Everything a businessman should know about programming

Miscellaneous and Personal Stuff I Must Share
1

I’d been meaning to write something like this for a while, and another thread reminded me to do so. Ideally, for anyone out there who has to work with programmers, this will aid you in getting something that works, on time, on schedule, and on budget.

At heart, the first thing to do is to get rid of the image of a “program” as, for instance, Internet Explorer. Yes it is a program, but when you think about programs, from now on you should think, “Automobile.”

Now, imagine going into a Quicky Lube and going, “Hey you all are car people, how about you make me a car, I’ll buy you all the equipment and parts you ask for. I know you’re all engineer people, so just tell me what you need and make me proud!”

Yes indeed, flashing red lights aplenty.

Now, there’s no saying that some guy working at a Quicky Lube isn’t some insane car engineer who hasn’t yet had a chance to break into the industry, but the odds of that are pretty low.

Now unfortunately, the programming industry isn’t like the car industry. There isn’t a Quicky Lube of the industry, nor a Ford, nor a Lotus. Certainly there could be such in the future, but for the moment there aren’t NASCAR races between programming companies, the people who get the end product don’t have any idea how fast it should run, or why it seems to have way more buttons and entry boxes than any reasonable human could ever need or such. So, overall, there’s been no way to separate good from suck.

So, pretty much, you have to always assume you’re going to get the guy from Quicky Lube, unless you know programming yourself and can quiz the guy.

Which brings us to an issue of hiring outside contractors. Almost always you’ll be mostly dealing with the sales people of the company. This is BAD. Before deciding to hire the company, find out who will be actually writing the program,* and interview him. If you know any programmers who are comfortable with C or C++, have them interview the guy.

So, tip #1) Make sure you’ve talked with the actual programmer and made sure he at least seems up to the level required by the importance of the task. Assume that otherwise you’re going to be fed some guy who (in automotive terms) only knows how to press the gas and break pedals, let alone manufacture a car from scratch. And no, I’m not kidding. I’ve had to work side-by-side with some of these.

So, getting back to our Quicky Lube proposition, we’ve asked them to build “A Car.” Well, in real life there’s lots of different things falling in the range of “Car.” These could include anything from The Little Toy Car your Child Plays with, to the M1 Abrams Combat Tank, to the Porsche 911.

If you go to a programmer and say, “I want a database system for keeping track of my customers.” then that’s bad. I mean true we’ve gotten a little bit specific, but still I can’t walk up to a auto engineer and say, “I want a tank for winning wars!” True, he might build you something that is useful, but the odds aren’t real high. There’s a whole lot of specifications that he needs to know–at base minimum how much time he has to do it in, and what sort of resources you’re going to give him to do it–as well as the specifics of what kind of tank you want, how many weapons it should have, how many people it can seat, whether it should be amphibious or not, etc. etc.

If you ask a guy to build a tank for you, and you needed an amphibious tank, then when he shows it to you for the first time and it quite obviously isn’t what you were needing, then you have to re-engineer it. He might have built something that was light enough that simply making it water tight will make it good, but he might have built the mother of all heavy-duty assault tanks and essentially he will have to entirely restart from scratch.

This is why you need to think in terms of cars, rather than Internet Explorer. IE may look like a bunch of buttons which can be moved around anywhere you want, and clicked in any order, and you should be able to just add and subtract and move about functionality to get what you want, but in reality, the sucker is engineered just as much as a car. You can’t say go to Ford and say, “Ya know, I think I would like it better if you put the steering wheel in the middle of the dashboard.” If Ford tried to comply, they’re either going to have to rebuild the entire steering system (moving around the engine, disrupting the cars balance and the cars shape, which could impact the aerodynamics) or they would have to put some cludge into the dashboard so that the steering column did a zig-zag to meet back up with it’s old base.

One or two cludges is fine, but the more cludges you add, the greater the odds are that the whole thing is going to flubber itself up the butt and either be very unstable, or needing to be entirely rebuilt from scratch.

So, tip #2) Yes, it is boring and yes you will have to lower yourself and potentially spend days going over designs on paper and meetings with the person who will be doing the programming, but in the end, you’ll be a lot happier. Yes, after he makes it, there may still need to be some “fixes” (cludges) put in simply because you can’t anticipate everything, but having a solid design at the beginning will make that become a non-issue.

