Home Feedback

Solutions

Up
200 Words
600 Words
1200 Words
Agencies Notified
Comments
Compare Y2K
Links
Outsource
Processes
Replies
Solutions
Tools
The Author

 

  • Software Change Management
    Modern software change management systems used by major corporations usually incorporate automated world-wide distribution (replication) of all source code.  This allows developers to be working on the code on an almost 24/7 basis around the world.  Great for productivity.

    An improved security model would be based on a "Trusted Repository" approach.  A centrally located (properly secured, with backup protection) repository would contain all source code arranged in modules and subsystems.  Object code for each module and subsystem would be available for use as needed by all developers.  Individual developers would only be allowed to access and modify (check in/out) the source code for the specific module(s) for which they were responsible.  Local "builds" of the modified code for testing purposes would be accomplished by linking with any required objects replicated to the local system from the trusted repository.  Work-flow tools would greatly improve the security as well as the efficiency of the development process (Roles and Pools).
     

  • Testing
    Complete path coverage analysis should be required and documented for the aggregate module/subsystem/system levels.  Certification of completion is by the test team leader.
     

  • Concordance reviews
    A review of the concordance of words in a new module, and a review of words added to an existing module should be performed.  Certification of completion is by the development team leader.
     

  • Final build for release
    The release process should include a review of all changes made to the code by a three to five person randomly selected review team.  The team should be led by a software expert at the V.P. level who concludes the review by certifying the trustworthiness of the modifications.  Each line of modified code (identified by the change management system) should be displayed along with two to three preceding and succeeding lines.  The review team would have access to all completion documents.  For highly complex or new code modules the development team and test team leaders should be available to answer questions.

 

Send mail to webmaster@d50.org with questions or comments about this web site.
Copyright 2004 Detection Five-0
Last modified: 04/03/04