SlideShare una empresa de Scribd logo

How to ensure your code is maintainable

P
Peter Rombouts

The document discusses ensuring code maintainability. It defines software quality according to ISO 25010 as having quality in use and product quality models. It presents 10 guidelines for writing maintainable code from SIG. It also discusses tools for static code analysis (e.g. SonarQube) and software composition analysis (e.g. WhiteSource Bolt) to help ensure code quality. The presentation aims to help developers choose the right tools to analyze their code and dependencies.

Ingeniería
1 de 20
Descargar para leer sin conexión
Sogeti Java Meetup Quality Engineering How to ensure your code is maintainable Peter Rombouts Senior Technology Consultant Sogeti
Security Classification © 2019 Sogeti. All rights reserved. 2 Presentation title | Date 2 Who am I https://peterrombouts.nl https://www.twitter.com/prombouts https://www.github.com/prombouts https://labs.sogeti.com Senior Technology Consultant Peter Rombouts Cloud Software Architect  Over 18 years of experience in IT  Passionate about Software Development, Architecture and Cloud SogetiLabs Fellow  Azure  Cloud  Cognitive Services  Software Development Multi Cloud QSD
Security Classification © 2019 Sogeti. All rights reserved. 3 Presentation title | Date Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models ISO 25010 for short What is Software Quality?
Security Classification © 2019 Sogeti. All rights reserved. 4 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 5 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 6 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 7 Presentation title | Date Guidelines (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
Security Classification © 2019 Sogeti. All rights reserved. 8 Presentation title | Date Guidelines (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
Security Classification © 2019 Sogeti. All rights reserved. 9 Presentation title | Date Tools How to choose? Static Code Analysis? Software Composition Analysis?
Security Classification © 2019 Sogeti. All rights reserved. 10 Presentation title | Date What tooling is available? Analyses the(lines of) code. Normally used in automated pipelines. Examples: • SonarQube • PMD • NDepend • BinSkim Analyses the dependencies Mostly stand-alone products with notification capabilities. Also often used for checking licenses in open-source packages and if they comply with company policies.. Examples: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
Security Classification © 2019 Sogeti. All rights reserved. 11 Presentation title | Date What tooling is available? Analyses the(lines of) code. Normally used in automated pipelines. Examples: • SonarQube • PMD • NDepend • BinSkim Analyses the dependencies Mostly stand-alone products with notification capabilities. Also often used for checking licenses in open-source packages and if they comply with company policies.. Examples: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
Security Classification © 2019 Sogeti. All rights reserved. 12 Presentation title | Date Static Code Analysis: SonarQube
Security Classification © 2019 Sogeti. All rights reserved. 13 Presentation title | Date
Security Classification © 2019 Sogeti. All rights reserved. 14 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
Security Classification © 2019 Sogeti. All rights reserved. 15 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
Security Classification © 2019 Sogeti. All rights reserved. 16 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
17 Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Mind The (Tool) Gap!
Security Classification © 2019 Sogeti. All rights reserved. 18 Presentation title | Date How to proceed?
Security Classification © 2019 Sogeti. All rights reserved. 19 Presentation title | Date Hoe nu verder?
Sogeti Java Meetup Quality Engineering Questions? peter.rombouts@sogeti.com https://peterrombouts.nl https://labs.sogeti.com Twitter @prombouts GitHub @prombouts

Recomendados

Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowPeter Rombouts
 
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewWebinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewSynopsys Software Integrity Group
 
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingWebinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingSynopsys Software Integrity Group
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisCarlos Andrés García
 
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Synopsys Software Integrity Group
 
Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Synopsys Software Integrity Group
 
Open Source at Scania
Open Source at ScaniaOpen Source at Scania
Open Source at ScaniaShane Coughlan
 

Recomendados

Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowPeter Rombouts
 
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewWebinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewSynopsys Software Integrity Group
 
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingWebinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingSynopsys Software Integrity Group
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisCarlos Andrés García
 
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Synopsys Software Integrity Group
 
Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Synopsys Software Integrity Group
 
Open Source at Scania
Open Source at ScaniaOpen Source at Scania
Open Source at ScaniaShane Coughlan
 
