver code to the integration and system test phases that has a cyclomatic complexity greater than X (rational: more complex code is harder to test, namely to achieve 100% source code coverage by tests, MC-DC techniques, etc.)
• For peer reviews (be it formal code reviews or other), these tools will help you cleaning up your code as well as respecting coding standards (if you configure them properly with parts of those coding standards). Run them before submitting your code for peer review.
• The WWW will show you what measures are more used by the industry. Examples: LOC, % commentary lines, method length, cyclomatic complexity, subroutine depth, and more.
• These tools can be configured as a task in the continuous integration server (so that for each build the reports are generated automatically for later analysis, by the TM, by the developer, etc). 

Some tools:

• https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
• https://en.wikipedia.org/wiki/SonarQube - locally installable, free, as most good things in life and multi-programming-language (C, C++, Java, C#).

About Static Analysis (According to the ISTQB)

What is Static Analysis, according to the ISTQB:
http://istqbexamcertification.com/what-are-static-analysis-tools/

Static Analysis: What to Measure? And How?

In Static Analysis how and what should we measure?
It depends on what we want to analyze and / or control with this verification method.
If you want to know some reasons why it is important to be done, read here (static analysis - why).

How? 

The ideal scenario is to choose the right tool for the job you have to do (as always). This is the how. The tool ideally integrates with your favorite IDE (e.g. Checkstyle plugin for Eclipse, see more info here) so that features are readily available without tool and additional context changes.

What? 

Tools already measure things during static analysis and will allow you to do some kind of fine tuning on the KPI thresholds (e.g. minimum value for the measure, maximum value).

There are lots of papers (and standards) on what to measure to achieve, for instance, maintainability.

Examples of measures:
- LOC
- % comments
- Cyclomatic Complexity
- Max. Depth
- Average Depth
- Etc.

For each programming language there could be different recommendations for the KPIs. Also have a look on what the "community" has to say about it (and to the tool defaults for that language). i.e. Google for it.

Additional Info

Some additional ideas:

• https://en.wikipedia.org/wiki/Software_metric#Common_software_measurements
• http://www.kaner.com/pdfs/metrics2004.pdf
• What is Static Analysis (and examples of tools): http://istqbexamcertification.com/what-are-static-analysis-tools

You also have standards like AFP and AEP (from CISQ) that deal with these topics.

Maven for building Java applications - Tutorial

The Short Story

What is Maven? Maven is a Build Manager. If the next question of yours is: What the hell is a build manager and why do I need it? Then you should consider using, that famous search engine... Google?

The Long Story

Maven for building Java applications - Tutorial

SW Design: What is Mule ESB?

If you don't know what a service bus is good for, then you don't need to know Mule ESB. A Service Bus can be a wise integration strategy for loosely coupled information systems:

What is Mule ESB? | MuleSoft

SW Testing: Appium (test automation; mobile development)

The short story

Appium is a tool for testing mobile apps (builds upon Selenium, Node.js):  

https://en.m.wikipedia.org/wiki/Appium
http://appium.io/introduction.html

The long story

Test Automation of User Interface teste using Selenium and Appium (Test Automation white paper - requires subscription):

• http://www.softwaretestingnews.co.uk/test-automation/

Quoting:
"“A central idea to DevOps is to automate deployment and testing process, which can make this working relationship much easier and more lucrative. Test automation is quickly becoming an essential element of agile software development,” (...). But what are its concrete applications when examined in a practical scenario? To find out more about this topic, see the Test Automation whitepaper which provides an entry into the world of test automation and investigates its challenges through practical use cases and specific fields of application."

SW Construction: Checkstyle in Eclipse

The short story

Checkstyle is a static analysis tool with an Eclipse Plugin (it also has a Maven plugin), that allows you to... check style. An excellent article describing how to install, configure for a project and run for reporting (things about style, duh) can be found here:

• http://www.vogella.com/tutorials/Checkstyle/article.html

The Long Story

... made short by Wikipedia: https://en.wikipedia.org/wiki/Checkstyle

Some modules are readily available, saving you lots of time configuring the tool:

"Checkstyle defines a set of available modules, each of which provides rules checking with a configurable level of strictness (mandatory, optional...). Each rule can raise notifications, warnings, and errors. For example, checkstyle can examine:

1. Javadoc comments for classes, attributes and methods;
2. Naming conventions of attributes and methods;
3. Limit of the number of function parameters, line lengths;
4. Presence of mandatory headers;
5. The use of packets imports, of classes, of scope modifiers and of instructions blocks;
6. The spaces between some characters;
7. The good practices of class construction;
8. Duplicated code sections;
9. Multiple complexity measurements, among which expressions." (Source: Wikipedia)

Similar tools

If you're into .Net, think FxCop: 

https://en.wikipedia.org/wiki/FxCop

Estimation: PERT / Three Point Estimation Technique

The estimation technique in Agile is Planning Poker.
As for Waterfall, a combination of decomposition (WBS), PERT / 3 point estimation (weights sum up 6) and iterative reevaluation could be used.
What is exactly the 3 point estimation and PERT? Google says:

• www.techrepublic.com/blog/it-consultant/use-pert-technique-for-more-accurate-estimates/
• http://www.pmdocuments.com/pert-three-point-estimation-technique/
• http://www.pmbypm.com/3-point-estimate-is-different-from-pert/
• https://en.wikipedia.org/wiki/Three-point_estimation

Quoting Tech Republic:
"PERT is an estimating technique that uses a weighted average of three numbers (see below) to come up with a final estimate.