Again, back to our Quicky Lube fellows. We’ve asked them to build a car without saying how long they have to do it. So we go back to ask them and they say, “Oh, we can get something for you in 3 weeks!”

What this means is (since they haven’t received any sort of design parameters) they think they can make a bare minimum car in that period of time. Most likely it doesn’t include making sure the thing actually works.

This is another reason to make sure that there be a specific design. If I want a carved statue of a car, then so long as I get back something that looks like a car, I’m fine. But if I want a tank, every single system in the car has to be rigorously built and tested to make sure that even if you put the vehicle in 100[sup]o[/sup] heat, and riddle it with holes, it will continue to function as reasonably as required for it to service as a military vehicle.

You can’t dictate the schedule and expect to receive a vehicle that lives up to your specification. Nor can you expect the shedule to match anything in real life if you don’t give the engineers a specification that they can look at and tell you how long it will take.

So, tip #3) Hash out a full design of the program with the developers (as per tip #2) and afterwards ask how long that will take to build. You might have to then go back through the design and remove features because they can’t be accomplished in the time frame you want. Once you are done, in general you will want to muliply the build time by two; this is the build time plus verification, fixing, and modification time. For military or government work, probably you want to multiply more by something like 2.5 since generally the code needs to be tougher.

Now, when it comes to verifying the program, we have to get away from the car analogy a little bit. Cars, unlike programs, aren’t needed to be assumed to be put to abuse by evil minded miscreants.

If someone wants to break their own car into little bits, that’s their money down the toilet. However, if at the heart of every car engine was a nuclear reactor capable of blowing up the earth, people are going to care less about the handling, and a lot more about making sure people can’t hack into their own car and destroy life as we know it.

In the programming world, most generally this “nuclear reactor core” would be something like a database full of all your users’ credit card information. The program doesn’t need to just work as a program, it also needs to be proof against “bad people” and simple human error that can mess up other people (for instance, by accidentally emailing people’s credit card information around to the wrong people and such.)

Generic testing can verify that the code won’t accidentally do something stupid at the wrong point and mess people up. The best way to achieve this (assuming you have the time) is to ask for a “function level test of any conceivable parameters and their results (and that inconceivable parameters can never make it.)” Which in automotive terms is essentially the same as asking to have each part in the car to be individually stress tested. Other than that, you will pretty much have to rely on the development crew or test crew to do their bit in trying random stuff against the program. But what you can do is…

Tip #4) Set up scheduled keystones during the design phase (see tip #2) at which you will be able to interact with the developers. During the build phase this is pretty much just a chance for you to verify they’re actually building stuff. They should have given you in the schedule what parts should be “demo-able” by what time, so watch those demos (you don’t really need to do any more than that.) During the verification phase, however, you should be receiving working versions of the app at scheduled intervals, which you should verify against the original design specification.

Now, if the application does have some section that needs to be secure, then firstly you have to get the “function level test of any conceivable parameters and their results (and that inconceivable parameters can never make it)” at least for the relevant sections of code. You should also have the developers compile a list of “attacks” that are relevant to the system (be it encryption, database queries overruns, buffer overruns, etc.) They then have to test that the system is proof against all of those (within reason of course, given the importance of the information and such.)

And so overall summary tip #5) Make sure you know your programmers, make sure they know the specification, make sure they can get the stuff they need from you to do their job, be it artwork, or answers to questions on the design, have a clear schedule that is agreed upon by both parties based on the amount of functionality in the specification, and make sure to specify the level of robustness of the code and what sort of testing you require. Do all this with the person who will build the application not the salesman, and make sure that person isn’t sweating profusely when being asked to sign off on the schedule and specification pair.

Happy Contractoring!

  • Or the lead engineer for the project (the managing programmer) if it’s going to be a team project. You’ll have to assume his guys can do as well as he is willing to schedule for them to do.
2

Or you could JAD it for a month and find out that while you originally thought you needed a tank what you really need is an amphibious anti-tank mobile satellite command center with four-wheel drive, and a spacious luggage compartment. Often what the customer thinks they need in the beginning isn’t really what they need at all.

