Standards of Program Development
No software development
organization worth its salt allows its developers to produce code at any time
in any manner. The good software development practices described earlier in
this chapter have all been validated by many years of practice. Although none
is Brooks's mythical "silver bullet" that guarantees program
correctness, quality, or security, they all add demonstrably to the strength of
programs. Thus, organizations prudently establish standards for how programs
are developed. Even advocates of agile methods, which give developers an
unusual degree of flexibility and autonomy, encourage goal-directed behavior
based on past experience and past success. Standards and guidelines can capture
wisdom from previous projects and increase the likelihood that the resulting
system will be correct. In addition, we want to ensure that the systems we
build are reasonably easy to maintain and are compatible with the systems with
which they interact.
We can exercise some degree
of administrative control over software development by considering several
kinds of standards or guidelines:
·
standards of design, including using specified design tools, languages,
or methodologies, using design diversity, and devising strategies for error
handling and fault tolerance
·
standards of documentation, language, and coding style, including
layout of code on the page, choices of names of variables, and use of recognized
program structures
·
standards of programming, including mandatory peer reviews,
periodic code audits for correctness, and compliance with standards
·
standards of testing, such as using program verification
techniques, archiving test results for future reference, using independent
testers, evaluating test thoroughness, and encouraging test diversity
·
standards of configuration
management, to control access to and changes of stable or completed program
units
Standardization improves the conditions under
which all developers work by establishing a common framework so that no one
developer is indispensable. It also allows carryover from one project to
another; lessons learned on previous projects become available for use by all
on the next project. Standards also assist in maintenance, since the
maintenance team can find required information in a well-organized program.
However, we must take care that the standards do not unnecessarily constrain
the developers.
Firms concerned about
security and committed to following software development standards often
perform security audits. In a
security audit, an independent security evaluation team arrives unannounced to
check each project's compliance with standards and guidelines. The team reviews
requirements, designs, documentation, test data and plans, and code. Knowing
that documents are routinely scrutinized, a developer is unlikely to put
suspicious code in a component in the first place.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.