On Software Development (or "O Sr. SiIva disse..."): RESOURCE

Mostrar mensagens com a etiqueta RESOURCE. Mostrar todas as mensagens

terça-feira, 3 de abril de 2018

DIGEST: SW Licensing options

An interesting sum-up of some licensing options (http://www.codeproject.com/info/Licenses.aspx) that might be of interest as a first approach to a decision on what license can we apply (or are we obliged to use) when reusing and/or building upon.

Quoting (licenses valid for Code Project):
"

Microsoft Reciprocal License

A Microsoft open license and a free software license . Allows for distribution of derived code so long as the modified source files are included and retain the Ms-RL.

The Code Project Open License (CPOL)

The main points subject to the terms of the License are:

Source Code and Executable Files can be used in commercial applications;
Source Code and Executable Files can be redistributed; and
Source Code can be modified to create derivative works.
No claim of suitability, guarantee, or any warranty whatsoever is provided. The software is provided "as-is".

The Common Development and Distribution License (CDDL)

Based on the Mozilla Public License (MPL) that makes it more applicable for use outside the Mozilla Foundation.

The Microsoft Public License (Ms-PL)

Used by Microsoft. Compiled derived code can be distributed, for both commercial and non-commercial use. If the source code is to be redistributed then a complete copy of this license must be included in the redistribution.

The Mozilla Public License 1.1 (MPL 1.1)

Used by Mozilla and Firefox, among others. The patent clauses are not acceptable to some.

The Common Public License Version 1.0 (CPL)

Derived from the IBM Public License and influenced by the Mozilla Public License, and used by some Microsoft projects on SourceForge.

The Eclipse Public License 1.0

A newer version of the Common Public License that is in some cases more acceptable to business.

The MIT License

A very old license with essentially no restrictions on the use of the code. It also provides very little in the way of protection for authors or users. It is the same as the BSD license without the 'no endorsement' clause.

The BSD License

A very old license with essentially no restrictions on the use of the code. It also provides very little in the way of protection for authors or users. It is the same as the MIT license except that it includes a clause preventing the use of the author's name for endorsement.

The Apache License, Version 2.0

Slightly more restrictive (but still very open) version of the BSD or MIT license that adds patent clauses. Read carefully.

The Creative Commons Attribution-ShareAlike 2.5 License

A license that requires a link be visible on works that use this license. "Share alike" is what it sounds like, you can share this work as long as that work has a license similar to this one.

It is recommended that this license not be used for software.

The zlib/libpng License

A license with an emphasis on freedom of use and re-use, with a few restrictions.

A Public Domain dedication

Not a license, but a dedication to the public domain. All rights are given up and anyone can do anything they wish with the code. Please note this is not a license and provides no guarantees for the user and no indemnities for the author.

The Creative Commons Attribution 3.0 Unported License

This license lets others distribute, remix, tweak, and build upon your work, even commercially, as long as they credit you for the original creation. It is recommendedthat this license not be used for software.

The Creative Commons Attribution-Share Alike 3.0 Unported License

A license that requires a link be visible on works that use this license. "Share alike" is what it sounds like; you can share this work as long as that work has a license similar to this one. It is recommended that this license not be used for software.

The Creative Commons Attribution-NoDerivatives 3.0 Unported

A license which specifies that if you remix, transform, or build upon the material, you may not distribute the modified material. It is recommended that this license not be used for software.

The GNU Lesser General Public License (LGPLv3)

A derivative of the GPL that was intended to allow non-GPL code to work with, and call GPL code. The author of this license asks that you only use this license if you are licensing functionality already commonly available.

Example usage in your code

(Replace 'Foobar' with the name of your product)

This file is part of Foobar.
 
Foobar is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
 
Foobar is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser Public License for more details.
 
You should have received a copy of the GNU Lesser Public License
along with Foobar.  If not, see <http://www.gnu.org/licenses/>.

The GNU General Public License (GPLv3)

A common but misunderstood license. This allows developers to freely use the software as long as they use the same (or an even less restrictive) license for parts of the program that they wrote themselves. Viral in nature. Read carefully and make sure you understand the implications of using this license. Unacceptable to many.

You can write commercial software using software licensed with the GPL, but you cannot write proprietary software (meaning software for which the code is not freely available). You can sell GPL code, even if it's already being given away, or you can sell services attached to the code such as support contracts.

Any software written using GPL'd code must itself be licensed using the GPL (or less restrictive license) meaning it cannot be proprietary. This means that developers writing commercial software may not be able to use GPL code if they do not wish to provide the code.