• The most pessimistic (P) case when everything goes wrong [also called "Worst Case Scenario"]
• The most optimistic (O) case where everything goes right [also called "Best Case Scenario"]
• The most likely (M) case given normal problems and opportunities [also called "Expected Case Scenario"]

The resulting PERT estimate is calculated as (O + 4M + P)/6. This is called a "weighted average" since the most likely estimate is weighted four times as much as the other two values. You'll notice that the final PERT estimate is moved slightly toward either the optimistic or pessimistic value - depending on which one is furthest from the most likely. Generally this ends up moving the final estimate toward the worst case, since the worst case value tends to be further out from the most likely that the optimistic number."

Some tools (like MS Project) will allow you to do some What If scenarios, by defining different weights  (above the weights are 1, 4, 1, and all weights should sum up to 6). What if it is most probable that mostly everything goes wrong (could be tested with weights like 1, 1, 4). What if mostly everything goes right (4, 1, 1)?

SW Construction: The list of lists to learn to code

https://www.google.pt/search?q=best+sites+to+learn+to+code&oq=best+sites+to+learn+to+code&aqs=chrome..69i57j0l3.32006j0j4&client=ms-android-xiaomi&sourceid=chrome-mobile&ie=UTF-8

SW Construction: Generators tutorial (Python)

http://www.dabeaz.com/generators/
(PDF presentation "inside")

Quoting:
"This tutorial discusses various techniques for using generator functions and generator expressions in the context of systems [read: command line script] programming. This topic loosely includes files, file systems, text parsing, network programming, and programming with threads."

Example source code in the link above (Python).

Development Tools: The 10 tools every "modern developer" should use

The always polemic list of things. But maybe you will find something interesting here (out of 10):

The 10 tools every modern developer should use | InfoWorld

The list (details are on the link, please do follow):

1. Git and GitHub (version control system); 
2. SSH (to create an SSH key or do other SSH stuff); 
3. Terminal Services or remote login (to access remote Windows machines) 
4. Amazon Web Services (AWS isn’t just cloud; know at least the EC2 stuff); 
5. JavaScript (the scripting language of the now; widely used for scripting APIs); 
6. Bash and PowerShell (in Linux, many Unixes, MacOS, and Windows 10 / Microsoft’s PowerShell; also make sure to learn to use Grep / PowerShell’s Select-String); 
7. MongoDB (document database; Apache Solr - document-shaped); 
8. Curl and Invoke-RestMethod (for REST APIs; On Mac and Linux, Curl is the command-line tool that lets you test and tweak and even script against a REST API; in PowerShell, it is Invoke-RestMethod; equivalent GUI tools like Postman); 
9. Markdown (format of the README.md file in GitHub; just seven symbols: # is a header, ## is a subheader, * is a bullet, __ and ** are bold, _ and * are italics, ` is monospace, and --- is a break or rule; learn to convert to slides, PDFs, and HTML with or without CSS); 
10. Basic HTML

Source: Link above.

SW Testing: Code coverage criteria (including MC/DC)

The Short Story

Just a sum-up of coverage criteria (software testing):
Code coverage - Wikipedia

The Long Story

Besides coding, you might get asked to provide several types of coverage of your code (the evidences to provide to your contractor could be test report deliverables, besides the [automated] test scripts and the written test specs/procedures). The more safety-critical is your code the more criteria you will be mandated to execute (the QA / PA standards refer to these issues):

• Function coverage – Has each function (or subroutine) in the program been called?
• Statement coverage – Has each statement in the program been executed?
• Branch coverage – Has each branch (also called DD-path) of each control structure (such as in if and case statements) been executed? For example, given an if statement, have both the true and false branches been executed? Another way of saying this is, has every edge in the program been executed?
• Condition coverage (or predicate coverage) – Has each Boolean sub-expression evaluated both to true and false?
• MC/DC (Modified condition/decision coverage): A combination of function coverage and branch coverage is sometimes also called decision coverage. This criterion requires that every point of entry and exit in the program has been invoked at least once, and every decision in the program has taken on all possible outcomes at least once. In this context the decision is a boolean expression composed of conditions and zero or more boolean operators. This definition is not the same as branch coverage, however, some do use the term decision coverage as a synonym for branch coverage.
• (and more, see Wikipedia)
• Usage in the software industry: Code coverage is one consideration in the safety certification of avionics equipment. The guidelines by which avionics gear is certified by the Federal Aviation Administration (FAA) is documented in DO-178B and the recently released DO-178C.
• Code coverage is also a requirement in the automotive safety standard ISO 26262 Road Vehicles - Functional Safety (part 6).
• Sources: The oldie but goldie "The Art of Software Testing" with its orange cover (initial editions); Wikipedia.

