NDC Magazine- NDC Oslo 2015 edition

Page 1

NO 1/2015

www.ndcmagazine.com

MAGAZINE FOR SOFTWARE DEVELOPERS AND LEADERS

THE DEVELOPER CLUTTER-FREE PROGRAMMING

AZURE IS DEAD LONG LIVE AZURE Chris Klug and Robert Folkesson

John Azariah

INTRODUCING THE TESTING ICEBERG

THE ELASTIC FAMILY:

BIG DATA SEARCH, DISCOVERY AND ANALYTICS

Seb Rose

Christoffer Vig

NDC OSLO

BIG SCRUM: ARE YOU DOING MECHANICAL SCRUM?

Conference, 17.-19. June Pre-workshops, 15.-16. June

Martin Hinshelwood

© Geoffrey Stone

Attack Attribution and the Future of International Cyber Conflict BRUCE SCHNEIER

LO

ND

S CO

UE

ISS


NDC Magazine 1-2015

Time to step up and defend your data and applications by Niall Merrigan

2014 was the year of the security breach. Systems were found to be leaking more information than ever before coupled with some long standing bugs that were revealed in spectacular fashion. In addition, the leaks are only getting bigger as more and more systems become

interconnected and available on the internet especially with the explosion of IoT devices into the market. This year is the year of the fightback. This year we will arm our developers with the skills to defend their carefully crafted software from those who would like to exploit it. As part of NDC Oslo 2015, we have increased the emphasis on security with some of the biggest names in the industry coming to Oslo to share their wisdom and give you some insights into their techniques. 2015 has also seen the rise of newer JavaScript frameworks and the decline of others. Such is the flux of our fast changing industry. We are beginning to see the frameworks evolve more rapidly

driven partly by innovation and partly because of Open Source. Even the traditionalists are embracing Open Source for what it provides which is a truly collaborative coding and learning experience with the production of exceptional amounts of code by crowd sourcing of the problems. It was exceptionally challenging and fun to help build the agenda for NDC Oslo 2015. This year, we hope that you have as broad a learning experience as possible with the plethora of sessions that are available to you. Most importantly, we want you to go home armed to the teeth with new techniques and ideas that you will learn from your peers in this constantly changing industry!

RD

IC ECOLAB

EL

NO

Member of Den Norske Fagpresses Forening

67 2

24 1

Pr

Editor: Kjersti Sandberg

2

Marketing Manager: Charlotte Lyng

Design: Ole H. Størksen Uncredited images are from Shutterstock, except portraits.

int in

ny g compa

Print run: 11,000 Print: Artko


Contents by Niall Merrixxxx ARTICLES Attack Attribution and the Future of International Cyber Conflict ................................................. p. 4 From Developer to Devpreneur ........................................ p. 8 Introducing the Testing Iceberg

......................................

p. 10

Azure is dead. Long live Azure ........................................ p. 12 Thinking rationally about the database problem...p. 16 The Elastic family:Big data search, discovery and analytics

.......................................................

The omni-presence of Windows 10

...........................

p. 20 p. 24

Big Scrum: Are you doing mechanical Scrum?.... p. 28 Applications to Apps backed by the Cloud ............ p. 32 Objects as state machines ............................................... p. 34 Hybrid Mobile Development with the Ionic Framework

..................................................

p. 38

Resolving Conflicts in Occasionally Connected Mobile Apps

.....................................................

p. 44

Analyzing thousands of dump files from production systems

..................................................

p. 48

The emergent nature of software architecture .. p. 50 Static websites are good for your health Clutter-Free Programming

...............

p. 56

.................................................

p. 58

Courses from ProgramUtvikling

...................................

p. 64

NDC 2015 The NDC Oslo Team .............................................................. p. 70 Meet the user groups at NDC community ........... p. 74 Programming – the most important language of the information age .......................................................... p. 76 Oslo - The capital of Norway ............................................ p. 78

Š Nik Merkulov/Shutterstock

Program Wednesday - Friday ........................................... p. 80

3


Š Lolloj/Shutterstock

4


Attack Attribution and the Future of International Cyber Conflict by Bruce Schneier The vigorous debate after the Sony Pictures breach pitted the Obama administrationmagainst many of us in the cybersecurity community who didn’t buy Washington’s claim that North Korea was the culprit.

What’s both amazing – and perhaps a bit frightening – about that dispute over who hacked Sony is that it happened in the first place. But what it highlights is the fact that we’re living in a world where we can’t easily tell the difference between a couple of guys in a basement apartment and the North Korean government with an estimated $10 billion military budget. And that ambiguity has profound implications for how countries will conduct foreign policy in the Internet age. Clandestine military operations aren’t new. Terrorism can be hard to attribute, especially the murky edges of state-sponsored terrorism. What’s different in cyberspace is how easy it is for an attacker to mask his identity – and the wide variety of people and institutions that can attack anonymously.

In the real world, you can often identify the attacker by the weaponry. In 2006, Israel attacked a Syrian nuclear facility. It was a conventional attack – military airplanes flew over Syria and bombed the plant – and there was never any doubt who did it. That shorthand doesn’t work in cyberspace. When the US and Israel attacked an Iranian nuclear facility in 2010, they used a cyber weapon and their involvement was a secret for years. On the Internet, technology broadly disseminates capability. Everyone from lone hackers to criminals to hypothetical cyberterrorists to nations’ spies and soldiers are using the same tools and the same tactics. Internet traffic doesn’t come with a return address, and it’s easy for an attacker to obscure his tracks by routing his attacks through some innocent third party.

And while it now seems that North Korea did indeed attack Sony, the attack it most resembles was conducted by members of the hacker group Anonymous against a company called HBGary Federal in 2011. In the same year, other members of Anonymous threatened NATO, and in 2014, still others announced that they were going to attack ISIS. Regardless of what you think of the group’s capabilities, it’s a new world when a bunch of hackers can threaten an international military alliance. Even when a victim does manage to attribute a cyberattack, the process can take a long time. It took the US weeks to publicly blame North Korea for the Sony attacks. That was relatively fast; most of that time was probably spent trying to figure out how to respond. Attacks by China against US companies have taken much longer to attribute. 5


© Lolloj/Shutterstock

This delay makes defense policy difficult. Microsoft’s Scott Charney makes this point: When you’re being physically attacked, you can call on a variety of organizations to defend you – the police, the military, whoever does antiterrorism security in your country, your lawyers. The legal structure justifying that defense depends on knowing two things: who’s attacking you, and why. Unfortunately, when you’re being attacked in cyberspace, the two things you often don’t know are who’s attacking you, and why. Whose job was it to defend Sony? Was it the US military’s, because it believed the attack to have come from North Korea? Was it the FBI, because this wasn’t an act of war? Was it Sony’s own problem, because it’s a private company? What about during those first weeks, when no one knew who the attacker was? These are just a few of the policy questions that we don’t have good answers for. 6

Certainly Sony needs enough security to protect itself regardless of who the attacker was, as do all of us. For the victim of a cyberattack, who the attacker is can be academic. The damage is the same, whether it’s a couple of hackers or a nation-state. In the geopolitical realm, though, attribution is vital. And not only is attribution hard, providing evidence of any attribution is even harder. Because so much of the FBI’s evidence was classified – and probably provided by the National Security Agency – it was not able to explain why it was so sure North Korea did it. As I recently wrote: “The agency might have intelligence on the planning process for the hack. It might, say, have phone calls discussing the project, weekly PowerPoint status reports, or even Kim Jong-un’s sign-off on the plan.” Making any of this public would reveal the NSA’s “sources and methods,” something it regards as a very important secret.

Different types of attribution require different levels of evidence. In the Sony case, we saw the US government was able to generate enough evidence to convince itself. Perhaps it had the additional evidence required to convince North Korea it was sure, and provided that over diplomatic channels. But if the public is expected to support any government retaliatory action, they are going to need sufficient evidence made public to convince them. Today, trust in US intelligence agencies is low, especially after the 2003 Iraqi weapons-of-mass-destruction debacle. What all of this means is that we are in the middle of an arms race between attackers and those that want to identify them: deception and deception detection. It’s an arms race in which the US – and, by extension, its allies – has a singular advantage. We spend more money on electronic eavesdropping than the rest of the world combined, we have more tech-


nology companies than any other country, and the architecture of the Internet ensures that most of the world’s traffic passes through networks the NSA can eavesdrop on. In 2012, then US Secretar y of Defense Leon Panetta said publicly that the US -- presumably the NSA – has “made significant advances in ... identifying the origins” of cyberattacks. We don’t know if this means they have made some fundamental technological advance, or that their espionage is so good that they’re monitoring the planning processes. Other US government officials have privately said that they’ve solved the attribution problem. We don’t know how much of that is real and how much is bluster. It’s actually in America’s best interest to confidently accuse North Korea, even if it isn’t sure, because it sends a strong message to the rest of the world: “Don’t think you can hide in cyberspace. If you try anything, we’ll know it’s you.”

Strong attribution leads to deterrence. The detailed NSA capabilities leaked by Edward Snowden help with this, because they bolster an image of an almost-omniscient NSA. It’s not, though – which brings us back to the arms race. A world where hackers and governments have the same capabilities, where governments can masquerade as hackers or as other governments, and where much of the attribution evidence intelligence agencies collect remains secret, is a dangerous place. So is a world where countries have secret capabilities for deception and detection deception, and are constantly trying to get the best of each other. This is the world of today, though, and we need to be prepared for it.

Bruce Schneier, CTO of Resilient Systems Inc., is an internationally renowned security technologist, called a “security guru” by The Economist. He is the author of 13 books, as well as hundreds of articles, essays, and academic papers. His blog “Schneier on Security”, https://www.schneier.com/, is read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press.

7


From Developer to Devpreneur by Alan Mendelevich

Š Vikpit/Shutterstock

The advent of app stores empowered individual developers and small teams once again. We feel that we can make our own products again and don’t need huge budgets to do that. We know how to write good, manageable code. We may even know how to design a good product. And we believe that we will build it and users will come.

8


THE ROAD TO APP STORE SUCCESS Unfortunately, research shows that in most cases the quality of the product itself is just 20% of its success and the remaining 80% is marketing. Well…. I totally made these numbers up, but it doesn’t make the statement false. With literally millions of apps in the app stores, expecting users to stumble on your great app is naïve at best. So if you are embarking on the app entrepreneur journey you should definitely dedicate a sizeable chunk of your time to activities other than design and coding. While most developers understand this on a logical level, over the years I’ve seen a lot of frustration which I can attribute to the fact that most of the developers – even those working as contractors and freelancers – just aren’t wired this way. DEVELOPER’S WORK CYCLE At the high level the business process of every em­ploy­ed developer or those running their own consulting businesses looks something like this:

We get the task (either in a form of project or position in a company), we deliver what’s expected of us (completed project or a part of it) and we get paid. When we switch to the app entrepreneur world the overall process looks pretty much the same: our app idea is the task, completed app – a deliverable and the app store brings us money. But there’s one major difference, though.

cant chunk of your time (and money) into a task with a lot of uncertainty. This is just common sense and every developer understands this. Having said that, we are still internally wired to consider delivery of the completed product as our final destination. We pop the champagne the minute the app goes live in the store. And we get depressed when we don’t see the immediate monetary return as per the scheme above. The reality is that app’s publication is just the beginning of our sales activities and you have to work on your sales and marketing for the complete lifetime of your app.

The difference is subtle and huge at the same time. I see depressed developers-turned-app-entrepreneurs over and over again. And it’s not the quality of their app that’s at fault. Sometimes it’s the fact that they’ve decided to implement commercially unsound idea. But more often than not, even with great product-market fit, the cause of the disappointment is imagining a finish line in the middle of the marathon. “My app is done” doesn’t mean that you’ve finished coding it. Your app is only done when you stop supporting it and unpublish it from the store. Otherwise you are still working on it.

As employee or contract developers we are used to doing all of our sales activities before we even get started:

We go to job interviews or prospective client meetings and we try to sell our skills. At that stage we’ve only made a minor investment into the “project” ranging from a couple of hours to a couple of days of our time. Failed a job interview? Sad, but not a big deal. On to the next opportunity. Everything changes when you are an entrepreneur. You have to decide if your idea is commercially viable and most of the times there’s no sure way to determine this. So you have to decide to invest a signifi-

Alan Mendelevich has been developing software for a living for more than 15 years. In early 2011 Alan launched AdDuplex – a cross-promotion network for Windows apps. He is happy to share the insights back with the community on his blog at http:// blog.ailon.org, twitter @ailon and talks on the subjects of app development, marketing and monetization.

9


Introducing the Testing Iceberg

Š Luis Louro/Shutterstock

by Seb Rose


Mike Cohn popularised the Testing Pyramid in his book “Succeeding with agile.” [http://www.mountaingoatsoftware.com/books/succeeding-with-agile-software-development-using-scrum] The message it tries to convey is that the foundation of quality code is lots of small, fast, “unit” tests. As you begin to test larger components, you should be writing fewer tests. Then, finally, you should have even fewer end-to-end tests that exercise the whole application. There has been plenty of discussion about what exactly a “unit” is, but let’s sidestep that and simply say that “the more of the application a test exercises, the fewer tests there should be.”

behaviours that are of interest to business people will be expressed in terms of end-to-end interactions with the system, but not always. Actuaries in an insurance company, for example, may well expect to see examples of complex calculations expressed in the business domain language, without needing to consider the users interaction with the system. Conversely, the development team may want to run many end-to-end user journeys to investigate performance under load, but will be happier expressing this in the implementation language of their choice, and there is little benefit from making these investigations readable by the business. This seeming contradiction led Matt Wynne and I to draw the Testing Iceberg [http://claysnow.co.uk/ the-testing-iceberg/], which is just the Testing Pyramid skewed sideways. The Readability Waterline clearly communicates that the choice of how to express a behaviour should be governed by whether it is of interest to business people or not. This decision is orthogonal to the depth of the application stack that needs to be exercised to demonstrate the behaviour of the system.

Then, when teams discover Specification By Example (SBE) and Behaviour Driven Development (BDD), they have to decide which tests to express in the business domain language (using Cucumber, SpecFlow, FIT etc.), and which to leave in the implementation language (using Java/JUnit, C#/MsTest etc.) A simplistic approach that is often adopted is to draw a line across the Testing Pyramid and express end-to-end, system tests in business domain language, that can be read by non-technical team members, and all narrower tests in a form that can only be read by those with programming skills. This misses the fundamental reason for describing the behaviour of the system in business domain language in the first place - which is to facilitate collaboration between technical and non-technical people. By providing a place to express, in an accessible format, all system behaviours that are of interest to the customer or product owner, we close the feedback loop between the request for functionality (“this is what I want”) and the certainty that the request has been understood (“this is what we will deliver”). It’s at this point that the extra effort of automating the examples (that demonstrate the system behaves in the way expected) starts to deliver value. The question that arises in many teams while adopting this way of working is “when should we use a BDD tool and when a unit testing tool?” Often, the

Consultant, coach, designer, analyst and developer for over 30 years. Regular speaker at conferences and occasional contributor to software journals. Contributing author to “97 Things Every Programmer Should Know” (O’Reilly) and lead author of “The Cucumber for Java Book” (Pragmatic Programmers). He blogs at claysnow.co.uk and tweets as @sebrose. 11


12

Š Tshirt Designs/Shutterstock


Azure is dead Long live Azure by Chris Klug and Robert Folkesson

IN THE BEGINNING THERE WAS… PLATFORM AS A SERVICE When Microsoft legend Dave Cutler, maybe most famous for the development of the Windows NT operating system – the very origin of the modern Windows OS, began working on a new cloud operating system, few understood how forward thinking the result would be. In 2008 Microsoft announced something that was very different from what most Microsoft customers thought of as cloud services. Back then, cloud services, for traditional IT-shops, mostly meant either the hosting of virtual machines, ala Rackspace, or web based mail and CRM, ala Salesforce. The latter even having “No Software” as its slogan. The new Windows Azure cloud services on the other hand were very much about software. More specifically about your code being packaged and uploaded to the Microsoft cloud, handled by Cutlers “fabric controller”, and hosted in the Microsoft Datacenter. The new term for this - Platform as a Service, or PaaS, - was being trumpeted out of Redmond. The market however, was clearly not yet ready for it, and a lot of customers voiced the need to be able to host their own virtual machines in Azure.

THE NEW OLD SCHOOL Microsoft, arguably late to the game with Infrastructure as a Service (IaaS), waited until July 2012 to finally let its IaaS offering into General Availability, after a longer period of preview. With this move, Microsoft also took another very important step on its new road to openness. It was now possible to run Linux distributions in Azure. With the IaaS offering, Microsoft opened up some really important scenarios: the “lift and shift”; moving your old legacy system more or less “as is” into the cloud, and the realization of the “dynamic datacenter” vision; being able to move your virtual machines seamlessly between on premise and the cloud. It also made the very interesting Paas/ IaaS hybrid scenario possible, using PaaS as much as the platform would allow, and falling back to virtual machines when needed (for example running SQL Server Reporting Ser vices, a ser vice Microsoft to some grief removed as a PaaS service in 2014). PAAS DONE RIGHT? Having virtual infrastructure hosted by someone else may be useful in a lot of ways, but the real power

of the cloud lies in PaaS. Using PaaS, we leave even more of the day-to-day management to someone else, and focus more on the application development than the operations. Microsoft’s first PaaS offering was based around web- and worker roles; a fairly crude way of hosting applications in a semi platform agnostic way. It worked well, but required the developer to take into account that it was a PaaS hosted service. It wasn’t just “build-anddeploy”, like PaaS should be if done right. Fast for ward a couple of years, and Microsoft changes the game by introducing a new PaaS offering called Azure Website; a much simpler platform that pretty much offers “build-and-deploy”; letting developers more or less ignore the platform it would run on. It is “just an application” that is being hosted somewhere. Initially, most developers saw it as a perfect fit for simple websites that just needed a host somewhere. Just build your application, press deploy, and all of the sudden it was hosted in the cloud. And if you needed to scale out, just pull a lever and it is done.