3

The department doing the development ought to have some business analysts on staff to take care of that sort of crap. That’s what they do- they take the business needs of the company and translate them into a pretty solid framework for the developers and designers to work from.

In the automobile analogy, the BA is the guy who’d ask a bunch of questions of the end users and people commisioning the design, and then go on to draw up rough specs and drawings for the engineers to refine into the car desired.

4

Yeah, we wish.

Sage Rat A lot of people in the industry know all about this, I’ve certainly read a lot of literature on Sucky Specification Syndromesub[/sub] If I can remember it halfway right there’s a line in the the Mythical Man Month (20th anniversay edition?) which goes:

To generalise from my experience (limited to one company, but many projects)

  1. The customer doesn’t actually know what they want*

  2. The yawning gaps in the specification are not noticed until the poor coder tries to implement it.

  3. Procdures designed to avoid 1 and 2 will be subverted.

The latest high profile project here is trying the Scrum programming (flavour of the month) philosophy. We’ll see how that turns out.

Small Clanger, who had to put a zig-zag-steering-wheel-style kludge into his last major program because the spec’ was delivered half complete.

*until they see what they’re getting, when at least they get to know what they don’t want.

5

Well that’s the point of writing up a one page tutorial. “You wouldn’t do it for a car, so why are ya doing it for a software application?”

But ah well. Yep, this little write up will probably disappear off the face of the earth, but there’s always the hope that someone somewhere will print a copy off and send it around to the people likely to be the contacts at a contractoring company or organization. Certainly the FBI could have used it.

And judging by my time as a contract worker, frankly I have little confidence in the grand majority of code that runs most of the world infrastructure. I would have to assume that hundreds of billions of dollars would be saved each year simply by getting businessmen to read little common-sense bits like that above.

6

Preach on, brother Sage Rat .

I just finished a three and a half day class on project management. This is the toolset that is presented to managers to use in whipping us software people into shape. Here’s my warped take on the major points of the class:

  1. The product is not important. It’s the project that matters.

  2. With as little task definition as possible, pressure your minions into giving you schedule estimates on every little task.

  3. Reduce their task estimates by 25% because you know they’re going to pad their estimates.

  4. Assign time spans to each task like you had unlimited staff and budget (I’m not kidding on this one).

  5. Define value metrics to assign to each task.

  6. It’s OK to use 25% of the project budget in the planning phase, because the project plan is more important that the product (see #1).

  7. When the project is in the execution phase, run like hell to a new project. After all, you’re finished with this project’s planning. Any group of trained monkeys can execute a well-planned project.

7

Heh. :slight_smile:

I don’t know about other programmers, but I generally pad by about 25% of my expected programming time as well, just not so I can mess about. You never know when something evil is going to pop up it’s head and you’re going to have to redo a bunch of stuff. So generally I schedule for the time to make it, plus time to handle it if everything goes to the crapper.

Though the cases of things suddenly going foobar have lessened with experience, I think so I may need to move that down more to 10% or so.

8

I’m not sure where you’re going with this complaint. I would love to see more projects established where (at least) 25% of the budget was allocated to planning. It certainly makes more sense than the more typical 70% allocated to debugging and re-writing.

Years and years ago I was on a hot project to save a company a huge amount of money by extracting (never before queried) information from an A/R system and several other systems that were not (generally) considered to be related. We began on February 14 with a May 31 deadline. By March 14, we had one analyst and several users complaining that we had not put down a single line of code. The boss had declared–and would not be moved–that we would begin no coding until we had established all the required input and all the paths needed to get to the (already pretty well defined) output. We finally began coding in early April. The project was fully tested, implemented, and documented before May 30 and we had time to write some additional query routines that came in handy, later, when the auditors challenged our numbers.

The same analyst who had been whining that we were not coding soon enough had presided over several projects that had to be tortured into giving up the correct data after project overruns, earlier.

(Now if, by planning, one means that one should invest 25% of the budget in Gannt software, I suppose you have a point, but more projects are underplanned than overplanned in the worlds where I have lived.)