One important note (thanks to René Pfeiffer): The GPL doesn't require you to publish the source to the world. Only the recipient of the software needs to have the source. If you have a customer, write GPLed software for a specific purpose and only give the binary to this customer, then only this customer must have access to the source code, not everybody and not the public; just the recipient of the (binary) code. This is in full agreement to the GPL. The main advantage is to play with open cards and not create a "blackmail" situation.

At the Code Project we prefer that developers allow other developers to use their freely given code in whatever way they wish - commercial, proprietary, or free for anyone. Our preference is that our authors do not use a GPL-like license.

Example usage in your code

(Replace 'Foobar' with the name of your product)

This file is part of Foobar.
 
Foobar is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
 
Foobar is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
 
You should have received a copy of the GNU General Public License
along with Foobar.  If not, see <http://www.gnu.org/licenses/>.

SW Licensing: Licenses Explained in Plain English (TLDRLegal - Software)

A searchable summary (in "plain human-readable" language) of software licensing:
TLDRLegal - Software Licenses Explained in Plain English

Quoting:
"Lookup popular software licenses summarized at-a-glance."

quarta-feira, 7 de março de 2018

AI: Machine Learning course (Google)

https://developers.googleblog.com/2018/03/machine-learning-crash-course.html

Citando:
"Today, we're happy to share our Machine Learning Crash Course (MLCC) with the world. MLCC is one of the most popular courses created for Google engineers. Our engineering education team has delivered this course to more than 18,000 Googlers, and now you can take it too! The course develops intuition around fundamental machine learning concepts.

What does the course cover?

MLCC covers many machine learning fundamentals, starting with loss and gradient descent, then building through classification models and neural nets. The programming exercises introduce TensorFlow. You'll watch brief videos from Google machine learning experts, read short text lessons, and play with educational gadgets devised by instructional designers and engineers.

How much does it cost?

MLCC is free."

PS: Kudos to C.Manta for pointing this out.

quinta-feira, 9 de fevereiro de 2017

BOOKS: Top mentioned books on stackoverflow.com

Interesting list to find your possible next read (amongst the ones that are on your technical area and that you have never heard of). Also interesting is the description of the "simple" process that was used to create this valuable list (turning Stackoverflow usage data into a highly valuable list of most likely interesting books on development issues is one interesting example of turning information into valuable knowledge):

Top mentioned books on stackoverflow.com
Quoting:
"We analysed more than 40 000 000 questions and answers on stackoverflow.com to bring you the top of most mentioned books (5720 in total). How we did it: We got database dump of all user-contributed content on the Stack Exchange network (can be downloaded here); Extracted questions and answers made on stackoverflow; Found all amazon.com links and counted it; Created tag-based search for your convenience; Brought it to you"

Do you know them all? I have at least 4 of them at less than 1 meter of me. And you, how do you rank on this?

PS. Kudos to J. Machado for pointing this out.

domingo, 29 de janeiro de 2017

How to become a mobile developer

An interesting effort on summing up what is needed to know to become a mobile [app] developer for the 2 mobile platforms that dominate the market (iOS and Android - more than 99% of market share):
https://www.techgig.com/tech-news/editors-pick/How-To-Become-A-Mobile-App-Developer-89083?mailer_id=2891&utm_source=TG_batch&utm_medium=email&utm_campaign=digest_news_2017-01-29&etoken=cGZzaWx2YUBnbWFpbC5jb20=&activity_name=MjIxMzY5&dt=&auto_login=lKaUjJKbhWOnk7@@OkG6EkpNlR0eASYJcXXFUV1dlR0eASYJWWHhWWlpXXVN3&src_type=autoLogin

What .NET Developers ought to know to start in 2017 - Scott Hanselman

An excellent sum-up of what will be trending in 2017 in the .Net enterprise framework (packed with links for further information on each topic):

What .NET Developers ought to know to start in 2017 - Scott Hanselman

terça-feira, 27 de dezembro de 2016

Security: "Security Now", the Steve Gibson weekly podcast

Sharing an interesting resource (by Steve Gibson and Leo Laporte), that can for sure help us getting updated (for me it works in the sense that it is an asynchronous way of getting news, good for the ones who don't have either the time or the discipline to put a slot in their calendar to read on the news on a certain area) on the issue of...

[Personal Computer] Security: https://www.grc.com/securitynow.htm
The RSS (syndicated content) is available here: http://leoville.tv/podcasts/sn.xml

If you prefer, the traditional way of getting reminded via e-mail reminder, it is also available (see the blog for details on how to subscribe).

