Mikhail Sudbin

Mikhail Sudbin
Chief Technology Officer at Advalange

Peer review is a commonly used practice in the software development world. Unarguably “Two heads are better than one” principle makes your product better. The main question is if the enhancement worth the price you pay for it. In the safety critical domain such as aerospace where reviews are mandatory, this issue is of current significance. DO-178C forces us to conduct reviews for merely every single item that is produced throughout the project lifecycle and consumes up to 30% of project efforts. Thus spending time for peer reviews in an effective and efficient manner is essential.

However, the intent lying underneath peer review sometimes becomes blurred, especially to a large and complicated aerospace project. Either review process is done for the sake of the process with the focus on production of formal review records. Or process becomes inefficient when people dig too deeply into the aspects that do not contribute in ending product quality.

Consider the following easy tips to keep the balance making your DO-178C review process more valuable and to control the time spent for review cycles responsibly:

Tip #1. Foster the right attitude.

Have you ever experienced anything similar to what I call “checkbox review” when all questions are marked with “passed” without any real check? I bet you have. Especially, when the deadline is close and management is pushing. Another case of the wrong attitude is “Correct it as I say” when a reviewer has much more authority or experience than an author does.

Always remember the following simple statement to avoid such a wrong attitude: “review is an independent qualitative opinion regarding compliance and quality of your outputs, not more not less. Every single word matters in this statement.

  • Review should be independent. Reviewer and author shall discuss findings and provide arguments, until agreement is reached rather than one of them enforces his opinion in a peremptory manner.
  • Review is always qualitative. You can never prove your views with 100% strict mathematical proof. There is always room for subjectivity.
  • Review is aimed to confirm or disprove that the output under review complies with the standards and procedures and fulfills the requirements against which it was developed. Review is neither a brainstorming meeting, nor a research session, nor training classes.

Tip# 2. Create the right checklist.

Peer review is deemed to increase product quality. Quality, however, is a very amorphous word. Everybody feels that understands what it is but almost nobody can express it in a short and quantitative manner. In the DO-178C world we are lucky to have more or less strict guidance to define the quality of the product.

  1. First, the product operation shall be safe.
  2. Second and complementary to the first, the product and process shall be compliant with the standards.
  3. Third and complementary to the first two, the product should fulfill intended functionality and shall not do anything unintended.
  4. Fourth and complementary to all above the product shall be maintainable throughout 30+ year’s period.

Always validate any review checklist against these principles. Make sure that your checklist is specific enough. It should contain questions regarding how exactly these principles are satisfied in a work product under review rather than if those principles are superficially satisfied. On the other hand, a checklist should not be too excessive. Concentrate only on what is vital. Having a 150-question checklist for a simple unit test is a sign that you are doing something wrong. Never ignore the feedback you receive from review participants. Reconsider the checklist if a reviewer is confused with what question to choose when relating a finding or if too many findings fall into the “other” category.

Tip# 3. Establish the right process.

Be sure that only relevant participants take part in the review and that their involvement is neither excessive nor insufficient. For the example with a unit test having two inspectors, one moderator and one facilitator will be exorbitant. However, such a team may not be enough for reviewing software architecture.

The flow of the review process is very important as well. Provide the team with a well-fit infrastructure to support data exchange between the participants and review records management to make it a favorite piece of project culture rather than annoying formal activity. Usually, configuration management systems are extended with peer review plugins to make the process fast, transparent and straightforward. Investment in convenient tool setup for reviews is a wise decision. What you  do not want to have is a “manual” process and record flow with review cover sheets looking like a “history book of the project”.

 

Taking after these three tips brings a powerful tool for project analysis in addition to making review process more adequate. The right checklists provide you with well-structured data taxonomy. The right attitude and the right participants provide confidence that data connected to those checklists is accurate and representative.  Statistical analysis will help you to figure out weak or poor defined aspects of your project besides the review process itself.

DO-178C requires reviews and no one can get by without it. It is your choice to make it for compliance solely or to get real benefits. The three tips will help you to make a wise decision and maximize cost\value ratio from your reviews.

Welcome post from Mikhail Sudbin, Advalange CTO.

Mikhail Sudbin, Advalange CTODear friends,

In this welcome post I want to shed some light on my joining the Advalange organization. First, let me say a couple of words on my vision of software development and the safety-critical domain in particular. This will help to understand better what made me make this decision.

Revise your memory and compare the software industry in the early ’90s and now. Various frameworks and engines significantly changed the way application and solution software are developed. Just imagine if anybody tells you: “Every single line of code for this ERP system was written within these walls.” You would take it normally in 1995 but today you won’t believe it. New technologies are developing along with new methodologies. There was no such phrases as “scrum” or “application platform” 20 years ago.

The safety critical area is a little bit more conservative but now it is entering the new period of evolution and similar techniques come into play. As an example, look at integrated modular avionics and new approaches and challenges it brings to the aerospace domain. Organizations should accept the evolution and change accordingly to face it.

“Always be focused and keep in mind
how the result should look like.”

The organization I used to be working for was quite conservative and was not eager to catch on to the new trends. I was searching for the new opportunities when Evgeny proposed to found the new company. At first I was quite pessimistic. No solid background, no corporate culture, no proven structure… However, when we talked it over I saw that the idea could work. Let’s gather experienced, like-minded people and build a new entity. We can make “drawbacks” our strengths. Let’s build culture and infrastructure aimed at facing the new challenges. Our people are knowledgeable and creative enough to do it. There will be no bureaucracy or legacy constraints that other organizations face, and it will be a huge benefit.

We all sat together and discussed our positive and negative experiences of working with various organizations. It was quite a wide range of case studies: from Fortune 500 corporations with 10-year-long projects with thousands of people involved to tiny labs with a dozen people max. We came to the decision that often very few people know for what reason they are doing particular things, especially in big organizations. We definitely wanted to be different.

“Business process is a means encouraging
people to act and aim for results,
while the team is a core of Advalange.”

Thus, one of our main principles is “be focused.” You need to know what the result should look like. You need to put on the hat of the customer, manufacturer, user, vendor, and, at the very end, the hat of the engineer to figure it out. You need to understand how each particular task influences the result. Another principle that we agreed upon is that our world is not perfect. If you try to build a perfect product, you will fail. Even the famous gadget has its own drawbacks. Be a little bit more pragmatic: deliver the right result, spending the right amount of time and money.

Other key features of our new organization were based on these two principles. We accepted that people and teams should be the core aspect of our organization. Business processes should encourage people to act and aim for results. On the other hand, every single individual should commit to the principles and be tough enough to follow them. I was happy to know that the awesome group of cool professionals shares this point of view and we would be able to get the team together.

I did not doubt long and accepted the role of chief technology and process officer at Advalange. I think that this role is very close to the opportunity I was searching for. I believe the Advalange principles can be a sound basis of a unique corporate culture in the safety critical domain. I would be proud to prove that such a way of doing things can lead to building a solid and respectable organization. It will be a challenge and will definitely bring me to a new level of mastery.