Академический Документы
Профессиональный Документы
Культура Документы
Programming Lang source language (JPL) Runtime Environment facility to run applets or programs Class Library
Characteristics: 1. 2. 3. 4. 5. 6. 7. 8. High level General Purpose Similar to C++ - same semantic constructs Object Orientated Dynamic instance of object created at RT Strongly Typed data item declared, intended & prohibited Statically Type Checked typed compatibility checked @ RT Concurrent Multiple threads execute concurrently
Java as a platform Virtual Machine (JVM) Java API ready made software components; grouped into libraries (packages) 1. 2. 3. 4. 5. 6. 7. 8. Objects, strings, threads, I/O Applets Networking (TCP, UDP) Internationalisation Security Software like Javabeans Object Serialisation (RMI) JDBC
Java Program Java API Java Virtual Machine Hardware-Based Platform JVM Interpretive Execution - unlike a conventional compiler that translates source into a binary object, machine independent binary representation known as byte co de is read by interpreter Automatic garbage collection- allocate and release memory Multi-threaded Execution concurrent thread execution, scheduling and context swi tching (microkernel) Internet Access includes socket library, java program can become client using TC P or UDP Graphics control display, create windows JPL, Runtime, byte code are independent of hardware, produces the same output on any computer. Interpreter makes programs portable. Advantages: 1. Agnostic computer brand, download and run copy of active document 2. Guarantees document produce correct output on all browsers 3. Reduces document creation costs, one version instead of multiple version s for each type of computer.
Bout Applets 1. Applets are stored on an Internet/Intranet server. 2. Run on JVM provided by the browser 3. Delivery and execution is supervised under of Security Manager which reg ulates tasks 4. Browser looks at the <APPLET> tag on the page 5. Class loader inside JVM checks to see what classes are needed 6. Class loading process, classes are loaded through a verifier to ensure n o malevolent code is run 7. Different from java program where classes are found using CLASSPATH, app lets use CODEBASE attribute in the <APPLET> tag Java is case sensitive Use fully qualified name (include package name, classname etc..) Ensure quotes around values like CODE, CODEBASE Ensure browser support and versioning Some browsers may omit certain parts of the java functionality Browsers differ in their implementation of the Security Mgr. Solutions to browser issues: Use same version of JDK Write only JDK 1.02 code Get the non-core Java classes installed on clients Pick on browser Tips for deployment of Applet Get files to right location, move HTML files aove class hierarchy (where your co mpile files go) Use packages to avoid conflicts with classes Have the most current browser Use archive files, compressed class files for the client to use. Java Overview Review Features: OO with classes and inheritance Strong typing and safety Small Garbage collection Huge platform Applets and applications Type All variable declarations must be typed including parameter of methods. Mostly s tatic type checking (some dynamic and casting) Primitive Types, All Classes, Arrays Classes Templates Public class DogClass { } Public void bark()
Object & Constructors Initialize a class or its methods. Constructor method is same name as the class name Class Fields are methods defined in classes Subclasses and Inheritance pubic class Smallthing extends Mainthing Visibility: Private viewable only inside the class Package viewable inside class and in the same package Protected private + package and subclasses Public all classes Interfaces: Interface declaration Public interface something {} Used in a class declaration to extend Exceptions: Use of Try - Catch syntax Java Security Notes: Manage threats by active content by isolating all sensitive, potentially unsafe functions of programming lang. Browser defines security policy for authorized and unauthorized access JPL must gain permission from module (Sec. Mgr) enforcing policy to run sensitiv e functions to completion and access resource. Sandboxing Java defines Security Manager class # of access-control methods Sandboxes major threats to active document Security manager methods have naming convention with checkXXXX Browser measures trustworthiness of java code Applets and Apps loaded locally are considered trustworthy Applets and apps on network are not & access is limited by sandboxing so: 1. 2. System resources are limited All the checkXXX methods in SecMgr class throw security exceptions
Sockets are Software interfaces that connect an app to the network. 64K addressable sock ets, colloquially known as port numbers. Server programs listen to these sockets for any service requests Client program needs to open socket of its own before it can connect to a server socket at the end ServerSocket (Server) and Socket (Client) classes provide complete TCP/IP connec tivity support; provides methods to connect any stream (I/O) to a socket to comm unicate through.