PS: Also interesting (and apparently wildly popular in the US) is the "This Week in Tech (TWiT)":
https://twit.tv/shows/this-week-in-tech (Video and Audio subscriptions available).
PS2: Another security podcast brought to my attention was Gary McGraw's one: https://www.cigital.com/podcast/

quinta-feira, 3 de novembro de 2016

RESOURCE: "How To Write Unmaintainable Code" (PDF)

Do you like learning while laughing? If so you'll like to read "How To Write Unmaintainable Code". Remember that this is irony and that you'll earn enemies for life if you follow this through.

PDF: https://www.se.rit.edu/~tabeec/RIT_441/Resources_files/How%20To%20Write%20Unmaintainable%20Code.pdf

https://github.com/Droogans/unmaintainable-code

quinta-feira, 13 de outubro de 2016

INDEX: About Project Plans - The Hitchhiker's Guide to the Galaxy (of QMS / SDP Project Plans)

The Short Story

Plans, plans, plans…

Q: What kind of initial QMS / SDP-related documentation should it be created at project start (also called Kick-off)?

A: "Some" plans.

Plans, allow us to plan (which by the way everyone should do) and after approval, allow us to monitor and control the project execution against those same plans. PMs are responsible to approve them even though sometimes they will delegate their creation and maintenance to the TM and/or the most experienced SPAE (Software Product Assurance Engineer) in the team.

What plans are we talking about? The project Plan (and the related detailed plan), the QAP, the CMP, …

You'll hear of even more plans (depending on the standards we are being compliant with). Mainly it has to do with the fact that for some standards we have to plan even further (and deliver those plans so that the contractor knows how we plan - and later on, double check the execution of tasks in the plan, through the inspection of produced evidences). Examples of such standards are the ESA standards (ECSS, for space development), DO-178 (for airborne systems), CENELEC 50126 (for railway applications), and so on.

Examples of those include:

Software Verification Plan (SVP)
Software Validation Plan or (the mix of both):
Software Verification and Validation Plan (SVVP)

Another PA-related artifact is the PA Log book (sometimes called SPAE Logbook).

And Agile/Scrum projects use yet another log book: The sprint retro logbook.

What is the purpose of those main SDP plans?

What are their goals , when are they created, when should they be updated?

Before starting, one important thing to remember is the fact that there should be a public list of QMS Process Owners (PO) and some backups for that role (called Process Representatives - PRs).

One example of such a list can be found here (list of POs - INTERNAL): https://quality.critical.pt/SitePages/QMS-Unified/Process%20Owner%20and%20Process%20Representatives%20(Unified).aspx
TIP: If the process has not yet been "unified" (the status can be checked here): https://quality.critical.pt/SitePages/QMS-Unified/Alignment%20Status.aspx), you could have to look here: https://quality.critical.pt/SitePages/QMS/Process%20Owner%20and%20Process%20Representatives.aspx
Having the names, use the Beatles' song tip: "You know my name, look up the number" (in your company contacts database containing, place of work, phone contact and e-mail).

The (Very) Long Story

In order to know more about each artifact, the following "sequence of steps" is recommended:

Read one entry in the final table below; from there you get to know the QMS process to where it belongs;
Open the QMS Process and browse (at least) the main activities there described (typically there is only a single table/slide per process activity).
The plan/artifact in question should be an artifact of this process you've just opened and if not, it is because it probably is just updated by this process. It could be an AD of the process or not - you can check it at the end of the process document.
Open the template for the artifact (or the provided samples - if any), and scan read its contents. If some concrete examples are available also scan them. Google can also find them.
Read the associated guidebooks (or the instruction sheets in the spreadsheet files).
During this process, remember to list your questions / open issues so that in the end you can always go to the PO (or as a last resource the QD) and solve them.
The one million dollar final questions to answer are:

Am I able to create these documents from scratch?
Am I able to understand them and extract the needed information for the activities/tasks I will be performing for the project?
Do I know who to talk to in case of doubt (who is the doc owner? Who are the PO/PRs)?