13


However, it still felt like an offering for simpler websites. At least until Microsoft decided to add support for other platforms like Node. js, PHP, Java etc., and support for simple continuous integration and delivery through services like GitHub, Bitbucket and Visual Studio Online. And if you needed to execute code outside your web app, then the introduction of WebJobs solved that. All of the sudden, it didn’t look like the web roles’ little sister. Instead it started to look like the best way to host things in Azure. It started to look like PaaS done right. THE SERVICE EXPLOSION The last couple of years, the development of the Azure platform seems do have gone into crazy warp speed overdrive. It is no coincidence this happens after some of the more well-known Microsoft luminaries like Scott Guthrie and Mark Russinovich joins the Azure teams, and if anything it proves Microsoft commitment to the platform. Now, it’s all about new services being rolled out and old services being revised in a speed that makes it a tough job to keep up with. The launch of Mobile Services for the efficient development of backend API: s, the BizTalk services with its integration points, the API management platform, plus the existing Web Site goodness – all now rolled into one “super-PaaS” offering in the form of Azure App Service. 14

GOING FORWARD The future for the Azure platform will without a doubt continue to be a fast paced journey accompanied by some really strong industry trends. The Devops revolution will continue to gain traction, and we will see an even deeper integration with the Release Management tools. Micro services will become an increasingly popular architectural style for solutions built on Azure, backed by the App Service platform, or just using the various services that exists in the platform. The advent of Big Data, and Machine Learning for the masses, is just starting to become a reality, an area where we will probably see an explosion of applications in the near future. Last but not least – Microsoft is really delivering on its promise of making Azure an open platform – gone are the days when forcing us to use a single operating system, or a single developer environment, was on the top of priorities from Redmond. On the surface, only parts of the Azure that was announced in 2008 remain, and probably not much is the same beneath it. But looking back, that really isn’t a terrible thing. So there is just one thing left to do, buckle up and enjoy the ride.

Chris Klug is a senior developer and architect at Active Solution in Stockholm; an Azure loving web developer, and kiteboarder, who has been working on Azure based applications since the beginning of Azure, and with Microsoft technology for the last 15 years or so.

Robert Folkesson has been involved in various forms of Internet-related development and distributed systems design for over fifteen years. He currently holds a position as CTO at the Swedish developer consultant and Azure specialist company Active Solution. Robert is a frequent speaker at conferences, like TechDays, ScanDev and DevSum. He is also one of the editors and co-authors of the “The IT-architecture book”, a unique collaboration on modern methods in IT architecture.


atlassian.com


© Marcel Clemens - 3D/Shutterstock

Thinking rationally about the database problem by Alex Yates I get it – databases are hard.

All the books about soft ware development point in the same direction: Proper source code management, continuous integration, continuous delivery, frequent iterations and frequent releases are all good things. But doing that for databases is hard. “If it’s hard do it often!” But relational databases are really, really hard. So where does that leave us? Well, essentially there are two classes of solutions. At their core 16

they are quite simple actually, but neither are perfect – and people get really passionate about one or the other being the *only* way to do databases right. If anyone tells you there is only one way to do something they are probably mistaken or they are trying to sell you something. WHY ALL THE FUSS? WHY CAN’T WE CHOOSE RATIONALLY? Despite what we claim, humans are terrible at making decisions based on data. We are social/emotional beings and we form opinions and make decisions based on our own experience, and the amount of experiences most of us have

had do not equate to statistical significance. Also our emotions lead us to stronger and more irrational conclusions than the raw data would justify. So people think about what they tried before and decide that clearly that way did not work – so the other solution must be the better one. The grass is always greener right? “I tried doing it one way and it burned my face off so I’m never going to do that again.” Hence, strong and polarised opinions are born – often among the people we consider to be battle-worn and experienced.


THE FUNDAMENTAL REASON RELATIONAL DATABASES ARE HARD Frankly, people may struggle with either type of solution because databases are just hard. With most code you define how the code should look. When you deploy it you can simply replace the old code with the new code and you’re done. This means it is relatively easy to version control your code, to test the code and to deploy it consistently. With databases you need to worry about persistence. If you simply replace the old database schema with the new one you just lost all the data. So you need to worry not only about how the state should look, but also about what code you need to run to get from one state to the other. That’s twice as much work, so you are twice as exposed to errors – and failed deployments are a nasty business. Let’s look briefly at the two classes of solutions. MIGRATIONS BASED SOLUTIONS Save a base image of your database schema and then add sequential scripts to apply updates to it. It’s relatively straightforward to run the scripts in order to update the production database to the latest version. Some people also write downgrade scripts so that they can roll-back. With this approach you get complete control of how ever y update will be handled, which brings great power and great responsibility. However, with the power and apparent simplicity come problems: • You have to enforce a very strict process upon all of your developers. (And we all know developers love that!) • If you want to work out the difference between version X and version Y you may need to review every line of every script in between – finding a bug can be like looking for a needle in a haystack. And then working out how to apply the fix to your source code is non-trivial.

• An upgrade script is only reliable when you know the exact start and end point. When you merge branches or someone modifies the production environment outside your process, well, you have problems. Sometimes inconsistencies on the production environment go unnoticed for months, undermining testing efforts on different environments. • If your database is a dependency for more than one project or team, which one is responsible for the migration scripts? If more than one, how is the sequence controlled? STATE/DECLARATIVE BASED SOLUTIONS Keep track of how you want the database to look in source control, rather than the upgrade path. This way you are able to work on the actual database rather than scripts and tools can be used to automate the source control process and provide consistency. This can give you confidence that the code you work with in dev and test will be in sync with what you deploy to production, in keeping with CI and CD principles, and it’s far less complex and time-consuming than creating all migrations scripts manually. However, the benefits of this approach raise other questions: • Simply diffing vX and vY is relatively simple with a basic diff tool, but scripting out those changes will either be manual or you will need to purchase a tool to automate this for you… and then you need to test the upgrade script sufficiently that you trust it. • You may have less control of h ow yo u r d e p l oy m e n t s a r e scripted out so you may need to inter­vene with automated processes when refactoring tables etc. But, on the other hand, many tools now offer specific mechanisms to address this known complexity. • If someone makes an important fix directly on the production database the fix might accidentally get rolled back if it is not also made in source control.

SO WHICH APPROACH IS BETTER? Actually, I can’t say. If only things were that simple. Essentially, it depends on your project, the technologies you use and the people in your team/at your organisation. On balance, if you are a small team and you know the production database never changes and you want more control over exactly how the database will be updated you may prefer the migrations approach. If multiple teams, projects or applications are touching the same database and/or you want an easier, more scalable process and to ensure consistency and reduce the risk of human error you may want to use a state based approach. But this is a much bigger discussion than a short article can really give justice to. All I ask is that we stop writing off solutions (on either side) just because we had some bad experiences with them historically. Whichever way you decide to go, databases are hard (did I mention that?) so you should never expect either approach to solve all the problems. If you’d like to discuss your database issues in more detail tweet me: @_AlexYates_. I’ll be around for the whole of NDC Oslo and I’ll be talking about continuous delivery and databases in room 1 at 4.20pm on Thursday.

Alex works for Redgate to help teams improve their Database Lifecycle Management processes. Since 2010 he’s worked with hundreds of teams, large and small, across all major industry sectors and on all the world’s continents (except Antarctica - to date) to solve similar problem.He blogs about the patterns he notices: www.workingwithdevs.com 17


2 DAYS OF WORKSHOPS AT ROYAL CHRISTIANIA HOTEL

Workshops are included in the

You may attend these workshops without going to the conference

NDC ALL ACCESS CONFERENCE PASS

NOK 18900 25% VAT will be added

Ticket types

Price

2 Day Pre-Conference Workshop Pass 1 Day Pre-Conference Workshop Pass

NOK 10500 NOK 8900

25% VAT will be added to all ticket types.

be inspired

sign up now! @NDC_conferences #ndcoslo


ONE DAY Sam Newman

Suz Hinton

Design and Implementation of Microservices

15 June

JavaScript Robotics - building and coding electronics with NodeJS

Jimmy Bogard

Michele Bustamante / Lynn Langit

NServiceBus Crash Course

AWS vs. Azure

15 June

15 June

Venkat Subramaniam

Uffe Björklund

Functional Programming

Bluetooth Low Energy, RealTime Communication & Protocols

15 June

15 June

16 June Sam Newman

Gojko Adzic

Continuous Delivery

16 June

How to get more value out of User Stories

Venkat Subramaniam

Udi Dahan

Functional Programming

Designing loosely-coupled systems

16 June

16 June

16 June

TWO DAYS - 15-16 JUNE Scott Allen

Nicolai Josuttis

AngularJS workshop

Switching to C++11/C++14 «by Example»

Jon Galloway / Damian Edwards

Troy Hunt

What’s new in ASP.NET 5 and MVC 6?

Hack Yourself First: How to go on the Cyber-Offence

Dominick Baier / Brock Allen

James Grenning

Identity & Access Control for modern Web Applications and APIs

Test-Driven Development for C or C++ Training

ndcoslo.com


The Elastic family:

Big data search, discovery and analytics by Christoffer Vig

As the Ancient greek philosopher Heraclitus (525 BCE) used to say: “an abundance of data does not automatically create insights” (DK frag. 40, my own slightly modernized translation). Data in itself carries no value. Wisdom starts from wonder, wonder feeds questions and questioning data yields knowledge and perhaps wisdom. The information revolution creates new opportunities for learning from big data each day. Elastic, the company previously known as Elasticsearch, is moving closer to what in practical terms is the data space with every new version. We see this in the development of the ELK stack; Elasticsearch, Logstash and Kibana, a family of products made for big data search, discovery and analytics. ELASTICSEARCH When Shay Banon started playing around with “new age” search tools back in 2004, he was trying to figure out ways to help out his newly-wed-chef-to-be with rec20

ipe search. He didn’t quite expect that his experiments would 10 years later be the platform used to analyze the operations of a robot exploring the planet Mars. Yet, this was exactly what was presented by two chaps from NASA at this year’s Elastic{ON} conference. Elasticsearch wasn’t the first search engine Shay Banon wrote. In 2004 he created Compass, with the intention of putting the power of search into the hands of developers. You could create custom objects, stuff them into the index by using a simple interface and voilá: search them. No need for complex configurations upfront, search was instantly available.

Compass was built upon Lucene, which provided solid foundations for search functionality, and became a quite popular project. However, Compass failed to scale to larger amounts of data, and to address this, Shay embarked upon a new project, focusing right from the start on distributed scalability while retaining the core values of developer usability from Compass. This is the Elasticsearch we know today, a RESTful, distributed and scalable search engine. It has excellent client language support (javascript, C#, python…) and scales to monstrous dimensions, as was demonstrated at Elastic{ON} by users such as GitHub, Verizon,


Š Arthimedes/Shutterstock

Microsoft, Netflix and Goldman Sachs. One of the most common use cases for Elasticsearch is log aggregation and analytics, often done by utilizing the full ELK stack. In the following sections I will briefly explain how these products fit together to make the ultimate search, analytics and discovery platform. LOGSTASH Logging is a central piece of infrastructure in most information systems. In this context we consider logging a stream of discrete pieces of information about events, with a timestamp and associated data. Many systems produce logs in common formats, and Logstash supports many of these out of the box. For custom formats Logstash supplies a flexible toolset complete with regular expressions that can extract structured data from raw text. Logstash started out

as a general log processing tool, using three configurable stages; input, filter and output. The input stage is responsible for accessing the log source itself. The most common and obvious of the input stages is perhaps the file input, which reads logs stored in files. There are many others, tcp, twitter, syslog, etc. After reading the logs, the filter stage is used to modify the log event, extracting fields, typically formatting dates into a common format. Finally, the output stage sends results off to some database or search engine. Logstash was initially developed independently to Elasticsearch, but was later absorbed into the Elasticsearch ecosystem. Future developments will make it an even more central tool, adding improved automation and resiliency. Now with the river plugins being deprecated it is reason to believe logstash will move into a general data

ingestion framework, not only for time stamped data. KIBANA Kibana is the frontend component of the ELK analytics stack. Kibana runs on top of Elasticsearch, and was recently released in version 4. It is a complete rewrite from version 3, adding support for complex aggregations. The Kibana app has three tabs: Discover, Visualize and Dashboard.

21


Discover is where you search and investigate the raw data as text, allowing drill downs and searches by clicking on search results and field names. Selecting fields to show in search results displays quick summaries of field contents. You can save and share searches or use them as building blocks for visualizations in the second tab, Visualize. Kibana has a wide selection of visualizations; line graphs, pie charts, area charts, and many others. A basic use case is displaying how the number of visitors to a website varies across the hours of the day, days of the month. Zooming in and out of time scales is done by visual selection on the graph. If

you want to see how the number of visitors are distributed according to location, you can add a sub aggregation, and the bar lines of your graph will show color codes for different areas of origin. Alternatively, they can be shown geographically on a map. Using Kibana to it’s limits requires knowledge of how data is indexed, and how queries are executed under the hood. Kibana is created for developer usability, having easy access to the raw data from Elasticsearch requests and responses. When you have created a set of visualizations supporting the analysis you’re working on, you can arrange them in the Dashboard tab and share it with your colleague, manager, customers etc.

ELK STACK AND THE FUTURE The road from information to in­s ight is not determined by a machine, but by you, the user, developer, human being. An idea of what is of value and what should be sought after must inform the quest for information, not the other way around. The Elastic family of tools, rightly implemented, can be a step towards a movement of data analytics closer into the hands of those who understand their value.

Christoffer is working as a search consultant at Comperio, where he has been exposed to a wide range of search platforms. His education lies within the humanities, and is interested in both the conceptual and the practical side of computing. The true computer age has yet to come, he mumbled.

This graph shows an attempt to gain knowledge concerning the price range of Belgian beers containing significant Belgian beer terms (aka Belgianness) sold at Norwegian Vinmonopolet, using Elasticsearch and Kibana. The x axis shows beers, y axis is price pr alcohol unit, the colors indicate alcohol content. 22


Database Lifecycle Management

Your SQL Servers get source control, continuous integration, automated deployment, and real time monitoring. You get fast feedback, safe releases, rapid development, and peace of mind. Find out how at www.red-gate.com/products/dlm @redgate

/RedGateSoftwareTools

/RedGateVideos

23


The omni-presence of Windows 10 by Lars Klint

Excited because the idea is one that almost all developers can relate to and has likely at some point thought of implementing, for example when developing a modern mobile application. Frustrating because it is not a trivial exercise to implement and the barrier to success was so high it was rarely feasible to implement, both from a time perspective and when considering return on investment. It was that elusive million dollar idea that was always just outside of your reach. But this is all about to change. HOW IT USED TO BE For the most part developing software has always been platform specific. You chose your target device and then developed specifically for that target platform using the technology best suited for it. If you developed for a mobile platform, chances are you would use the .NET Compact Framework. If you

24

developed a desktop application you might use WinForms or WPF. And the choice was further complicated by each platform having different end goals, such as .NET Compact Framework aiming to preserve memory and battery. In essence you would have one product or solution for each platform.


© Dabarti CGI/Shutterstock

The potential of truly cross platform compatible development and applications have been the Promised Land for developers for decades. The notion of developing once and having your efforts pay off exponentially by pushing out your work to multiple distinct platforms has always excited, yet frustrated developers.

In the day of Windows CE and the Compact .NET Framework, code convergence was not something that was easily achieved and if it was successful it was mainly for shared libraries and tooling. Very few applications were successful across platforms, but it did happen. Although it is only really starting to show now, code convergence is something Microsoft in particular has been working on for quite a while. CURRENT STATE OF AFFAIRS So where are things at now? You may have heard of Xamarin, Cordova, PhoneGap or any of the other cross platform tools that can be used to write applications for mobile devices. These are all tools that work great in different environments and for different purposes. They have certainly boosted both the uptake of cross platform development, and also increased productivity significantly. But no matter how you look at it, all of these tools are still built for a particular

purpose. They may fit your business aim perfectly and that is awesome, but they don’t address the fundamental need for a native cross platform technology or approach. Xamarin is possibly what come closest to Nirvana when it comes to targeting multiple platforms with a single solution (especially as a developer on the Microsoft stack), and they are continually improving in great strides. But you are dependent on the vendor to improve and develop the tooling before you can target new platforms. Wouldn’t it be great if your application would just run on the next platform that came out?

25


THE PROMISED LAND As you are reading this, I am almost certain you have heard of Windows 10 and its release this year. For some time it has been possible to download a technical preview of the new operating system to get a feel for what has changed, but equally as important to provide feedback to Microsoft as users use it.

For consumers it has huge benefits. An app is bought once, then works on all their devices including having synchronised data. This enables users to switch between devices instantly when convenient and then continuing whatever they were doing. Or an app can be running on multiple devices with different aims, all contributing to a more full and immersive experience.

When most people hear “Windows”, they immediately think of the desktop experience which has traditionally been mostly correct. Now that notion is void. Windows will for the first time run on just about anything. I am talking phones, tablets, desktops, Internet of Things (IoT) devices (such as Raspberry Pi), HoloLens, Xbox One and anything new that comes out with a CPU capable of running Windows 10. That in itself is impressive, but the real key to making developers’ lives easier and happier is in the Windows Runtime and universal apps for Windows.

Imagine having a medical application that simultaneously projects data to HoloLens during surgery and updates the patient’s anaesthesiologist chart for optimal surgery and recovery time. That is not going to happen tomorrow or next year, but this technology certainly is headed in that direction.

Universal apps were introduced as part of Windows Phone 8.1 and Windows 8.1. It means you can write a single project that will currently target both phone and desktop/tablet. It takes the concept of portable class libraries one step further by having all outputs target the same core, namely Windows Runtime and even the user experience is also a single code base. This means developers are spending less time adjusting to each platform, and more time delivering business value. For developers this is great news. Your current work will most likely be worth more in the future, rather than less, as applications can be run on more and more devices. Of course this depends on your application, but your efforts are certainly less likely to be obsolete the minute they reach production (as most software seems to be). This is the path to develop once, deploy many in a serious way. You will most likely be able to share libraries across platforms with little or no rework or compilation, and you can continue to use C# and XAML in Visual Studio, which arguably is the best IDE available. There is no need for abstraction layers like Xamarin uses, as it is all run on the .Net framework and Windows Runtime. It will be a total experience in one, if I am to predict anything. 26

And for businesses there are also great advantages. You can access critical data anywhere you might be on any device you have handy. The cost of developing and maintaining applications will be minimised as the work to deploy to new platforms and devices is much less as the framework will be the same. I am not completely floating on rainbow coloured clouds here, as of course it is not all going to be smooth sailing. First of all there will be changes made to the Windows Runtime over time as more and more devices and architectures are supported, but compared to building everything from scratch or learning a new language or platform to move forward, this is a walk in the park. Second, users will have different objectives depending on which platforms they are targeting, hence the experience will have to be adapted to those needs. You can’t have a HoloLens projection working on a Raspberry PI with all likelihood. Microsoft is only just getting started with the cross platform strategy and Windows 10 combined with universal apps are a large part of this.

