This is's Typepad Profile.
Join Typepad and start following's activity
Join Now!
Already a member? Sign In
Recent Activity is now following Michael Feathers
Apr 27, 2010
I accept the idea that changing the length of iterations, making them smaller, has some value. It’s an idea that Johanna Rothman explores in Manage It! The smaller the iteration, the easier to look at it from beginning-to-end and see where time is wasted, what works, what doesn’t, where time is being spent that isn’t expected. And the idea of moving to zero-length iterations by halves is an interesting thought experiment, in a Zeno’s Paradox kind of way I guess. But I have real concerns about shortening iterations towards zero. First there is the problem of sustaining this approach over time. I manage a group that has been following incremental, rapid development and delivery on the same product for a few years now. We deliver business-critical software for an online financial application to production every 2-3 weeks. I am concerned about the effects that rapid cycling and continuous focus on delivery have on an organization, the demands that it makes on people, over an extended period of time. You are always delivering, always “on” with little time to reset. Moving even faster, moving towards zero, I don’t think is sustainable over any reasonable period of time. My other concern is around reliability, and especially security. This idea of "zero-length iterations" has a lot of the flavor of “continuous deployment” and there are some serious weaknesses to continuous deployment, which I ranted about here. As a community, we as software developers are already being challenged by the poor job that we are doing in building secure software, or software in a secure way. In the latest releases of its SDL, Microsoft has shown how to strip a secure development lifecycle down to fit short iterations, down to a minimum set of practices. And at this level you are already taking on risk, you are making compromises for speed over safety, which might be acceptable if you have an experienced development and operations team, excellent engineering practices, a secure architecture and deployment infrastructure, and you’re not deploying a system which is exposed to the Internet. I have yet to see a successful secure SDLC for Kanban or whatever, a secure way of building and deploying software in a continuous way, some way to include all of the necessary reviews and checks in-line with the work as it is done. There are some serious, to me, unsolved problems and risks here, we need to think and learn a lot more before we’re ready to take this kind of idea on and be successful in any real way. Jim Bird
Toggle Commented Apr 28, 2010 on Zeno-Length Iterations at Michael Feathers is now following The Typepad Team
Apr 27, 2010