9

Oh, but the class covered that. If something evil pops up, you should have identified it as a risk months earlier and you would have had a risk mitigation plan in place. And, if you knew what it was that could go wrong, it should have been part of your estimate. Padding is a no-no.

Please understand, this philosophy is not endorsed by your’s truly. There was some good information in this class, but I have not been assimilated (yet).

10

Actually, this was one of the most valid points in the class. I’m learning that time spent planning and reviewing is well spent. It’s much cheaper to remove the bugs up front than after the code hits the hardware. My jab was more directed at the attitude that laying out the schedule and budget was the crux of the task; everything afterward is trivial.

11

I don’t disagree with that. I just wouldn’t say that that’s not exactly what I’m talking about.

Identified risk: Myself. I am human and make errors and don’t always realise that I designed something poorly until midway through development.
Mitigation plan: Time to deal with that.

12

When I was running a software group (doing relatively innovative stuff) my algorithm for scheduling was:

Ask the programmers how long they thought it would take.

Double that.

Add a month, just to be sure.

It worked pretty well.

Actually, that is how project management should be done. The first step is to lay out the tasks, establish dependencies, and calculate the time assuming unlimited resources. The next step is to assign resources, expanding time required accordingly. It is really useful to know the minimum possible time for a task, to be able to deal with those managers who think 9 women can have a baby in a month.

Based on your response, did this class think that planning was only doing the schedule and budget? Exactly how accurate a schedule do they expect before the definition is done. (Don’t answer that!) My thought was that 25% for real planning is to small.

Code in haste, debug at leisure is my motto.

13

Maybe this works if you’re doing something very, very well understood. For the kind of stuff I do, it scares the crap out of me.

No user will, or can, know what he wants before he sees it. I sometimes code stuff I’ve defined myself, and I don’t know. First, any reasonable system is too complex for a user to see when it is on paper. Second, your average user may think that some features that seem easy to do when they are actually horrendous, and some that seem horrendous which are actually easy to implement.

During the course of a project the programmer is going to see inconsistencies and issues. If there is a good connection to the user, not through some level of analysis, these can be worked out. If you play telephone with them, you’ll have problems.

I’m all for specs. I’m in a position where I can tell people who want me to do something that they need to go off and figure out what it is they want before I’ll do anything. It saves me a lot of time. I especially do this after the third time I get an inconsistent request. But you should never, never equate the thickness of a spec with either quality or consistency.

Another problem - user has a set of assumptions, fine for someone in his area of expertise, which he assumes everyone shares. These don’t get into specs. A programmer sees a spec with a part left out and makes an obvious, but wrong, choice of how to implement. If a programmer has a bit of subject matter expertise, things may come out much, much better.

14

Well, Sage Rat, assuming you don’t mind, I’m going to copy it and send it around. If nothing else, my IT co-workers will get a kick out of it. If things go really well, it will wend its way up the food chain!

15

I don’t disagree with you Voyager, but I think you’re reading too much into the word “specification.”

If I’m making a security system for apartment buildings and find out one week before due date that the client who contracted the software had expected there to be a way to be able to email messages to all the people living in the apartment, that’s something I needed to know before I started building it. (Real case.) Being 90% through with test and ready to spit the thing out the door, suddenly having to stop, figure out how to install a mail server, get the sucker to send Japanese language mail from your webpages, build those webpages, add in permissions to the database for who can send emails, and then verifying that all isn’t a one day task for a product that is intended to work without error or daily intervention over the next ten years.

I’m not asking him to tell me how to build the mailing system, I just need to know that it is supposed to have that. If I started work without getting a proper list of requirements then I’m in a bad position to refuse to add it when months down the line they add stuff (and more stuff…and more stuff…) If, however, at the beginning I’ve got something that we’ve both signed off on as that this is all they require, and I (as someone who knows what is technically feasible or not) said is possible, then we’re both protected from one another. If I can’t make something that lives up to those requirements, then obviously I’m not a trustworthy company to hire to. And if I do build what they asked for, and it does exactly that, they’re in no position to say that it isn’t what they wanted.

Yes, you might still need to rebuild the whole thing if the user asked for something stupid, but at least that’s not happening in a way that makes the programming industry look like a bunch of incompetent rubes who can’t be trusted.

