28 November 2016

CST438 Week 5

This week we discussed code review.


Basically a successful peer review strategy for code review requires a balance between the strictly documented processes and a non-threatening collaborative environment. Strictly regulated peer reviews can hinder productivity, yet careless processes are often ineffective. Ideally a middle ground can be found where peer review can be both efficient and effective while promoting open communication and knowledge sharing among teammates.

20 November 2016

CST438 Week 4

This week we covered the vulnerabilities exploited in the Sony Corp and Target Department Store security breaches, steps that can be taken in program design and code for better security, principles of software security and we took the mid-term exam.

Of particular interest was the article on Secure Programming. I was already familiar with validating input and restricting operations, but found the other design suggestions fascinating.

15 November 2016

CST438 Week 3

List and use common design patterns such as Publish-Subscribe, Proxy, Visitor for developing high quality modular object oriented code.
Use CRC (Class Responsibility Collaboration) cards as an object-oriented design tool.
Use UML class and sequence diagrams to create higher level abstract models of a software system.
Complete iteration #2 of your team project using Agile.

08 November 2016

CST438 Week 2



We covered:
  • Black box testing – Internal system design is not considered in this type of testing. Tests are based on requirements and functionality;
  • White box testing – This testing is based on knowledge of the internal logic of an application’s code. Also known as Glass box Testing. Internal software and code working should be known for this type of testing. Tests are based on coverage of code statements, branches, paths, conditions;
  • Unit testing – Testing of individual software components or modules. Typically done by the programmer and not by testers, as it requires detailed knowledge of the internal program design and code. may require developing test driver modules or test harnesses;
  • System testing – Entire system is tested as per the requirements. Black-box type testing that is based on overall requirements specifications, covers all combined parts of a system.
  • Code coverage – A measure used to describe the degree to which the source code of a program is executed when a particular test suite runs;
  • Mutation testing – A structural testing technique, which uses the structure of the code to guide the testing process. On a very high level, it is the process of rewriting the source code in small ways in order to remove the redundancies in the source code;
  • Fuzz testing – A software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system in an attempt to make it crash.
  • JUnit – A unit testing framework for the Java programming language.

The idea of TDD (Test Driven Development) is new for me, I had not even heard of this before. I will be attempting it with the J2EE iteration of the Hangman Game. I have been very limited on time the last couple of weeks (due to work), so have had difficulty completing the assignments thus far. The weekend that I am writing this (11/12-11/13) I am working to catch up.

01 November 2016

CST438 Week 1

This week we discussed software trends like the consolidated language movement (HTML+CSS+JavaScript), NoSQL Databases, RESTful APIs and SaaS (like Google Maps, IBM Watson and Microsoft Office 365).

We also introduced the standard methodologies of WaterFall, Agile and Formal Methods. I am already very familiar with WaterFall, as I use it at work for managing store opening projects. I am also already familiar with Agile (albeit less familiar), as we use a version of Agile called SDDM at my work for software development projects.

We also covered version control systems, but focused in particular on Git and GitHub. I have used GitHub in the past to collaborate on small software packages and here as CSUMB to coordinate with students on group projects.

I have been very limited on time the last couple of weeks (due to work), so have had difficulty completing the assignments thus far. The weekend that I am writing this (11/12-11/13) I am working to catch up.