Lars is a solution architect with SSW, Pluralsight Author, Microsoft MVP and keen tech geek with a passion for the Microsoft ecosystem. He was selected among 10 in the world to participate in Nokia’s FutureCapture event and has spoken at a number of international events. Lars co-organises the DDD Melbourne conference and lives in rural Australia.


Photo: Shutterstock

We develop developers Training and conferences in Oslo and London ProgramUtvikling offers the best courses and most flexible training to the developer community wherever you want us to. Our philosophy is to provide “practical, applicable knowledge� by providing the highest quality training with the best instructors. In addition to our permanent staff we have a number of exciting and well-known instructors such as Herb

Sutter, Craig Larman, Billy Hollis, Daniel Gullo, Geoff Watts, Gill Cleeren, Sahil Malik and a great staff of excellent Scandinavian instructors.

OSLO - www.programutvikling.no

NDC has become one of the largest conferences dedicated to .NET and Agile development and is hosted by ProgramUtvikling AS. www.ndcoslo.com www.ndc-london.com


Big Scrum: Are you doing mechanical Scrum?

Š Paffy/Shutterstock

by Martin Hinshelwood

Are you doing mechanical Scrum? Also called flaccid Scrum, amateur Scrum, or by-the-book Scrum; all are equally ineffective. If you are not able to ship twice the features in half the time that you used to, then you are probably doing mechanical Scrum.

28


Many organisations move towards Scrum and Agile for the allure of hyper-productivity and they are, more often than not, sorely disappointed when they don’t achieve it. The easiest way to make Scrum as ineffective as possible, is to pay lip service to it. Forgetting about the values, principles, and technical excellence that are the underpinning of its effectiveness.

MECHANICAL SCRUM: IT’S A START Mechanical Scrum is easy. All we have to do is to follow the framework and use the terminology. This is where most organisations start and unfortunately, where they finish. They think to themselves, “How do we satisfy the demand that we do Scrum, but not have to change actually?”. Sprint Retrospective Scrum Team

Daily Scrum

Sprint Review

Scrum Team

Product Backlog

Sprint Planning

Sprint Backlog

Integrated Increment

@ Courtesy of Scrum.org

Your organisational culture is finely tuned to create the situation that you are currently in. Changing that is hard, and it is disruptive so don’t expect even mechanical Scrum to be achieved without angst.

@ Courtesy of Scrum.org

Mechanical Scrum is a place to start, just don’t expect to get the effectiveness that you desire. You need all three of the pillars to be able to ship twice the features in half the time. THE DESIRE: TWICE THE FEATURES IN HALF THE TIME Yes really! You can ship twice the features in half the time, but only with Professional Scrum. In Professional Scrum we not only follow the framework, but we enact the values and principles of the philosophy.

Often, a great time to change an organisation is when they have just catastrophically failed to deliver as you need to sense of urgency to create momentum for change. VALUES & PRINCIPALS: START TO LIVE THE DREAM There are five values that go with Scrum; commitment, focus, openness, respect, and courage. They should be applied to all aspects of the process, so they have different meanings depending on the situation. For example:

Jeff Sutherland talks often of using Scrum to make money as a venture capitalist by buying struggling companies. Jeff makes them profitable and competitive by implementing Professional Scrum. Professionals will always be worth more than cowboys.

• The Development Team should have the courage to say “no” to the Product Owner when they don’t think that they can achieve what the Product Owner is asking from them within a given timeframe. The Product Owner should respect that the Development Team, as the ones doing the work, are best placed to make that decision.

It beggars belief that so many organisations only practice flaccid Scrum and waste their investors’ money. That’s bad when it is private investment, but down right criminal in a public company. And let’s not get started with the public sector.

• The Product Backlog should be open and transparent to the rest of the organisation and the Product Owner presents the team’s focus through that backlog order. The business need to respect the Product Owner’s final position on the backlog order.

Is your organisation paying lip service to the values and principles? Does it feel more like ‘yeeha’, or a group of professionals?

Along with the values, there are three principals that should be adhered to, time boxing, self-organising teams, and shippable code. At least once per sprint,

29


at the Sprint Review, you should have releasable software. This gives the Product Owner the option to ship if they desire to, it gives the business choice. This shippable increment of software occurs within specific timebox that is 30 days or less. Each of the events in Scrum adheres to a specific timebox that exists as a part of the overall Sprint timebox. Timeboxes should be sacrosanct, and the common cause is that you don’t break them. Self-organisation is not synonymous to self-managing, self-managing, and that is an important distinction. Traditional managerial thinking was developed and honed in the days of the repetitive task and the unskilled workforce where the manager was often smarter than the workers. Mostly, and especially in software development this is no longer the case. Modern software development has more in common with painting the Mona Lisa than in building a model T Ford. Its creative work and no amount of effort will let you know exactly how long it will take until it’s done. The traditional management roll morphs into one of mentor, coaching, and leadership. TECHNICAL EXCELLENCE: BE THE BEST Even when organisations focus on the values and principals they often forget about technical excellence. You need to train your Development Team members in the technology and the tools to make them effective. They might need to brush up their skills in patterns and practices to allow the most flexible and relevant architecture emerge as they are building. Technical excellence is more than just having some skills, even if they are awesome skills. It’s about striving, at all times, to be the best at what you do.

Professional Scrum focuses not on the iron triangle (time, resources, & features) but on the value delivered to the customer. Does it really matter if you deliver twice as much, if you are delivering twice as much of no value? Focus on value, and manage that value.

@ Courtesy of Scrum.org

In keeping with evidence-based techniques we need to monitor certain metrics so monitor our effectiveness at Professional Scrum. That’s not about keeping our Daily Scrum to 15 minutes, it’s about delivering value, early and often to the customer. The metrics that you monitor should reflect that mantra. There is no one solution that will work everywhere. Your organisational culture is unique, and your goal is unique. You need to create a vision for your transformation and figure out what your first steps are. After trying them out, measure again, and see if you have made things better, or worse. Then continue to inspect and adapt your process, practices, and tools to better reflect the desired outcomes. Find your own path to agility within the structured framework of Scrum.

@ Courtesy of Scrum.org @ Courtesy of Microsoft

To learn new techniques and technologies as they become available, and to actively spread that knowledge with your colleagues. PROFESSIONAL SCRUM: DELIVER VALUE Put that all together and your business gets a Professional Scrum Team that can deliver high quality work on a regular cadence that successfully and increasingly meets your business’s needs.

30

If you only have a single team, working against a Product Backlog, then Professional Scrum might just be your end goal. Focus on your vision and keep improving.   SCALING PROFESSIONAL SCRUM: SCALING VALUE DELIVERY If you have more teams working against a single backlog then you may need a little more. A single Product Owner, managing a single Product Backlog serviced by 6+-3 Professional Scrum Teams needs more structure to make it work.


CONCLUSION The foundation for delivering high quality software that is of value to someone on a regular cadence is a Professional Scrum Team. You need not only the mechanics of Scrum, but also the Values, Principals, and Technical Excellence to be Professional. The only way to scale up is to bring more than one Professional Scrum Team together into a Nexus and integrate the practices that work within your organisation. @ Courtesy of Scrum.org

Each sprint still needs to create fully integrated working software, and for that we need the concept of a Nexus. A Nexus is formed when more than two Professional Scrum teams have to work together.

You need to find your organisations own unique path to agility, what worked elsewhere is unlikely to work in the same way in your distinct organisational culture.

Nexus Sprint Retrospective Nexus

Scrum Teams

Nexus Daily Scrums

Nexus Daily Scrum

Nexus

Product Backlog

Nexus Sprint Review

Scrum Teams

Nexus Sprint Planning

Nexus Sprint Backlog

• Professional Scrum Team - A Team of 3-9 people who work together to deliver integrated working software each and every Sprint. • Nexus - A group of 3-9 Professional Scrum Teams working together to deliver integrated working software.

Integrated Increment

@ Courtesy of Scrum.org

The Nexus needs to plan together, review together and retrospect together. In short we need to make sure that communication is high and that we all know what is going on. With a Nexus there is an additional Integration Team, made up of representatives of each of the teams, that is responsible and accountable for making sure we get a single integrated increment of working software at the Sprint Review.

@ Courtesy of Scrum.org

If you have a large application like Office or Salesforce you might need to break your application down into areas that are allocated to either individual Scrum Teams, or if there is enough work, a Nexus. Each would have a Product Area Backlog that is merely a subset of the Shared Product Backlog. You can imagine how hard that this is. Can you imagine if you has five Mechanical Scrum Teams? Do you think that you can pull it off? No, of course not… you need Professionals.

Finding your path is hard, but there is help out there from: • Scrum.org: www.scrum.org • Evidence-based management: www.ebmgt.org • Scrum Guide: www.scrumguides.org Recommended reading: • Scrum: The Art of Doing Twice the Work in Half the Time: http://nkdalm.net/1Hf1Np0 • The Leader’s Guide to Radical Management: Reinventing the Workplace for the 21st Century http://nkdalm.net/1IJwjsa • Software in 30 Days: How Agile Managers Beat the Odds, Delight Their Customers, and Leave Competitors in the Dust: http://nkdalm.net/19AoQPu

Martin Hinshelwood is a consultant for naked ALM Consulting, a technical and management consultancy that focuses on helping organisations modernise their development processes and enable a greater degree of business agility. Martin works with one foot in the process space and one in the technical. He is a Professional Scrum Trainer and EBM Consultant with Scrum.org with whome he has been working since 2010. He uses his knowledge and experience to help organisations, large and small, to create professional development teams that produce high quality software that is of value to that organisation. Twitter: @MrHinsh

31


Applications to Apps backed by the Cloud

© Rawpixel/Shutterstock

by Magnus Mårtensson

The Cloud is not “a brave new world” anymore. At the same time in relation to the broad market the Cloud is finally catching on. If you ask me. Full disclosure – I’m a huge Cloud proponent and I work as an expert Cloud consultant mainly focused on the Azure Platform. I help companies rebuild themselves and grow a relevant story in the Cloud, strategically as well as technically. Of course I would express delight in that the Cloud is finally catching on! I have been around the Cloud when it was young and I have worked this market since the Cloud’s inception. This puts me in a position to notice the changing trend of late. Starting after last summer there is a significant shift in real interest from customers. I can also count the number of requests for cooperation from other industry friends and experts to several per week compared to very few before summer. Suddenly the other experts get questions from their customers about that Cloud thing. Suddenly it seems “everyone” is aiming for 32

Cloudy business. Suddenly the Cloud became really relevant to everyone. I conclude that the market has finally crossed the chasm between early adopters and early majority on the Technology Adoption Lifecycle. What we see now is the 80% body of the market reaching up for the Cloud almost at the same time. When this large part of the market is maneuvering to adopt a Cloud Strategy it certainly is relevant to stop and ask ourselves the important questions.

What are the key drivers that move our market to the Cloud? There are many insightful answers to that question but I would like to argue that the real driver is end user expectations. Tablets and smart phones have taught us consumers to expect a rich and immediate user experience even on a smaller form factor. Maybe even especially on a smaller form factor? Very many consumers use their mobile device as their main way to access the Internet. Millions only ever access the Internet using a mobile device. This is more predominant in markets where one


also without comparison much more cost effective when run as a Cloud solution. Total Cost of Ownership is not the main consideration though. If you are a more technical person you need to focus on the Cloud factor that is the most important to business decision makers and need to know what the key thing is that they will always listen to. The capabilities that public Cloud computing bring to your business, to what was before an old fat client Application, is to enable it to suddenly sprout wings and soar around the globe to new markets. If migrated carefully your old dog has the potential to learn some real new tricks, reach new markets and become, the Holy Grael of the Cloud, Multitenant.

device can be a significant investment. In other parts of the world 29% of consumers carry more than three devices on a daily basis. I would love to be in the business of building power chargers today. Joking aside this is an astounding number! We bring all of our devices to work and expect to be able to access corporate systems with them. Is this related at all to having a Cloud Strategy going for ward? Without a doubt, yes, because the only real way to build a strong end user experience on multiple form factors and keep their multiple devices in sync is to use the Cloud! Admittedly there exist a few scenarios where a Cloud solution is not the answer. However the vast majority of solutions that I have seen are not only a very good fit for public Cloud, they are

In pre-Cloud markets we sold products based on license. In the new IT world in the Cloud we sell user-months or even user-hours. We host and run our “service”, no longer our “product”, in an elastically scalable, global environment where we can go from a few thousand users to millions and still maintain a small crew to manage it. I heard that Instagram had a crew of 13 or was it 30 when they had 50 Million users! The exact number is not relevant but the trend is. IT business has become Multitenant and the Cloud has a fundamentally different cost model which opens up to an equally fundamentally different business model. Gone are the days when you cared about on site installations with every customer and the unescapable support monster that comes with it. In the Cloud you are instead supplying your service. You run and maintain your service and upgrade it when it suits your business needs, not your customers. Does Google ask Gmail users before upgrading their service? Maintenance and support costs are always radically less in the Cloud and furthermore selling a product to customers for them to install in their systems simply does not scale beyond a few hundred customers or maybe about a thousand.

I have many customers who have older products perhaps created in the nineties, written in Delphi. They built really great products for that era and have lots of satisfied customers over many years. There is certainly no shame here. What is a shame though is their feeling that they are slowly dying. Where is your public API? Do you have an iPad App or an Android App? The answer to those questions lie in creating a Cloud Strategy and migrating to the Cloud. Consider if a fraction only of the Cloud migrations people like me are dreaming of and hoping for actually will happen. That will mean the biggest IT migration in the history of IT! The race is long my friends and the big bulk of business has only just begun to move. I hope I have shown you the inevitability of your move to the Cloud, if you are already here congratulations! I know that the strongest contender in the Cloud is the Azure Platform. I purposefully stayed away from that discussion in this article but I’d love to hear from you if you want to talk about it! Flying in the Cloud is way more fun! I do it every day and it is glorious! Join us up here where the air is fresh and the sky is the limit!

Magnus Mårtensson is a Microsoft Regional Director from Sweden and a Microsoft Azure Most Valuable Professional. In business as well as in life he is a true entertainer while being productive, smiles while being challenged, always gives more than is gained and aims not to take life too seriously because he claims it’s more fun that way!

33


Objects as state machines by Einar W. Høst Objects as we know them have failed. The original promise of objects was that we would give them our state and they would encapsulate it - no need for us to worry!

© Hchjjl/Shutterstock

The result would be a black box which would be easier to reason about, and which we could use to build bigger abstractions. However, the typical experience has been that the spell of encapsulation fails. We cannot trust our black boxes because they tend to surprise us with their behavior! Invariably, therefore, we find that we need to peek into the box, to figure out what went wrong. This is very bad. As a result, battle-scarred developers tend to prefer read-only objects whenever possible.

34

However, the reason that you introduce objects in the first place is that you want entities with memory! If your object is going to return the same result irrespective of history, why not just use a function? So while understandable from a pragmatic point of view, read-only objects are really an admission of failure on behalf of objects. They are stones on a road that leads away from object-orientation and towards functional programming.

But why did encapsulation fail? Why are we unable to reason about our objects? Where did we go wrong? The reason is the myriad possible states for each of our objects. Consider for any non-trivial object in the application you’re currently working on: - How many distinct states are possible? (Probably a very large number!)


- How many states are legal or meaningful? (Might be smaller but tends to be unknown or ill defined.) - How many states affect behavior? (Probably much smaller, but tends to be unknown or ill defined.) But we cannot reason about objects unless we have absolutely precise answers to these questions! They should be manifest in both diagrams and tests! The good news is that our inability to answer these questions reflect a lack of design. This, in turn, means that the problem can be fixed. We can start by making a distinction between fields that influence behavior and fields that do not. Then, for the fields that influence behavior, we must specify precisely what that influence is. We should go further and enumerate and name all the distinct possible states of our objects. This is the road that leads to proper object-orientation.

The solution is to treat our objects as state machines. A state machine is a mathematical model of computation which consists of the following: - A set of possible states (of which one will be the start state) - A set of possible inputs - A transition function between states. This is the mechanism that will allow us to reason about our objects. Armed with this knowledge, we can answer all the questions above. No more hand-waving and vague answers: we can be completely explicit about the number of distinct states our objects will have, which inputs will affect the objects’ state and hence their behavior, and what the effect of a given input will be. A state machine is not only a cure for ambiguity, it also eminently documentable. This, in turn, means it can act as a vehicle for design

discussions. It is easy to draw on a whiteboard, in a written document or on a wiki page, typically in the form of a table or a graph. The mere exercise of doing so may reveal shortcomings in the design, or suggest improvements, missing functionality and so forth. Consider an example. My favorite state machine example is a baby, but you could of course imagine all kinds of dull enterprisey domain objects instead, like an account, a process or an invoice. The principle is the same. As a parent, you want your baby to be either in happy state or a sleeping state. Invariably, though, it enters that less desirable state of screaming. Unfortunately, this is just the observable state. Your baby is effectively a black box. The observed screaming could be caused by any number of hidden inner states, and so you resort to trying various inputs like singing a lullaby, giving it a rattle, breastfeeding and so forth.

35


implementation details are just that: implementation details. In fact, the internals could be a complete mess of boolean flags as long as it fulfills the contract! But there are of course much better alternatives. In the “baby simulator” application I used a very generic approach, which involves the following three simple interfaces.