From these verification activities, you might get to conclude that there are unreachable parts of code (typically to be removed) or that your code is far too complex to cover and needs simplification, i.e. refactoring. This is why cyclomatic complexity - and other KPIs/software metrics - is limited by some standards also at certain component criticality levels.

BOOK: The Art of Software Testing, Third Edition (Glenford J. Myers, Corey Sandler, Tom Badgett)

The Art of Software Testing: Glenford J. Myers, Corey Sandler, Tom Badgett: 9781118031964: Amazon.com: Books


Quoting:
"The classic, landmark work on software testing
The hardware and software of computing have changed markedly in the three decades since the first edition of The Art of Software Testing, but this book's powerful underlying analysis has stood the test of time. Whereas most books on software testing target particular development techniques, languages, or testing methods, The Art of Software Testing, Third Edition provides a brief but powerful and comprehensive presentation of time-proven software testing approaches. If your software development project is mission critical, this book is an investment that will pay for itself with the first bug you find.

The new Third Edition explains how to apply the book's classic principles to today's hot topics including:

• Testing apps for iPhones, iPads, BlackBerrys, Androids, and other mobile devices
• Collaborative (user) programming and testing
• Testing for Internet applications, e-commerce, and agile programming environments

Whether you're a student looking for a testing guide you'll use for the rest of your career, or an IT manager overseeing a software development team, The Art of Software Testing, Third Edition is an expensive book that will pay for itself many times over."

Security: Forrester 2017 Security Analytics Report (and the IBM product in that area QRadar)

Forrester 2017 Security Analytics Wave (with link to download this first  Forrester report):
https://securityintelligence.com/qradar-waves-from-the-leader-position-in-the-forrester-2017-security-analytics-wave/

Quoting:
"Forrester just published its first ever Security Analytics Wave. IBM Security is proud to hold a top right position, with the highest scores in solution strength and vision of all the evaluated products.

Forrester developed and applied a 36-criteria evaluation of security analytics (SA) providers and, as a result, identified the 11 top providers. Of those 11, IBM was rated as a leader in the evaluation."
(...)
"Security Analytics Deconstructed

SA can mean a lot of things to a lot of people, but IBM believes it has to have a few core components, which are in lockstep with some of the components identified in the Forrester Security Analytics Wave. These components include user and entity behavior analytics, real-time and historical threat detection, big data capabilities, threat intelligence, and security automation and response."

Conference: Jam Sessions 2017 (Lisbon, PT)

More interesting events being held in PT this month:

This one is about [Atlassian] collaboration and development software stacks ("Colaboração e Desenvolvimento de Software"). Atlassian is a leader in the "Enterprise Agile Planning Tools" according to the relevant Magic Gartner Quadrant 2017.

More info:
http://innovation.xpand-it.com/pt-pt/evento-xpand-atlassian-jam-sessions-2017/

In PT: Atlassian é líder na categoria de "Enterprise Agile Planning Tools", segundo o Quadrante Mágico da Gartner 2017; "Colaboração e Desenvolvimento de Software"; FFR.

Quality Control: Statistical packages (Comparison)

One excellent sum-up of the most widely used statistical packages (think SPSS, Minitab, JMP):

Comparison of statistical packages - Wikipedia

You could be asking what does statistics (and stats software packages) have to do with software development? Well, a lot, mainly if you're interested in improving (and predicting) the things you do.
Knowing the "numbers" from the past (Process Performance Baselines, PPB) and predicting the future with models built using these baselines (Process Performance Models - PPM) are very powerful tools to management (estimation, detecting deviations from normal process behaviour, etc.).

"Quality Control" areas also have a great deal of statistics (needed to compute Descriptive Statistics as well as creating and maintaining those PPB and PPMs).

So, in fact statistics basics given in High School really do apply to some Software Engineers and Software Quality Assurance (or Software Product Assurance) Engineers.

About PPB and PPMs (Process Performance Baselines and Process Performance Models)

Important to process improvement frameworks (such as CMMI) and to most modern organizations is the ability to measure and detect deviations to common well known (official) process performance baselines (PPB).
Better yet is the capability of "predicting the future" i.e. the behavior of  the process, having as inputs some well known data, supported by the process performance model (PPM).

CMMI-DEV OPP Process Area is intimately related with these concepts (PPB and PPMs) and need them in place for the organizations and its software development process(es) to be be certified.

One example of a process performance model is the COCOMO model, which aims to estimate project cost having as inputs some of the project characteristics:
https://en.wikipedia.org/wiki/COCOMO

Startups: Lisbon Investment Summit (PT)

About the "Lisbon Investment Summit" another interesting event taking place in PT this week:

Há 200 investidores e 450 startups internacionais a caminho de Lisboa – Observador

Agile: Planning Poker

https://www.planningpoker.com/

Standards: The floating point standard (IEEE-754)

The standard that solved a lot of standardization problems:
https://en.m.wikipedia.org/wiki/IEEE_floating_point

http://grouper.ieee.org/groups/754/