INDEX: Plan / Artifact	Templates / Examples / Additional Relevant Docs
Templates (Docs from MT)	<<master template -- Quality Assurance Plan.docx>> <<master template -- Product Assurance Report.docx>> <<master template -- Int. Configuration Management Plan.docx>> <<master template -- Configuration Management Plan.docx>>
Templates (Spreadsheets)	<<internal QAP pre-tailored -- CSW-QMS-2013-TPL-00997-rd-pre-tailored-qap.xltx>> <<internal QAP -- PA Process -- CSW-QMS-2009-TPL-04681-quantitative-qap.xltx>> <<CSW-QMS-2014-TPL-01088-sprint-retrospective-workbook.xltm>> <<CSW-QMS-2007-TPL-0112-configuration-items-list.xltm>> <<CSW-QMS-2006-TPL-1126-spae-log-book.xltm>>
GBKs	<<CSW-QMS-2014-GBK-01269-agile-guidebook.pdf>> <<CSW-QMS-2012-GBK-04055-crucible-guidebook.pdf>> <<CSW-QMS-2012-GBK-02170-research-development-projects-tailoring.pdf>> <<CSW-QMS-2010-GBK-04838-review-report-macro.pdf>> <<CSW-QMS-2009-GBK-04120-wise-project-module-guidebook.pdf>> <<CSW-QMS-2009-GBK-03894-project-milestones-meetings.pdf>> <<CSW-QMS-2009-GBK-03591-qap-how-to.pdf>>
Relevant Trainings	<<project-management-practices-at-csw-internal-training.pptx>> <<CSW-QMS-2016-PRS-00605-QMSVerificationProcess2016DocumentandCodeR.pptx>> <<CSW-2015-PRS-00614-managing-baselines-and-change-control-tracking.pptx>> <<CSW-QMS-2015-TPL-00368-excel-project-tips-tricks.pdf>>

Artifact / Work Product (Plan)

Who is mostly involved

QMS Process / Doc. Level

Main Purpose

Artifact Doc Format / Tool

Generated by MT?

Example Doc. / Link

Associated Template and/or GBK / HOW-TO

More info (when to create, update and AOB)

AOB

Master Project Plan

PM Process (MAN.1)

High-level plan (Gantt chart with the main WBS of the project (similar to the one produced for the estimation sum-up sheet if created during proposal elaboration);

Relevant topics and uses for this artifact include: high level view of ptoject activities (overall view); end project date determination; resource balancing; critical path analysis; effort and cost estimation (use of PERT estimation techniques -Best Case Scenario, Expected Case Sc., Worst Case Sc.)…

MS Project (.mpp, etc.)

Web view of Gantt example (WISE projects module, project EXOMARSTGO: https://wise.critical.pt/wiseweb/projects/ProjectPlan.action?expandAllTasks=&_sourcePage=%2FWEB-INF%2Fjsps%2Fprojects%2FprojectPlan.jsp&id=7439&showDeliverables=true&showWorkpackages=true&allSelected=true&showMilestones=true)

For each project, the WISE export can be opened in MS Project: https://wise.critical.pt/wiseweb/projects/ExportProjectFile.action?id=7439

For MS Project planning tool info, tips and tricks, see training: https://my.critical.pt/humanresources/Documents/CSW-QMS-2015-TPL-00368-excel-project-tips-tricks.pdf

Should be always kept up to date (acc. To CRs/CCNs, approved changes to schedule, …); uploaded to "WISE Projects"; V1 ready at KOM (based on info from PRL, if existent)

Previously: There were ECS and ASD master plan templates as QMS artifacts.

A guide for the "WISE Project Module" (covering EVM indicators, managing baselines and more) can be found here:

https://quality.critical.pt/QMS%20PT/MAN-management/MAN-01-project-management/CSW-QMS-2009-GBK-04120-wise-project-module-guidebook.pdf

Detailed Project Plan

Typically: PM/TM

PM Process (MAN.1)

Used for detailed planning (day to day tasks, concrete resource allocations, % progress…)

MS Project (.mpp)

Optional: Created if a finer planning and control is needed (by the TM): details the Master Plan (and could be used to report %s progress for each task and calculate overal % progress, etc.)

N/A

Updated weekly (with progress)

External QAP

SPAE (PM typically delegates)

Software Product Assurance Process (MAN.8)

A written statement on how we intend to perform QA activities (i.e. how will the QMS apply to the project).

For instance: Describes the QA aspects of verification including

Review activities to be performed
Transition criteria for review activities

The external QAP is a doc; The internal QAP is a XLS (see entry in this table).

MS Word (Master template, template ID = TBD - empty at MT at the moment, reported PROCIMP-819);

Yes

See template TOC.

See template and "fill in the blanks";

see QAP GBK: https://quality.critical.pt/QMS%20PT/MAN-management/MAN-08-software-product-assurance/CSW-QMS-2009-GBK-03591-qap-how-to.pdf

Optional: If DL, it is created at KO; tailored with the QD (in case of doubt)

Note: This document could not be requested by the customer as deliverable (DL).