The figure above shows a simple diagram of a baby state machine, including several of those devious inner states which so frustrate parents. (The good thing about designing the state machine yourself is that you get to define the inner states and how they relate!) This particular diagram is a snapshot of a “live” diagram generated by graphviz based on output from a very simple “baby simulator” application. It is “live” in the sense that it monitors a running state

machine and highlights the current state (in this case, the baby is “bored”). The diagram also exhibits a problem in the current state machine - can you spot it? How would you wake the baby? When implementing an object as a state machine, the abstraction is the important thing. The object should act as a state machine; that is, it should always be in some named and queryable state, and it should accept inputs of a certain type. The

Each state machine implements I A m M a c h i n e , each state implements IAmState, and each transition implements IAmTransition . As you can see, each state has a name and is associated with a sequence of transitions to other states. Each transition in turn has a predicate that is used to determine if the transition may be followed given a certain input. It is the responsibility of the machine to try the transitions in sequence and follow along to the target state of a transition if one is fulfilled. One nice thing about this approach is that it lends itself very well to generic visualizations of the kind we saw in the diagram above. But again, the important thing is the abstraction, not the actual implementation. As long as you have a state machine that allows you to answer the three questions about state above, you’ll have an object that works.

public interface IAmMachine<T> { IAmState<T> CurrentState { get; } void Accept(T input); } public interface IAmState<T> { string Name { get; } void Accept(T t); IEnumerable<IAmTransition<T>> Transitions { get; } } public interface IAmTransition<T> { bool Evaluate(T t); IAmState<T> Target { get; } }

36

Einar W. Høst is a developer and technical architect at Computas. He thinks we should try to learn from history, so that at least we make new mistakes rather than the same old ones. In his spare time, though, he makes old mistakes in new ways, and blogs about the results. He holds a PhD in Computer Science from the University of Oslo.


Courses by CERTIFIED SCRUMMASTER (CSM) 15. June with Daniel Gullo

This two day course, taught by author and popular Scrum and agile trainer Mike Cohn, not only provides the fundamental principles of Scrum, but also gives participants hands-on experience using Scrum.

CERTIFIED SCRUM PRODUCT OWNER (CSPO) 15. June with Daniel Gullo

Completion of this two day course results in participants becoming certified as recognised Scrum Product Owners.

ADVANCED C++ PROGRAMMING AND INTRODUCTION TO C++11 C++ 14. September in Kongsberg and 12. October in Oslo with Hubert Matthews

This course is designed to introduce delegates to more advanced use of C++ as well as introducing the most common parts of C++11. It will cover techniques and idioms that allow for more efficient and safer use of the language as well as the concepts that make C++ different from other languages. Modern C++ techniques and facilities such as the STL are used throughout to introduce developers to the full power of the C++ language. One day is devoted to new C++11 features.

REACT WORKSHOP WEB JAVASCRIPT 27. August with Eirik Langholm Vullum - 2 days

React is a JavaScript library initially developed internally by Facebook/Instagram and open-sourced in 2013. It introduces a new way of thinking when it comes to building user interfaces in JavaScript. With its declarative style and virtual DOM-diffing algorithm it challenges established best practices. What does this mean for you? Faster, more maintainable applications that are easier to test, debug and reason about. Don’t want to go all-in? Don’t worry. Dip your toes in. React facilitates being used in as small or large a part of your application as you want to.

AGILE DESIGN AND MODELING FOR ADVANCED OBJECT DESIGN WITH PATTERNS 22. February 2016 in Oslo with Craig Larman This popular, high–impact, and hands–on course on mastering advanced object–oriented design (OOD) and design patterns (primarily the “Gang of Four” design patterns) with agility is aimed at architects and developers of OO systems, You will learn to design with patterns, apply visual modeling in an agile modeling approach, and a suite of related advanced design topics, including the design of packages. This course is based on acclaimed industry leader Craig Larman’s extensive experience coaching and applying OOD since the mid 1980s.

For complete course descriptions, time and place, visit www.programutvikling.no 37


Hybrid Mobile Development with the Ionic Framework by Justin James

Not long ago if you wanted to create a great performing mobile application for iOS or Android you had to build it as a native application using Objective-C (iOS) and Java (Android). These languages are very different from each other, take a long time to master and you end up having to maintain two separate code bases for the same application. No longer is native the only option for a mobile application. Cross-Platform hybrid applications have become a viable solution. These applications are web based applications that run directly on the device and are able to interact with the device to use features such as GPS location, contacts, and camera. You might be going wait a second, hybrid applications are nothing new. Yes, it is true that we have had the ability for a few years to compile the web code into a native application using Cordova. However, the performance was not very good as there was not a UI framework that was optimized for mobile devices. This is where the Ionic Framework (http://www.ionicframework.com/) comes in. It is the missing UI framework for hybrid applications. 38

The Ionic Framework is designed as a mobile device first UI framework and is obsessed with providing the look, feel, and performance of a native application. The Ionic Framework utilizes web technologies that we know and love such as Html 5, Javascript, Css, and AngularJS to accomplish these goals. It includes the standard controls that you would expect in a native application such as list, menus, modals, pull to refresh, navigation, plus more. The documentation for all of the controls is available at (http://www.ionicframework.com/docs) with lots of interactive examples and code that you can instantly use. There is also over 600 free font based icons included from Ionicons (http://www.ionicons.com/).


Š Sentavio/Shutterstock

INSTALLING THE IONIC FRAMEWORK To install the Ionic Framework, you need to first install NodeJS from (https://nodejs.org/). Once you have node installed, open a command prompt and run the command npm install -g ionic cordova. CREATING YOUR FIRST IONIC APPLICATION To create your first Ionic application, open a command prompt, navigate to where you typically keep your coding projects and run the command ionic start myFirstApp tabs . This will make a directory called myFirstApp and an Ionic project based on the tabs template. Ionic has 3 templates included: blank, tabs, and side menu. Feel free to try out all three of them. Now that you have your project created, in the command prompt navigate to the myFirstApp directory, run the command ionic serve and then open your web browser to (http://localhost:8100/). Your web browser should be viewing a page that looks like the figure to the right.

39


EDITING YOUR APPLICATION You are ready to start editing your application files. All of your applications files are under in the www directory and can be edited in the text editor of your choice. Within the WWW directory is one file (index.html) and several directories. • Index.html – the main html view that loads all of the views, JavaScript, and css files. • CSS – Used for your custom styles • Img – Used to hold your images • Js – Used for your JavaScript files, controllers, services, app.js, etc • Lib – used to store the vendor JavaScript files such as AngularJS and Ionic. • Templates – used to hold your html views With the ionic serve command running, as you edit files they will be automatically reloaded in the web browser. DEPLOYING YOUR FIRST APPLICATION TO A DEVICE Since this is a mobile application, I know that you want to see it running on your mobile device. The setup needed to deploy to a device is not specific to the Ionic framework and is the same software that is required by Apple and Google to compile a native application. For this article, we are going to deploy your application to an Android device. Don’t worry if you don’t have a physical device, you can use an Android emulator. INSTALLING AND CONFIGURING ANDROID SOFTWARE Before you can deploy to a device, you need to install a little bit of additional software. You will need Java 40

Development Kit 7 (JDK), Android Studio, Android SDK, and Apache Ant. For Mac OS, the setup instructions are available at (http://digitaldrummerj.me/ionic-setup-osx/). For a Windows machine, the setup instructions are available at (http://digitaldrummerj.me/ Ionic-Setup-Windows/). EMULATOR SETUP If you do not have a physical Android device you will need to use an emulator. Your best option is to download Genymotion from (http://www.genymotion. com/). After Genymotion is installed, open up the Genymotion UI and click on the Add Button. Then click the Sign in button and follow the login instructions to login with the account that you create as part of the Genymotion download. After you are logged in, select from the Android Version drop down 4.4.4, from the Device model drop down select a device type, then select a device from the available list and click the Next button. On the next screen, click the Next button, wait for the device to download and finally click the Finish button. Select the device that you just downloaded and click the start button. Your emulator should now be up and running. DEVICE DEVELOPER MODE If you are using a physical Android device, you need to put the device into developer mode in order to deploy your Ionic application to it. 1. Open the Settings application, go to the about page and click on the Build number 7 times. 2. Hit the back button, click on the “{} Developer Options”, and check the “Usb Debugging” option. 3. Hit the back button, click on the “Security” page and check the “Unknown Sources” option.


© Sentavio/Shutterstock

DEPLOYING TO THE DEVICE Next you need to do is tell the Ionic Framework that you want to compile for Android to by running the command, ionic platform add android. Finally, run the command, ionic run android to deploy it to the device. Your application should now be running on the device. ADDITIONAL TOOLS PROVIDED BY THE IONIC FRAMEWORK Along with all of the amazing code provided by the Ionic Framework, they have several extremely useful tools that are also free. • Ionic Creator - Rapidly build Ionic applications with a drag and drop interface and real code exporting – (http://creator.ionic.io/).

ADDITIONAL RESOURCES • Ionic Framework Blog: (http://blog.ionic.io) Ionic Framework Forum: (http://forum.ionicframework.com/) • Nic Raboy’s Blog: (http://blog.nraboy.com) • Andrew McGivery’s Blog: (http://mcgivery.com/) WRAP UP It is time to go and build your next mobile application. With all of the built-in functionality and tools included with the Ionic Framework, you can use modern web technologies to quickly create and release an application that works on iOS and Android with one code base. I look forward to seeing what you are build.

• Ionic View - Easily share your Ionic application with clients and testers around the world, all without ever going through the App Store (http://view.ionic.io/). • Automate icon and splash screen generation (http://blog.ionic.io/2015/01/05/automating-iconsand-splash-screens/) • Crosswalk integration for Android developers to ensure performance and predictability across Android devices and OS versions - (http://blog. ionic.io/2015/01/12/crosswalk-comes-to-ionic/). • Interact with the native device capabilities using simple AngularJS wrappers for the most popular Cordova and PhoneGap plugins – (http://www.ngcordova.com/).

Justin is a developer and speaker focused ASP.NET, C#, AngularJS, and Ionic. He has a passion for web development and teaching. You can find him online at http://digitaldrummerj.me or @digitaldrummerj. 41


SINCE 2008

We are proud to present the 8th NDC. Thanks to our inspiring partners who make it happen!

@NDC_conferences #ndcoslo 42


For information about partnership deals, please contact: info@ndcoslo.com tel.: +47 67 10 65 65

Become a partner today!

ndcoslo.com

43


Resolving Conflicts in Occasionally Connected Mobile Apps by Michael L. Perry

44


© Maxim Kostenko/Shutterstock

INCONCEIVABLE! Vizzini yells “Move the thing!” He also adds a card to a Kanban board on his mobile app. It appears in the To Do column. Fezzik also has the app installed on his phone. A toast notification alerts him that there is a new card, so he opens the app and sees “Move the thing” in the To Do column. He slides it to Doing, and then proceeds to move the thing. When Fezzik is finished, he moves the card from the Doing column to Done. At this exact moment, however, Vizzini changes his mind. He yells “No, the other thing!” and slides the card from the Doing column to To Do.

Now the two apps are in conflict. They each see two different series of events leading up to opposing states. Which series is correct? How should the app respond? How should the conflict be resolved? What if the app displayed the conflict to both Vizzini and Fezzik? Vizzini, upon seeing the problem, would move the card to the To Do column, thus resolving the conflict.

45


CONFLICT VS INCONSISTENCY A well-behaved mobile app knows the difference between a conflict and an inconsistency. A conflict is a condition that arises when two different parties make different decisions based on the same information without knowledge of the other. Inconsistency, however, is when two nodes see the system in different states. Conflicts are inevitable when consistency cannot be guaranteed. But even if we can’t have consistency at all times, we can have consistency eventually. Eventually, both Vizzini and Fezzik saw the system in the same state: a state of conflict. The system reached a consistent state precisely by exposing the conflict. There are systems that honor this distinction between conflict and inconsistency. Two examples are Git and Bitcoin. In a Git repository, commits are allowed to co-exist in a state of conflict. Two branches diverge from the same point in history. Along one branch, one commit changes a file. Along another, a second commit changes the same file in a conflicting way. The conflict cannot be resolved automatically; human intervention will be required at some point in the future. In Bitcoin, transactions are added in blocks to the end of a block chain. Nodes in a worldwide distributed system compete to find the next block. For a time, two blocks may simultaneously exist on the end of the chain, forked from the same predecessor. While the system is in this state, the transactions in those two blocks are in conflict. However at some point the next block will be discovered, deciding which of the two chains is accepted and which is abandoned.

But Git and Bitcoin represent the resolution of the conflict differently. Git resolves conflicts by creating a merge commit, containing two predecessor hashes. But a Bitcoin block contains only one predecessor hash. When a new block is discovered, the longer chain is accepted while the shorter one is abandoned. (A Git rebase is more akin to a Bitcoin chain, in that the original branch is abandoned.) The real insight of the Git and Bitcoin solutions is the separation of conflict resolution from communication. Moving the event is distinct from resolving the conflict. When nodes communicate with each other, they exchange information without judgement of conflicts. Conflicting commits or blocks are allowed to coexist without question for long periods of time. HISTORICAL MODELING Let us now return to Vizzini and poor Fezzik. How should their Kanban application be constructed? One way to construct an occasionally connected mobile app is to employ Event Sourcing. Greg Young defines Event Sourcing as “storing current state as a series of events and rebuilding state within the system by replaying that series of events.” (http://codebetter.com/gregyoung/ 2010/02/16/cqrs-task-based-uis-event-sourcing-agh/)

Both Git and Bitcoin represent conflicts in the same way. A Git commit and a Bitcoin block both contain the cryptographic hash of their predecessor. A conflict has occurred when two commits or two blocks – contain the same predecessor hash. Seen as a tree, a conflict occurs when there is more than one leaf. 46

In storing events in a series, Event Sourcing imposes a total ordering upon those events. To replay a series of events, it is important that they be read back in exactly that order. Unfortunately, events in an occasionally connected mobile app do not occur in series. Both Vizzini and Fezzik made correct decisions with the information at their disposal. Requiring a total order would deny one of them that ability. To place their events in series, one of them would have to perform the equivalent of a Git rebase, and abandon their intended branch.


Š Maxim Kostenko/Shutterstock

Upon seeing the conflict, Vizzini takes the initiative to resolve it. He moves the card, and in so doing creates a fact having two predecessors. Much like a Git merge, this new fact succeeds the two conflicting facts and grafts the tree. This fact is shared with Fezzik, and both can now see a tree with only one leaf; the conflict is resolved.

Instead, let us keep the spirit of Event Sourcing and replace its implementation. Let’s replace a total order among events with a partial order among historical facts. Unlike events, facts cannot be replayed; their order cannot be unambiguously determined. But, much like Git commits or Bitcoin blocks, they capture the causal relationships that lead up to the fact. They contain the hash of their predecessors, and can therefore represent a conflict while still achieving eventual consistency. REPRESENTING A CONFLICT When Vizzini and Fezzik create the conflict, the historical model captures their intent. At first, they see only their local version of history. During this time, each tree had exactly one leaf, and so there was no apparent conflict. However, once they exchanged facts, they both saw a tree with two leaves. They had eventually achieved consistency; both saw the same state. However that state was one of conflict.

As opposed to a totally ordered series of events, a partially ordered graph of facts can represent a conflict and its resolution. Facts are sent and received without concern for whether they cause a conflict. Moving facts through the system is one concern; detecting and resolving conflicts is a completely separate endeavor. The historical model allows conflicts to stand until the human decides to intervene.

Software is math. Every class is a theorem. The compiler is the proof. And unit tests check our work. Michael has recorded Pluralsight courses on CQRS, XAML Patterns, and Cryptography, in addition to Provable Code. He maintains the spoon-bending Assisticant and Correspondence open-source libraries. And he helps his clients at Improving Enterprises.

47


Analyzing

thousands of dump files from production systems by Sasha Goldshtein Are you using dump files to analyze issues in your .NET applications? This short article may help you set up an automatic process that inspects dump files and extracts interesting insights without human intervention

My better half Dina, who is also a software developer, has recently run into the problem of analyzing production issues using dump files. She knows very well how to open a dump file in Visual Studio or WinDbg and extract basic exception details, but she was getting dozens of dump files every day and the rate was increasing with the extent of their production deployment. Opening each dump file and analyzing it by hand simply doesn’t scale. In the past, possible solutions would include setting up a collection of contrived command-line and WinDbg scripts to extract information from dump files automatically. WinDbg commands produce text output which can be parsed by another program, which helps extract basic exception information, call stacks, and other simple features required to analyze the problem. But higher-level analysis, such as looking at heap usage statistics, inspecting individual objects, perusing synchronization mechanisms and inter-thread relationships—this kind of analysis is infeasible with command-line scripts and text parsing. 48

Almost two years ago, Microsoft introduced a free library, which was later open-sourced, called ClrMD (CLR Memory Diagnostics). It is available as a NuGet package, and provides a .NET-friendly API for analyzing dump files and connecting to live processes. I was positively shocked to see the extent and potential of this library! Here are just a few of the things you can do with ClrMD: • Open a dump file and extract exception information and the call stack of the faulting thread • Collect heap statistics on all live/ dead objects in terms of types, counts, and sizes • Locate an individual object and inspect its properties, without even suspending the target process that you’re inspecting • For each blocked thread, determine the blocking object that keeps it waiting and the owner thread of that blocking object, if one is available (which serves as the foundation for deadlock detection)

These incredibly powerful features don’t come at the expense of performance. ClrMD is full to the brim with caching tricks and other optimizations that ensure your analysis is almost as fast as reading from the memory of your own process. For example, even without applying any optimizations of my own, I was able to traverse all the managed heap objects in a heavy Visual Studio process and collect type statistics in just a few seconds. On this GitHub Gist, (https://gist. github.com/goldshtn/3c55d83ffaa495327504) you can find a complete example of a program that opens a crash dump file and extracts basic information for the thread that caused the crash. You’ll notice the API is quite simple – the DataTarget class represents a dump file or a running process, the ClrRuntime class represents a specific version of the Common Language Runtime loaded into that process, and the ClrThread, ClrException, and ClrStackFrame classes are quite self-explanatory as well.


using using using using using using

Microsoft.Diagnostics.Runtime; System; System.Collections.Generic; System.Linq; System.Text; System.Threading.Tasks;

namespace ClrMD { class Program { static void Main(string[ ] args) { if (args.Length == 0) { Console.WriteLine(“Usage: <crash dump file>”); return; } DataTarget target = DataTarget.LoadCrashDump(args[1]); ClrRuntime runtime = target.CreateRuntime(target.ClrVersions[0].TryGetDacLocation()); foreach (ClrThread thread in runtime.Threads) { ClrException exception = thread.CurrentException; if (exception == null) continue;

}

}

}

}

Console.WriteLine(“Exception {0}: {1}”, exception.Type.Name, exception.Message); PrintCallStack(exception.StackTrace);

private static void PrintCallStack(IList<ClrStackFrame> callStack) { foreach (ClrStackFrame frame in callStack) { SourceLocation sourceLocation = frame.GetFileAndLineNumber(); string source = (sourceLocation == null) ? “” : (sourceLocation.FilePath + “@” + sourceLocation.LineNumber); Console.WriteLine(“{0} {1}”, frame.DisplayString, source); } }

Based on the experience of creating fairly complex ClrMD-based solutions, I can say that ClrMD really tends to make the complex tasks quite simple. Although some things about the CLR simply require a bit of work—for example, to determine whether an object is live from the GC’s perspective you have to perform a graph search from the set of GC roots—the ClrMD API is very helpful, polished, and intuitive. You can find some additional samples that range from simple to very complex on the Microsoft official .NET samples GitHub repository,

(https://github.com/Microsoft/ dotnetsamples), including a sample that performs complete heap walking. I will be more than happy to help and collaborate on any projects that use ClrMD to build sophisticated analysis solutions, from dump analysis to live process inspection. You’re also very welcome to get in touch if you have any questions or ideas about ClrMD, and I can help connect you to the library’s author.

