Most developers have never seen a successful project

CD Guru: You're doing it all wrong, again and again

Most software professionals have never seen a successful software development project, continuous delivery evangelist Dave Farley said, and have “built careers on doing the wrong thing”.

Farley, kicking off the Continuous Lifecycle conference in Mannheim, said study after study had shown that a small minority of software development projects could be judged successes.

One study of 5,400 projects, by McKinsey and Oxford University, showed that 17 per cent of projects were so catastrophically bad they had threatened the very existence of the company.

Given these sorts of statistics, Farley argued, individuals could plausibly spend their whole career in software development without ever encountering, never mind running, an unequivocally successful development project.

"I think the vast majority of people in our industry have spent the vast majority of their careers not knowing what a successful software project looks like," he said.

Farley traced the sorry state of software development practices to a fundamental misreading of the 1970 Winston Royce paper (PDF) considered as a defining the waterfall method that has shaped traditional software development practices.

“This paper was a description of what not to do,” said Farley.

Royce’s paper had gone on to argue for feedback loops and testing, and to “do the job twice if possible”, Farley said.

Royce was “arguing in the 1970s for iterative development” Farley claimed. Instead, Farley continued, we have a situation where taking an entirely ad hoc approach to software arguably leads to more successful outcomes than traditional waterfall approaches.

To improve their chances of producing successful development Farley advised his audience to automate as much as they could, especially testing, config management, and slash cycle times.

At the same time, he advised them not to describe this as DevOps. This might partly because Farley is co-author of Continuous Delivery: Reliable Software Releases Through Build, Test, and Deployment Automation.

But, he continued, “We’re saying the same thing, but with slightly different terminology, he said. However, when dealing with CEOs and “the business” it is easier to talk about a switch to a “continuous delivery”model, than a Devops model, because non-technical execs’ first question will be “what’s operations?” ®

Want to learn more about DevOps, Continuous Delivery, and Agile? Head to our Continuous Lifecycle Conference from May 3-5. Full details here.

Other stories you might like

  • The future: Windows streaming through notched Apple screens

    Choice is the word for Jamf's Dean Hager

    Interview As Apple's devices continue to find favour with enterprise users, the fortress that is Windows appears to be under attack in the corporate world.

    Speaking to The Register as the Jamf Nation User Conference wound down, the software firm's CEO, Dean Hager, is - unsurprisingly - ebullient when it comes to the prospects for Apple gear in the world of suits.

    Jamf specialises in device management and authentication, and has long been associated with managing Apple hardware in business and education environments. In recent years it has begun connecting its products with services such as Microsoft's Azure Active Directory as administrators face up to a hybrid working future.

    Continue reading
  • There’s a wave of ransomware coming down the pipeline. What can you do about it?

    AI can help. Here’s how…

    Sponsored The Colonial Pipeline attack earlier this year showed just how devastating a ransomware attack is when it is targeted at critical infrastructure.

    It also illustrated how traditional security techniques are increasingly struggling to keep pace with determined cyber attackers, whether their aim is exfiltrating data, extorting organisations, or simply causing chaos. Or, indeed an unpleasant combination of all three.

    So, what are your options? More people looking for more flaws isn’t going to be enough – there simply aren’t enough skilled people, there are too many bugs, and there are way too many attackers. So, it’s clear that smart cyber defenders need to be supplemented by even smarter technology incorporating AI. You can learn what this looks like by checking out this upcoming Regcast, “Securing Critical Infrastructure from Cyber-attack” on October 28 at 5pm.

    Continue reading
  • Ransomware criminals have feelings too: BlackMatter abuse caused crims to shut down negotiation portal

    Or so says infsec outfit Emsisoft

    Hurling online abuse at ransomware gangs may have contributed to a hardline policy of dumping victims' data online, according to counter-ransomware company Emsisoft.

    Earlier this month, the Conti ransomware gang declared it would publish victims' data and break off ransom negotiations if anyone other than "respected journalist and researcher personalities" [sic] dared publish snippets of ransomware negotiations, amid a general hardening of attitudes among ransomware gangs.

    Typically these conversation snippets make it into the public domain because curious people log into ransomware negotiation portals hosted by the criminals. The BlackMatter (aka DarkSide) gang's portal credentials (detailed in a ransom note) became exposed to the wider world, however, and the resulting wave of furious abuse hurled at the crims prompted them to pull up the virtual drawbridge.

    Continue reading

Biting the hand that feeds IT © 1998–2021