Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Code Quality: The Open Source Perspective", Diomidis Spinellis

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCQTOSP.RVW 20061229 Code Quality: The Open Source Perspective , Diomidis Spinellis, 2006, 0-321-16607-8, U$54.99/C$73.99 %A Diomidis Spinellis
    Message 1 of 1 , Feb 20, 2007
      BKCQTOSP.RVW 20061229

      "Code Quality: The Open Source Perspective", Diomidis Spinellis, 2006,
      0-321-16607-8, U$54.99/C$73.99
      %A Diomidis Spinellis www.spinellis.gr/codequality dds@...
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2006
      %G 0-321-16607-8
      %I Addison-Wesley Publishing Co.
      %O U$54.99/C$73.99 416-447-5101 800-822-6339 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321166078/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0321166078/robsladesin03-20
      %O Audience a+ Tech 3 Writing 2 (see revfaq.htm for explanation)
      %P 569 p.
      %T "Code Quality: The Open Source Perspective"

      The preface points out that it is easy to test for the functional
      requirements of an application: either the program performs the
      function or it doesn't. Nonfunctional requirements (including such
      characteristics as reliability, portability, usability,
      interoperability, adaptability, dependability, and maintainability)
      are much harder to assess, and yet may be more important. (In an
      automated train system, for example, the lack of a function to change
      the schedule from within a given train still allows you to use the
      train within a given schedule. Unreliability of the braking system
      means the system is worse than useless.) In addition, "Code Reading"
      (the title of Spinellis' previous book) is pointed out as the most
      common activity for developers, and yet is a skill seldom taught in
      the programming curriculum. The author has avoided using fictional
      code for the examples in this (and the prior) work by providing sample
      code from open source software projects, thus using working (but
      available) source code for illustrations.

      Chapter one introduces the structure of the text by mapping
      characteristics from the ISO 9126 quality standard to the chapters and
      sections of the book. Inherent conflicts between different aspects of
      quality are also noted. (For example, large numbers of discrete
      operations enhance the functionality of a system, but at some cost in
      terms of usability.) Reliability is examined, in chapter two, in
      terms of common flaws. Examples of such flaws are given, followed by
      an explanation of the specifics of the problem. This is followed by
      samples of code that address the problem stated. Each point and
      section is accompanied by questions and discussion points that could
      be used in a course teaching the issues of code quality. (Unlike all
      too many sets of questions these are rigorous and challenging.
      Sometimes they may be a little bit too demanding: occasionally the
      discussion would require intimate knowledge of the internals of a
      specific programming language.) The chapter ends with a summary of
      the points and factors covered.

      Various security vulnerabilities and coding points are illustrated in
      chapter three, but, in comparison to the rest of the work, this
      material is weak and disappointing. Performance issues in relation to
      time are reviewed in chapter four, and to space in five. The
      different factors of latency and bandwidth, and the trade-offs between
      memory and speed are noted. It is rather odd that Spinellis is at
      pains to point out that time efficiencies negatively affect simplicity
      and portability, while he goes to great lengths to provide suggestions
      for space optimizations for a variety of specific architectures (which
      wouldn't help portability either).

      Chapter six looks at a number of factors relating to portability,
      between both hardware and operating system platforms. Maintainability
      is the longest chapter (seven) in the book, and bears the closest
      relation to Spinellis' previous work on "Code Reading." There is a
      special section on the characteristics of object-oriented code.
      Chapter eight, on floating point arithmetic, notes the sometimes
      surprising sources of inaccuracy.

      In the information technology and development fields we are constantly
      obsessed with production of code and the speedy release of the next
      version. We need to stop and take a good look at the quality of what
      we produce: as it frequently stated, the greatest source of computer
      problems is computer solutions. In regard to security, it is
      demonstrably true that the exploits and difficulties that we find are
      those that would never have been created if only programmers had paid
      a little more attention to the fundamental concepts they were first
      taught. I believe Spinellis' text should be required reading for all
      programming courses and programs. In addition, those involved with
      analysis, maintenance, and change control should consider it a bible
      to be read and re-read until the lessons are firmly implanted.

      copyright Robert M. Slade, 2007 BKCQTOSP.RVW 20061229

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      A truly English protest march would see us all chanting: `What do
      we want? GRADUAL CHANGE! When do we want it? IN DUE COURSE!'
      - Kate Fox, `Watching the English'
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
    Your message has been successfully submitted and would be delivered to recipients shortly.