Internal QAP

SPAE

Software Product Assurance Process (MAN.8)

XLS that includes all process tailorings: e.g. Verification Process tailoring

Includes a record of all tailoring decisions e.g. How will verification be performed (e.g. will the project do code reviews?)? Validation? Reqs, Design and SW Construction?

Spreadsheet (see template ids at right)

See spreadhseet contents.

See XLS template:

https://quality.critical.pt/QMS%20PT/MAN-management/MAN-08-software-product-assurance/templates/CSW-QMS-2009-TPL-04681-quantitative-qap.xltx

Pre-Tailored for R&D project types: https://quality.critical.pt/QMS%20PT/MAN-management/MAN-08-software-product-assurance/templates/CSW-QMS-2013-TPL-00997-rd-pre-tailored-qap.xltx;

Also see the QAP GBK (link above)

Same as Ext. QAP

Old Ids:

CSW-QMS-2003-TPL-2570 (EN),

CSW-QMS-2004-TPL-2755 (PT)

CMP (External Config. Mg. Plan)

Typically: CM (Project Role; PM assigns this role to a team member)

CM Process (SUP.2)

A written statement on how we intend to do Config. Management (activities).

This document is optional but if done typically is to be delivered to the customer; this doc consolidates info in a single document some information already stated in other internal docs such as the ICMP, QAP, CIL, …

MS Word (Master template, template ID = CSW-QMS-2004-TPL-0234)

Yes

See template contents; check list contents

See template(s) and "fill in the blanks";

See CM checklist: https://quality.critical.pt/QMS%20PT/SUP-support/SUP-02-configuration-management/templates/CSW-QMS-2012-TPL-00068-cm-checkup-checklist.xltx

See training: https://my.critical.pt/humanresources/Documents/CSW-QMS-2016-PRS-00605-QMSVerificationProcess2016DocumentandCodeR.pptx (slides 17 and 18); helping scripts are referred there.

Optional: If DL, it is created at KO and kept up-to-date during the project (CRs/CCNs could impact this DL);

Note: This document could not be requested by the customer as deliverable (DL).

Template Variants: External and Internal; pre-tailored for certain life cycles: See doc list.

EN	[CSW-QMS-2004-TPL-0234]	{CMP}	Configuration Management Plan (CMP)
EN	[CSW-QMS-2006-TPL-3196]	{CMP}	Internal CM Plan (ICMP)
EN	[CSW-QMS-2013-TPL-01989]	{CMP}	Internal Maintenance Pre-Tailored CM Plan (ICMP)
EN	[CSW-QMS-2013-TPL-00995]	{CMP}	Internal R&D Pre-Tailored CM Plan (ICMP)

From <https://quality.critical.pt/SitePages/QMS-Unified/Master%20Template%20Content%20Detail%20(PT).aspx>

Internal CMP (ICMP)

CM (project role)

CM Process

The ICMP is a simpler document (when compared to the CMP) that includes the CM process tailoring decisions (what activities in the CM process are to be performed and what are not and with what formality and frequence) and the CM strategies (such as check-up strategy, build, baseline, tagging and branching strategies); it specifies the conventioned text for the TAGs to be applied at certain moments to the Version Control System (VCS).

MS Word (Master template, template ID = CSW-QMS-2006-TPL-3196; pre-tailored templates: CSW-QMS-2013-TPL-01989 (Maintenance); CSW-QMS-2013-TPL-00995 (R&D)

)

Yes

See template TOC and pre-tailored templates.

See above

As seen above, there are 3 ICMP templates being generated by the MT.

CIL

Typically: CM (PM approves)

Verification Process

Contains the review strategy (usually internal). It list internal and external configuration items under configuration (built from the proposal and including CFIs received from the customer - be it software or hardware, external input docs, etc.) and for the internal, how we plan to do the reviews.

Excel Template: CSW-QMS-2007-TPL-0112

See spreadsheet contents; see CM check list contents;

See XLS template, instructions sheet: https://quality.critical.pt/QMS%20PT/SUP-support/SUP-02-configuration-management/templates/CSW-QMS-2007-TPL-0112-configuration-items-list.xltm;

See training: https://my.critical.pt/humanresources/Documents/CSW-QMS-2016-PRS-00605-QMSVerificationProcess2016DocumentandCodeR.pptx (slides 17 and 18);

At KO; aligned with the DLs (and outputs) indicated in the PRL;

Typically the CM check list shall be ran before the end of each phase.

Sometimes the CIL info is included in the SVP (Software Verification Plan):

The SVP might be provided by the customer or be required by regulatory standards such as ECSS with the detailed review plan (i.e. while te CIL is typically internal, we could have one additional deliverable, the SVP)