Garbage Collection Pertains to objects not being needed by a program, when object is not referenced , the heap space that is occupied is recycled to make space available for subseq uent objects. Fights heap fragmentation whereby process of extending memory this caused during the normal course of running application freeing and allocating in between live objects and not enough contiguous free heap space where a new object needs to f it. Heap is the area of memory used for dynamic allocation where blocks are allocate d and freed in arbitrary order. Pattern of allocation and size of blocks are not known until run time.
Finalizer is a method called immediately before a class is garbage collected. Thread is a single flow of control within a program which must have its own resou rces sometimes share many resources like memory space and open files, hence refe rred to as a lightweight process. Easier to create and destroy than a true process cause of the less resource management is involved. Program Counter (PC) is a instruction address register in CPU contains address f or the next instruction to be executed. Enterprise Computing History 1. Mainframes, Dumb terminals 2. Isolated PCs 3. Networks: Client/Server model 2 Tier Logic Application Servers 3 Tier Problems with 2 Tier model : Fat client Business logic on PC Clients Expensive to maintain Heavy communication Transactions conducted controlled by client Security problems Distribute updates problems Check out Windows! 3-Tier 1. Presentation Layer, 2. Business Logic Layer (web server) 3. Backend Data Layer Middle Tier is where business objects, components are stored Design re-use, GUI frontend Easy maintenance & Change management Easy management across all tiers: 1. Security 2. Transaction Processing 3. System Management
Component problems with: DLL problems with shared components OLE and COM COM+ and DCOM problems with platform dependence Should be decoupled for re-use and easier replacement & update Enterprise systems based on components: Transaction Logic Persistence Security Concurrency Performance Component Models: COM, COM++ JavaBeans OMG (CORBA) Object Management Group (OMG) is a consortium aimed at setting standards in obje ct-oriented programming as well as system modeling. Considerations: Multiple platforms Communication between objects Distribution of objects (mobile code) Management of components (support for hard parts) Examine JavaBeans, RPC, and CORBA EJB (Enterprise JavaBeans) Session come in (stateful,- client sessions v. stateless - quicker) Persistent objects Containers supporting framework for components, manage the of life & instances o f EJB; middleware involved in hard parts EJBs are deployed in an EJB container within the application server. The specifi cation describes how an EJB interacts with its container and how client code int eracts with the container/EJB combination. READ MOR E specification
RMI - a Java application programming interface for performing remote procedural calls. Remote procedure call (RPC) is a protocol that allows a computer program running on one host to cause code to be executed on another host without the programmer needing to explicitly code for this. When the code in question is written using object-oriented principles, RPC is sometimes referred to as remote invocation o r remote method invocation. RPC - Remote Procedure Calls paradigm for implementing the client-server model of distributed computing RPC is initiated by the caller (client) sending a request message to a remote sy stem (the server) to execute a certain procedure using arguments supplied. A result message is returned to the caller. There are many variations and subtle ties in various implementations, resulting in a variety of different (incompatib le) RPC protocols. In order to allow servers to be accessed by differing clients, a number of stand
ardized RPC systems have been created. Most of these use an interface descriptio n language (IDL) to allow various platforms to call the RPC. Examples Sun RPC (s ometimes called ONC RPC), DCE, Microsoft s DCOM (and ActiveX) *based in part on DCE, and CORBA Recently a number of vendors have started using XML as the IDL, and HTTP as the network protocol. The advantage of this system, known as web services, is simpli city and standardization, the IDL is a text file that is widely understood, and HTTP is built into almost all modern operating systems. An example of such an RP C system is SOAP, developed in turn from XML-RPC. IIOP, the Internet Inter-Orb Protocol, is a protocol for communication between C ORBA ORBs CORBA Common Object Request Broker Architecture Neutral way to access objects (inter-operable) ORB receives request, must find implementation ORB prepared to implement object to deal with request Communicate with data to complete request IDL specifies how to communicate with an ORB ORB is used to access objects on same machine and across network Defines