Sasha Goldshtein is the CTO of Sela Group, a Microsoft C# MVP and Azure MRS, a Pluralsight author, and an international consultant and trainer. Sasha is also the author of two books, a prolific blogger, and author of numerous training courses.

49


The emergent nature of software architecture Tudor GÎrba The architecture of a software system is not a document. It is the reality of the system that is the result of multiple developers working at the same time and committing code concomitantly in different corners of the system. It is the result of following the constraints posed by the system’s current state. It is the result of the social interactions between the team, product owners and other stakeholders. It is the result of what is possible with the underlying languages and technologies. It is the result of skills. It is the result of taste. It is the result of dreams.

50

In short, architecture is an emergent property created by multiple agents interacting constantly with each other. And like any respectable emergent property it is hard to communicate, and even harder to figure out how to approach it. To understand it better, let us visualize the problem.


The picture shows details of a real system. Classes are black. Methods are red. Attributes are blue. Method containment, attribute containment, and class inheritance are gray. Invocations are red. Attribute accesses are blue. And everything is arranged through a force-based layout. The visualization is called System Attraction and it is produced using the Moose analysis platform (http://moosetechnology.org). While things might appear random at first, at a deeper look there is a certain order that emerges from all the entangling. Colors are not uniformly distributed throughout the space. At the center, there appears to be much agglomeration of red surrounded by blue. This seems to indicate that there exists a consolidated behavior at the center of the system. There are groups of black spots (i.e., classes) that want to be close together. Also, the blue backbone on the bottom right seems to indicate a significant aggregation of related data.

To get a better feeling for how systems can be different, let’s compare the above example with the one below. The two systems are comparable in size, yet they exhibit much different patterns. The second system is much stronger on state. In fact, it looks as if it’s the data that drives the system, and methods are just adjacent. Furthermore, while the first system seems to have at least one strong agglomeration of behavior, the second one has multiple small ones. These picture exhibit macro emergent patterns that are determined by forces in the code. For example, a method is indeed attached to its classes, but if there are many other external interactions, the method will tend to go away from its class. The visualization lets the sum of all these forces decide the shape of the system. Essentially, the visualization lets the code go both where it is needed and next to what it needs.

51


Now, let us take a step back and take a closer look at one class. This class has a classic structure with multiple methods (red circles) and few attributes (blue circles). The methods seem to collaborate with one another and the attribute usage is reasonably distributed throughout the methods. It looks like a tidy class with proper structure in place.

Let us now add to our scene a collaborator class next to the original one.

The class changes its shape a bit, and one method in particular seems to be more attracted to the newcomer. Let us add another one.

52


The shape changes a bit more. Now, let’s see what happens when we visualize this class together with all its provider and client classes.

Ahh, where is our class now? The tiny tidy shape cannot be seen anymore.

53


Let us highlight it.

When placed next to its collaborators, the class changes shape dramatically. Regularity is secondary to distinct interests. For example, a group of four methods wants to be the center of everyone’s attention, while some other methods want to mingle with other classes in the north.

54

Software architecture is an emergent property. Clearly, this shape of the system does not reflect any traditional view on architecture. There are no model-view-controller or layer patterns to be found. Nevertheless, visual patterns do emerge. And what is architecture if not the structure that defines the system?


Indeed, when we look at the code only through a diagram that imposes a predefined grid, such as a UML diagram, we will tend to see only the defined regularities. These visualizations are not bad. They have their place precisely when it is those regularities we want to reason about. But, only being exposed to rigid shapes encourages a type of thinking that leads to the illusion of complete controllability. A common point of view says that architecture is only to be seen in the large. Yet, the forces embedded in the code influence the shape of the system in the small as well. Even if it is more comfortable to see a class as having a regular and controllable shape, when seen in its usage environment, the shape can morph in unexpected ways. This shows that code can be understood effectively only in context.

Software architecture is an emergent property. It cannot be controlled upfront, but it can be steered. First, we need to acknowledge that the current shape and forces will change all the time and the only way to make informed decisions is to understand the current state. This can only happen through appropriate tools and techniques that go beyond manual code reading. Second, we need to stop believing that one individual can be in control. We need to move from a controlling model towards a distributed one in which everyone is empowered to contribute at every given moment.

In our exercise we only looked at simple code elements such as classes and methods and standard interactions such as inheritance and invocations. We completely ignored technology specific details. We completely ignored the social behavior around the software system. And we only looked at one snapshot of the system. Even so, the experiment shows that software architecture is driven by interaction and it is never single minded. Only by acknowledging the underlying forces in a software system can we handle them appropriately.

Tudor GĂŽrba (http://tudorgirba.com) works as team and innovation lead at CompuGroup Medical Schweiz, and as an independent consultant. He leads the work on the Moose platform for software and data analysis (http://moosetechnology. org), he founded the Glamorous Toolkit project for rethinking the IDE (http://gt.moosetechnology. org), and he is a board member of the Pharo live programming environment (http://pharo.org). He developed the humane assessment method (http://humane-assessment.com), and he is helping companies to rethink the way they manage complex software systems and data sets. Furthermore, Tudor developed the demo-driven innovation method (http://demodriven.com) as a combination of design thinking, idea prototyping and storytelling. In 2014, he won the prestigious Dahl-Nygaard Junior Prize (http://aito.org) for his work on modeling and visualization of evolution and interplay of large numbers of objects.

55


Static websites are good for your health by Adam Beres-Deak Some time ago I was going to start a new project. I wanted to have a development blog, where I could keep notes for my future self. I was facing a tough question: What kind of content management system (CMS) or blog engine should I use? I listed all the usual options (using Wordpress, Craft, creating my own). Then I ended up with a static website.

WHAT ARE STATIC WEBSITES Static websites are just a bunch of pre-generated files (e.g HTML, CSS, JavaScript). They are generated once and served to all the visitors. A webserver hosting static files needs way less resources than a traditional application server. It is no problem anymore if your website gets promoted or thousands of Reddit or Hacker News visitors flood your pages. Your servers will withstand the pressure – SSDs are cheap nowadays. Static websites are usually hosted with time-tested, well-maintained, open source server software – think of NGINX, Apache, Varnish, Lighttpd. Your stack gets less complex with not having to host any custom code. This makes static websites much less vulnarable to hacking. There is much less chance for software bugs and issues. HOW TO DEVELOP STATIC WEBSITES Static websites do not mean writing your HTML files in a plain text editor without any convenience of modern technology. You can still use HTML templating, build-tools, databases and any kind of technology you are used to. The only difference is that the website is not going to be generated on the webservers, but the pre-generated files get copied to the servers.

56

A usual development workflow contains the following steps: - Creating page templates - Designing HTML partials – header, footer and other common elements which are present on all or many of the pages - Pairing content with templates, generating the HTML files – usually using markdown - Running tests on the files – checking that all links work correctly, checking the count of the files and so on... - Deploying the files to production – e.g. SSH, SCP, rsync - Running the same tests in the live environment as during development. This should make sure that everything went fine and is working as expected.

pages-and-assets-with-googledrive.html), Dropbox and many other services - your own server - and many more... GIVE IT A TRY There are many great tools which are perfect to start with. Let’s take a look at a few of them. A more complete list can be found on [staticgen.com](https://www.staticgen.com/) and on [staticsitegenerators.net](https://staticsitegenerators.net/). To name some of the tools: - [Assemble](http://assemble.io/) – written in JavaScript for [GruntJS](http://gruntjs.com/). - [Jekyll](http://jekyllrb.com/) – used to be the de facto standard for the Ruby community.

Hosting static websites is as easy as hosting some static files. You can use:

- [Hugo](http://gohugo.io/) – written in GO. It is optimized for speed, easy use and configurability.

- any conventional website hosting providers - [GitHub Pages] (https://pages.github.com/)

- [Metalsmith](http://www.metalsmith.io/) – written in JavaScript. “All of the logic in Metalsmith is handled by plugins. You simply chain them together.”

- [Google Drive](http://bdadam. com/blog/hosting-static-web-

- [harp](http://harpjs.com/) – also written in JavaScript


© Racorn/Shutterstock

IS IT A SILVER BULLET? Unfortunately static websites cannot be used in every situation. They are not suited for frequently changing content. You cannot use them either without forgoing features like a web based page editor, user login, online content managemenet or complex server side business logic. HOW ABOUT SOME CHEATING? Yes, some cheating in this case is possible and for once acceptable. If you do not want to do without the convenience feature of modern CMS solutions, you can still use some kind of staticness. Almost every webserver software can be set up to provide caching. When the first visitor downloads a page the server caches the response from your CMS in a local file. For other visitors the server can send directly back the already cached response – without having to touch your application.

HOW DO STATIC WEBSITES INFLUENCE PEOPLE’S HEALTH? In the title I said static websites are good for your health. But how? If you are a website hoster then you have to worr y less about server performance or about being hacked. You can be happy about overnight success, without fearing overloaded servers. This makes you more healthy. If you are a software developer then you will be more healthy as well, because you can be sure that your website will behave the same on your machine and in production. There are no more bugs which only occure on live servers.

Adam is a software engineer at AutoScout24, which is Europe’s biggest car market in more than 10 countries. He has been developing for the web since the beginning of the Web 2.0 Era. His motto in life is “Simplicity is the key for success”. Adam feels at home in JavaScript and Node.js, but also develops with ASP.Net/C# and Python.

Users will also be much happier. They get faster websites and reduced load times. This is a win-win situation for everyone. 57


Clutter-Free Programming by John Azariah

CLUTTER EVERYWHERE When I was a fresh-faced college graduate stepping into the world of programming, the language that was all the rage was C, and the state-of-the-art in windows programming was COM. We prided ourselves in writing safe code that other COM components couldn’t bring down; and we did that by guarding every function call with error checking and recovery code.

hr = pDest->put_Provider(varProvider.ChangeTypeToANSI()); if (FAILED(hr))return hr; var.Clear(); if (SUCC(pTemp->get_Views(&var))){ hr = pDest->put_Views(var.ChangeTypeToANSI()); if (FAILED(hr)) return hr; var.Clear(); } if (SUCC(pTemp->get_Template(&var))){ hr = pDest->put_Template(var.ChangeTypeToANSI()); if (FAILED(hr)) return hr; var.Clear(); } if (SUCC(pTemp->get_DefView(&var))){ hr = pDest->put_DefView(var.ChangeTypeToANSI()); if (FAILED(hr)) return hr; var.Clear(); }

58


© Maryutin Maxim/Shutterstock

I don’t believe that most programmers today apply the same level of paranoia in today’s programming environments. After all, we’ve got managed memory, don’t have to do reference counting, and we have exceptions for structured error handling. Surely our code is cleaner now!

do {

try {

var xnInternal_DeletedTime = xn.SelectSingleNode(“./Internal_DeletedTime”); if (xnInternal_DeletedTime.InnerXml == “”) { break; } var value = xnInternal_DeletedTime.InnerText; Instance.m_Internal_DeletedTime = DateTime.Parse(value);

} catch (Exception) { break; }

} while (false);

59


Unfortunately, code like this snippet is still prolific! It’s clear that we haven’t reduced the clutter by improving the runtime environment. Guarding against null values; handling failures and exceptions; attempting to cast or coerce values between types; logging of activities; and many such patterns are prevalent in modern code. Indeed, distributed computing and service-oriented programming bring many more patterns to deal with transient and permanent communication failures. So not only is such code prolific, it turns out that the patterns actually are useful, and provide structural safety to the logic portion of our programs. This is especially true in well-designed service-oriented architectures, where the desire is to encapsulate behaviours into decoupled services, and then compose those services together in a safe manner – addressing issues such as retry mechanisms for transient failures; circuit-breaker mechanisms for permanent failures; service-monitoring; authentication and authorization; and all the infrastructural support that is required to build resilient systems in a manageable way. This system of thinking is not new. In fact, the notion of composability is one of the strongest weapons in the arsenal of a software developer. Little things compose into bigger ones, but can be independently tested and improved without requiring unrelated portions of the software to be rewritten, so we like the idea of being able to compose.

LEGO PROGRAMMING Consider the following indicative code in F#: … let f: ‘a -> ‘b = … let g: ‘b -> ‘c = … let r x = g(f(x))

Here, the ``r`` function is a composite function of one argument ``x``, defined as the functionality represented by applying ``f`` on the ``x``, taking its result and applying ``g`` on it. This kind of chaining is so common that F# has a special way to represent it. We could write ``r`` as: let r = f >> g

Now, if we follow the types of the inputs and results, we can quite easily derive the signature of the composite function ``r``. let r: (‘a -> ‘c) = f >> g

We don’t even need to know what the ``f`` and ``g`` do; as long as they are functions without side-effects, we can use ``r`` whenever we need to call ``f`` followed by ``g``. Now, as you would really expect from a language like F#, ``>>`` isn’t really a language construct, but a function – a higher-order function which takes two functions as arguments and returns another function as a result. You can think of the ``>>`` operator as being F# for “take the result of calling the first function and push it into the second”. let (>>) : (‘p -> ‘q) -> (‘q -> ‘r) -> (‘p -> ‘r) = …

You can think of the ``>>`` operator as being F# for “take the result of calling the first function and push it into the second”. A very explicit implementation for it might be: let (>>) f g = (function x -> let fx = f x g fx)

What stops us from writing composable code are the intrusive patterns that make the code correct, resilient and performant. What we want to do is to take the little functions that perform the business logic of our program, and find clutter-free ways of composing them together, folding in the infrastructural patterns that we want to employ in the most inconspicuous way possible.

60

CONSTRUCTING TYPES A generic type can be thought of as a kind of function that constructs a resultant type given an argument type – in direct contrast with a “normal” function which constructs resultant values given values for arguments. type M<’a> = …


Let’s consider what happens when our functions start using the generic types:

Simple composition will result in a function that does not compose safely.

let f: ‘a -> M<’b> = … let g: ‘b -> M<’c> = … let r x = g(f(x)) // NO LONGER WORKS!

// this will blow up if anything throws let r = f1 >> f2 >> f3 // : int -> string

Straightforward composition breaks down, and we no longer can just take the result of one function and feed it into another function. But we can use the same trick that F# uses with the ``>>`` function and define something that will give us what we want. let (>=>) : (‘p -> M<’q>) -> (‘q -> M<’r>) -> (‘p -> M<’r>) = …

This certainly has the right signature. But having the right signature isn’t enough – let’s write a similar implementation for it: let (>=>) f g = (function x -> let mq = f x mq (>>=) g)

Well, this certainly works, but using some chicanery. We’ve introduced a new mysterious function ``>>=`` to do the dirty work for us. What does that look like? let (>>=) : M<’q> -> (q -> M<’r>) -> M<’r> = …

Now the ``>>=`` function – pronounced “bind” – is necessarily closely tied to the generic type ``M``, since it needs to know how to access the internal portion of the generic type. It needs to know how to unwrap the value, and then call the second function argument with it. Because that function returns a wrapped value, the bind function also returns a wrapped result. HANDLING SIDE-EFFECTS We can reason about simple function composition as long as the functions we are composing are pure – as in, they do not have side-effects. If any of the component functions throws an exception, for example, the whole composite chain will fall apart. If we were to make our functions truly composable even when there are side effects involved, we will have to modify our approach.

Traditionally familiar ways of combining the functions breaks compositionality – we can’t simply combine any number of functions, for example. Also, this style is familiar because this is typically how code in imperative-style languages is written. // traditional style let r f1 f2 f3 = function x -> try let f1x = f1 x try let f2x = f2 (f1x) try let f3x = f3 (f2x) f3x with | exn -> … // handle exception thrown by f3 with | exn -> … // handle exception thrown by f2 with | exn -> … // handle exception thrown by f1

Now, let’s use our technique of combining with generic types: // first, we write a type which models the kind of behaviour /// we want to encapsulate type Result<’T> = | Success of ‘T | Failure of Exception // next, we write a function to “lift” a normal function // to a function that returns a wrapped type // // safe: (‘a -> ‘b) -> (‘a -> Result<’b>) let safe f = (fun x -> try Success (f x) with | exn -> Failure exn)

One way of doing this is to use generic types, and encapsulate the side-effecting, cross-cutting portions within a generic type.

// then, we write the ‘bind’ function for the Result<’T> type let (>>=) (m : Result<’a>) (f : ‘a -> Result<’b>) : Result<’b> = match m with | Success x -> f x | Failure x -> Failure x

Let’s consider a concrete example

And now, we have the tools we need to compose safely.

let f1 : int -> int = … // may throw let f2 : int -> double = … // may also throw let f3 : double -> string = … // may also throw

let f1’ = safe f1 // int -> Result<int> let f2’ = safe f2 // int -> Result<double> let f3’ = safe f3 // double -> Result<string> let result x = (f1’ x) >>= f2’ >>= f3’ // SAFE! WON’T BLOW UP!

61


The first thing to notice is that because we have encapsulated our side-effects into the ``M`` generic type, the functions we are ``bind``ing over are actually side-effect free – at least insofar as they will not throw any exceptions. This allows us to compose them with impunity and reason equationally about their behaviour. SYNTACTIC SUGAR This pattern is so powerful and useful in F# that there is some neat syntactic sugar that you can put around the composition, which makes it much easier to read and use. You’ll find these documented as Computation Expressions, and they allow for some pretty looking code. In this specific case, we can write the ``attempt`` computation expression as follows: // define a ‘builder’ class type AttemptBuilder() = member this.Bind (x, f) = x >>= f member this.Return (x) = Success x // create a singleton instance with a descriptive name. let attempt = new AttemptBuilder () // Now, given some let one () : int let two () : int let three () : int let four () : int

‘unsafe’ functions… = 1 = 2 = failwith “There is NO three!” = 4

// …we can compose them safely using the tools we’ve built so far! let result = attempt { let! n1 = (safe one) () let! n2 = (safe two) () let! n3 = (safe three) () // this one will throw and the computation will end here let! n4 = (safe four) () // if the previous line is commented out, then we can compute this value, and yield a subsequent result!

}

return n1 + n2 + n4

failure value. If all the function invocations inside the expression succeed, then we are able to yield a value indicative of success. SUMMARY We started by considering the complexity of writing industry-strength code and the challenges associated with providing infrastructural support in terms of exception handling, logging, retry-ing and so on. We noted that the current methods of coding up such requirements are labour intensive and difficult to extend or maintain. We decided to explore the concepts of function composition, and observed the mechanics of using higher order functions to compose simple functions of the type (‘a -> ‘b). We then introduced the concept of a type constructor, and augmented our compositional patterns to handle functions of the type (‘a -> M<’b>). In doing so, we introduced the concept of Kleisli Composition, and implemented it in terms of a “bind” function specific to the M type constructor. We then worked through an application of these patterns to functions that threw exceptions, and discovered that monadic composition provided a way to safely compose impure functions by lifting them to safety and then composing monadically. We then discussed the syntactic sugar that F# uses to support this form of composing functions, briefly introducing computation expressions. We then covered, in very terse detail, the theoretical underpinnings of composition being a monoidal operator over both types of functions; and enumerated the monad laws. ACKNOWLEDGEMENTS • Brian Beckman’s “Don’t Fear The Monad” • Scott Wlashchin’s Railway Oriented Programming Series, and Computation Expression series • Don Syme & Tomas Petricek’s Computation Expression Zoo

The ``AttemptBuilder`` type is a special kind of F# class that allows us to override several functions; most minimally, we need to override ‘Bind’ and ‘Return’, and create an instance of this class with a descriptive name. Once we do that, we can create a computation expression with the name of the instance, and use ``let!`` to perform the task of unwrapping the values for our use within the expression. The safe nature of the composition is evidenced by the fact that if any of the inner function invocations returns a failure value – because of, say, a thrown exception – then the expression itself short-circuits and returns the 62

John Azariah has been writing software for over two decades now, and is now starting to get the hang of it! He has worked in several companies in the US, India, Singapore, and Australia; and now spends his work week shuttling between Melbourne and Sydney. He is an Azure MVP and a functional programming enthusiast.


THEORETICAL UNDERPINNINGS For the most part, understanding the concepts above, and ensuring that we are managing side-effects in a way that allows us to compose pure functions is sufficient for writing clutter-free code. However, there are rigorous mathematical underpinnings at the foundation of our methods. I’ll summarize them here: Function Composition: • We have a set of things – functions of the form (‘a -> ‘b) • We have a binary operator called (>>), which has some properties ○○f >> g returns another function of the same form (‘a -> ‘b). We say that this means that the set is closed under the operation. ○○((f >> g) >> h) is the same as (f >> (g >> h)). We can prove this by expanding out the values, and noting that they both are equivalent to (h(g(f(x))). This means that the grouping order in which things are operated on is irrelevant. We call this property associativity. • There is a special member of the set, called unit or zero, which when composed against any other member of the set, leaves it unchanged. ○○(f >> unit) = (unit >> f) = f In mathematics, such a set with such an operation is called a monoid. We can now safely say, with mathematical certainty, that the set of pure functions of the form (‘a -> ‘b) is a monoid under the composition operator, and thereby benefit from all the consequences of such a statement. Kleisli Composition: • We have a set of things – functions of the form (‘a -> M<’b>) • We have a binary operator called (>=>), which also has the properties of ○○Closure: f >=> g returns another function of the same form (‘a -> M<’b>). ○○Associativity: ((f >=> g) >=> h), (f >=> (g >=> h)) and f >=> g >=> h are all the same. • There is a special member of the set, called unit or return, which when composed against any other member of the set, leaves it unchanged. ○○(f >=> return) = (return >=> f) = f Now, we can also say that the set of pure functions of the form (‘a -> M<’b>) is a monoid under Kleisli Composition. Monad Laws: If these following conditions hold, then we can say that M is a monadic type, and will safely support monadic binding and compositions: • We have a type constructor M<’t>, and the related implementations of (>>=) and return • Given a wrapped value m of type M, then ○○m >>= return = m // aka ‘right unit’ • Given an unwrapped value of x of type ‘a and a function f of signature (‘b -> M<’c>), then ○○(return x) >>= f = f x // aka ‘left unit’ • Given a wrapped value m of type M, then ○○m >>= f >>= g = m >>= (fun x -> f x >>= g) // associativity

63


Workshops and Training 1 DAY Workshop DESIGN AND IMPLEMENTATION OF MICROSERVICES Sam Newman Microservices Architecture is a concept that aims to decouple a solution by decomposing functionality into discrete services. Microservice architectures can lead to easily changeable, maintainable systems that can be more secure, performant and stable.

the language, but you have to change how you program in that language. Change can be hard, but there are some nice rewards that go with it for those of us who are adaptive.

2 DAYS Workshop F# VIA MACHINE LEARNING Mathias Brandewinder Machine Learning and Functional Programming are both very hot topics these days; they are also both rather intimidating for the beginner. In this workshop, we’ll take a 100% hands-on approach, and learn practical ideas from Machine Learning, by tackling real-world problems and implementing solutions in F#, in a functional style.

Course PROGRAMMING IN JAVA 8 Venkat Subramaniam Java is arguably one of the most widely used languages. This popular language is going through a makeover. This will have a significant impact on how programmers will code and design applications with Java. With the introduction of lambda expressions and method references in Java 8, we can now make use of functional stye of programming.

Course REACTIVE PROGRAMMING WITH AKKA Venkat Subramaniam The course has a good balance of interactive lectures and hands-on exercises. The attendees are expected to pair-up and work on the lab exercises. The instructor will assist the attendees as they work on the exercises.

Course TEST-DRIVEN DEVELOPMENT Course EVOLUTIONARY DESIGN AND ARCHITECTURE FOR AGILE DEVELOPMENT Venkat Subramaniam This is where the principles and the practices we can learn and follow from evolutionary design and architecture comes in. This course will help us avoid the perils of upfront design, and at the same time, keep us away for the traps of inadequate or insufficient design. Learn how to create practical design that can efficiently balance the tradeoffs we face in architecting and designing software. Course PROGRAMMING IN FUNCTIONAL STYLE Venkat Subramaniam “Functional programming,” yes, everyone’s talking about it. But why? What’s this new excitement about something that’s been around for a very long time in some esoteric languages. For one thing, most mainstream languages now support it. C#, Java, C++,... To program in functional style you don’t have to change

64

Venkat Subramaniam Honing Your Test Driven Design Skills. The course has a good balance of interactive lectures and hands–on exercises. The attendees are expected to pair–up and work on the lab exercises. The instructor will assist the attendees as they work on the exercises. The objective of the course is for the attendees to gain an in depth practical knowledge of the concepts so they can put them to immediate use on real projects. Course TEST-DRIVEN DEVELOPMENT & REFACTORING TECHNIQUES Robert C. Martin Test Driven Development (TDD) is one of the most profound Agile development practices. It has been adopted by nearly all the Agile methods and there is documented evidence that it has reduced defect rates by a factor of ten.

Course CORE SPRING Mårten Haglind In this four–day bootcamp you learn how to use the Spring Framework to create well–designed, testable business applications in an agile manner. Students build a Spring–powered JEE application that demonstrates the Spring Framework and other Spring technologies in an intensely productive, hands–on setting.

Course FUNDAMENTALS OF ANDROID PROGRAMMING Wei-Meng Lee This course covers the latest version of Android using Android Studio. Course LEARNING SWIFT PROGRAMMING Wei-Meng Lee Apple announced the new Swift programming language at the Worldwide Developers Conference (WWDC) 2014. Course FUNDAMENTALS OF IOS PROGRAMMING Wei-Meng Lee The workshop will begin with the basic concepts such as Views, View Controllers, Protocols and Delegates, as well as the tools that help you develop compelling iOS applications – Xcode and Interface Builder. Course WEB DEVELOPMENT USING PHP AND MYSQL Wei-Meng Lee PHP is a server-side script language that is designed for dynamic web applications development. It is often used in conjunction with HTML and MySQL to produce dynamic web pages. In this course, participants will learn about the PHP language, as well as how it integrates with HTML to create dynamic web applications. In addition, participants will also learn how to use PHP together with MySQL databases to create data-driven web sites.


Course ADVANCED C++ PROGRAMMING AND INTRODUCTION TO C++11 Hubert Matthews This course is designed to introduce delegates to more advanced use of C++ as well as introducing the most common parts of C++11.

Course JAVASCRIPT FOR PROGRAMMERS Christian Johansen The JavaScript programming language is covered in depth. Gain the necessary understanding of the language to work actively and effectively with the applications front–end. The course will take you through the entire JavaScript language; from basic syntax and built–in types to its object model and functional elements, giving you a solid understanding of how JavaScript really works.

Course BDD - SPECIFICATION BY EXAMPLE Gojko Adzic This two day course teaches you how to apply emerging practices for managing requirements, specifications and tests in agile and lean processes to bridge the communication gap between stakeholders and implementation teams, build quality into software from the start, design, develop and deliver systems fit for purpose. Course HOW TO GET MORE VALUE OUT OF USER STORIES Gojko Adzic Have you struggled to split user stories into small but valuable chunks? Do you have problems prioritising stories or getting a commitment from business stakeholders on what they want to achieve? Do you have issues deciding when a story is done or how many other stories you really need to achieve a business objective? Are you managing large amounts of stories that are problematic to estimate, prioritise or plan for? If so, join this interactive workshop and bring your product

owners and business sponsors to learn how to get the most out of user stories.

Course ANGULARJS FUNDAMENTALS Scott Allen The AngularJS framework allows us to build testable applications using the common web standards of HTML, JavaScript, and CSS. This course comprehensively demonstrates the features of AngularJS by building an application using directives, filters, routing, controllers, templates, services, and views. Course BUILDING APPLICATIONS WITH JAVASCRIPT AND NODEJS? Scott Allen In this course we'll see how to build fast and lightweight applications using NodeJS. We'll build the entire stack using JavaScript from end to end, from MongoDB on the back to AngularJS on the front. Along the way we'll see how to deploy anddebug applications, as well as how to implement authentication and authorization.

Course ARCHITECTURE WITH AGILITY Kevlin Henney Every system has an architecture, whether accidental or intentional, and regardless of whether it was put in place by a nominated architect or whether it emerged from the decisions and discussions of a team. All too often the focus of what is often described as architecture is centred around a specific set of platform technologies, which forms only one part of the set of concerns an architecture should. And all too often architecture is seen as a separate concern from development process, whereas the two are intertwined — what you build is influenced by how you build it, and vice versa.

Course AGILE DESIGN AND MODELING FOR ADVANCED OBJECT DESIGN WITH PATTERNS Craig Larman This popular, high–impact, and hands–on course on mastering advanced object–oriented design (OOD) and design patterns (primarily the “Gang of Four” design patterns) with agility is aimed at architects and developers of OO systems, You will learn to design with patterns, apply visual modeling in an agile modeling approach, and a suite of related advanced design topics, including the design of packages. This course is based on acclaimed industry leader Craig Larman’s extensive experience coaching and applying OOD since the mid 1980s.

Course 15. June CERTIFIED SCRUMMASTER (CSM) Daniel Gullo The Certified ScrumMaster® (CSM) Course is an entry level certification course intended for anyone who wishes to learn about the Scrum framework so that they may be informed as their organization moves through an Agile transformation; especially, with Scrum practices. This two day course, not only provides the fundamental principles of Scrum, but also gives participants hands-on experience using Scrum. Course 17. June CERTIFIED SCRUM PRODUCT OWNER (CSPO) Daniel Gullo The Certified Scrum Product Owner® (CSPO) Course is an entry level certification course intended for anyone who wishes to learn more about how product (and service) definition result in increased value delivery and other benefits all throughout the Scrum life­ cycle. Completion of this two day course results in participants becoming certified as recognised Scrum Product Owners.

Contact us for in-house training and events programutvikling.no

65


COURSES continued Course 20. May LEAN PRESENTATION SKILLS Jessie Shternshus Do you know the way to best convey your ideas to your audience? Do you have a great idea but don’t know how to put it together? In the world of Lean, your product is only as good as how you present it. Essentially, your product is your presentation! Unfortunately, even if you have great content that people are interested in, if you fail to deliver your message, your product will fail as well. Building your talk using the Lean Start-up Model. Course JAVASCRIPT AND IMPORTANT JAVASCRIPT FRAMEWORKS Sahil Malik JavaScript, the only language that actually runs everywhere. From big servers in the cloud to tiny watches on your wrist. No wonder its gained such popularitly. Spend 5 days with this powerful scripting language, and get up to speed with all the newest web technologies in popular use today. Course IDENTITY & ACCESS CONTROL FOR MODERN WEB APPLICATIONS AND APIS Dominick Baier With ASP.NET MVC, Web API and SignalR tied together using the new OWIN and Katana framework, Microsoft provides a compelling server-side stack to write modern web applications and services. In this new world we typically want to connect client platforms like iOS, Windows or Android as well as JavaScript-based applications using frameworks like AngularJS.

Course OBJECT-ORIENTATED DEVELOPMENT Eivind Nordby Through discussions and a lot of practical training, this course conveys the object-orientated way of thinking, rather than just a programming language. The main target group is developers from non object-orientated languages, like Cobol or C, but also developers using for instance C++ or Java mainly as a stuctured programming language.

66

Course PROGRAMMING JAVA STANDARD EDITION Eivind Nordby This course is designed to give programmers a solid grounding in the Java Programming language. Starting with the core syntax and OO concepts, it then progresses to covering class design, arrays and collections, core libraries, exception handling, I/O and networking, JUnit testing an introduction to Swing as well as the new Java features (the course is always up to date with the latest versions of Java SE).

Course C++ FOR EMBEDDED DEVELOPERS Mike Tarlton This course introduces the C++ language for use on realtime and embedded applications. The first part of the course focuses on the language itself, highlighting areas of concern for real–time and embedded development. The latter part covers the application of C++ to real–time systems including interrupt handling and concurrency issues. If a C++ course does not cover these fundamental issues you may find you still have a lot to learn after the training. Course AGILE SOFTWARE DEVELOPMENT WITH TEAM FOUNDATION SERVER Gáspár Nagy This two-day course prepares software developers, testers and technology-oriented managers to use Microsoft Team Foundation Server for developing agile enterprise applications. The course covers the fundamentals of the core components of TFS, focusing on the Application Lifecycle Management (ALM) aspects that can be used to become a high-performing agile development team. Course ADVANCED DISTRIBUTED SYSTEMS DESIGN USING SOA & DDD Udi Dahan Designing large–scale distributed systems is hard. New technologies make it easier to comply with today’s communications and security standards, but don’t auto–magically give you a robust and scalable system. Join Udi for a course packed with the wisdom of companies like SUN, Amazon, and EBay.

Course C#.NET: DEVELOPMENT IN .NET WITH C# Arjan Einbu In this course you will learn how to develop different types of applications in the .Net environment using the C# language. The course is intended for programmers, and focuses on what is useful to you as a developer. You will learn how to develop both Windows (Windows Forms and WPF) and web applications, libraries (.dll) and communication solutions with WCF. Course WEB DEVELOPMENT IN .NET - ASP.NET MVC , HTML5, CSS3, JAVASCRIPT Arjan Einbu This course covers everything you need to know to start building applications with the latest Microsoft web development stack. We will use ASP.NET MVC on the server and see how to work with models, views, and controllers. On the client we’ll take advantage of HTML 5, CSS 3, and the best JavaScript frameworks, including jQuery, Modernizr, and more. Course ARCHITECTING FOR CONTINUOUS DELIVERY AND ZERO DOWNTIME Axel Fontaine Continuous Delivery is all the hype these days. This training makes it a reality. We start with an overview of what Continuous Delivery is and how it can help you. We then quickly dive into the details. You will learn what it takes to architect a Java application so that it can be delivered continuously into production, with code, configuration and database delta, multiple times a day, with Zero Downtime. Course ELASTICSEARCH BOOT CAMP Aleksander Stensby This 2-day intensive course covers Elasticsearch in depth, focusing on how to use Elasticsearch for search, data exploration and data aggregation. This course will provide you with the foundation to work effectively with Elasticsearch and show that you don’t necessarily need a full Hadoop environment to make sense of your data.


Course TEST-DRIVEN DEVELOPMENT FOR C OR C++ TRAINING James Grenning This training course helps you build knowledge, understanding and skill in the engineering practices needed to build great C or C++ code. You learn how to build flexible and modular software with very few defects, software that can have a long useful life. We teach you how to prevent defects and how to keep code clean over years of evolving needs.

Course DEEP C: A COURSE FOR EXPERIENCED C AND C ++ PROGRAMMERS Olve Maudal In this two-day course we will systematically go through the fundamental building blocks needed to form the basis of a deep understanding of the programming language C. We will also do exercises in groups and then discuss together what is good and bad code.

Workshop REACT WORKSHOP Eirik Langholm Vullum React is a JavaScript library initially developed internally by Facebook/Instagram and open-sourced in 2013. It introduces a new way of thinking when it comes to building user interfaces in JavaScript. With its declarative style and virtual DOM-diffing algorithm it challenges established best practices. What does this mean for you? Faster, more maintainable applications that are easier to test, debug and reason about. Don’t want to go all-in? Don’t worry. Dip your toes in. React facilitates being used in as small or large a part of your application as you want to.

DEPLOYING DOCKER AND CONTAINERS INTO DEVELOPMENT AND PRODUCTION 23-24. September with Ben Hall - 2 days workshop Containers are becoming the de-facto standard for deploying systems ranging from small wordpress sites to Google’s own clusters. This 2-day intensive workshop provides an in-depth look at Docker and containers. You will learn how you can architect your applications to take advantage of a container-based solution. During this hands-on interactive workshop, delegates will build and deploy applications using Docker. The workshop will cover the container lifecycle from development to production. The topics will include: • Building and testing small, streamlined, containers • Mutli-Container architecture • Auto-discovery architecture

• Monitoring containers and ensuring available • Security concerns and considerations At the end attendees will understand how to deploy and run containerized applications in development and production and identify the benefits that containers can bring to systems’ architecture. REQUIRED EQUIPMENT: Bring your laptop so you can use Docker and container based systems. We’ll provide Virtualbox and virtual machines in advance. PREREQUISITES: Delegates should be comfortable working with a command line interface.

About the instructor: Be n h a s d o n e t h e rounds as a tester, developer, speaker, freelancer, st artup entrepreneur and most recently working at a startup investment company in London. Ben is currently working on his next startup venture.

HOW TO FIND US – PROGRAMUTVIKLING MAIN OFFICE, OSLO Parking Entrance

ProgramUtvikling AS is located in the IT-Fornebu technology park at Snarøya. ADDRESS Martin Lingesvei 17-25, 1367 Snarøya. Our offices and course rooms are situated in the terminal building of the former Oslo airport. The photo shows the car park, bus stop and course rooms. For details of bus times, go to trafikanten.no

ENROLMENT OPTIONS Bus stop

www.programutvikling.no - info@programutvikling.no Tel.: +47 67 10 65 65 - Fax: +47 67 82 72 31

67


With an Oslo fjord cruise, grand music, exciting multiple dining choices and an intriguing expo area, NDC Oslo 2015 is destined to be an inspiring experience.

NDC PARTY 2015 by Inger Renate M. Stie and Anette Aass Flølo

Thursday night, June 18th we let Oslo Spektrum show you what it’s really built for – and turn up the volume for our lively lineup of performers. We are happy to announce that both Ida Maria and Loveshack will be entering the stage in Oslo Spektrum this year.

We are also very proud to - once again - present Loveshack as part of our breath taking and spirit raising entertainment . Loveshack is easily the best cover band in Norway, and will take you back to the 80’s to keep you dancing all night.

sen © Vebjørn Ol

REVIVE YOUR INNER 80’S CHILD

© ASB

Ida Maria is a Norwegian singer and songwriter, and is out with her newest album “Accidental Happiness”. She specializes in fiercely energetic and exciting alternative pop-punk music with catchy melodies and witty lyrics, like her hit song “I love you so much better when you’re naked” and the single “Oh My God” which featured a collaboration with rock legend Iggy Pop.

Loveshack are, not surprisingly named after the massive B52’s hit released back in 1989. They put their own signature on the 80’s songs they cover in a big way, and create a magic retro atmosphere most bands can only dream about. So revive your inner 80’s child for Loveshack, baby!

You don’t want to miss out on this years NDC Party!

VISIT THE BUTCHER FOR LUNCH Serving food throughout the conference, the Flying Culinary Circus bring you different and mouth watering dishes for breakfast, lunch and dinner. The concepts this year are more exciting than ever, and whether you’re a vegetarian or a carnivore, there will be plenty of options for you. 68

© VisitOslo

© The FCC

THE NDC CRUISE Wednesday June 17th @ 19.00 Join us for an unforgettable cruise in the beautiful Oslo fjord. Tickets are available at ndcoslo.com

OUR PARTNERS Stop by our partners as you move around the expo area, and get i nvo l v e d i n e x c i t i n g competitions, fun games and discussions.


SINCE 2008

practical information All you need to know about NDC 2015


The NDC Oslo Team

Torbjørn Marø

Torstein Bjørnstad

Torbjørn Marø, Agenda committee Torbjørn Marø is the CTO of PS WinCom a mobile communications company in Norway. He is a passionate coder, and loves to learn and use new (and old) programming languages and technologies. As an active blogger he tries to share his excitement for software with anyone who’s willing to listen. “What I enjoy the most from a conference, apart from the great people and conversations, is often the more obscure topics. This year I’m looking forward to Gary Short’s troll hunt, Philip Laureano making a compiler, the talk on Mob Programming, and Yan Cui’s tour of the language landscape. As always NDC excites me!” Torstein Bjørnstad, Agenda Committee Torstein Bjørnstad is a consultant at Webstep focused on helping clients take use of modern web technology in order to provide rich and interactive user experiences to their users. He spends his spare time diving into and evaluating new technologies in his many fields of interest. This is Mr Bjørnstad’s second year in the agenda committee, and his focus is to represent the views of developers working with the .NET stack. “This year we received a record number of submitted abstracts on a lot of diverse topics, and thanks to this we have been able to produce what I feel is a very good agenda. We have many great names, and 70

Niall Merrigan

Liam Westley

a lot of interesting talks on topics ranging from microservices to troll hunting. Personally, I am really looking forward to our many architecture talks! I hope you all enjoy this year’s NDC, I look forward to seeing you fill up Oslo Spektrum!” Niall Merrigan, Agenda Committee Niall is Managing Consultant with Capgemini Stavanger, He is also a Microsoft ASP.NET MVP, and general rugby nut (which means he shouts a lot). He has a passion for web technologies, security and whiskey which can lead to some interesting discussions. He can be found on twitter as @nmerrigan and hosts a blog at certsandprogs.com. “Oh boy that was tough! With great power comes great responsibility. Clichéd as it may seem, that is what is like when you sit on the agenda committee for NDC. I was extremely humbled to get the chance to go behind the scenes and help build the agenda for NDC. I am very happy to see a lot of security focused talks this year and I hope developers will come away from NDC this year with a lot of new ideas and techniques to add to their arsenal of tools.” Liam Westley, Agenda Committee Liam Westley is an application architect at Huddle based in London, with responsibilities including the mobile application architecture to support their iOS and Android applications. Liam is an

Bryan Hunter

active member of the UK .NET community, regularly speaking at user groups and conferences, as well as being an organiser for London .Net Users. A past working in television graphics has left him with a penchant for design and a concern for quality UX. “It is amazing how many proposals NDC receives when they issue a call for papers. It’s a real privilege to be on the agenda committee, getting a glimpse at what is currently exciting developers, even if it does involve being locked in a room by the NDC crew for two solid days. I’m really looking forward to the new speakers who will be in Oslo this year, including our youngest ever speaker, Sean Trelford.” Bryan Hunter, Agenda Committee Bryan Hunter is the CTO of Nashville-based Firefly Logic, and a functional programmer (Erlang, F#, and Elixir). He is a Microsoft MVP in F#, and founded the polyglot functional programming group NashFP. Bryan volunteers much of his free time to promoting functional programming through community building, developer events, and business-leader education. “It is business time for functional programming, and the goal of this track is to help you “make it real” in 2015 by bringing FP into your day job. For many attendees the benefits of F# are within reach, and we have assembled a stunning line-up of F# badasses.”


Arif Shafique, Agenda Committee Arif has worked in the industry since 1997, and have for the past 9 years in Microsoft worked on everything that has been new and shiny, including apps for windows, WP, Xbox and Office365. Last year he started the IoT efforts inside his team where they are building competency on hardware alongside software and cloud. He is now working to educate and help developers, startups and enterprise kick start their IoT efforts.”“This year’s NDC agenda looks very exciting and diverse. You will find talks from good old powerful C++ to lean and fun angular JS. And then there is the hardware stuff this year. Its exciting to see that hardware and software through the demand of IoT is now blending. But I believe in able to really create secure and useful IoT projects, software developers must be part of the process. In that sense NDC 2015 is perfect place to kick start your IoT project”. Olve Maudal, Agenda Committee Olve Maudal works for Cisco Systems where he is involved in developing collaboration technology, in particular video conferencing products and telepresence solutions. He loves to write code, but he is just as interested in how software is

developed as what it actually does. Main interests are C, C++, TDD, secure coding and software architecture.“We have created a strong two day C++ track that we hope fits nicely into the new embedded and IoT track. This year you can learn more about details of the standard library, security, and modern development techniques in C++, just to mention a few things. Please note that there is also a two day pre-conference C++ tutorial that you probably want to concider - Switching to C++11/C++14, Nico Josuttis.” Mike Long, Agenda Committee Mike’s specialties include coaching and mentoring teams to adopt modern technical practices in complex embedded and legacy development environments. Mike is active in the software community. As founder and organizer for the Oslo Embedded Software Meetup he has helped bring together passionate software craftsmen to share experience and skills. “With my background in low-level systems programming, I am delighted that NDC will host workshops and tracks on Embedded software and C++. Our community finally has a place to go to learn from each other and be amongst the leaders in our field. Devices are everywhere, software is in them, and it is changing our world!”

Kjersti Sandberg, Founder/Business Developer Kjersti Sandberg is the founder of ProgramUtvikling AS, and has organized the NDC Conference from the very beginning. Her daily job is with the professional areas of sale, marketing and business development. Jakob Bradford, General Manager Jakob is the general manager of the NDC conferences. He likes to be involved in everything and he really hopes this doesn’t make him a micro manager. He’s passion is business development and his dream is to bring the NDC conferences to all corners of the world. Charlotte Lyng, Project Manager Charlotte’s role is to be the main point of contact for speakers and partners as well as dealing with all the logistics such as speaker travel and speaker evening events for NDC Oslo and NDC London. She is also responsible for getting in articles for NDC Magazine, publishing content on NDC’s social media accounts and answer all enquiries in the NDC infobox. Henriette Motzfeldt, Administration Henriette’s is in charge of accounting and administration. During NDC you will find her in the info booth. Steinar Braaten, Web Editor Steinar is making sure that the NDC website is always up to date, and is publishing speakers and partners as soon as they are announced.

Arif Shafique

Olve Maudal

Mike Long

Kjersti Sandberg

Jakob Bradford

Charlotte Lyng

Henriette Motzfeldt

Steinar Braaten 71


SINCE 2008

Keynotes: Bruce Schneier and James Mickens

2 DAYS OF WORKSHOPS 3 DAYS OF CONFERENCE TALKS

@NDC_conferences #ndcoslo


mix and match Get all access to a whole week of inspiration or mix and match as you like Ticket types

Price

All Access Pass With Hotel All Access Pass (Workshops + Conference) 3 Day Conference Pass With Hotel 3 Day Conference Pass 2 Day Conference Pass 1 Day Conference Pass

NOK 26400 NOK 11900 NOK 15900 NOK 11900 NOK 10500 NOK 8900

2 Day Pre-Conference Workshop Pass 1 Day Pre-Conference Workshop Pass

NOK 10500 NOK 8900

25% VAT will be added to all ticket types.

be inspired

sign up now! ndcoslo.com


Meet the User Groups at NDC Community by Charlotte Lyng NDC has invited some of the larger user groups to share their passion with the NDC crowd. The NDC community area has 7 user groups present that will help create more action during the conference. Each user group will give quizzes, interview some of the profiled NDC speakers and conduct competitions.

NDC Community Tuesday Attend NDC Community Tuesday in Oslo Spektrum Tuesday 17.00. The event is free and several user groups have invited NDC speakers to host their meetups. To learn more and sign up, go to www.meetup.com/NDC-Meetup/

74


Meet the following user groups at this year`s NDC Community:

NNUG Nor wegian .NET User Group (NNUG) is an independent user group for developers by developers. We strive to be an open community where developers and architects of every level can meet up and share knowledge about the Microsoft development platform, craftsmanship and best practices for developers. We meet up about once a month, sometimes featuring international speakers, but always with great local talent ready to share and discuss both bleeding edge technology and well-established practices. We have chapters located in Oslo, Bergen, Stavanger, Haugesund, Kristiansand, Trondheim and Vestfold.

BAKSIA Baksia’s mission is to promote back end development. Our presentations and speakers focus on horizontally scalable solutions and the underlying frameworks, programming languages and paradigms. We are a fast growing community of almost 600 members. In the three years since we started, 16 speakers have presented interesting topics at our meetings. We always start with food and beverages kindly provided by our sponsors; Inmeta Consulting, Conax and Ardoq. NITH facilitate our meetings with central meeting venues in down town Oslo, close to public transportation.

BITRAF Bitraf is a hackerspace / makerspace in Oslo, which is open to anyone 7 days a week. Come by if you are interested in programming, digital art, electronics, milling and fabrication, free software, game development or other similar activities. Work own your projects in a social environment, host or attend a workshop, a game jam, hackathon, bug squashing party or a good old fashioned LAN party. Bitraf is completely user driven, so you decide what’s going on.

ANGULAR JS AngularJS Oslo meetup is a community of web developers dedicated to one of the most advanced and hot discussed JavaScript frameworks ideally suited for creating modern web and mobile applications. Community’s mission is to help web front-end developers with selection of the best framework for their needs and to share knowledge, experience and best practices on it.

EMBEDDED SOFTWARE This is a group for anyone interested in embedded systems programming! If you love working on the low level, breathing life into hardware, and creating the next generation of devices this group is for you.

MOBILE MEETUP Mobile Meetup Oslo is a community dedicated to all aspects of mobile technologies world. We are about concepts, news, design, development, entrepreneurship in this rapidly evolving area. Our speakers and members are top mobile professionals and passionate enthusiasts who share their knowledge and experience as well as inspire you with fresh ideas about mobile devices, apps, frameworks, methodologies.

NDC MEETUP NDC Meetup host talks and workshops with NDC trainers and speakers on a regular basis. We cover everything within the software industry. LÆR KIDSA KODING ‘Lær Kidsa Koding’ is a Norwegian sibling to Code.org and Code Club - a volunteer movement that seeks to introduce children to coding. We wish to increase the general IT knowledge, and contribute to IT-recruitment by giving all students a chance to learn programming. We also help schools, and provide arenas where teachers and code club instructors can meet and help each other.

75


Programming –

the most important language of the information age by Tjerand Silde

Š Ollyy/Shutterstock

I was 18 years old when I wrote my first lines of code. Despite my interest in science, I was not introduced to programming until I went to university. In retrospect, I think this is very sad, because there is only a coincidence that has led to my discovery of a whole new world that I now have fallen in love with.

76


The Teach Kids Code-movement (Lær Kidsa Koding) has experienced exponential growth since we started up for just a couple of years ago. New code clubs starts up all over Norway, and children of all ages are introduced to programming. For example, in Trondheim, we have 300 children attending the code club, every week. Considering everything around us who are driven by electronics, all professions that rely on computers and all the time we spend playing games on tablets and phones. It is quite strange that most of us don’t know how anything works.

schools. Norway is still behind, but things have started to move. In January, the Minister of Local Government and Modernisation, Jan Tore Sanner, visited the code club at Hofstad in Asker, we hope this visit will have positive outcome. Furthermore, Torgeir Waterhouse held the ending post on TEDxOslo 2015. His ten minutes on stage contained so many good points about why children should learn programming that TEDx chose to accentuate it as one of the best speeches in February. To this date, “Teach Kids Code” have been seen almost 13,000 times.

sively motivated children, grateful parents and committed tutors. I have no doubt that we are on track to revolutionize the modern knowledge society.

Fortunately, several countries have introduced programming as a compulsory subjects in primary

These are two of several events that have helped to increase awareness of programming in Norway. We also have the Hour of Code which in the recent years been held in December, where the goal is that all schools should set aside an hour of programming for all classes. This is a concept with increasing participation, and in 2014 there was almost 25,000 Norwegian kids that participated! This suggests that the important cultural change has started, and the Lær Kidsa Koding movement have grown so much that we have seen the need to take it to the next level.

Despite all the activity around the country, both in terms of meetups, conferences and code clubs, one great event have been extra special. Namely NDC Jr. This is arranged for the third consecutive years, and the two preceding years we had 180 and 300 participants. The planning of this year’s event at Tuesday June 16th have started, and we hope to surpass the last two years. This year we will also have a special workshop for the most skilled youngsters. It is important to also challenge those who have taken the biggest steps. Until now, Lær Kidsa Koding’s main focus have been the beginners.

«I’m driven by the fact and the knowledge and the hope and the dream that we can empower kids with technology.» TORGEIR WATERHOUSE

«I think Lær Kidsa Koding movement is a great and important initiative, and I want to look at how we politicians can help to support such measures.» JAN TORE SANNER

In January 2015 Samsung and Lær Kidsa Koding(LKK) became partners, which gave us the opportunity to hire a project manager to work full time to develop the movement further. This is where I come into the picture. Because of my background as a co-founder of the code club in Trondheim and leader in Vektorprogrammet, I got the great honor to dedicate all my time to LKK. The activity in the movement has increased significantly and I meet almost exclu-

It is also important to emphasize that the code club is a venue for exploring, learning and creativity, not a place where an oracle tell you how everything works. I have a deep desire to live in a society where all young people are able to influence their technological life. Don’t you?

77


© S-F/Shutterstock

The capital of Norway

Oslo Opera House

78

© TTstudio/Shutterstock

The Town Hall

© Nanisimova/Shutterstock

The Royal Palace

© TTstudio/Shutterstock

Oslo is a city full of contrasts. Its natural beauty, in combination with all the facilities of a modern metropolis, adds to the charm of a city often described as ‘the world`s largest village’. The surrounding countryside provides recreational opportunities for the city`s inhabitants and visitors all year round.

Use the Oslo Pass on all public transport


Oslo has a special combination of city life and easy access to the great outdoors. The city`s unique location means almost unlimited opportunities for fun, and these are some of the choices you have when spending time in Oslo: AKERSHUS FORTRESS Akershus Castle, also known as Akershus Slott, is a historic Norwegian landmark, located in the city centre by the Oslo Fjord. It is a great place to discover Oslo’s history and a beautiful place to enjoy a summer day. Experience 700 years of history at Akershus Fortress with a guided tour. Guided tours are available every day in summer and on weekends in May and between mid-August and December. MATHALLEN Mathallen Oslo is inspired by the great European food courts. Here you’ll find specialty shops, cafés and great places to eat. The court offers fish, meat, vegetables, baked goods, coffee – everything brought to us by the best suppliers and distributors of Norway, as well as some imported products. The atmosphere of the food court and its products reflects our passion for good food and beverages. SCHOUSKJELLEREN MIKROBRYGGERI Imagine Norway in the time of the vikings: A dim, candle-lit vaulted hall where mead was swigged from goblets, resting on long rustic wooden tables, all the while a massive fire roars away in the corner. Now replace the bearded barbarians with bearded Norwegian trendsetters, and the fermented honey water with in-house brewed beers and you have got the atmospheric setting of the schouskjelleren Mikro­bryggeri brew-pub. The brewery is located underground in the cellar of the old Schous Brewery on Trondheimsveien.

Oslo in numbers

HOLMENKOLLEN SKIJUMP A historic landmark in the Norwegian consciousness, Holmenkollen embodies more than a century of skiing competitions. Inside the ski jump is the Holmenkollen Ski Museum, the oldest of its kind in the world. The museum presents over 4,000 years of skiing history, Norwegian polar exploration artifacts and an exhibition on snowboarding and modern skiing. The observation deck on top of the jump tower offers panoramic views of Oslo. GRUNERLØKKA Grunerløkka is one of Oslo`s most popular boroughs. What started as a bohemian escape has turned into one of the most trendy parts of the city. Grunerløkka, commonly referred to as ‘Løkka’, is know for its creative atmosphere and numerous little cafes, restaurants and bars. The borough is also a popular shopping district with original design shops and many vintage stores. THE NORWEGIAN OPERA & BALLET Opera fan or not, this building in itself is worth a visit. Oslo`s new Opera House is shaped lie an iceberg coming out of the water, and is the first opera house in the world that let visitors walk on the roof. Learn more about the architecture, stagecraft, opera and ballet through a 50-minute guided tour. FUGLEN Fuglen is a 3-in-1 coffee shop, cocktail bar and vintage design shop. Fuglen (“the bird”) opened as a coffee shop in 1963, and high-quality coffee and tea is still an important part of the business. Fuglen’s trained basistas serve all kinds of espresso drink. In the evening it becomes a classic cocktail bar. Fuglen’s bartenders mix both traditional and innovative cocktails made from fresh ingre-

• Total area: 454 square kilometres • Population (2014): 634,000 • Forest area: 242 km2 • Park and sports arena area: 8 square kilometres

dients. Both during day and night Fuglen is also a vintage design shop. Everything in the bar is for sale: chairs, tables, lamps, plates, glasses and nicknacks! THE VIGELAND PARK The park is a must-see in Oslo. The famous park is filled with 192 sculptures bronze and granite sculptures, far stretching lawns and long straight avenues bordered with maple trees. On a nice summer day, the park is full of people here you can go for a run, walk the dog, have a picnic or barbecue, play badminton or just do some sunbathing. HOW TO GET AROUND IN OSLO The Oslo Pass gives you free entry to more than 30 museums and attractions, free travel on all public transport, free entry to outdoor swimming pools, discount on sightseeing, concert tickets, bike rental and special offers in restaurants, shops entertainment and leisure venues. You can decide whether you want a card that is valid for 24, 48 or 72 hours. VISIT BYGDØY Bygdøy is a peninsula on the western side of Oslo, Norway and belongs to the borough of Frogner. Bygdøy has several museums, like the Kon-Tiki Museum, which shows all year long the legendar y expeditions of Thor Heyerdahl, the Norwegian Museum of Culture History, The Viking Ship Museum and the Norwegian Maritime Museum. Bygdøy is one of Norway’s oldest cultural landscapes with a rich history. Bygdøy has beautiful parks and forests and some of Oslo’s most popular beaches. Bygdøy is accessible by bus, bike or it can be reached by the local public ferry departing from Aker Brygge every 30 minutes.

• Lakes within the city limits: 343 • Islands within the city in the Oslofjord: 40 • Length of the Oslofjord: 100 kilometres

79


PROGRAM – Wednesday .NET Framework Cloud Fun Mobile Testing

Time­ slots 09:00 10:00

10:00 10:20 10:20 11:20

11:20 11:40 11:40 12:40

Room 1

Agile Database Functional Programming People UI

Room 2

13:40 14:40

14:40 15:00 15:00 16:00

16:00 16:20 16:20 17:20

17:20 17:40 17:40 18:40

80

Architecture Design IoT Programming Languages UX

Room 4

Room 5

Big Data Devops JavaScript Search Web

Room 6

Room 7

C++ Embedded Microsoft Security

Room 8

Room 9

Keynote - Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World Bruce Schneier

Break This is not the search you are looking for

Duplicating data or replicating data in Micro Services

TBA

The New JavaScript: ES6

Practical CSS tips & tricks for backend developers

The Art of Software Gardening

Linux Device Driver Best Practices

The Real Price Functional of Shared Point- Programming ers in C++ and Lean

Toby Henderson

Dennis van der Stelt

Damian Edwards

Rob Eisenberg

Alex York

Patroklos Papapetrou

Bill Gatliff

Nico Josuttis

Bryan Hunter

Microservices, cutting through the Gordian Knot

A Lap Around .NET 2015

Asynchronous generators and promises in ES6

Developing No Estimates, Faking and interfaces — Let's Explore Mocking Why developers the Possibilities Legacy Embedare the new ded C designers

Fundamentals of Type-Dependent Code Reuse in C++

A tour of the language landscape

Anthony D. Green

Francis Paulin

Martin Jensen

Yan Cui

IMDB Continuous showdown Delivery for - comparing Architects OrigoDB, Redis and SQL Server Hekaton

What’s new in ASP.NET 5 and MVC 6

Robert Friberg

Jon Galloway and Damian Edwards

Break Approaches to multi-lingual text search with Elasticsearch and Lucene

Itamar Syn-Her- Ian Cooper shko 12:40 13:40

Room 3

Per April 2015 - Subject to change

Woody Zuill

James Grenning

Mark Isaacson

Async and ‘Don't Make Me Streaming Feel Stupid’ – JavaScript, A. User We're All Doing it Wrong!

Lightning Talks

Introducing Bluetooth Low Energy

When order does not matter

Matthew Podwysocki

Liam Westley

Per Thorsheim, Eirik Midttun Fredrik Johnsson, Pete Smith, Ashfaq Ahmed and Meg Gotshall

Bartek Szurgot

Lunch

Neal Ford

Break A guided tour of the BigData technologies zoo

The Actor .NETCore Model: Building Blimey! Hyper-Scale Distributed Systems Using Orleans

All Your Tests Are Belong to Us

Form with Function: Adding Behavior with CSS

Anti-fragile and feedback. Trying to make up for the failures of "agile."

How TDD and SOLID principles can improve your HW abstraction

Dealing with Learning from noexcept in the Haskell C++ Standard Library

Itamar Syn-Hershko

Patriek van Dorp

Matt Ellis

Rachel Appel

Tim G. Thomas

Andy Hunt

Tore Martin Hagen

Nico Josuttis

Venkat Subramaniam

To NoSQL or Not to NoSQL, That Is the Question

50 Shades of AppSec

Applying S.O.L.I.D. Principles in .NET/C#

Seriously, you should start testing that JavaScript code

Front-end Fun with Sass and Coffee

Ads in Mobile Apps and Games 101

BDD for Embedded Systems

History and Spirit of C and C++

F# and games: picking up Steam

David Ostrovsky

Troy Hunt

Chris Klug

Kuba Walinski

Dylan Beattie

Alan Mendelevich

Oscar Hellström

Olve Maudal

Andrea Magnorsky

Modelling complex game economy with Neo4j

This is Water

Omnisharp: .NET sans Microsoft

JavaScript Forensics

Designing and Programming Accessible Website and App UIs

Shazam mobile apps - data driven project management

Monitoring Sensor Data in RealTime over Azure

Performance of Type-Driven STL containers Development

Yan Cui

Neal Ford

Mathew McLoughlin

Todd H Gardner Rachel Appel

Tomasz Kustrzynski

Uffe Björklund

Hubert Matthews

Break

Break

Mark Seemann

Workshops


PROGRAM – Thursday .NET Framework Cloud Fun Mobile Testing

Time­ slots 09:00 10:00

Room 1

Agile Database Functional Programming People UI

Room 2

Room 3

Per April 2015 - Subject to change Architecture Design IoT Programming Languages UX

Room 4

Room 5

Big Data Devops JavaScript Search Web

Room 6

Room 7

C++ Embedded Microsoft Security

Room 8

Room 9

Workshops

Principles Of Microservices

TBA

Up and Running with ASP. NET on Linux

Declarative REST: State Machines for the Web

Building 3D simulators for oil & gas

Perceived speed is real speed

Video Capture and Colorspaces

Hafslund AMS: Drinking from the firehose at a large Internet-of-Things project

Elixir

Sam Newman

Udi Dahan

Mark Rendle

Einar W. Høst

Felix Gorbatsevich

Fredrik Johnsson

Hans Verkuil

Jon Andreas Pretorius and Simen Sommerfeldt

José Valim

Typical Pitfalls in Agile Software Development

Resolving Conflicts in Collaborative Occasionally Connected Mobile Apps

What’s new in Visual Studio 2015, ALM + ASP.NET 5: Next Level Development

Succeeding in Failing

Desktop applications using Chromium and Node.js

Don't demo facts. Demo stories!

Continuous Delivery of Embedded Systems

The Set of Natu- Event Sourcing ral Code and DDD with F#

Jutta Eckstein

Michael L Perry

Adam Cogan

Darrel Miller

Torstein Bjørnstad

Tudor Girba

Mike Long

Mark Isaacson

The State of DevOps in Windows Land

SOLID Architecture in Slices not Layers

Migrating your API from Web API 2 to MVC 6

High Performance in the Critical Rendering Path

TBA

What business software developers can learn from game developers

FPGAs - a 1000x Test Driven performance Development in increase. How? C/C++ What? Why?

The Phoenix Framework

Jon Arild Tørresdal

Jimmy Bogard

Filip W

Nicolas Bevacqua

Greg Young

Adam BeresDeak

Espen Tallaksen

James Grenning

Chris Mccord

Automating legacy environments with Azure

Loosely coupled applications with MassTransit and RabbitMq

The Power and Real CommuniPracticalities of cation with Immutability Real People in Real Time with WebRTC. For Reals.

Securing Web Lightning Talks APIs – Patterns & Anti-Patterns

Testdriven C++ with Catch

C++ on the Web: ponies for developers without pwn’ing users

Enterprise Tic-Tac-Toe -- A functional approach

Agile 1's game

David Lindblad

Roland Guijt

Venkat Subramaniam

Devin Rader

Dominick Baier

Sean Trelford, Phil Nash Ronald Mavarez, Martin Gravråk, Glenn F. Henriksen and Stian Veum Møllersen

JF Bastien

Scott Wlaschin

Seb Rose

Continuous Delivery - the missing parts

It's all messages now: where are my abstractions?

Making .NET Applications Faster

Tomorrow's World of Web Development

Authentication and authorization in modern JavaScript web applications – how hard can it be?

How to turn software into competitive business advantage

Memory Access Ordering in Complex Embedded Systems

Building IoT Device Applications in JavaScript and C++

Grokking Erlang OTP

Paul Stack

Matt Barrett

Sasha Goldshtein

Steve Sanderson

Brock Allen

Gojko Adzic

Chris Shore

Günter Obiltschnig

Martin Logan

The elephant in the room: Continuous Delivery for Databases

Modern architectural patterns for the cloud

Code Gems From the Rosyln and .NET Source Code

Reactive Programming Demystified

Hacking .NET(C#) Applications: Defense / Offense 103

Deliberate creativity

Embedded Linux development using the Yocto Project

Encryption in C++

~Machine learning F#

Alex Yates

John S Azariah and Mahesh Krishnan

Scott Allen

Matthew Podwysocki

Jon McCoy

Andy Hunt

Isak Styf

Jens Weller

Mathias Brandewinder

Taking other peoples money: A guide to online payments

Data exploration and analytics with elasticsearch

Getting the first IoT: babbling PR into .NET with bits and and other tales bytes from an OSS contributor

Functional C++

Aleksander Stensby

Adam Ralph

Kevlin Henney

10:00 - 10:20 Break 10:20 11:20

Jérémie Chassaing

11:20 - 11:40 Break 11:40 12:40

12:40 - 13:40 Lunch 13:40 14:40

14:40 - 15:00 Break 15:00 16:00

16:00 - 16:20 Break 16:20 17:20

17:20 - 17:40 Break 17:40 18:40

Running Docker and Containers in Development and Production

Troll Hunting on Ten simple the Internet rules for creating your own compiler on the CLR

Ben Hall

Gary Short

Philip Laureano Ben Cull

Suz Hinton

18:40 - 19:00 Break 19:00 - 19:30 Not Even Close: The State of Computer Security. James Mickens 19:30 - 00:00 Party

81

81


PROGRAM – Friday .NET Framework Cloud Fun Mobile Testing Time­ slots 09:00 10:00

10:00 10:20 10:20 11:20

11:20 11:40 11:40 12:40

12:40 13:40 14:40 15:00

14:40 15:00 15:00 16:00

16:00 16:20 16:20 17:20

82

Per April 2015 - Subject to change

Agile Database Functional Programming People UI

Room 1

Room 2

Room 3

Architecture Design IoT Programming Languages UX

Room 4

Big Data Devops JavaScript Search Web

Room 5

Room 6

Room 7

C++ Embedded Microsoft Security

Room 8

Workshops

Nano-services (functional composition)

Get Unblocked

Continuous De- TBA livery Patterns for Cloud-based Applications

Swift: Apple's New Programming Language for iOS and OS X

Aurelia: Next Generation Web Apps

Boosting security with HTTP headers

Standing on a Beach, Staring at the C

AWS vs. Azure - architectures and choices

Mitch Denny

Sasha Goldshtein

Rob Eisenberg

André N. Klingsheim

Kevlin Henney

Michele Leroux Chris Shore Bustamante and Lynn Langit

Phillip Trelford

Denise Jacobs

Advanced Con- The rest of tinuous Delivery ReST Scenarios

Universal Windows Apps – Develop for all Sizes

ReactJS

A security testers toolkit

Engagement techniques. How to get people engaged and motivated?

Get more than a cache back! The Microsoft Azure (Redis) Cache

Beer analysis using Kibana 4 and Elasticsearch

TBA

The Dark Art of Autonomy

Jeff French

Dylan Beattie

Lars Klint

Eirik Langholm Vullum

Niall Merrigan

Anna Danes

Maarten Balliauw

Christoffer Vig

Tomas Petricek

Carl Smith

How do you scale a logging infrastructure to accept a billion messages a day?

Learning Client Hypermedia from the Ground Up

Making Hacking Lifestyles of Child’s Play the rich and frameworkless

Going beyond OWASP

Removing barriers

Make it Faster - Lessons Learned from Benchmarking NoSQL on the AWS Cloud

TBA

Let’s Start an Epidemic

Paul Stack

Mike Amundsen

Troy Hunt

Pete Smith

Barry Dorrans

Hadi Hariri

Lynn Langit

Irina Guberman Doc Norton

Why monitoring sucks, and how to improve it

Crafting Evolvable Web API Representations

Making 2D Games that Run Everywhere using C# and CocosSharp

Real-time, offlinecapable, noBackend web apps with Firebase

Mob Program- Microsoft Lightning Talks ming, A Whole Azure Web Team Approach Jobs - the new way to run your workloads in the Cloud

Pavlo Baron

Darrel Miller

James Montemagno

David Ed Mellum

Woody Zuill

Magnus Mårtensson

Knowledge is power! The guide to measure what matters.

595 billions income untouched by human hands

TBA

Getting started with Meteor

.NET Rocks Panel on Application Security

Avoid the Bug as Task anti-pattern

Cloud-Scale Event Processing with the Reactive Extensions (Rx)

Mark van Straten

Trond Arve Wasskog

Greg Young

Kuba Walinski

André N. Klingsheim, Barry Dorrans, Troy Hunt, Niall Merrigan, Carl Franklin and Richard Campbell

Martin Hinshel- Matthew wood Podwysocki

DevOps Yourself: Fast-Track Your Windows Development Environment Setup with Chocolatey and Vagrant

Everything I Know About Computers, I Learned From the Movies

Xamarin. Forms: Native iOS, Android, and Windows Phone apps from ONE C# Codebase

ng-owasp: OWASP Top 10 for AngularJS Applications

Browser-ception: Building our own browser with CSS/HTML and Node.js

How to build and be a part of a highly efficient team

Evolving architecture for API delivery on Azure

F# as our day job by 2016

Justin James

Mark Rendle

James Montemagno

Kevin Hakanson

David Ed Mellum

Kjell Ljøstad

Harald Schult Ulriksen

Tomas Jansson

Udi Dahan

Multicore Software Development on ARM

Room 9

Break

Break

Lunch Metaprogramming Elixir

Claus Asbjørn Chris McCord Sørensen,Trond Marius Øvstetun,Alex Yates, Michał Sliwon and Todd H. Gardner

Workshop

Denise Jacobs

Break Workshop

Denise Jacobs

Break


One day of Internet of Things

15. OCTOBER

Radisson Blu Scandinavia Oslo

internetofthingsday.com

CONNECTING PEOPLE AND THINGS - BRIDGING BUSINESS AND TECHNOLOGY The first One Day of Internet of Things Conference was held in November 2014. The date for this years IoT conference is set to 15. October 2015 at Radisson Blu Scandinavia Hotel.

CALL FOR PAPERS

The Call for Papers deadline is 1 August 2015. Make sure you don’t miss the deadline if you would like to speak. Submit your papers to info@internetofthingsday.com

BECOME A PARTNER

A partnership includes: Exhibitor space including 1 table and 2 chairs • Your logo on our website, in advertising material and in the conference program • Your logo in the profiling decor and exhibition space during the conference • 2 conference tickets. Access to discounted partner tickets • Total cost: 20 000 NOK + VAT


Returadresse: ProgramUtvikling AS. Postboks 1, 1330 Fornebu

Upcoming NDC events NDC Oslo 15-19 june 2015 ndcoslo.com

One Day of Internet of Things 15 October 2015

internetofthingsday.com

NDC London 11-15 January 2016 ndc-london.com


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.