Until the programming industry is separated into capable and incompetent corporations, the current state of blame spreading for failed products is just going to keep being a self-fulfilling prophecy.

16

Nope, please do. (And please replace the word cludge with kludge…)

17

I agree completely. My contention is that it is more likely for a customer to miss the email requirement if they have to review a thick set of specs that go down the font size of all displayed messages, than if they had a somewhat smaller set of specs with the top level requirements. (And I know I’m mixing specs and requirements here.)

When I was a microprocessor designer, I was the customer for a whole bunch of design tools. Just about every week I had to review a 30 page requirements document and then be on a conference call about it. I’ll confess to skimming a lot of this stuff. I left before the inevitable shit hit the fan, but one tool, defined before I got there, crapped out because the requirements basically said, in great detail, that they were going to parse the part of the design language that was easy to parse, not the subset that people actually used.

On the other hand, a really good tool had only a minimal set of requirements, but was hashed out between the guy who thought it up and coded it, and me, who was an expert in that particular area.

The worst requirements to forget are the ones that really make sense - like your email case. Did the customer just forget to tell you they needed that, or did they assume it would be a part of the system, or was it mentioned in passing at some point but never given the priority it actually needed?

18

I do agree, just as I’m saying, that’s not what I’m meaning by “specification” when I wrote the OP. I’m talking about the first couple of days before anything else happens. That’s not going to wield a 100 page document detailing microprocessor innerworkings. True if the developer is particularly design-happy he might still turn out something overly lengthy for the client to give the go on, but that’s still better than nothing.

I honestly wouldn’t know. I assume that they assumed it, but there never was a design for that project and I (the developer) was never allowed to meet, see, nor even receive or write direct emails to the client. Everything was handled by a middle-management types who relayed everything back and forth. What had been scheduled as a month long project ended up being eight months because instead of hashing out a base requirements thing, I just kept receiving daily new requests from the client (who had access to the server I was developing and testing on as they were browsing the webpages.) Had I known at the beginning that they wanted a full “Solution”-level package of software rather than simply to be able to register IC card keys for their doors, the whole thing would have been designed a lot differently (and better), and done in half the time.

Since then I’ve been more bossy with my bosses (which fortunately hasn’t yet gotten me in trouble–I assume just because I’m the most productive programmer they have.)

19

I suspect you’ve had the same class, because this is exactly the example they used. My scepticism and sarcasm come from the experience of being in the position of the pregnant women (metaphorically speaking) and after I’ve explained that with two women, you can’t have the baby in 4.5 months.

The next question is usually, “I there anyway you can have it in 7 months?”

The textbook says you should clearly explain the risks that the manager is assuming by compressing the schedule. So you say, “Yes, I can induce labor early, but we run the risk of having a baby with birth defects. And there’s a possibility that we’ll spend millions on intensive medical care.”

The response has invariably been. “I don’t have a problem with that.”

Of course they don’t have a problem with it!!! They’re not assuming the risk.

I apologize for stretching the analogy like a rubber band until it broke.

The class wasn’t really so bad. I did learn some things that will help me back up estimates and status with good data.

20

Allow me a moment to look at this from the customer’s perspective.

I need a car. Does this mean I should go to Detroit or Stuttgart or Tokyo and talk to the designers, engineers and assembly line people?

No. I go to the car dealership and I talk to a salesperson.

This salesperson is supposed to ask “What kind of car do you need? What do you want to do with it? What features are most important to you?”

Then the salesperson will look through the inventory. Either a match comes up, or the salesperson tells me it will have to be a special order.

Then we dicker over price and delivery date for awhile. If we agree, then I buy the car.

If there’s a problem with this transaction it’s because

  1. I, the customer, couldn’t put into words exactly what I wanted

  2. The salesperson either didn’t ask the right questions, or didn’t know the product line well enough to recommend the right model

  3. The salesperson decided to steer me to a different model, perhaps to make a quick sale, or keep me from talking to the dealership down the street.

Now, as a business owner so successful that I have a group of programmers waiting for me to tell them to make me a program, I expect them to ask me what I need and tell me they can or can not deliver on X. If they need additional resources, I’ll give it to them if I can afford it. If not, we’ll do the best we can.