APIs, communication protocol, and object/service information models to e nable heterogeneous applications written in various languages running on various platforms to interoperate. CORBA therefore provides platform and location trans parency for well-defined objects, which are the fundamental underpinnings of any distributed computing platform. In a general sense CORBA "wraps" code written in another language into a bundle containing additional information on the capabilities of the code inside, and ho w to call it. The resulting wrapped objects can then be called from other progra ms (or CORBA objects) over the network. In this sense CORBA can be considered as a machine-readable documentation format, similar to a header file but with cons iderably more information. CORBA uses an interface definition language (IDL) to specify the interfaces that objects will present to the world. CORBA then specifies a "mapping" from IDL (I nterface Definition Language) to a specific implementation language like C++ or Java. This mapping precisely describes how the CORBA data types are to be used i n both client and server implementations. CORBA Limits: Lowest common denominator missing advanced features, higher order, event/callbac k, multi-casting Asynchronous message passing Problems of too many threads IIOP/Firewall problems Inter-operability of ORBs for different vendors. READ MORE about POA, IR, DII 1. 2. 3. COM and OMG CORBA standards did not inter-operate Numerous security and administrative issues Limited scalability expectations of the web
Web Services Uses standardized XML message system Alternatives to XML messaging:
XML-RPC, SOAP, HTTP GET/POST Web Services are: Self describing Discoverable Independent not tied to an OS Self describing publish a public interface Human readable documentation Discoverable mechanism to find the service Web is human-centric, where Web Services is described as application centric con versations can take directly between applications just as easily browsers & serv ers. Examples: Credit Card Verification, Shopping bots, Currency conversion, language translation Tim Berners Lee actualisation of semantic web Decoupling presentation from content, web-app centric, component orientated, Aut omated web Web Service Roles Service Provider implements the services and makes it available Service Requester any consumer for the WS. The requestor utilizes an existing WS by issuing a XML request. Service Registry centralized directory of services. This registry provides a cen tral place where developers can publish new services. The Web service protocol stack is the collection of computer networking protocol s that are used to define, locate, implement, and make Web services interact wit h each other. The Web service protocol stack is mainly comprised of four areas: Service Transport: It is responsible for transporting messages between network a pplications and includes protocols such as HTTP, SMTP, FTP, as well as the more recent Blocks Extensible Exchange Protocol (BEEP). XML Messaging: It is responsible for encoding messages in a common XML format so that messages can be understood at either end of the network connection. Curren tly, this area includes such protocols as XML-RPC and SOAP. Service Description: It is used for describing the public interface to a specifi c web service. The WSDL protocol is typically used for this purpose. Service Discovery: It centralizes services into a common registry such that netw ork web services can publish their location and description, and makes it easy t o discover what services are available on the network. At present, the UDDI prot ocol is normally used for service discovery. XML: All data to be exchanged is formatted with XML tags. This encoding can be p erformed by SOAP or XML-RPC (note: industry standards for security, interoperabi lity, etc. are based on SOAP). Common protocols: XML data can be transported between applications using common
protocols such as HTTP, FTP, SMTP and XMPP. WSDL: The public interface to the web service is described by Web Services Descr iption Language, or WSDL. This is an XML-based service description on how to com municate using the web service. UDDI: The web service information is published using this protocol. It enables a pplications to look up web services information in order to determine whether to use them. WS-Security: The Web Services Security protocol has been accepted as an OASIS st andard. The standard allows authentication of actors and confidentiality of the messages sent. Contenders: XML-RPC, SOAP XML-RPC simple protocol that uses XML messages to perform RPCs, is platform inde pendent. Messaging: Requests are encoded in XML and sent via HTTP POST XML Responses are embedded in the body of the HTTP Response embedded in the body of HTTP response SOAP XML based protocol for exchanging information between computers SOAP is RPCs transported via HTTP Like XML-RPC, its platform independent.
WSDL currently represents the service description within the web service protoco l stack, written XML grammar specifying a public interface which can include all publicly available functions, data type info for all XML messages. UDDI represents the discovery layer within the protocol stack. Technical spec fo r publication Principal categories: White, Yellow, and Green Pages Service 1. 2. 3. 4. Service 1. 2. 3. 4. 5. Needs: Allow problem solving logic from existing applications to be reused (recycle sof tware functionality) Transform application ownership Viewed as standardized, platform and programming language independent mechanism Main Advantages: Supply Side: Removes need to develop all necessary software Request Perspective: Find services via UDDI Retrieve service description file: WSDL or XML-RPC Create XML-RPC or SOAL client Invoke remote service Provider Perspective: Create core functionality Create XML-RPC or SOAP service wrapper Create WSDL services description or XML-RPC integration instructions Deploy service Register new service via UDDI
Demand
Standardized platform & programming language access to 3rd party software Compress development schedule Reduce software testing Reduce application development costs Expedites time to market Easy to add new functionality Remove platform dependencies. Side: Access feature rich apps Faster availability of new apps, new features & software upgrades More reliable & resilient software Greater variety of apps Available economically infeasible apps
Security Aspects of security: Authentication id of author or participant Authorization are you allowed Confidentially protect from eavesdropping Integrity has it been altered Non-repudiation - receipts
Encryption for addressing Internet Protocol Stack Application Layer Kerberos, DNSSEC TCP/UDP Transport Layer SSH, SSL/TLS Internet IP Layer IPSec Data Link, Network Access Layer Tunnelling protocols Cryptography Science of making the cost of improperly acquiring or altering data greater than the potential value Secret Key Public Key Message Digest Signatures Certificates Plaintext -> Encryption -> CipherText -> Decryption->PlainText Symmetric Key Systems Both keys to encrypt and decrypt are available to both parties, problems with ke y distribution Asymmetric Key Systems i.e. Diffie-Hellman Public key and Private key, where public key can only encrypt msg not decrypt to read (need a private key)
Cryptosystems based on three cryptographic algorithms: Secret key Public key Message digest Secret Key algorithms encrypt plaintext the same size; symmetric cryptography or ng keys; SSL used to create authenticated uses Digital Certificates to negotiate a messages to ciphertexts that are usually bulk encryption; Problem with exchangi and encrypted channels on the internet secret key between server and browser
Examples: Blowfish, DES, RC2, RC4, RC5, Triple DES Public Key algorithms similar to secret key, but use two keys, one public, one p rivate; because uses 2 distinct keys it is called asymmetric cryptography; keys are mathematical value, involves the use of prime numbers and factoring Example: Diffie-Hellman, RSA SSL (Secure Sockets Layer) creates secure and reliable communication 1. Connection is private, encryption used after initial handshake to define cryptographic protocol; secret key encryption is used for data encryption 2. The peers identity can be authenticated using public key cryptography
3. The connection is reliable, message transport includes integrity check u sing secure has functions. Message Digest algorithms map variable length plaintext with fixed length cipher text Key servers (KS) act as intermediaries hold shared keys. All messages go through the key server Kerberos also uses a key server, but key server sends a new secret key plus anot her key with recipients key that are both encyrypted; considered a session key o nly known to Sender, Recipient & KS. PKI Public Key Infrastructure involves a Certificate Authority (CA); requires a public/key pair; person generates own key pair and submits the public key to the CA. CA verifies that the person is the person who say he/she is and signs a dig ital certificate; reliability on Digital Keys: BIT Frameworks Systems thinkers are particularly interested in studying systems because changin g a system frequently leads to counterintuitive system responses. For example fe edback loops may operate to either keep the organization in check or unbalance i t. Traditional decision making tends to involve linear cause and effect relationshi ps. By taking a systems approach, we can see the whole complex of bidirectional interrelationships. Instead of analysing a problem in terms of an input and an o utput, for example, we look at the whole system of inputs, processes, outputs, f eedback, and controls. This larger picture will typically provide more useful re sults than traditional methods.
System thinking also helps us integrate the temporal dimension of any decision. Instead of looking at discrete "snapshots" at points in time, a systems methodol ogy will allow us to see change as a continuous process. Systems Thinking is a worldview based on the perspective of the systems sciences , which seeks to understand interconnectedness, complexity and wholeness of comp onents of systems in specific relationship to each other. Systems thinking is no t only constructivist, rather systems thinking embraces the values of reductioni st science by understanding the parts, and the constructivist perspectives which seek to understand wholes, and more so, the understanding of the complex relati onships that enable parts to become wholes as noted in the example below. Methodologies Systems thinking uses a variety of techniques that may be divided into: Hard systems - involving simulations, often using computers and the techniques o f operations research. Useful for problems that can justifiably be quantified. H owever it cannot easily take into account unquantifiable variables (opinions, cu lture, politics, etc), and may treat people as being passive, rather than having complex motivations. HS have an explicit objective governed by fixed rules such as those encountered in decision making. Operational Research is a hard, well defined system Project Management Forecasting Simulation Mathematical Programming Decision Theory Stochastic Statistically based on prbobablity. Deterministic fixed inputs and known outputs Soft systems - Used to tackle systems that cannot easily be quantified, especial ly those involving people interacting with each other or with "systems". Useful for understanding motivations, viewpoints, and interactions but, naturally, it d oesn t give quantified answers. Soft systems is a field that the academic Peter Checkland has done much to develop. Soft systems looks at the What? of the system; What to do to achieve an improvemen t, Usually analysis before application or implementation SSM Considers: Systems that could be envisaged Human activity Clarification of the problem Improve the understanding Based on Ideas: Examine Learn about and Study Understand Select and Focus
Hard systems look at the How?: How to achieve and test the selected option HSM Considers: HS analysis addresses those parts of enterprise that have a tangible form Techniques to address those problems: Identify cost/savings Improve methods Develop User Requirements Soft System Analysis: Taking an Overview Understanding complexity Learning Identifying weakness Understanding relationships
Identifying Systematically Desirable Factors Information needs Ideal relationships Necessary Activities Communication links Developing Models Logical thinking CATWOE Clients customers of the system, those who benefit from the outputs from the sys tem Actors who carry out the activities within the system Transformation the change that takes place within the system or because of the s ystem (conversion of input to output) Worldview - how the system is perceived from a particular viewpoint; assumptions made about the system Owner of the system to whom the system is answerable and who could cause it to c ease to exist Environment world that surrounds and influences the system, but has no control o ver it. Summary: Provides guidelines for examining an organisation with view of clarifying improv ements (if possible) Does not require strict adherence to procedures or rules, but sometimes certain rules assist in practice Difference between SSM & other approaches is the specific inclusion of systems t hinking stages Takes an explicit distinction real-world and systems-world activity Actions by analysts are Fact finding activities Can be used by analyst in any order Encourages a process of iteration as the analysts knowledge increases Encourages analyst to examine the situation from a number of different viewpoint s
Establishes a basis for a debate with a client about possible changes A participative approach, valuable even if participation is limited. Seven Stages of SMM: 1. Unstructured Problem Situation find as much info as possible, accept many different views, 2. Expressed Problem Situation Drawing rich pictures, show problem and relationships 3. Root Definitions Tighten the constructed description of human activity system, Use the CATWOE tec hnique 4. Build Conceptual Models Logical model of key activities and processes to satisfy root definition 5. Compare conceptual models with reality Different alternative models can be compared to reality 6. Accessing feasible and desirable change An analysis of the proposed changes can be made, feasible and desirable? 7. Action to improve the problem situation Application of the model. SSM does not describe methods for implementing solutio ns! Only provides a framework through which problem situations can be understood . From this, you can use alternative methods such as SSADM Structured Systems Anal ysis & Design Methodology or RAD if considering the development and implementati on of an information system. Guidelines for Rich Pictures: Elements of Structure aspects or components that are relatively stable or change very slowly Elements of Process aspects of a situation that undergo change or in a state of flux Relationship between structure and process and between processes how does struct ure affect or condition the process or other processes. Include human activities like opinions, gossip, hunches, interpersonal relations hips, perceptions etc Areas of concerns, actual or potential issues or problems should also be shown. Dont impose a system on a rich picture drawing (ie a flowchart) Understanding the boundaries vs. the environment which the system resides Narrow the system of interest, show relationships between them Inputs into the system from the environment The Outputs of the system, desired and undesired, planned and unplanned. Conceptual modelling should be: Holistic impression of the system Use verbs to describe
Group together generic activities Verify the model by comparing it to the real world Systems Dynamics (SD) System is viewed in terms of elements and flows. Flows being relationships between elements Considered simple and unitary Considers behaviour as caused by the structure