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
 
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...Shane Coughlan
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This WorksSynopsys Software Integrity Group
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixShane Coughlan
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introShane Coughlan
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photoboothiText Group nv
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Cisco
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite ProjectsTiberius Forrester
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesJuan Pablo Sáenz
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsCisco Webex
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsProtecode
 
Spo2 r33
Spo2 r33Spo2 r33
Spo2 r33SelectedPresentations
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Black Duck by Synopsys
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Codemotion
 
vivek_resume1
vivek_resume1vivek_resume1
vivek_resume1Vivek kumar Pandit
 
Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Peter Rombouts
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealitySynopsys Software Integrity Group
 

Más contenido relacionado

La actualidad más candente

Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
 
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...Shane Coughlan
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixShane Coughlan
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introShane Coughlan
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photoboothiText Group nv
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Cisco
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite ProjectsTiberius Forrester
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesJuan Pablo Sáenz
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsCisco Webex
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsProtecode
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Black Duck by Synopsys
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Codemotion
 

La actualidad más candente (20)

Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
 
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - Lyon
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrix
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-intro
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photobooth
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite Projects
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code Recipes
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual Teams
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source Projects
 
Spo2 r33
Spo2 r33Spo2 r33
Spo2 r33
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
 
vivek_resume1
vivek_resume1vivek_resume1
vivek_resume1
 

Similar a How to ensure your code is maintainable

Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Peter Rombouts
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsSynopsys Software Integrity Group
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?Hank Preston
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
The Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumThe Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumOpen Interconnect Consortium
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Denim Group
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfICS
 
The Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumThe Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumSamsung Open Source Group
 
How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?SecPod
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel Bessie Wang
 
Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Rafael Maranon
 
Mid market collaboration architecture presentation
Mid market collaboration architecture presentationMid market collaboration architecture presentation
Mid market collaboration architecture presentationTrinny Chacko
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisVMware Tanzu
 
Cilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshChristian Posta
 
Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS ) Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS ) GICTTraining
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Canada
 

Similar a How to ensure your code is maintainable (20)

Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
The Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumThe Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect Consortium
 
Webinar–Reviewing Modern JavaScript Applications
Webinar–Reviewing Modern JavaScript ApplicationsWebinar–Reviewing Modern JavaScript Applications
Webinar–Reviewing Modern JavaScript Applications
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
 
The Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect ConsortiumThe Future of IoT: Why We Need the Open Interconnect Consortium
The Future of IoT: Why We Need the Open Interconnect Consortium
 
How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps
 
Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)Steps to Scale Internet of Things (IoT)
Steps to Scale Internet of Things (IoT)
 
Mid market collaboration architecture presentation
Mid market collaboration architecture presentationMid market collaboration architecture presentation
Mid market collaboration architecture presentation
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security Analysis
 
Cilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo Mesh
 
Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS ) Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS )
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 

Último

MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 

Último (20)

MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 

How to ensure your code is maintainable

  • 1. Sogeti Java Meetup Quality Engineering How to ensure your code is maintainable Peter Rombouts Senior Technology Consultant Sogeti
  • 2. Security Classification © 2019 Sogeti. All rights reserved. 2 Presentation title | Date 2 Who am I https://peterrombouts.nl https://www.twitter.com/prombouts https://www.github.com/prombouts https://labs.sogeti.com Senior Technology Consultant Peter Rombouts Cloud Software Architect  Over 18 years of experience in IT  Passionate about Software Development, Architecture and Cloud SogetiLabs Fellow  Azure  Cloud  Cognitive Services  Software Development Multi Cloud QSD
  • 3. Security Classification © 2019 Sogeti. All rights reserved. 3 Presentation title | Date Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models ISO 25010 for short What is Software Quality?
  • 4. Security Classification © 2019 Sogeti. All rights reserved. 4 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
  • 5. Security Classification © 2019 Sogeti. All rights reserved. 5 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
  • 6. Security Classification © 2019 Sogeti. All rights reserved. 6 Presentation title | Date The International Standard defines: Quality in Use Model Product Quality Model
  • 7. Security Classification © 2019 Sogeti. All rights reserved. 7 Presentation title | Date Guidelines (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
  • 8. Security Classification © 2019 Sogeti. All rights reserved. 8 Presentation title | Date Guidelines (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
  • 9. Security Classification © 2019 Sogeti. All rights reserved. 9 Presentation title | Date Tools How to choose? Static Code Analysis? Software Composition Analysis?
  • 10. Security Classification © 2019 Sogeti. All rights reserved. 10 Presentation title | Date What tooling is available? Analyses the(lines of) code. Normally used in automated pipelines. Examples: • SonarQube • PMD • NDepend • BinSkim Analyses the dependencies Mostly stand-alone products with notification capabilities. Also often used for checking licenses in open-source packages and if they comply with company policies.. Examples: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
  • 11. Security Classification © 2019 Sogeti. All rights reserved. 11 Presentation title | Date What tooling is available? Analyses the(lines of) code. Normally used in automated pipelines. Examples: • SonarQube • PMD • NDepend • BinSkim Analyses the dependencies Mostly stand-alone products with notification capabilities. Also often used for checking licenses in open-source packages and if they comply with company policies.. Examples: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
  • 12. Security Classification © 2019 Sogeti. All rights reserved. 12 Presentation title | Date Static Code Analysis: SonarQube
  • 13. Security Classification © 2019 Sogeti. All rights reserved. 13 Presentation title | Date
  • 14. Security Classification © 2019 Sogeti. All rights reserved. 14 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 15. Security Classification © 2019 Sogeti. All rights reserved. 15 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 16. Security Classification © 2019 Sogeti. All rights reserved. 16 Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 17. 17 Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Mind The (Tool) Gap!
  • 18. Security Classification © 2019 Sogeti. All rights reserved. 18 Presentation title | Date How to proceed?
  • 19. Security Classification © 2019 Sogeti. All rights reserved. 19 Presentation title | Date Hoe nu verder?
  • 20. Sogeti Java Meetup Quality Engineering Questions? peter.rombouts@sogeti.com https://peterrombouts.nl https://labs.sogeti.com Twitter @prombouts GitHub @prombouts

Notas del editor

  1. Quality in Use -> 5 characteristics related to outcomes of interaction with a system (including users) Product Quality Model -> Focuses on target computer system that includes the target software product.
  2. Quality in Use -> 5 characteristics related to outcomes of interaction with a system (including users) Product Quality Model -> Focuses on target computer system that includes the target software product.
  3. 1. Modularity 2. Reusability 3. Analyzability 4. Modifiability 5. Testability
  4. At the time of writing, in total SIG has analyzed 7.1 billion lines of code, and 72.7 million new lines of code are uploaded to SIG weekly. SIG is the only organization in the world certified by TÜViT for Trusted Product Maintainability. we have selected metrics that: • Are contained in a set as small as possible • Are technology-independent • Are easy to measure • Enable a meaningful comparison of real-world enterprise software systems
  5. At the time of writing, in total SIG has analyzed 7.1 billion lines of code, and 72.7 million new lines of code are uploaded to SIG weekly. SIG is the only organization in the world certified by TÜViT for Trusted Product Maintainability. we have selected metrics that: • Are contained in a set as small as possible • Are technology-independent • Are easy to measure • Enable a meaningful comparison of real-world enterprise software systems
  6. Many tools, what is the ‘golden record’ Another time, another session! C? XML? T-SQL, PL-SQL NIET gratis?
  7. RDP Session
  8. RDP Session
  9. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  10. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  11. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  12. Tool gap! Hard to interpret Will never replace pair programming. Peer review, Expert review.
  13. Turning the Guidelines into Practice Ensuring that your code is easy to maintain depends on two behaviors in your daily routine: discipline and setting priorities. Discipline Lower-Level (Unit) Guidelines Take Precedence Over Higher-Level (Component) Guidelines\ Remember That Every Commit Counts
  14. Turning the Guidelines into Practice Ensuring that your code is easy to maintain depends on two behaviors in your daily routine: discipline and setting priorities. Discipline Lower-Level (Unit) Guidelines Take Precedence Over Higher-Level (Component) Guidelines\ Remember That Every Commit Counts 15 -> SKIP INDIEN NO TIME