The sequestration has hit a lot of organizations hard, and IT intensive programs aren’t ducking the proverbial bullet. In the decade since 9-11, organizations had more money and resources to give to development teams to fix their application’s performance issues. But now that the nation is trying to fix its fiscal woes, every day and dollar counts.
When you think about PHP, it is often associated with small applications made by passionate developers for their personal use — generally websites with low database usage and/or few visitors.
Well, how wrong we are! PHP is used for a large panel of applications that generate a lot of traffic, for example public administrations or big companies. These entities require their applications maintain high scalability, availability, and, of course, no drop of performance. It’s no wonder that performance and speed are very popular quality goals when it comes to PHP.
Last month, I had the opportunity to discuss the expanding threat of mobile IT security with CAST’s audience. The feedback we got was so overwhelming, I wanted to answer the questions we might have missed here on the blog. Lev already answered some of your questions in a previous post, so for my follow-up post, I’ll focus on the risks that often go ignored throughout the software development process.
The argument surrounding Twitter’s usefulness will more than likely rage on for years with no clear winner. But one thing’s for sure, it’s a great place to find news — if you know the right people to follow. That’s why we’re starting a monthly blog post series to highlight some of the influential “twitterers” that we enjoy following, sharing with you some great resources to help find new, techy, and interesting news.
Scroll down to our Top Ten for February and fill your stream with techy tweeters. And don’t forget to follow @OnQuality for more updates!
We’re covering Java frameworks and their impact on application quality in an upcoming webinar, Java Applications and Coffee: The Variations are Endless, on Jan 29. As part of that, I wanted to share some insights along the lines of what we might discuss during the webinar. But first, what is a software framework?
A software framework is an abstraction in which software provides generic functionality. It is universal and can be reused by different applications.
Nowadays, it seems impossible to start the development of an application without thinking about frameworks. Some of them appear as a de-facto standards used in most applications, such as log4j with its implementation in other languages.
For other frameworks, it can be more difficult to choose. For example if we look at ORM frameworks in J2EE technology, you can see that there are more and more new frameworks.
And there are many more presentation frameworks.
The problem with this list of frameworks — that are supposed to simplify the coding of an application — is that you must master the framework itself in addition to java. And it’s not as easy as it seems. Take, for example, all the books written just for the Hibernate framework:
When analyzing several applications that use hibernate, I often found that persistent classes do not implement hashCode() and/or equals() for example
You have to override the equals() and hashCode() methods if you:
intend to put instances of persistent classes in a Set (the recommended way to represent many valued associations); and
intend to use reattachment of detached instances.
What does that mean? It means that Hibernate guarantees if there is a unique instance for each row of the database inside a session. But whenever you work with objects in detached state, and especially if you test them for equality (usually in hash-based collections), you need to supply your own implementation of the equals() and hashCode() methods for your persistent classes.
Nevertheless, it’s possible to build a complex application with identity (default) equals as long as you exercise discipline when dealing with detached objects from different sessions. If this concept of equality isn’t what you want, you must override equals() in your persistent classes. But this method requires discipline and it’s easy to make a mistake.
Thanks to CAST’s solution, you can check that this rule is enforced but many other one related to robustness, security and performances.
CAST’s solution considers J2EE application not as a single Java[/JSP] application, but provides rules for the most common frameworks such as Struts 1 & 2, Tiles, JSF, Spring, Hibernate, JPA compatible frameworks, and EJB. CAST’s product takes into account java annotations, XML files, and of course Java language to check these rules.
In addition, it can be extended to manage other frameworks.
As we have seen, implementing a framework is not so easy
It is obvious that frameworks simplify the development; it saves you from reinventing the wheel. And they usually come with a community built in. The bigger the community, the better the framework will be in terms of stability and completeness.
But as we’ve seen, frameworks come with their own rules that must be followed to avoid mistakes that can come up later in the development lifecycle and are difficult to diagnose. This is why it is important to have a static analyzer check that the frameworks are following best practices.
Again, if you’re interested in learning more about the resiliency of Java frameworks, be sure to check out our most recent CRASH report, which compared the quality and stability of Java frameworks for enterprise applications. Keep in mind, this is the only available repository in the world of real business software that has been subjected to this level of scrutiny. And for a deeper dive into the research results, be sure to register for our Jan. 29 webinar, Java Applications and Coffee: The Variations are Endless, which covers the full findings of the research.
If you’re snickering at the idea of your CIO talking Java (or any programming language for that matter), trust us, you’re not alone. However, CIOs can no longer afford to be in the dark about their IT team’s choice of programming language and tools.
Initial results from CAST’s most recent CRASH report, released today, reveals which enterprise Java framework delivers the most secure and reliable applications. With this information, C-suite executives can better understand how choices made in IT can impact the security and reliability of enterprise applications.
Click over to read the initial results released this morning, or sign up for our webinar on Jan. 29, Java Applications and Coffee: The Variations are Endless, to take a deeper dive into the research.
There’s been a lot of debate in the news and social networks about what’s in store for future CIOs. Oddly, pundits are in on the act, attempting to define exactly what we mean by CIO. Regardless of the title, the fact is that CIOs live on the knife’s edge of innovation, and today, that blade has never been sharper.
I’ll be talking about this at length in a webinar, The Evolution and Career Path of The CIO, which I encourage you to attend. Today, I wanted to offer some insight into what I’ll be covering and the impact of the changing role of the CIO.
The CIOs of Old
In the past, CIOs were measured creatively. That is, if the software they developed was on time and on budget, they got a pat on the back. Now, because of the pervasiveness of technology, CIOs can be measured in terms of business impacts, customer insights, and enabling business growth through the optimization of people, process, technology, and data & analytics. Anyone looking to carve their path to the CIOs chair can’t afford to be reactive to the business strategy. They need to be proactive, strategic, and a spot-on culture fit.
The typical path to CIO usually started in application development and gradually worked toward the CIO role. But now, we’re seeing CIOs coming from finance, and even HR. That’s because technical skills are becoming less of a priority, as top-level management want the CIO to keep their teams productive and build relationships with customers.
CIOs of the Future
While the next generation of CIOs will still likely come from the world of application development, they will need to better understand how to measure themselves in terms of their business impact.
Because of this, the prioritization of skills and competencies for CIOs has shifted from focusing on deliverables and cost, to focusing on customer analytics and business growth. IT organizations now are not only managing risk and cost, but they’re managing the business outcomes. And they’re doing all of this with less budget and staff, making the tools and assets that manage risk and cost critical to the business.
Speed is also becoming a main driver for every IT organization, and CIOs are being asked to increase their speed to market, speed to solution, and speed to understanding their customers through an improved digital strategy.
The CIO will always be measured against two factors: time and budget. That will never change. But who would have guessed that simply adding “driving business outcomes” into the mix would radically alter what CIOs need to be prepared for?
It’s a catch-22 in some ways. You could hire a non-technical CIO that knows the business but might not deliver the meat and potatoes in terms of great products and services. Or you could grab a techy CIO whose products are innovative, but who lacks the business acumen to drive results. But regardless of your choice, your CIO is going to have big shoes to fill.
How do you see the role of the CIO evolving? Do you have your career path to the CIO mapped out? Sign up for my webinar, The Evolution and Career Path of the CIO, for the answers to these questions and more to help you start your roadmap to the CIO.