Tuesday, May 18, 2004

Hibernate is great but good documentation (clear, simple, effective and authorative) on the hibernate website is lacking.

Simple Hibernate

Software - Capability Maturity Model (CMM)

Below are some links that provide a simple overview of what CMM tries to achieve and how processes can be put in place to achieve the goals set forth by CMM. I give XP as an example however many other processes from different methodologies could cover CMM. The important thing to note, and I disagree with strict level-by-level advancement of CMM, is that the field of QA in software comes down to 'best practices' that must be introduced by the managers of a company to act as a hedge against the risk of anarchy and cancelled projects. Their job is to reduce risk in the company by ensuring that we always travel forward. The obvious risk to chaotic companies is that while there may be significant short term gains to rapid delivery, there may be painfull costs in the longrun.

CMM Overview
ExtremeProgramming and SW-CMM

CMM is not the holy grail for business managers. There is more than one paradigm to manage development. A company whose managers are at least knowledgable that they can implement processes to protect their investment is better of than the company lead by blind managers.

Against SW-CMM
Software Productivity Research

System Security Engineering - Capability Maturity Model (SSE-CMM)

Security is a whole different ballgame but it's got to be evaluated somewhere. Understanding the all the issues before development is at least one benifit. People have encountered the problem of ensuring that they have not missed some glaring problem, why reinvent the wheel. The biggest problem with security, for small companies at least, is the expensive cost in time that it takes to achieve certification. That doesnt mean as a professional developer one should not know how to evaluate the risks, threats and justify their security solutions regarding how they'll minimise the risks and threats.

Common Criteria

No comments: