Product Description
Have you ever delivered software that satisfied all of the project specifications, but failed to meet any of the customers' expectations? Without formal, verifiable requirements--and a system for managing them--the result is often a gap between what developers think they're supposed to build and what customers think they're going to get. Too often, lessons about software requirements engineering processes are formal or academic, and not of value to real-world, professional development teams. In MORE ABOUT SOFTWARE REQUIREMENTS: THORNY ISSUES AND PRACTICAL ADVICE, the author of Software Requirements, Second Edition, describes even more practical techniques for gathering and managing the software requirements that help you meet project specifications and customer expectations. A leading speaker and consultant in the field of requirements engineering, Karl Wiegers takes questions raised by other professional software developers and analysts as a basis for the practical solutions and best practices offered in this guide. Succinct and immediately useful, this book is a must-have for developers and analysts. ... Read more

Customer Reviews (15)

OK
The good book about sofware requirements for people who want to learn more about issues related to requirements. I can recommend it for people with basic level of knowledge.

The definitive guide on requirments management for software
This is a great book on software requirements.As good as any out there.

Software Requirements
Writer is great!Very good explanations.Book received quickly and in perfect shape.I recommend the seller.

Yes, I gave it 5 stars
May be this valuation is a little bit personal, but I gave 5 stars without second thought. This books showed me how was I incorrect in my early projects by gathering requirements as a dumbest person ever. I felt I learned a lot from it. Well, something what I "learned" I learn the hard way on practice, but it was very good and pleasant to find that my habits of requirements gathering described as "correct" ones in the book.

A good complement to Software Requirements book
This book is easier to read than the book that it is the sequel to and has specific topics.They may or may not add value to your life, but does add value to the original book to get a little more insight into how real life works on software projects. ... Read more

Product Description

Satellite navigation receivers are used to receive, process, and decode space-based navigation signals, such as those provided by the GPS constellation of satellites. There is an increasing need for a unified open platform that will enable enhanced receiver development and design, as well as cost-effective testing procedures for various applications. This book and companion DVD provide hands-on exploration of new technologies in this rapidly growing field.

One of the unique features of the work is the interactive approach used, giving readers the ability to construct their own Global Navigation Satellite Systems (GNSS) receivers. To construct such a reconfigurable receiver with a wide range of applications, the authors discuss receiver architecture based on software-defined radio (SDR) techniques. The presentation unfolds in a systematic, user-friendly style and goes from the basics to cutting-edge research.

Additional features and topics include:

* Presentation of basic signal structures used in GPS and Galileo, the European satellite navigation system

* Design and implementation of a GPS signal generator

* Presentation and analysis of different methods of signal acquisition—serial search; parallel-frequency space search; and parallel-code phase search—as well as code/carrier tracking and navigation data decoding

* A complete GPS software receiver implemented using MATLAB code as well as GPS and GIOVE-A signal records—available on the companion cross-platform DVD—allowing readers to change various parameters and immediately see their effects

* MATLAB-based exercises

* A hands-on method of testing the material covered in the book: supplementary front-end hardware equipment—which may be purchased at http://ccar.colorado.edu/gnss—enables readers working on a Windows or LINUX system to generate real-world data by converting analog signals to digital signals

* Supplementary course material for instructors available at http://gps.aau.dk/softgps

* Bibliography of recent results and comprehensive index

The book is aimed at applied mathematicians, electrical engineers, geodesists, and graduate students. It may be used as a textbook in various GPS technology and signal processing courses, or as a self-study reference for anyone working with satellite navigation receivers.

Customer Reviews (2)

Valuable
A well written book. Excessively concise. Too much material on the RF Front-end, when the main expectable focus would be the base-band. The book does, however, serve its purpose well.

A software-Defined GPS and Galileo Receiver (Review)
The table of contents of this book are reported below.
1. Signals and Systems
2. GPS Signal
3. Galileo Signal
4. GNSS Antennas and Front-Ends
5. GNSS Receiver Operation Overview
6. Acquisition
7. Carrier and Code Tracking
8. Data Processing and Positioning
9. Matlab Code
10. GNSS Signal Simulation
After a brief introduction on the basic elements of signal processing theory, this book gives an overview of GPS and Galileo signals. Then, the architectural design of a GNSS receiver is provided showing the hardware design (a front-end connect to a standard PC by USB) and focusing on the software approach and typical algorithms that are implemented to recover synchronisms.
The last two chapters contain a set of Matlab algorithms to track and process GPS and Galileo L1 data. The final result is a simple and useful tool for beginners and a good reference for expert reader.
... Read more

Product Description

Customer Reviews (15)

A developer's perspective that works for both developers and managers
Karl Fogel has the right credentials for the subject of producing open source software.His technical background and entrepreneurial experience help provide informed insight about the very real trade-offs that every developer must face in order to write the best code, appeal to the most users/customers, keep a project on track, and build enough credibility and capital to be able to do it again better the next time.

I would rate this book a *must read* for open source project leaders and product/project managers who have a substantial interest in succeeding with open source software.I would rate this book a *good to read* for developers who want to better understand what their project managers and leaders are trying to manage.

One of the best aspects of this book is the fact that it was developed and published by folks who really understand open source software, and who will, when the time is right, issue a revised and updated edition when sufficient constructive feedback/learning experiences have been received.This continuous community relationship is why this book is a *must read* for managers: it is the best of its class, and even if you disagree with some aspect of it, you can hash that out in public and expect your criticism to be dealt with in future editions.If you don't read it, you can't criticize it, and it won't be better for you the next time around.

Good!
This book is really good for those who want to make their projects open source, or just want to know how to deal with their already done project. There are a lot of advices, examples, practical stuff, etc.
But if you already now a lot about open source, this book will teach you new things. But still good for reading and learn deep things about management.

Excellent logistical guide for any software project
Issues specific to Open Source are well-covered in this book. I found the section titled "Handling Difficult People" especially useful; his advice in this dodgy area is to act eloquent and keep feedback directed at the problem, not the person. If the person *is* the problem, nip in-public issues in the bud and contact the person directly to resolve the personal issue(s).

Fogel presents lots of down and dirty day-to-day details on how to create excellent software. Not just Open Source, either... the transparency built into the processes he describes are also useful within a company firewall.

Fogel places a huge emphasis on development by random unsalaried people, but I feel that most important and rapid development is due to corporate sponsorship.

Overall: excellent. Read it cover to cover, refer back to it often.

Step-by-Step for a Open-Source Project Manager
If you are thinking of starting/managing a project in an "open-source" model, this is the book you MUST read.

The book is very well written and goes over lessons learned of others that created their own open-source projects. Believe me... every step so you don't have to guess anything!

How to start, how to document, where to deploy the project, what people to invite, whether or not coding standards are necessary, democracy versus dictatorship, all of these questions are answered inside.

A friend of mine has told me that much of the information in this book can be seen for free in video in Google. It's worth looking for.

I read the book in 5 hours and i think my time was very well invested. I now believe that this model is not only suitable for small projects but to larger projects. The complexity of the system will not the an issue if you apply the rules in the book. I still have to try it though... ;-)

In my case, five stars is an understatement
Just yesterday I was talking to a friend about this book and we discovered each other very glad with it. First of all, the author has a lot of experience with the theme in question. Furthermore, Karl Fogel is very compelling with words. He knows how to write down his experience in a way that is pleasant, certainly due to a lot of writes he had made through plenties of open source projects.

With this book you will be in touch with topics like the needed infra-structure to setup open source projects, the dinamics of the open source community, strategies for packaging and releasing software, commonissues that arise in open source daily development and how to workaround then, a brief about licenses (with properly links for more information on this topic); just to highlight some aspects.

This book was the first hand someone land me into the open source world. It's helping me in three ways: to extract more from open source softwares that already exist, to start my own open source project, and to look at software development through a new, different, and till now better perspective.

Hope this review helps you! ... Read more

Product Description

New edition of one of the most influential books on managing software and hardware testing

In this new edition of his top-selling book, Rex Black walks you through the steps necessary to manage rigorous testing programs of hardware and software. The preeminent expert in his field, Mr. Black draws upon years of experience as president of both the International and American Software Testing Qualifications boards to offer this extensive resource of all the standards, methods, and tools you'll need.

The book covers core testing concepts and thoroughly examines the best test management practices and tools of leading hardware and software vendors.Step-by-step guidelines and real-world scenarios help you follow all necessary processes and avoid mistakes.

• Producing high-quality computer hardware and software requires careful, professional testing; Managing the Testing Process, Third Edition explains how to achieve that by following a disciplined set of carefully managed and monitored practices and processes
• The book covers all standards, methods, and tools you need for projects large and small
• Presents the business case for testing products and reviews the author's latest test assessments
• Topics include agile testing methods, risk-based testing, IEEE standards, ISTQB certification, distributed and outsourced testing, and more
• Over 100 pages of new material and case studies have been added to this new edition

If you're responsible for managing testing in the real world, Managing the Testing Process, Third Edition is the valuable reference and guide you need.Amazon.com Review
For a practical guide to software testing, readers can look toRex Black's Managing the Testing Process, a compendium ofreal-world advice on managing software testing successfully. It is averitable hodge-podge of sample test documents and is filled withrecommendations from an old hand at test management.

Earlysections examine the design of test plans, along with strategies forassessing and prioritizing risk as well as catching bugs througheffective testing. Sample case studies include a network hardwaredevice and a Java word processor.

Throughout this book, a varietyof documents (including Excel spreadsheets and Access databases) arepresented to get you started on your own testing projects. (Thoughreproduced here in truly microscopic print, all sample documents areincluded on the accompanying CD-ROM.) The book also looks at metricsfor measuring the performance of your testing operation.

Managing the Testing Process shows how a bug-tracking databaseis the most effective model for managing the testing cycle. This bookis chock-full of advice on testing management. The author alsopresents dozens of tips for succeeding in the software Q/A jobmarket.

Sections on designing a lab and staffing it, including avaluable discussion on when to use consultants and when to outsourcetesting, provide a practical guide to today's testingmanagement. After an introduction to working with other players intoday's software organizations, a final chapter looks at managingtesting across different locations.

Many developers spend time inQ/A as a stepping stone to careers in software design. And as theauthor points out, the job of test engineer is growing inpopularity. Read this book to find out the often harsh realities ofsoftware testing along with strategies for improving the effectivenessof your software testing team. --Richard Dragan ... Read more

Customer Reviews (26)

Hard Going/ Old School
I have struggled to get through this book.It's very old school, not very specific in places, and lacks agility required for today's market place.No doubt the practices contained within it HAVE been relevant, just not too sure how relevant they can be in today's faster paced environments - for example: the depths of `test reporting'...who has time....and to who's benefit?

Some Good Info, But Generally Lacks Focus, Organization
Managing the Testing Process by Rex Black is a mess to read.Throughout the book the reader will find term definitions that are incomplete, circular or otherwise absent of substance.As a whole the book lacks focus and much organization.There are some good nuggets of information to be mined by the determined reader.However, I cannot recommend this book to any tester or testing manager.

Very comprehensive with concrete examples. Best testing book I have ever read!
This is the best test management book that I have ever read.The author provides concrete examples and illustrations where appropirate so that the reader can actually learn, not just be awed by how smart he is.I especially appreciated the scope - the book covers the test process from beginning to end and includes helpful and practical advice on stuff that is frequently omitted from testing books like the politics of testing.

A Practical Resource for Test Managers and Leaders
In the third edition, Rex extends a work he started in 1998 with the first edition. At that time, and still today, practical books on software test management are in a minority of the books on software testing. This book has become a commonly referenced work on software test management for a reason - it is practical.

Two things I really like about this book are that it is very readable and it has broad coverage of test management topics. As a trainer of thousands of test managers, I have learned that many test managers are thrust into the role with little knowledge or preparation. So, my perspective is that test managers need to know the mechanics of the software test profession as well as the managerial and leadership aspects of the job. This book delivers well on both counts.

By reading and applying the information in this book, you will learn the testing process from test planning and building the test architecture to building a test team, measuring test results, and conveying those results in a value-added way. Rex covers topics that are very relevant including test outsourcing and the context of projects and software lifecycles. I also very much appreciate the discussion of dealing with the people issues in testing.

Just a note on the use of spreadsheets and vendor non-specific tool examples is that once you understand the structure of organizing testware, you can apply that structure in a specific test tool. Plus, not everyone owns a commercial test management tool. I know many people who manage a lot of test items using Excel.

I can highly recommend this book to test managers and leaders, as well as people who aspire to be in those roles.

Updated and Modern
This book is perfect for beginners and experts. It 's updated for this new generation of testers. ... Read more

Product Description
Comprehensive, step-by-step guide to the most effective tools, techniques, and methods for automated testing.Numerous case studies of successful industry implementations are provided. Softcover.CD-ROM included. DLC: Computer software--Testing--Automation.Amazon.com Review
Written for those with some background in softwareengineering, Automated Software Testing: Introduction, Management,and Performance delivers a rigorous guide to the state of the artin managing automated testing in a text that will benefit anyone whotests software for a living.

First and foremost, AutomatedSoftware Testing presents a methodology for test managers calledAutomated Testing Lifecycle Management (ATLM). This soup-to-nuts tourof testing takes you from initial planning, budgeting, and staffing tobuilding a test plan and choosing test tools to executing tests andeven improving your testing process the next time around. Thoughsomewhat thickly written--with plenty of software engineeringterminology--this book can also be useful to more practically mindedreaders because of its many sample test documents. (Besides numerouslists and charts outlining the steps in the ATLM process, the bookpresents a sample test plan, budget estimates, and staffingguides.)

A truly standout feature is the book's survey of currentlyavailable automated tools that can be used throughout the testingcycle, as well as how to choose the right ones for your nextproject. For many software testers and managers, this section alone isprobably worth the price of the book.

As this book points out, testengineering is a growth field. While schools and businesses work hardto meet the demand for qualified testing professionals, this title canprovide a solid guide to the best thinking on automated testingsolutions that will save time and money as well as improve softwarequality. --Richard Dragan

Topics covered: Theory andpractice of automated software testing, the Automated TestingLifecycle Management (ATLM) process, test analysis, planning, designand execution, white-box and black-box testing, metrics, and choosingtesting tools. ... Read more

Customer Reviews (41)

Elfried- Find her descriptions rhetoric
Bought her top 50 tips for testing. Was so generic and generally devoid of ideas and inspiration. I expect this to be of equally low value going by the TOC. A really practical book of automation will be one which will plug in automation into over system integration testing strategy and show how it could be improved. On other hand take a deep technical dive and tell us how some of these tools such as QTP work.

Best Automation Testing Book Ever
This book as far as I am concerned is best automation software testing book written ever.

Cut out the bull
Unfortunately this book (like nearly all other books on software testing) does not teach you how to test software. Instead it only gives you information needed to manage software testing. And, like many other books of management, it is highly repetitive and redundant. For somebody needing compressed information this is the wrong book. I think it would be no big deal to reduce the number of pages to 50% and still deliver the same message. The exmamples given in the text read like from a psychology book, not like from a technical book. Despite my critique I have to admit that the annexes in the book can be highly valuable. Personally I liked best the review of the big number of test tools.

Excellent Book for implementing Automation
This is one of THE books if you plan on implementing automated testing in your software shop. Covers everything from Lifecycle to tool evaluations to best practices. This one that is definitely on my "bookshelf on the go" that follows me to all projects. I especially appreciated the Appendix with real world stuff and references to tool manufacturers. Great work!

You'll Need This Guide to Implement Automated Testing
I recently joined a firm that simply wanted to purchase an automated test tool within two weeks; "it made little difference which tool". Using this book, they became convinced we should install at least three tools, on evaluation. Good thing we did: we found that only one could deal with "customized" Java applets used in their applications.

Little did our test team know beforehand that new automated tools require evaluation: what technologies are your applications using? what levels of test planning and scripting skills will be required for each tool? what other tools may be necessary sooner or later? and, does your test tool vendor of choice market such complementary tools? And much, much more.

"Automated Software Testing" guides readers through each step in the planning, selection, and implementation process to assure that automated software testing will be developed in a systematic manner.

See the table of contents. You will find that for less than the cost of a testers time for two hours, your business will be investing in knowledge that will save perhaps hundreds of thousands of dollars over the life of your applications. ... Read more

Product Description
Learn proven, real-world techniques for specifying software requirements with this practical reference. It details 30 requirement "patterns" offering realistic examples for situation-specific guidance for building effective software requirements. Each pattern explains what a requirement needs to convey, offers potential questions to ask, points out potential pitfalls, suggests extra requirements, and other advice. This book also provides guidance on how to write other kinds of information that belong in a requirements specification, such as assumptions, a glossary, and document history and references, and how to structure a requirements specification.

A disturbing proportion of computer systems are judged to be inadequate; many are not even delivered; more are late or over budget. Studies consistently show one of the single biggest causes is poorly defined requirements: not properly defining what a system is for and what it's supposed to do. Even a modest contribution to improving requirements offers the prospect of saving businesses part of a large sum of wasted investment. This guide emphasizes this important requirement need--determining what a software system needs to do before spending time on development. Expertly written, this book details solutions that have worked in the past, with guidance for modifying patterns to fit individual needs--giving developers the valuable advice they need for building effective software requirements ... Read more

Customer Reviews (6)

A definitive treatise on software requirements
I run into this book by pure accident while searching for something else. I could not resist the idea of reading material that offered a discipline way to group software requirements into patterns. What I got was a lot more than that. The author offers a rich and solid argument for his propaosl to approach requirements using a taxonomy of patterns, dishes out his taxonomy spiced up with instructive commentary covering not only requirements but construction, quality, and documentation. I recommend this material to to anyone who cares about the software engineering craft.

Not bad , but not really practical
It's ok if you are starting to have the concepts and everything in a general level. If you are looking for some specifics guides or examples to apply in the reality... mmmhhh... I don't think this book is the best option to have that. And... it's expensive. My best advice... don't buy it.

Great accelerator for standardizing requirements
This book provides a great "kick start" for specifying large system requirements.The patterns provide food for thought along with a very useful standard approach to specifying requirements.It should be in every system analyst's toolkit.

Many examples of better requirements
Stephen Withall should be congratulated for slugging through about 300 pages of examples of requirements. Many of them are quite good. For that alone, I recommend the book for all those who want to know what a fairly well written requirement might look like. If you want to know what a very well written requirement looks like, then you should go attempt to read Tom Gilb's book Competitive Engineering. I say attempt because Gilb is not an easy read.
Withall is honest from the beginning in that this is a book of examples using a pattern language. I don't have much enthusiasm for pattern languages, they seem to confuse me, but that is probably a personal problem. There is little to explain what requirements are or how to get them. This book focus is on writing them down. He does have a really brief (very, very brief) intro to requirements with more promised on the web. I didn't read the web stuff.
What I did learn, and colored my whole perception of the book, is that the working definition of requirement is focused flat on functional requirements. Yes, there is a nod to not functional requirements but they get a short shift throughout the book. Frankly, functional requirements are not that interesting. Yes, they are needed but they are typically really easy to get. It is the not functional requirements that get teams into trouble. It isn't that the software doesn't do what you want, it just does it in a way that you hate.
This is clear in the section on User Function requirements where (even if he told us earlier to specify the problem, not the solution) the examples are full of solution. "The system will refresh itself" and "Whenever a sound is played for the purpose of alerting the user, a visual cue shall also be invoked". Why I ask you? That is solution talk.
Now to be a bit more fair, problem and solution is a relative area so, without a clear description of the context, I can't say what those two examples really are, but my money is on solution. A problem UI requirement for the above is more like, "The user will correctly recognize an alert within X seconds 95% of the time" or something like that.
Bottom line, if you want to have a book of lots of examples, not to bad. In those examples are some good questions. But there is much more to do than to write them down.

An important butoften dull subject made accessible and interesting
The purpose of this book is to help you decide and define what a new software system needs to do and to suggest what extra features to add to make it a very good system. It saves you effort and enables you to be more precise, by providing detailed guidance on how to specify individual requirements.

Requirement patterns are encapsulated expertise, conveniently prepackaged for reuse. The book contains 37 requirement patterns, each of which describes an approach to tackling a particular type of situation that comes up repeatedly in all kinds of systems, but focusing on commercial business software. Only a fraction of any system is specific to its business area; the bulk occurs over and over again no matter what your system is for. These patterns cover more than half of all requirements in some systems, and even more if you add the extra requirements the patterns suggest. Each pattern conveys not only the basic information that a requirement needs to convey, it also offers guidance on supplemental information that you need in your requirements in order to make them complete, comprehensible, and properly cross-referenced. This book contains over 400 example requirements, many of which are suitable for applying unchanged to any system and others that are a useful starting point for a requirement to suit the reader's needs. These examples are the heart of the book. Currently, the product description does not show the table of contents, so I do that next:

Part I: Setting the Scene
Chapter 1. Synopsis of "Crash Course in Specifying Requirements"
Section 1.1. What Are Requirements?
Section 1.2. Where Do Requirements Fit in the Grand Scheme?
Section 1.3. A Few General Principles
Section 1.4. A Traditional Requirements Process
Section 1.5. Agile Requirements Processes

Chapter 2. Synopsis of "The Contents of a Requirements Specification"
Section 2.1. Introduction Section
Section 2.2. Context Section
Section 2.3. Functional Area Sections
Section 2.4. Major Nonfunctional Capabilities Section

Chapter 3. Requirement Pattern Concepts
Section 3.1. Introduction to Requirement Patterns
Section 3.2. The Anatomy of a Requirement Pattern
Section 3.3. Domains
Section 3.4. Requirement Pattern Groups
Section 3.5. Relationships Between Requirement Patterns

Chapter 4. Using and Producing Requirement Patterns
Section 4.1. When and How to Use Requirement Patterns
Section 4.2. Tailoring Requirement Patterns
Section 4.3. Writing New Requirement Patterns

Part II: Requirement Pattern Catalog
Chapter 5. Fundamental Requirement Patterns
Section 5.1. Inter-System Interface Requirement Pattern
Section 5.2. Inter-System Interaction Requirement Pattern
Section 5.3. Technology Requirement Pattern
Section 5.4. Comply-with-Standard Requirement Pattern
Section 5.5. Refer-to-Requirements Requirement Pattern
Section 5.6. Documentation Requirement Pattern

Chapter 6. Information Requirement Patterns
Section 6.1. Data Type Requirement Pattern
Section 6.2. Data Structure Requirement Pattern
Section 6.3. ID Requirement Pattern
Section 6.4. Calculation Formula Requirement Pattern
Section 6.5. Data Longevity Requirement Pattern
Section 6.6. Data Archiving Requirement Pattern

Chapter 7. Data Entity Requirement Patterns
Section 7.1. Living Entity Requirement Pattern
Section 7.2. Transaction Requirement Pattern
Section 7.3. Configuration Requirement Pattern
Section 7.4. Chronicle Requirement Pattern
Section 7.5. Information Storage Infrastructure

Chapter 8. User Function Requirement Patterns
Section 8.1. Inquiry Requirement Pattern
Section 8.2. Report Requirement Pattern
Section 8.3. Accessibility Requirement Pattern
Section 8.4. User Interface Infrastructure
Section 8.5. Reporting Infrastructure

Chapter 9. Performance Requirement Patterns
Section 9.1. Response Time Requirement Pattern
Section 9.2. Throughput Requirement Pattern
Section 9.3. Dynamic Capacity Requirement Pattern
Section 9.4. Static Capacity Requirement Pattern
Section 9.5. Availability Requirement Pattern

Chapter 10. Flexibility Requirement Patterns
Section 10.1. Scalability Requirement Pattern
Section 10.2. Extendability Requirement Pattern
Section 10.3. Unparochialness Requirement Pattern
Section 10.4. Multiness Requirement Pattern
Section 10.5. Multi-Lingual Requirement Pattern
Section 10.6. Installability Requirement Pattern

Chapter 11. Access Control Requirement Patterns
Section 11.1. User Registration Requirement Pattern
Section 11.2. User Authentication Requirement Pattern
Section 11.3. User Authorization Requirement Patterns
Section 11.4. Specific Authorization Requirement Pattern
Section 11.5. Configurable Authorization Requirement Pattern
Section 11.6. Approval Requirement Pattern

Chapter 12. Commercial Requirement Patterns
Section 12.1. Multi-Organization Unit Requirement Pattern
Section 12.2. Fee/Tax Requirement Pattern

This book is very good at taking a dull subject - software requirements and their specification - and making it interesting and accessible. Highly recommended. ... Read more

Product Description
A guide to help you better understand how to develop a successful business case. Softcover. ... Read more

Customer Reviews (9)

Excellent approach that will work
This book is the aggregation of Mr. Reifer's extensive experience in software management and economics of reuse. His earlier books, "Practical Software Reuse" (ISBN 0471578533), and "Software Management" (ISBN 0769511007) evidence his experience, and probably account for the realistic approach he takes in this book.

Despite his technical background he takes a business-focused approach early in this book by explaining the difference between business and technical cases.Too many technical managers confuse the two, and this plus the other material in Chapter 1 explaining the fundamentals of business cases will set you on the right course.

Chapter 2 is the essence of this book, with advice on relating goals to metrics (using the Goal/Question/Metric technique), and the development and alignment of business cases to development life cycles.This is followed by two excellent chapters covering principles, rules, and analysis tools, and strategies. Much of this material is standard fare, but Mr. Reifer's clear explanations are better than most books that cover this material.

The second part of the book employs case studies that lead you through the development of a business case using principles, concepts and techniques given in the first part of the book.These reinforce part one of the book, as well as provide clear examples of business cases that work, and the process with which to develop them - including challenges, how assumptions were derived, and other nuances of which you should be aware.

The final part of the book is a single chapter on overcoming major barriers, and the sage advice is well worth heeding.

Overall, this is one of the best books on business case development because it is business-oriented, has an approach that is financially and tactically sound, and is written for technical-oriented managers in their own language.

The bean-counter skills needed to get a project funded
This is not a book for software developers or managers who work in a small shop where there is focused development, little formal bureaucracy and a great deal of camaraderie. It is written for the person with responsibility in a large organization who has an idea for a major new project and needs to get it approved. Essentially, it tells you how to survive and thrive in a large organization that builds software.
The advice is fairly simple but quite accurate. Use numbers in your presentation that can be justified and are consistent with any previous numbers that relate to the project. Have solid data concerning the expected return-on-investment (ROI) from the project as well as any additional costs that may not be outwardly obvious. Quite accurately, the author is emphatic about the principles of present and future value. So much so that appendix B is just a set of basic compound interest tables.This is the most important advice that anyone in a large organization with a business case to plead can ever receive.
A lesser, but still critical point is that you must have a manager to champion your proposal through the managerial hierarchy. That champion must also know the expected ROI from the project very well, as upper echelons will consider a lack of knowledge on the part of the champion to reflect a lack of interest. Another point to reckon with is that if you receive the budgetary increase, it most likely means that someone else in your organization had theirs cut. Nasty, but also the way things are.
Finally, the author takes you through a case study as to when you should acquire a company rather than build a new internal division from scratch. His analysis of what to examine and consider significant is a solid strategy for determining which is the better option.
This is a book that really has two audiences, those who are lower level managers in large organizations with an idea for a new project and those who are starting a company and need to convince the people with the money to open their wallets. For them, it is priceless, but for all others it is difficult to see where they will find it of value.

Much-needed insights
Making the Software Business Case: Improvement by the Numbers covers an area too few software engineers have any exposure to: financial modeling and business analysis, as it relates to the IT domain. Reifer's concise (300 page) book provides a broad overview of how the IT area appears from the business side, including critical material on how to frame technical proposals in business terms.

Amongst the many nuggets to be found in this book are:

· useful tips on where money can be found
· good insights into the politics of proposals and budgeting
· getting middle management buy-in
· countering executive challenges
· successful management of cross-project initiative dynamics
· software capitalization/depreciation
· Discussion of reuse from a cost avoidance perspective.

This book is not only good in terms of its material, it is also an eminently readable book in terms of style. Reifer elaborates his argument through the clever use of case studies that provide human interest and momentum to otherwise dry material. These case studies include:

· A defense contracting firm implementing software process improvement
· A public utility replacing an outdated mainframe-based transactional system with modern client-server technology
· An industrial controls firm suffering from moribund products
· A firm seeking to Internet-enable its internal systems

Reifert places strong emphasis on "making your numbers believable." He argues that this believability must address these nontechnical considerations:
· Cash flow
· Cost basis
· Cost/benefit
· Estimate fidelity
· Present value
· Profit and loss
· Risks
· Source of funds
· Tax implications

He does an admirable job in placing these concepts in context, and providing a clear overview of each.
The utility case study demonstrates the importance of understanding the overall financial dynamics affecting one's enterprise. For example, the differences between capital and expense budgets can be key in determining whether to purchase or lease equipment. As Reifert elaborates in the utility scenario, "Because this has been a profitable year, an increase in expenses [i.e. leasing as opposed to purchase capital expenditures] could have a profound positive tax consequence." The book has many examples of this type of valuable, integrated business insight.

Reifer has much sound general IT management advice mixed in with his financial message. A recurring theme through many of the discussions is the need for an executive sponsor, to provide political cover and tactical advice in forwarding the business case.

He also urges the reader to frame benefits in terms of cost avoidance rather than cost reduction-promising cost reductions often lead to the question, "OK, then who are we going to let go?" Not a good way to win friends.

I found his observations on the subject of central process quality assurance groups interesting:

"Reinventing staff organizations such as process and quality assurance groups is a good idea. Engineers assigned to such staff groups get stale once they've put in more than three years of service. Being in an audit and support role, they forget how hard it is to develop and deliver quality products under extreme deadline pressures." (p 137). The book displays a continual awareness of the need to balance these contending issues of cost, schedule, and quality.

The case study based on the industrial controls firm has an explicit architectural theme. This is an especially compelling discussion; software engineers are well aware how critical architectural decisions are, and how often they are compromised in the rush to write code. The discussion demonstrates how to make the case for architecture and include it in an overall work breakdown structure. Reifert is exceptionally creative in his case study creation, taking the opportunity to demonstrate hidden agendas, the pitfalls of contractor estimates, and developing a good working relationship with high-level consultants.

The book provides a solid summary of software estimation. There are whole books written on this subject, so the chapter is necessarily at a high level (although it does dive into some detail on the COCOMO II model in particular). However, it provides a valuable discussion of aspects of high-level IT budgeting beyond tactical project estimation, presenting numerous examples of cost breakdowns covering all phases of the systems development lifecycle, from architecture to maintenance.

The final case study moves into even more adventurous ground, discussing a company seeking to Internet-enable its internal systems via takeover (hostile if necessary) of a specialist firm. The ensuing narrative outlines the due diligence such a move requires, and the various tactical and strategic issues it may raise. A brief discussion of international intercultural relationships is excellent.

The book has only one minor flaw: it was obviously written during the dot-com bubble. There are frequent references to industry dynamics such as a venture-funded firm's survival depending on extreme time-to-market pressures, and perhaps an overemphasis on faddish Web technology.

This book is easily on my Top 10 software engineering book list. It provides a lucid, crisp overview of business issues that are all too mysterious to the average software engineer. Given the potential that well-architected, business-responsive software has to increase productivity, this volume is a service to both the software engineers and the enterprises that employ them.

Practical Advice and Useful Examples!
Don Reifer's book provides information not found in existing books on software engineering, process improvement, and project management.His primary audience is technical people who must sell a project to business people.In particular, he provides concrete, practical advice for selling a process improvement program.For example, Chapter 4 stresses the importance of focusing on cost avoidance instead of cost reduction to justify improvements. In Chapter 7 he suggests briefing middle managers individually to obtain their support.Based on my experience, this is sound advice because middle managers are often the most difficult people to convince in an organization.Giving personal attention to each manager pays big dividends later.He also suggests taking advantage of state tax laws to partially offset the costs of training employees.This is a win-win strategy for both the firm and the state.Training gives employees new skills and improves retention.This, in turn, helps the firm obtain more business and so generate more income for the local economy and more tax revenues for the state.He explains the difference between project and capital funds, and how to exploit this difference to obtain the resources you need.The book has many useful checklists.For example, one identifies the types and sources of information needed to prepare a business case.Another identifies the critical items to check when deciding to acquire a business.

His book will also be of interest to marketing people who are preparing sales presentations for complicated technical products.For example, these individuals could prepare business cases to compare possible alternatives.Even experienced managers unfamiliar with software products and process improvement will find the case studies useful.

Don Reifer illustrates the concepts presented in Part 1 with actual case studies in Part 2.These are based on his 30+ years of experience in the software field.The case study in Chapter 7 begins with what amounts to an engineering view of the problem and then the author provides comments indicating how a manager would like to see the information presented.This case study really shows the contrast between the technical and management ways of thinking. The case study in Chapter 8 shows how to assess the value of a company whose primary assets are intellectual property and knowledge capital.

Overall, the book is concise and well written.I was able to quickly absorb the concepts and techniques without spending a lot of time.It is a valuable addition to my reference shelf.

Will be a classic
This truly excellent book fills a large void in the software engineering and IT world - tying the business case to software. It is of paramount importance to demonstrate a quantitative, bottom-line impact when embarking on a software development or evolution project.Too few engineers and managers consider the full business context when making decisions.Many hard lessons in my 20 years of experience could have been avoided if I had the insights and techniques that this book provides.

I expect Mr. Reifer's book to be a classic in the field.It is chockfull of practical methods with worked-out examples of making the software business case.Not only is it rigorous in it's quantitative approach, but the author's broad and seasoned perspective helps practitioners steer through the minefield of people, politics and organizations.I seriously believe we would have more successful software projects if all technical people took on such a balanced view. ... Read more

Product Description
Our society has become increasingly reliant on software in the past decade; businesses have learned that measuring the effectiveness of software projects can impact the bottom line; and quality is no longer an advantage in the software marketplace (it is a necessity). For these reasons, the demand for quality in software engineering has taken center stage in the twenty-first century. In this new edition, Stephen Kan presents a thoroughly updated overview and implementation guide for software engineers faced with the challenge of ensuring quality. The book balances theory, techniques, and real-life examples to provide practical guidelines in the practice of quality. Although there are equations and formulas presented, the book's focus remains on helping the reader understand and apply the metrics and models. With this book as a map, readers can navigate through the complex field of quality, and benefit their organization by improving their processes and products. ... Read more

Customer Reviews (12)

Good about metrics, though not about their effects
Metrics and Models gives a brief summary on some major software development methodologies, as well as process standards. The bulk of the book is textbook material on how to design, execute, and interpret the results of measuring software quality. If you're asked to design a measurement or process assessment program, this text could help. But if you're more interested in how to manage teams for improvement aided by carefully-chosen metrics, instead read Measuring and Managing Performance in Organizations by Robert D. Austin.

--
Full disclosure: I only read the first two chapters and glanced through the rest.

Managing Software Development as a Science
Managing the Black Hole: The Executive's Guide to Software Project Risk

Stephen Kan's extensive experience applying "scientific methods" and measurement to the management of software development gives this book a real world practicality not found in many similar books. Anyone interested in becoming software management professional should certainly read this book and take its lessons to heart. His treatment of software defect containment practices and metrics is especially valuable.

Good overall review of metrics and methods.
A very thorough treatment of Software Engineering metrics.Good graphics.Good explanations.Much better than other books in this area.

Great book!
This book is a must have for all the managers and profesionals that need a complete and detailed reference for software metrics.It provides clear explanations and examples.It is very easy to read and very practical.

Real World Proven
As the System Test Team Leader for the Quality Technology area, I had to certify many of the tools and procedures used by Stephen Kan.Prior to that, as a System Administrator, I had to run software metrics on those tools, like those shown in table 6.3.As a design review moderator, I was charged with leading a number of IR, IE and I0 reviews.

THIS STUFF WORKS!

I can attest personally to the great effort and many find minds that worked together to develop and implement fine tools such as DCR, PTR, PTF and APAR, as well as the brilliantly simple, effective ways of implementing Continuous Quality Improvement techniques such as DPP.What Kan has written is real-world honest and true, not some academic exercise.

Kan is dead-right on the money.If you want to track, predict and manage things in the real world, this is how you do it.At PSQT '97, Tom Gilb told me that SEI should create a new CMM "Level Six" designation for the way Kan and the others at IBM Rochester have dealt with software quality.That's how good the stuff in this book is.

I am particularly impressed by how Kan has woven in not only his work and IBM Rochester as a whole, but also the work of others throughout the industry in such a simple, clear, easy to understand manner.

Yet, given that the book is an easy read, that many of the techniques are easy to do, and that I see this book on the shelves of many IT managers, it baffles me why so few people and so few companies actually implement this stuff.I suspect that politics and corporate culture is what's holding back so many companies from enjoying the success, efficiency, and frankly the FUN of working in a continually measuring, continually refining work environment such as Kan describes.

For example, Defect Removal Effectiveness is a very simple metric to gather.In a typical medium sized software company, or in the I.T. department of a large company, the head of testing and the head of phone support could easily enough get together and compare the number of bugs found in testing the last release with the number of bugs found in the field after that release was deployed.Both areas already have their problem logs, and if they can't directly pull counts and totals, it's typically only a few minutes work for the right programmer.So what's the hold up?It's not that the metric is hard to understand, or an academic exercise, or that the numbers are hard to get.It's that people have a hard time admitting that "their baby is ugly".The good of the company, stopping bugs from getting to the field, conflicts with the good of the testing manager, who doesn't want to risk admitting that problems got past them.

Therefore, I think it would be a fine addition to this book if Kan could write another chapter which deals with the human side of the equation.The book thus far presumes an interest in software metrics and appropriate management support from the top levels down.What would move this book from worker's bookshelves to their desks, and keep this book open and used on a daily basis, would be some ideas on how to garner and build support for implementing software metrics and TQM practices across an organization.People want to do this; that's why this book gets sold.Unfortunately, people aren't empowered to do so, which is why many times this excellent book sits on a shelf.

Paul Walchak
... Read more

Product Description
The author, drawing on years of experience at IBM and the SEI, provides here practical guidance for improving the software development and maintenance process. He focuses on understanding and managing the software process because this is where he feels organizations now encounter the most serious problems, and where he feels there is the best opportunity for significant improvement. Both program managers and practicing programmers, whether working on small programs or large-scale projects, will learn how good their own software process is, how they can make their process better, and where they need to begin."This book will help you move beyond the turning point, or crisis, of feeling over-whelmed by the task of managing the software process to understanding what is essential in software management and what you can do about it." Peter Freeman, from the Foreword 0201180952B04062001 ... Read more

Customer Reviews (12)

Dated, but still useful
This book is the basis for the SEI's Capability Maturity Model (CMM, not CMMI).Although the CMM is now retired, and the information in this book may be a little "tired," it is still the best overview of how to manage a "real" software development shop.

First, I think there are a lot of Agilests out there that may dismiss this book outright; they shouldn't.Obviously many of the thoughts and ideas described in this book come from the defense industry.They write software for a different purpose than say, Basecamp does.However, if you want your organization to produce high-quality, useful software (don't we all?), this book will provide you with a number of ideas to do just that.

I highly recommend managers, developers, engineers, process people, etc., this book. Even if it is dated, or if you don't agree with every point, you will probably walk away with some new appreciation for certain practices, and particularly the importance of focusing on the /right/ processes.

I'm giving it 4/5 instead of 5/5 because it could easily be more readable.

Good, but not the best of the best
Read books by McConnell, Gilb and Brooks first.
This is a classic Humphrey book, valuable information that is hard to follow. The book scores high in terms of IT advice but low in terms of understandable explanations. If you have the persistence to read through the book then you will find valuable ideas. The book would make my top 10 of IT books that I have read but would not make my top 5.

A Sw Eng Process Improvement Classic
This book should be read by any serious software manager, practitioner or anyone interested in advancing the state of practice in software engineering. Even if you don't agree with many of the ideas of the books, it's worth reading to understand many of the issues tha plagues software development.

For anyone working with SEI's CMMI is a must.

true meat and bones
This book is all meat and bones for anybody wanting an indepth study of the software development process.If you've graduated passed Steve McConnell's Microsoft press series, then it is time for you to move on to Watts Humphrey. I am tasked to design all the software development processes in my company and Rapid Development (and other McConnell) books only helped me in the initially phases of designing the process.When it comes to nitty gritty details, Humphrey nailed it.

The book is full of sample forms and checklists for the processes you need to put in place.Processes are broken down into generic but specific terms so that it is easily applied/tailored to your company.I was having problems with expressing the interleaving nature of the sets of processes in configuration management (version control, code review, QA, build management, ...).Humphrey's book somehow was able to express that (in other terminologies of course).

Definite must buy for anyone who is part of an SEPG or Project Manager for software development.

A crucial book in the field of software engineering
This book is crucial to a thorough understanding of software engineering principles.Watts Humphrey is one of the most important forces in the field, and this book is vital to anyone wishing to understand the intricacies of managing a large software development project.Be aware that this book is not easy reading.I would only recommend it for academics, or for the serious practitioner. ... Read more

Product Description

A complete configuration manual for MPLS, MPLS VPNs, MPLS TE, QoS, Any Transport over MPLS (AToM), and VPLS 

• Understand the crucial Cisco commands for various MPLS scenarios
• Understand fundamentals of MPLS operation and learn to configure basic MPLS in Frame Relay and ATM-based environments
• Master fundamentals of MPLS VPN operation including Multiprotocol BGP (MBGP) operation, VPNv4 route exchange, and basic MPLS VPN configuration in the provider network
• Understand and configure various PE-CE routing protocols in MPLS VPN networks
• Understand MPLS VPN provisioning in an Inter-provider VPN (Inter-AS) and Carrier Supporting Carrier (CSC) environment
• Learn MPLS TE and its advanced features
• Examine AToM with configuration examples for like-to-like and any-to-any L2 VPN implementations and VPLS components and operation, VPLS configuration and verification, and VPLS topologies
• Learn about MPLS QoS, including configuration and implementation of uniform and short pipe modes

MPLS Configuration on Cisco IOS Software is a complete and detailed resource to the configuration of Multiprotocol Label Switching (MPLS) networks and associated features. Through its practical, hands-on approach, you’ll become familiar with MPLS technologies and their configurations using Cisco IOS® Software.

MPLS Configuration on Cisco IOS Software covers basic-to-advanced MPLS concepts and configuration. Beyond its emphasis on MPLS, you’ll learn about applications and deployments associated with MPLS, such as traffic engineering (TE), Layer 2 virtual private networks (VPN), and Virtual Private LAN Service (VPLS). You’ll receive practical guidance and deployment scenarios that can be enhanced by re-creation of the setups and configurations demonstrated within this book.

You’ll move quickly from a brief overview of MPLS technology and basic MPLS configuration on Cisco® routers to more advanced topics. Several chapters provide instruction on VPN connectivity options, including implementing Border Gateway Protocol (BGP) in MPLS VPNs. You’ll receive configuration guidelines for advanced MPLS implementations such as MPLS TE, quality of service (QoS), and extranet VPNs. You’ll learn about implementation of Layer 2 VPNs versus Layer 3 VPNs with Cisco Any Transport over MPLS (AToM). And you’ll see demonstrations of implementing VPLS on Cisco routers complete with the configurations and platform support.

“I highly recommend MPLS Configuration on Cisco IOS Software as required reading for those in search of practical guidance of the technology and nuances of configuring MPLS for next-generation networks for voice, video, data, and application service offerings across a wide variety of deployment scenarios.”

—Carlos Dominguez, Senior Vice President, Worldwide Service Provider Operations, Cisco Systems®

This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Customer Reviews (6)

Excellent even with some of the mistakes
First off the publishing date for 1st edition June 2010 is confusing.
I purchased this book back in 06. I have been in IT a long time(26 years) and working with Cisco since IOS 9x.
I am a networking consultant with a successful practice of over 15 years and have implemented and troubleshot all kinds of network related issues.
I am a CCNP/DP recert 3 times over. I stepped away from Networking for a few years to pursue an energy related venture which was fun.

I am getting back into networking for I miss it and wanted to brush up. After my Doyle re-reads and all the others as well I decided to go through this book. I had it in 06 but never got to it.

Yes, there are mistakes in the book as other reviewers had mentioned and you have to be aware of them but this will keep you sharp in your reading and should prevent you to not let the book lead you into becoming a config. or text rehash drone.

I learned a tremendous amount and had to catch up on some other topics. Plus, you strengthen other areas as well, BGP, MBGP and nuances of IGPs.

The book is laid out to be used as either a reference book or a step by step chapter by chapter progression. I am only a quarter of the way through it and implementing many of the scenarios in my lab and sniffing them to observe and fully understand the mechanics of the various protocols involved operate.

The process and mechanics of the protocols and scenarios involved are laid out easily to grasp and practice. Aside from the mistakes the diagrams and illustrations are excellent to help reinforce the concepts. You may not need to go through every chapter but the first 6 or 7 are critical and the rest cover some areas that are relevant today L2TPv3 and VPLS in your environment.

The configuration examples are easy to follow but do presume you already have some R/S IGP/EGP experience.I do wish the book provide additional show and troubleshooting commands beyond the basic verification ones provided. That combination would make this book a one stop shop all time great. But there are other book just dedicated to troubleshooting MPLS and you always have CCO.

I find it an excellent learning resource and professional reference for the future. I will get the next edition (error free I hope) when it comes out. A definite plus for your engineering library.

P.S. I also highly recommend "Selecting MPLS VPN Services" also from 06 but it covers the varying options from an enterprise perspective easily and provides tidbits you never would consider. I just finished it while reading MPLS Configuration and they complement each other very well, so another great addition to your library.

I am considering CCIP but I am waiting for any updates since the recent NP/DP tracks had changed.

Good luck to all on your studying or projects.

Even has mistakes, but still the best MPLS book and excellent for CCIE SP preparation!
After reading many MPLS books, I found "MPLS Configuration on Cisco IOS Software" the best MPLS book in the market and even has mistakes wish hope will be corrected in the new release, it is an amazing book for studying to CCIE Service Provider.
The book explaining the MPLS applications on easy manner with scenarios accompaniment which let the reader understands the concepts so easy.
Hope to see soon the new release with all mistakes corrected and will sure every reader will rate it FIVE ***** without any hesitation.

Mistakes are overwhelming
The scenarios covered in this book are amazing. But it is really tedious to follow the book some time. There are lots and lots of mistakes. Mistake from the network AS numbers, Label numbers and it grows and grows. You should know the topic to understand the mistakes in first place.

I would suggest this book only if the mistakes are corrected.
I would give 4 stars if there are no mistakes.

If it wasn't for all the mistakes
The topics and detail in this book are wonderful.There is only one catch - the mistakes in this book are absolutely horrendous!When going through the details of the book, the reader must be cognizant of that which the author 'meant' to put there.I find it absolutely hard to believe that this book made it past any editors at all.

I am using this book to study for my CCIE Service Provider lab exam.I find it somewhat manageable to figure out what should be in the examples and diagrams only because of previous experience.But, if you are new to BGP and MPLS, do NOT use this book as it will probably create quite a bit of frustration and confusion.

Wait until all the mistakes have been corrected in a new volume.I really feel if the mistakes are corrected, this could be the best MPLS book for Cisco out there.

MPLS configuration on Cisco IOS
I am getting a little sick and tired of dealing with Cisco press. Every book I own is so filled with errors it makes understanding concepts difficult. How hard is it to make sure your diagram is correct.

I am reading about Inter-provider VPN, is it too much to ask that your explanation match the diagram you are referring to! I mean, AS numbers are inaccurate, the diagram is mislabeled all over the place and none of it makes sense.

Every time I submit an error Cisco never even bothers to acknowledge me much less actually make the correction. I have 3 MPLS books from Cisco that I have submitted errors for months ago and still no correction!


By the way Cisco your books aren't cheap! The least you could do is have the decency to provide correct error free information.
... Read more

Product Description
Shows how proven SCM practices can foster a healthy team-oriented culture that produces better software. The patterns are presented with an emphasis on practicality. Softcover. ... Read more

Customer Reviews (25)

Simplistic, states the obvious, highly redundant
Based on the reviews, I had high hopes for this book especially because I knew nothing of Software Communication Management.

The book is highly repetitive and very often state the obvious (test your code, do not wait until the last minute to check in your code, etc...). It is not completely devoid of content but the book in itself could be summarized in 2 pages. It would be fine if it was $10 but at $50 you simply expect a little bit more than text rephrased page after page, and as you read you really have the impression that they were under pressure from the editor to reach a minimum number of page (the book is still very short with about 200 pages, a large font and a lot of blanks). I was expecting detailed concrete examples of configurations at work and not simplistic stories such as "I was at this company, we froze the code before releasing it, everybody started blaming each other", end of story). There is virtually no in depth content in this book at all.

The book is from 2003 and provides a short outdated review of revision software tools in an annex (however it does not even review SVN!).

Excelent reference on Software Configuration Management
The book is structured in three parts. The introduction describes some of the basic concepts, notation, and terminology used in SCM. The second part is the most important and presents the catalogue of patterns. And the last part of the book contains a list of resources and an appendix with tool support for SCM patterns which is very helpful.
Some of the patterns presented in the book are:
-Mainline
-Active Developement Line
-Private Workspace
-Repository
-Private System Build
-Integration Build
-Third Party Codeline
-Smoke Test
-Unit Test
-Regression Test
-Release Line
-Task Branch
Each pattern is presented in the following way:
-A title that describes what the pattern builds.
-A picture that can serve as a metaphor for the pattern.
-A paragraph describing the context of the pattern.
-A concise statement of the problem that the pattern solves.
-A detailed problem description illustrating the trade-offs, some dead-end solutions, and the issues that need to be resolved.
-A short summary of the solution.
-A description of the solution in detail.
-A discussion of unresolved issues and how to address them
Although I have been working for a long time with several of these patterns, I usually named them with different names which sometimes didn't helped meto communicate with other developers.
I think one of the most important aspects of patterns is that they help to build a common vocabulary which improves the comunication and help teams to be more productive. Thats why I like this book very much, it helps to build a common vocabulary by identifying and catalogue these SCM patterns.
This book is usefull for any software developer (C#, JAVA, C++, VB).

Excellent Book
When I first started reading this book, I was like, "This is common sense," but that's only because our lab already does many of the things outlined in this book.

If the project your currently working on is in disarray because of process problems, frequent build breakages, and branching strategies, this book will do wonders for you.

I think the real magic here is when you step back and realize that this book outlines a complete software delivery system in easy to follow patterns (building blocks). You could literally take this book and design a solid development environment from scratch. If you're struggling with an area in your current environment, you can cherry-pick some of the patterns you need.

This book is great because you don't have to re-invent the wheel. These are proven patterns, all you need to do is apply them.

I highly recommend "Ship It! A Practical Guide to Successful Software Projects" along with this book.

Print quality lacking
The book content itself looks great - I've only just received it and started reading. However the print quality looks like it came out of a photo-copier. I have viewed the book online in O'Reilly's safari website and you can clearly see the difference between photo's/diagrams viewed there compared to how they look in the hardcopy. Ie washed out and too dark.
Disappointed - previous Addison Wesley titles haven't suffered some this. Are they or Amazon now using some dodgy POD process these days ?

Real-world SCM for real-world developers
This is an outstanding book for software development teams that see software configuration management as a means to an end, not the end itself. The author immediately establishes credibility with me when he says in the preface "Software configuration management is not what I do. I am not a software configuration management person...I build software systems" Exactly! It's obvious throughout the book that the authors develop software systems and use SCM to effectively support their development effort, not the other way around.

The format of the book is very consistent and thus very easy to read. Each pattern has its own chapter and clearly identifies the problem and the solution in a particular context. It doesn't waste any paper and is a quick read and has been a reference I continue to use on a regular basis. The authors have taken something that can quickly become complex and make it easy to understand.

The authors have a very natural writing style and effectively use sidebars to bring their real-world experiences to the pattern. This book is a must read for software developers. I wish I could give it six stars.

Given my background in CI, I was most drawn to the Mainline, Private Workspace, Repository, Private System Build, Integration Build, Regression Test, and Third Party Codeline patterns. But, there is something for all developers and teams here. ... Read more

Product Description

“Companies have been implementing large agile projects fora number of years, but the ‘stigma’ of ‘agile only works for smallprojects’ continues to be a frequent barrier for newcomers and arallying cry for agile critics. What has been missing from the agileliterature is a solid, practical book on the specifics of developinglarge projects in an agile way. Dean Leffingwell’s book Scaling Software Agilityfills this gap admirably. It offers a practical guide to large projectissues such as architecture, requirements development, multi-levelrelease planning, and team organization. Leffingwell’s book is anecessary guide for large projects and large organizations making thetransition to agile development.”
–Jim Highsmith, director, Agile Practice, Cutter Consortium, author of Agile Project Management

“There’stension between building software fast and delivering software thatlasts, between being ultra-responsive to changes in the market andmaintaining a degree of stability. In his latest work, Scaling Software Agility,Dean Leffingwell shows how to achieve a pragmatic balance among theseforces. Leffingwell’s observations of the problem, his advice on thesolution, and his description of the resulting best practices come fromexperience: he’s been there, done that, and has seen what’s worked.”
–Grady Booch, IBM Fellow

Agiledevelopment practices, while still controversial in some circles, offerundeniable benefits: faster time to market, better responsiveness tochanging customer requirements, and higher quality. However, agilepractices have been defined and recommended primarily to small teams.In Scaling Software Agility, Dean Leffingwell describes how agile methods can be applied to enterprise-class development.

• Part I provides an overview of the most common and effective agile methods.
• Part II describes seven best practices of agility that natively scale to the enterprise level.
• PartIII describes an additional set of seven organizational capabilitiesthat companies can master to achieve the full benefits of softwareagility on an enterprise scale.

Thisbook is invaluable to software developers, testers and QA personnel,managers and team leads, as well as to executives of softwareorganizations whose objective is to increase the quality andproductivity of the software development process but who are faced withall the challenges of developing software on an enterprise scale.

Customer Reviews (24)

The "next" Agile book to read (but not the first)
4-/5

I bought the book because I heard Dean Leffingwell speak about "A Lean and Scalable Requirements Information Model for the Agile Enterprise" (although I think the talk was more in line with his new book Agile Software Requirements: Lean Requirements Practices for Teams, Programs, and the Enterprise).

Anyway I think this a good title to read when you've come some way down the Agile road and are wondering how all this is supposed to fit into a larger product development organization. The book won't give all the answers for those actually struggling to scale Agile development in their work but is still a valuable tool and a good "the next book" after titles like Agile and Iterative Development: A Manager's Guide and Agile Estimating and Planning. It should not be your first Agile book though!

Mr. Leffingwell is a good writer and his style makes you feel like you are really making progress with the book. Even his previous book about software requirements felt like a quick read while being quite lengthy with 544 pages. I consider this quite an accomplishment for a writer (in this industry) and it is something other authors in the field should try to reach for.

Good solid description of Agile in large enterpries
Dean have made a fantastic book, it gives a very good description of topics in scaling Agile in large enterprises. I would highly recommend it to others, not as the first book you read on Agile and Scrum, but certainly a fantastic follow-up when you understand the basic.

Valuable Addition to your SW Development Library
Dean Leffingwell adds important ideas to the application of Agile on multi-team distributed projects.Successful large SW Project Management is difficult enough and doing so with varied teams using a variety of processes can lead to solutions where the pieces and parts work but the whole doesn't work together.This book has useful techniques for addressing that and should be read by anyone leading a large SW project or an Agile team contributing to a large project.One minor criticism is the book does spend a fair amount of time on a survey of existing team level practices, which are readily available online, when the space might have been better used to address more large multi-team project examples.

The best book on agility... period.
Considering going agile... not sure? get this book. It is packed with practical advice that comes with years of experience and wisdom!

Excellent survey of Agile processes with practical enterprise applicability
It is an excellent book that gives a very good depth/breadth introduction to the leading Agile methodologies (Scrum, XP, Lean, etc.) - with the unique perspective over other similar books in that it addresses the issues/challenges/approaches of adopting Agile processes across an enterprise scale.

Just an incredibly refreshing book - with succinct bite-size paragraphs of practical things that you can adopt/try to increase the agility of a software organization.
... Read more

Product Description

Product verifiable, defensible, and achievable software estimates

Based on data collected by the International Software Benchmarking Standards Group (ISBSG), Practical Software Project Estimation explains how to accurately forecast the size, cost, and schedule of software projects. Get expert advice on generating accurate estimates, minimizing risks, and planning and managing projects. Valuable appendixes provide estimation equations, delivery rate tables, and the ISBSG Repository demographics.

• Verify project objectives and requirements
• Determine, validate, and refine software functional size
• Produce indicative estimates using regression equations
• Predict effect and duration through comparison and analogy
• Build estimation frameworks
• Perform benchmarks using the ISBSG Repository
• Compare IFPUG, COSMIC, and FiSMA sizing methods

Peter Hill is the chief executive officer and a director of the ISBSG. He has been in the information services industry for more than 40 years and has compiled and edited five books for the ISBSG. ... Read more

Customer Reviews (1)

A must-have for all project managers and software estimation professionals - Great value for money
I just finished reading the book and I was really impressed with the practical value that is given. Of course I know that the main reason that software projects fail is because of the fact that they are estimated in an optimistic way, usually relying on nothing more than an 'experts' opinion. This book will help any project manager or other project stakeholder to estimate a project in a realistic way, therefore reducing the risk of failure enormously.

The book explains the art of macro software estimation, based on sound theoretical models combined with the incredible power of the repositories of real data submitted by best-in-class companies from all over the globe. The book explains how to use these models and how to use the data. A large number of software estimation equations are given, just like that. Usually cost engineers and parametric analysts would have to study the data for a long time before deriving the equations. The appendices give some great insight into the cost drivers of software projects, listing for instance productivity figures (and distribution!!) per programming language, development platform, industry type, application type, team size, architecture, etc.

Therefore I consider this book to be a great value-for-money. In my opinion anyone who is involved in the estimation of projects should have a copy of this book.

Some of the topics addressed:
- The main factors that influence productivity
- Accuracy of Software estimation methods
- Identifying the completeness of the requirements
- Estimating using equations
- Estimating using comparison
- Estimating using analogy
- Estimating agile projects
- How to use the ISBSG repository data
- Benchmarking the projects
- The impact of team size on productivity
- The impact of duration on productivity
- etc !! ... Read more

Product Description
Your One-Stop Guide To Passing The ISTQB Foundation Level Exam Foundations of Software Testing: Updated edition for ISTQB Certification is your essential guide to software testing and the ISTQB Foundation qualification. Whether you are a students or tester of ISTQB, this book is an essential purchase if you want to benefit from the knowledge and experience of those involved in the writing of the ISTQB Syllabus. This book adopts a practical and hands-on approach, covering the fundamental principles that every system and software tester should know. Each of the six sections of the syllabus is covered by backgroound tests, revision help and sample exam questions. The also contains a glossary, sample full-length examination and information on test certification. The authors are seasoned test-professionals and developers of the ISTQB syllabus itself, so syllabus coverage is thorough and in-depth. This book is designed to help you pass the ISTQB exam and qualify at Foundation Level, and is enhanced with many useful learning aids. ABOUT ISTQB ISTQB is a multi-national body overseeing the development of international qualifications in software testing.In a world of employment mobility and multi-national organizations, having an internationally recognized qualification ensures that there is a common understanding, internationally, of software testing issues. ... Read more

Customer Reviews (7)

Best book ever for ISTQB foundation
I purchased this book by reading the review from others. I have to agree this is the best book ever to pass ISTQB foundation certification. I never went to for any profession training (cost $10,000 for a week) but decided to sit for this exam. I totally memorized this and another Sample question book. :) and here I am a certified ISTQB tester and I am a Test Analyst by profession.
If you want to do self study and sit for ISTQB, just memorized this book. You cant go wrong.
Enjoy....

Yes, you can pass the exam with this book
Like some other reviewers, I used this book to prepare the exam (I did not attend to a course or whatever) and I succeeded. The book focuses on the content of the exam and provides samples questions, which is exactly what you are looking for since your are here looking for ISTQB books.

I add that I am French and I passed the CFTL/ISTQB French exam. Even if the exam uses French terms ("unit tests" becomes "tests unitaires" and so on), the book works just fine as translations are straightforward.

Highly recommanded!

A good book for clearing ISTQB Foundation Level and also for learning basic concepts in testing
I purchased this book with a sole intention of clearing ISTQB - Foundation level Exam.Meanwhile i realized that my foundation in testing had really gotbetter once I started reading up this book.It helps learn the basic concepts in testing,terms,techniques,methodologies,process etc.

And of course the best book to clear ISTQB Foundation level exam.

Don't take the test without it!
This book is critical for the ISTQB or ASTQB foundation test.It has all the terms and definitions and sample questions at the end of each section, chapter and a sample test at the end of the book.It is critical study material for the exam.Some of the authors are also key players in the actual exam creation as well, so you can't go wrong!This is a must have if you want to get a foundation certification!

It's Great Best Choice.
They made me have useful experience. You will become the aid if you prepare ISTQB.
And we are the thing to offer good various information.
... Read more

Product Description
This guide identifies many of the key problems hampering success in this field. Covers management, all stages of the software lifecycle, quality, research, and more. Author presents ten common fallacies that help support the fifty-five facts. Softcover. ... Read more

Customer Reviews (28)

Must-read, but take it with a grain of salf
Author does a very good job at debunking common myths of software development, especially those most popular with people not involved in development process directly. However, his attitude towards opponents and lack of objectivity in the fact base render his account somewhat less persuasive than it, in my opinion, could be. I would still recommend this book to any project manager of customer willing to improve their understanding of software development. There are not too many books that do a decent job at it and are short enough.

A Great Bathroom Reader
I read this book with breakfast and supper, literally. The two to three page facts are conveniently bite-sized; this is a rare "bathroom reader" of a technical book.

I'm not trying to make light of the content: most of it is both interesting and insightful. Like his opinions or not, Glass backs up his ideas with hard data, which, as he comments himself, is sorely lacking in the field.

This book was published in 2002, but anyone caught thinking the facts are outdated is fooling themselves. Consumer-grade processors may be running three times faster (plus additional cores) than they were in 2002, but software development is far from being three times as refined.

Reading this book will make you feel more "in the know" regarding the realities of software development.

Useful summary book to core software engineering methodology
With more than 45 years experience in the software field, Robert Glass
attempts to sum up the most integral facts and dispel common misunderstandings with software engineering.

Definitely look at the table of contents for this book to determine whether you should add this book to your shelf. All of the facts and fallacies are listed in a one statement summarized format which means just looking up the relevant page information to find a more detailed statement with support or controversy.

Mr. Glass separated his book into facts and fallacies with each section
helpfully indexed within a broad category (such as Management), and then into a smaller category (such as People, or Tools). For each fact and fallacy he discussed support and controversy (if any), sources of information, and references.

In the conclusion, Mr. Glass covers 4 themes (complexity, estimation, disconnect, and hype) that are repeatedly pointed out by the 55 facts/fallacies. I found these conclusions to be the most interesting aspect of the book although they cover only half a page.

The repetition of fully covering each category before moving on to the next, limits the enjoyableness of reading the book from cover to cover, but this emphasizes that it is really a reference book for endorsing good software engineering practices. Writing that is clear and easily understood underlines Mr. Glass's great experience with this subject.

Although he repeats references within the book several times as they apply to multiple statements, this is helpful for the reader to immediately reference rather than flipping to the back of the book or chapter looking up specific numbered references. It would have been nice to include a list of all references just to know how many references there truly are, but the book in its current incarnation is a nice size to be easily thumbed over.

The intended audience is those researching and developing software, but many of the statements can be equally applied to other fields, for example system administration. Besides possibly wearing a software engineer hat, the system administrator must plan system architecture and service management with the same sort of context that the software engineer does.

For example, fact 7 is :

"Software developers talk a lot about tools. They evaluate quite a few, buy a fair number, and use practically none." (pg 25)

The gist of this fact is that as new tools for software engineering emerge, engineers rally to them, possibly purchase them, and then fall back to the well known tools they are comfortable with. The learning curve is too steep to make using the new tools productive in the short term. Similarly system administrators may find themselves talking about new tools available to better administer or monitor systems, but the learning curve to implementing these new tools is greater than writing in house solutions that are comfortable and well known. For example,a bunch of shell scripts that email information for flagged occurrences is much easier and quicker to write than understanding, instituting, and managing a more comprehensive monitoring solution with Nagios and rrdtool.

Most of the 55 statements are common sense but information that is rarely remembered at times that it should be implemented in software project design. Overall, I initially found this book to be interesting as it states some well known methodologies in one book with a number of references for additional information. For software engineers, this book is an important resource either for providing references to management in order to validate or fund decisions made on choices in software design, or for instilling good software engineering practices in the less educated engineer.

Controversial but good
As stated at the beginning of this book there are some controversial facts in there. But If you manage to put your personal bias aside you will find that it is quite useful in understanding what is going on around you and why some developers are like they are.

In short this is a book which you can debate on your blog for ages or just enjoy reading.

Pearls of wisdom, business reader friendly
This list of Facts and Fallacies usefully presents some of the more important and insightful learnings from decades of experience in Software Engineering.
This book presents items in bite-size chunks of information that concisely detail the point being made in a non-technical manner that can be understood by upper management. Each Fact/Fallacy provides references to prior established works in anaylsing the effectiveness of Software Engineering.
This is a great read. ... Read more

Product Description
This is a practical guide for software developers, and different than other software architecture books. Here's why:

It teaches risk-driven architecting. There is no need for meticulous designs when risks are small, nor any excuse for sloppy designs when risks threaten your success. This book describes a way to do just enough architecture. It avoids the one-size-fits-all process tar pit with advice on how to tune your design effort based on the risks you face.

It democratizes architecture. This book seeks to make architecture relevant to all software developers. Developers need to understand how to use constraints as guiderails that ensure desired outcomes, and how seemingly small changes can affect a system's properties.

It cultivates declarative knowledge. There is a difference between being able to hit a ball and knowing why you are able to hit it, what psychologists refer to as procedural knowledge versus declarative knowledge. This book will make you more aware of what you have been doing and provide names for the concepts.

It emphasizes the engineering. This book focuses on the technical parts of software development and what developers do to ensure the system works not job titles or processes. It shows you how to build models and analyze architectures so that you can make principled design tradeoffs. It describes the techniques software designers use to reason about medium to large sized problems and points out where you can learn specialized techniques in more detail.

It provides practical advice. Software design decisions influence the architecture and vice versa. The approach in this book embraces drill-down/pop-up behavior by describing models that have various levels of abstraction, from architecture to data structure design. ... Read more

Customer Reviews (5)

Architecture as a risk reduction agent
George Fairbanks book on "Just Enough Software Architecture" signals a directional shift away from architecture as a separate entity and movement toward viewing software architecture as holistic component of normal software development.Dr. Fairbanks outlines this shift by developing a thesis that software architecture is primarily a risk reduction agent and he contends that stakeholders should look for architectural views that highlight the risky parts of a software intensive system and understand how the architectural design reduces that risk.

To develop that thesis "Just Enough Software Architecture" covers architectural modeling, classification, styles and uses.Most of the chapters reinforce the risk reduction thesis either through examples or models where these principles are clarified.Dr.Fairbanks also uses a slight variation of the standard UML 2.0 notation, simplifying that notation in an attempt to show how even straightforward models can highlight the mechanics of the architecture.

One concept that "Just Enough Software Architecture" introduces is the concept of "architecture focused design", which is a deliberately chosen architecture to achieve a collection of acknowledged goals.The author espouses the concept that these goals are driven by the constraints of the system.These constraints should act as "guide rails" and they ultimately can be used to influence and direct the system or systems being developed.Many systems have hidden constraints (for example performance or security) and this architectural approach can help influence system implementers in making architecturally aligned development decisions.

Overall, I enjoyed George Fairbank's book and believe it forms an interesting discussion starting point for any organization performing software architectural work.I would hope that a companion volume is added that does a set of more detailed case studies of how actual risk-based architecture fares in practice.

Highly recommended for novice and master
This a broad and deep book on all things software architecture except the architecting process (for process, one recommended read is "Process Software Architecting" by Eeles/Cripps). Several readerships will benefit from "Just Enough Software Architecture":
- As an experienced IT architect, I do not necessarily agree with everything in the book (this does not come as a surprise, as architects have opinions). That said, I certainly learned a lot that I can apply immediately on my projects and some of the more provocative statements challenge me to leave my comfort zone (or at least consider doing so).
- Junior architects can use the book both as a tutorial and as a reference when/while growing in their profession.
- Developers with a "who needs architects" mindset (hopefully) will understand architects and modelers much better after having read this book, and appreciate the value of archtecture.

Things I liked in particular:
- Overall vision and message of pragmatism sent
- The risk-driven approach increases chances to get accepted both in agile development and in more traditional architecture communities
- There is a lot of practical advice e.g. in Chapters 10, 11 and 15
- The author is in command of a large body of relevant related work (both industra and academia) and puts them in perspective adequately
- Editorial quality: structure, figures, command of the English language (some words and expressions a bit be hard to comprehend for non-native speaker)

Some room for improvements (2nd edition?):
- Not all metaphors and analogies work internationally, e.g. not all IT people are sports fans that follow baseball or know what a rookie is
- The connection between parts 1 and 2 could be a bit stronger, even if loose coupling generally is a good thing; e.g., some more backward references

In summary, I'd say Just Enough Software Architecture is a highly recommended read for every architect in touch with development reality and every developer with a desire to build complex systems that will stand the test of time.

Great overview of what Software Architecture is all about!!!!
I must admit that the title of this book made me hesitate to purchase it.I am not a big fan of placing the architecture process inside one of the concerns architecture addresses."Risk-Driven Approach" scared me off because of some of the other attempts to do something similar with security, performance, agility, and patterns.Although all these topics are part of the architecture process, they do not drive it on there own.

Having said all that, I was releaved to see my worries about what I would find in the book where not valid.To me this book is a good overview of what Software Architecture is, which of course incudes addressing risks.There is a chapter on the risk-driven model which does a good job of putting risks into the proper context.It does a good job of showing how risk concerns relate to the development process.The book does not obsess on risk.It just brings to light an important part of what architecture addresses.

The books starts with an overview of software architecture concepts and does a good job of explaining what software architecture is.It also includes a short case study.

The second part of the book covers the Domain Model, Design Model, Code Model, Encapsulation and Partitioning, Model Elements, Model Relationships, and Architectural Styles. Each topic is given its own chapter, and there are a lot of great diagrams throughout the book.I really like that the author covered code and bridging the gap between models and code.I also like how he explains the relationship between models.

The book referred to industry best practices and did not try to re-invent the wheel.The author has his PhD in software engineering from CMU, so there are a lot of references to SEI practices.The author also contributed to the new version of Documenting Software Architectures: Views and Beyond (2nd Edition).

I also like the glossary.It does a great job of summing up architectural topics.

All in all anyone interested in Software Architecture would benefit from reading this book.It contains a ton of great information from all the best resources on software architecture and does a great job of putting them into context.

A fantastic book
This is a very impressive book with very straight forward, simple facts stated as-is.
Author has chosen to present the material simply without any artificial coating or superficial language;

A very easy read both on eyes and on content - great work and good reference for any architect - a must read;

Fantastic book about software architectures
This is a fantastic book about software architectures. The concepts described in this book can be directly applied to software projects, enabling developers to access their designs in a principled way that can lead to the right architectural solutions. The concepts presented here are easy to be understood and applied in practice in our day to day projects. ... Read more

Product Description

“There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.”

—Halvar Flake, CEO and head of research, SABRE Security GmbH

The Definitive Insider’s Guide to Auditing Software Security

This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for “ripping apart” applications to reveal even the most subtle and well-hidden security flaws.

The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications.

Coverage includes

• Code auditing: theory, practice, proven methodologies, and secrets of the trade

• Bridging the gap between secure software design and post-implementation review

• Performing architectural assessment: design review, threat modeling, and operational review

• Identifying vulnerabilities related to memory management, data types, and malformed data

• UNIX/Linux assessment: privileges, files, and processes

• Windows-specific issues, including objects and the filesystem

• Auditing interprocess communication, synchronization, and state

• Evaluating network software: IP stacks, firewalls, and common application protocols

• Auditing Web applications and technologies

This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike.

Contents

ABOUT THE AUTHORS     xv

PREFACE     xvii

ACKNOWLEDGMENTS    xxi

I Introduction to Software Security Assessment

1 SOFTWARE VULNERABILITY FUNDAMENTALS    3

2 DESIGN REVIEW     25

3 OPERATIONAL REVIEW    67

4 APPLICATION REVIEW PROCESS    91

II Software Vulnerabilities

5 MEMORY CORRUPTION    167

6 C LANGUAGE ISSUES     203

7 PROGRAM BUILDING BLOCKS     297

8 STRINGS ANDMETACHARACTERS    387

9 UNIX I: PRIVILEGES AND FILES     459

10 UNIX II: PROCESSES     559

11 WINDOWS I: OBJECTS AND THE FILE SYSTEM     625

12 WINDOWS II: INTERPROCESS COMMUNICATION     685

13 SYNCHRONIZATION AND STATE    755

III Software Vulnerabilities in Practice

14 NETWORK PROTOCOLS    829

15 FIREWALLS    891

16 NETWORK APPLICATION PROTOCOLS    921

17 WEB APPLICATIONS    1007

18 WEB TECHNOLOGIES     1083

BIBLIOGRAPHY     1125

INDEX     1129

Customer Reviews (16)

Bible? Rather hell without redemption!
This book was like a blow to the head for me. I'm not a security person, I'm not coveting ever more arcane vulnerabilities. Rather, I'm the poor guy at the other end of things: I'm a programmer. It's my job to avoid all the known and imaginable vulnerabilities while at the same time providing some useful functionality to my customers.

You bet I wouldn't like some self-styled security "researcher" tear apart my poor little programs and expose all their failings. What's troubling me, after reading this book, is that it looks very much like I hardly stand a chance. Security would be hard with the best of tools, unfortunately, at least when it comes to systems programming, the tools -- C, low-level APIs -- are dubious at best and introduce lots and lots of problems of their own. These tools hail from a happier time long ago when we were still trusting trust. I was overcome by a mixture of horror and chagrin when I saw proof in this book that not even the people writing sensitive security software (such as OpenSSH) wield these tools artfully enough to avoid vulnerabilities.

And this is where I come to the only beef I have with an otherwise comprehensive book. It's like a field guide to dangerous beasts that teaches you to recognize sabre-toothed tigers, but doesn't tell you how to get rid of them. Contrary to what the subtitle promises about preventing software vulnerabilities, there is just too little about it. This is a considerable shortcoming, in my view, as a lot of the demonstrated vulnerabilities don't have trivial remedies even after they are exposed.

Wrapping up, I feel left alone in the twilight and I think I saw a tiger over there.

The Best Book on Software Security, Bar None
This book is absolutely amazing.The amount of detail they go into for so many subjects -- it's incredible.I particularly enjoyed the section on network protocols. I recommend this to any software engineer -- not just those in security specific positions.

Great job, and I hope to enjoy more material from these wonderful authors!

Great book
A must have. Being a security researcher for almost ten years now, and already a CISSP holder, there are times you believe you have seen most of the things, and you know the best of them. This book opens a new way of thinking, it's detailed and accurate and goes in depth on every subject.

A real must have.

Nicolas Krassas, CISSP

Good book
This is a very comprehensive, and well-organized security assessment book for Software engineers. Yes, it has everything - all done well. If you are into securityassessment and testing and live by it every day, you are still bound to learn a lot, to re-evaluate the things you know, and to genuinely improve your results. If you are a software engineer, it *will* help you build superior applications. If you are just an security enthusiast, you will genuinely enjoy the time spent with this book, and you will find this brick handy more often than previously imagined.

This is the bible
This book is The Bible for anyone in the security vulnerability research or security software engineering field. I haven't bought a book and studied it so much before ever. This is one book that will never be off my desk. ... Read more

Product Description
Practical, up-to-date tactics and techniques for successful, efficient testing:

• Basic testing principles and strategies
• Program inspections and walkthroughs
• Code inspections
• Error checklists
• Peer ratings
• Black- and white-box testing
• Error guessing
• Top-down vs. bottom-up testing
• Higher-order testing
• Function and system testing
• Acceptance testing
• Installation testing
• Module (unit) testing
• Test planning and control
• Independent testing agencies
• Debugging principles
• Error analysis
• Extreme Testing
• Testing Internet applications
• Higher-order testing of e-commerce architectures

Customer Reviews (14)

A basic reference
I've been using Myers' The Art of Software Testing for 40 years as my main reference for all things testing.The 2nd Ed. is updated for strategies and methodologies for the brave new world of OO, client-server, SOA, etc.If you're an IT project manager or IT BA and you don't have this book, your bookshelf is incomplete.

Here's where you get your foundations for software testing
From the pure software testing perspective I consider this to be the book to get your foundations. The first edition is a classic and this second edition brought the topics up to speed, at the time of publication. My point of view remains the same as with the first edition, though. What is of actual value is the foundations, and if you get a solid foundation then you can build up to become a great tester very quickly. For more you are better off reading other books.
The buy is way too pricey and that is the only complain I have about it.

The basic text for software testing
The Art of Software Testing provides the novice with the essentials for developing and implementing a comprehensive testing approach. It's also a valuable resource for those with experience. I dive into this book constantly.

The premise is simple enough: How can you write effective test cases that adequately exercise your system requirements? Myers suggests that good software testing depends on the answer. Testing what the program is supposed to do is only part of the battle. However, in my experience, this is usually where we plant our flag. This can be difficult enough, depending on the quality of the criteria. Bad or vague requirements necessarily lead to insufficient and flawed testing.

As a result negative testing, boundary testing, testing for unexpected conditions, and so forth will often go by the wayside.

In addition, testing is often presented as a gateway to production, and can be cursory as a result. The creativity and time that adequate test cases demand are simply not within project scope. This is often exacerbated by intent to pass systems without finding errors.

Myers addresses these issues as he explores test planning and creation. Hence this book really belongs on the shelves, not only of software testers, but project management as well. The methodology of requirements-based testing is not new. However the profession is growing and more sectors are discovering the need for testing their systems. Art of Software Testing is still relevant and should be promulgated.

I can imagine how difficult it is to write short and good...
I read about a dozen of books about testing, and I put this one into a reference for my workers. This is short and very robust. My highest rank.

Very good reference for Testing Software
This book is very interesting to learn or to progress (I have 10 years of experience in software developpement) in Art of Testing. The only tedious point is that the author are not really integrate the new principales of Test Driven Development in its book. So, I advise to read a book on this subject before or after.

Benoit, a French Programmer ;-) ... Read more

Product Description
Comprehensive, Rigorous Prep for the GRE.

Every year, students pay $900 and more to test prep companies to prepare for the GRE. Now you can get the same preparation in a book. GRE Prep Course provides the equivalent of a 2-month, 50-hour course.

Although the GRE is a difficult test, it is a very learnable test. GRE Prep Course presents a thorough analysis of the GRE and introduces numerous analytic techniques that will help you immensely, not only on the GRE but in graduate school as well.

Features:

Math: Twenty-two chapters provide comprehensive review of GRE math.

Verbal: Develop the ability to spot places from which questions are likely to be drawn as you read a passage (pivotal words, counter-premises, etc.). Also, learn the 4000 essential GRE words.

Writing: Comprehensive analysis of the writing task, including writing techniques, punctuation, grammar, rhetoric, and style.

Also includes a Comprehensive, Free Online Course!

Course Features:

Ask Questions! Our instructors login to StudyDesk to answer your questions. StudyDesk also records the step where you make a mistake or ask a question. This is just one of many powerful educational tools in StudyDesk.

Highly Interactive: You can search the course for any topic, take notes, view solutions, view reports, etc.

Versatile: You can access the course from any computer at any time.

Also includes GRE test prep software!

Software features:

Mentor Mode: In Mentor Mode, you are immediately told whether you answered a problem correctly, and you can immediately view a detailed solution of the problem.

Test Mode: In Test Mode, you can take a GRE test timed and scored by the program. ... Read more

Customer Reviews (19)

GRE prep
Very fast shipping. Item exactly as described. It has very good information for preparing for the GRE test.

Excellent GRE perp book!
This is an excellent prep book. First off the MATH section is first rate and has lots of problems that will help reinforce a number of frequently tested concepts on the GRE. The VERBAL section is not as good as the MATH but still has some very useful stuff. I found the RC's to be a bit vague and some of the explanations to the RC questions were a bit dicey and ambiguous but the technique that was suggested was sound and effective. The 4000 world list is also pretty exhaustive. I did not read the writing section at all - so no comments on the writing section. Overall I felt that this book helped provide some tougher material that helps one to feel like they are actually well prepared to tackle the GRE. This is also not a book with a lot of fluff (like Princeton Review books) - it is 600 pages of solid material. This book is geared towards students who are motivated - so it treats the reader as an intelligent college graduate. Some of the books like the Princeton Review are written for 5th graders - they lack the bite and the depth in the material and assume that their readers have a very short attention span and a very limited intelligence. Credit to the NOVA team for authoring a good text book geared towards college graduates. NOVA's online companion is definitely not as good as Kaplan's online content. Kaplan has the best online stuff. The ideal combination would be to own the NOVA text books and the Kaplan CD.

Great
Book was in a good condition, the price was excellent. Shipping took a lil' bit longer than I'd expected but not bad.

Great prep, especially math
This book is by far the best GRE prep book out there, and trust me, I've looked through Kaplan, McGraw-Hill (which is way too easy compared to the actual GRE), and the ETS prep book. This book has an incredibly strong quantitative review that is targeted for those who want to get the 800. It kind of skimps on the easy stuff (doesn't really explain easy arithmetic.. which most would know anyway). It includes word problems (such as a train leaves from A at 3 pm traveling 45 mph . . . ) and how to calculate standard deviations and probabilities, which are the more difficult questions on the GRE. All explanations are followed by ~20 practice problems complete with answers and explanations to those problems, which I found extremely helpful. The author also seems to genuinely want you to get your highest score, so he gives some very helpful tips on how to deduce when the GRE question is trying to trick you, and how to avoid obvious answers. This book definitely helped me.

I found the analytical writing section to also be helpful. The author shows how to identify what the prompt is asking you, and how to craft an essay around it. Basically, he gives you a cookie-cutter thesis filled with blanks that you fill in according to the prompt (example: I believe Item A, ______, is better than Item B, ______ because 1)______, 2)_______, 3)_______). Although this is helpful, I felt like this type of thesis would only lead to an essay that does not require as critical of thinking as a 6 essay would require. This would probably work for a 5, though.

The Verbal was also very helpful. The book lists the "Ubiquitous 400" GRE words (I liked how they used a GRE word in the title of this section), followed by the top 4000 GRE words. These are helpful, but about as helpful as any other prep book's verbal section.

Also, the CD and free online stuff is pretty much fake. They include the exact same questions that are in the book. These are useless. However, this does allow you to do the practice problems in a variety of fashions (CD with no internet connection, Internet so you don't have to check the anwers at the end of each section, etc.) so I guess I can see the advantages in including them with the book.

They say to spend 2 months on the book, but you can really spend a lot less. I did the quantative section (about 400 pages) in 3 days and felt very confident. The GRE words will, of course, take much longer, but you expect that when studying for the GRE at all. Overall, good book. Highly recommend.

GRE Prep Course with software and Online Course
This book is very good in Explaining of Math.
I recommende it for who need to remember the math problem solving.
It has many many trainning of math operations ... Read more

Product Description
Python for Software Design is a concise introduction to software design using the Python programming language. Intended for people with no programming experience, this book starts with the most basic concepts and gradually adds new material. Some of the ideas students find most challenging, like recursion and object-oriented programming, are divided into a sequence of smaller steps and introduced over the course of several chapters. The focus is on the programming process, with special emphasis on debugging. The book includes a wide range of exercises, from short examples to substantial projects, so that students have ample opportunity to practice each new concept.Exercise solutions and code examples are available from thinkpython.com, along with Swampy, a suite of Python programs that is used in some of the exercises. ... Read more

Customer Reviews (4)

A good introduction to programming using Python
Allen Downey's "Python for software design" is a major revision of the author's earlier work "How to think like a computer scientist", and is intended as an introduction to software design using the Python programming language.

The Good: this book is easy and fun, just like Python itself. The author uses clear language, defining each new term as soon as it appears, and then gathering all the definitions in a glossary at the end of every chapter. The book is approximately 250 pages long, consisting of 19 chapters. Each of these is about ten pages long. Most chapters focus on elements of the language (e.g. functions, strings, tuples, inheritance) while a few of them are "case studies" which use the material introduced up to that point. Chapters are subdivided into at least 10 sections each, the last of which is always the exercise section. The author has provided solutions to some of the exercises on his website, where the interested reader can also find the example code used in the book, swampy (a suite of Python modules the author has written), as well as the complete text of the book (available for free). Toward the end of each chapter and in an appendix, Downey has provided material on debugging. These sections often provide him with an excuse to offer advice on programming best practices.

The Bad: classes and objects are introduced in chapter 15 (of 19). There are those who might think that such a chapter structure leads the reader to undervalue object-oriented programming. However, given the book's intended readership, I don't think this is a particularly egregious error. The question of the readers's required background (or lack thereof) is also connected to the choice of topics covered in this volume: since this is an introduction, many things are obviously left out (e.g. there is nothing on generator functions, lambda expressions, binary data, destructors, metaclasses and so on). Once again, this is unavoidable in a short book intended for people with no programming experience. Finally, with the exception of a few footnotes, this book describes Python 2.x, not the (backward-incompatible) Python 3.x. However, this is also the case for the majority of the good Python books out there, and for third-party software, so Downey's decision seems reasonable.

Taking the book's earlier title (which is now its subtitle) to heart exposes it to comparison with heavyweights claiming to be filling a similar niche: a) "Introduction to programming in Java: an interdisciplinary approach" (Sedgewick & Wayne), b) "Python programming: an introduction to computer science" (Zelle), and c) "How to Design programs: an introduction to programming and computing" (Felleisen, Findler, Flatt, & Krishnamurthi). The latter uses Scheme, following the classic volume "Structure and interpretation of computer programs" (Abelson, Sussman, & Sussman). All of these books are arguably deeper than "Python for software design", but it is important to note that they are also longer and more difficult to read.

In a nutshell, this book is optimal for high-school or college students making their first foray into programming. Such readers would benefit most from buying the paper copy and trying to do most of the exercises. The book might also prove useful to experienced programmers who are interested in an easy, idiomatic, and concise introduction to many aspects of Python.

Alex Gezerlis

learn python
It's excellent for what it covers. I don't know if it's just me or not;but
I found that some of the exercises were too difficult too early.Otherwise,
the methods used to instruct were quite good.

Good for teaching
I'm using this book to teach my (homeschooled high school sophomore) son programming, and it is working very well.It teaches programming basics, some computer science and software design, and debugging using Python.Unlike some others I glanced at, it is mercifully brief.It has solid exercises with online code solutions as well as modules to get up and running fast (swampy is fun) -- they can be easily supplemented with exercises from my son's math and physics texts.The author gets into some substantial topics early (like recursion) that have kept us challenged even in early chapters.I was a bit apprehensive about launching in to Python since I have never studied an object oriented language (my programming experience is dated by about 25 years), but the text is clear and Python is fun and accessible.

While I appreciate the author's emphasis on debugging, I think he goes into more detail on debugging than is useful at this level.That is, the exercises are not difficult or involved enough to practice the debugging strategies that he teaches.He is an experienced teacher, however, so perhaps his ounce of prevention will save students trouble down the road.You might want to consider a supplemental text that is more reference-oriented.

Excellent Introduction to both Python and Computer Science
This book fills a niche that few other Python books can fill: an introduction to Python that also gives a strong introduction to computer science and software design.

I have read many Python books aimed at students in Computer Science that are little more than translations of a previous book into Python.Many of those books are full of "non-Pythonic", unintuitive, or erroneous code.This book makes none of those mistakes.In a relatively small package it still manages to give a firm foundation in writing concise and efficient Python programs.Chapters are written around Python's basic data types and quickly show the correct way to use these structures.

The case studies included are excellent and get students involved with graphics early in the book--with help from the Swampy module.Other case studies show how easy it is to use Python to parse text files and write functions for lexicographical analysis.After covering the basic types (including files and modules), Downey moves on to object-oriented programming and wraps up the book with a look at Graphical User Interface (GUI) programming in Python.

This book is well suited to individual study, but I use it in a high school Computer Science course.I find this book to be much better than most textbooks aimed at introductory computer science students.This book compares well with the classic Python Programming: An Introduction to Computer Science [With CD-ROM] [PYTHON PROGRAMMING]. ... Read more