Viable Systems Diagnosis (VSD) Focuses on organisation than structure Diagnosing problems in the organisation Model machines well, but not predictable Cybernetic approach Complex and unitary Strategic Assumption Surfacing & Testing (SAST) Focuses on the participants involved in a problem conext Human & political context and not on the supposed characteristics the problem co ntext Metaphors: machine, organism, brain Simple & Pluralist Interactive Planning (IP) Planning should be continuous, holistic, and participative Process of planning is more important than the actual plan 5 steps: formulating mess, ends planning, means planning, resource planning Complex & Pluralist Total Systems Intervention (TSI) Employs a range of systems metaphors to encourage creative systems thinking Choice of appropriate systems methodology Meta-methodology Appreciate strengths and weaknesses of methodologies
Internet Systems: Object Model Objects are modular Complex and interrelated Use methods Objects have attributes Inheritance Encapsulation Use of message to communicate Building of classes Polymorphism Relational Model Data is represented as mathematical relations Subset of the Cartesian product Data is operated upon by means of relational algebra Permits logical model of info Building blocks: Domain (data type) Tuple (ordered set of attributes) row Table is a visual representation of a relation Dependency is enforced through referential integrity TCP Addressing mechanism for each machine that provides a way to transmit a mess age to an address or host, IP packs it and TCP delivers it. * it enables two hosts to establish a connection. IP protocol specifies the format of packets or datagrams, only allows you to pac k it and address it IP number unique identifier, dotted quad notation DNS Domain Name Services, stores and maps host names with domain names (resolves ); Performs tasks as routing and addressing;
DNS can be visualized as an inverted tree.; BIND is the open source application (Berkeley Internet Name Domain) Allows massive scaling compared to multiple hosts file. Sequence of a Webpage request: 1. URL is typed into a browser on a client machine, browser sends the HTTP request 2. 3. 4. ed. 5. 6. 7. 8. DNS is used to resolve the domain name, host name TCP session makes attempt to connect to the web server If a web server exists and can be connected to, then GET request is issu HTTP servers listen and respond to HTTP GET requests Very simple protocol Look for requested name page in file system Return the page or throw error if not exist.
Methodologies (Internet Systems) Structured Systems Analysis and Design Methodology SSADM a waterfall method by which an IS design can be arrived at; SSADM can be t hought to represent a pinnacle of the rigorous document-led approach to system d esign, and contrasts with more contemporary Rapid Application Development method s such as DSDM. SSADM method involves the application of a sequence of analysis, documentation a nd design tasks concerned with: Analysis of the current system Outline business specification Detailed business specification Logical data Design Logical process design Physical design
JAD (Joint Application Development) is a methodology that involves the client or end user in the design and development of an application, through a succession of collaborative workshops called JAD sessions. In comparison with the more traditional practice, is thought to lead to faster d evelopment times and greater client satisfaction, because the client is involved throughout the development process. In comparison, in the traditional approach to systems development, the developer investigates the system requirements and d evelops an application, with client input consisting of a series of interviews.
A variation on JAD, rapid application development (RAD) creates an application m ore quickly through such strategies as using fewer formal methodologies and reus ing software components.
Agile Development Most agile methods attempt to minimize risk by developing software in short time boxes, called iterations, which typically last one to four weeks. Each iteration is like a miniature software project of its own, and includes all the tasks nec essary to release the mini-increment of new functionality: planning, requirement s analysis, design, coding, testing, and documentation. Agile methods emphasize realtime communication, preferably face-to-face, over wr itten documents. Most agile teams are located in a bullpen and include all the p eople necessary to finish software. At a minimum, this includes programmers and their "customers." (Customers are the people who define the product. They may be product managers, business analysts, or actual customers.) The bullpen may also include testers, interaction designers, technical writers, and management. Agile methods also emphasize working software as the primary measure of progress . Combined with the preference for face-to-face communication, agile methods pro duce very little written documentation relative to other methods. This has resul ted in criticism of agile methods as being undisciplined hacking.
DSDM is characterized by tight timescales and budgets. DSDM addresses the proble ms that frequently occur in the development of Information Systems with regards to going over time and budget and other common reason for project failure such a s lack of user involvement and top management commitment Cornerstones of development using DSDM: Delivering a system that addresses the current business needs. No system is build perfectly in the first try Project delivery should be on time, on budget and with good quality The requirements for the IS need to be flexible. As will be addressed later, fle xible requirements are important enablers of DSDM. DSDM only requires each step of the development to be completed far enough for t he next step to begin The project teams need to be empowered Prerequisites: Clearly define and prioritize the requirements possibility of decomposition into smaller parts enables the iterative and increm ental properties of DSDM extensive testing and validation that is involved is not well suited for DSDM, a lso hard or difficult project are not well suited as well since focus on on time and on budget
The main aim of XP is to lower the cost of change. In traditional system develop ment methods (like SDM) the requirements for the system are determined at the be ginning of the development project and often fixed from that point on. This mean s that the cost of changing the requirements at a later stage in the projectnot u nthinkable in a rapidly changing businesswill be very high. Fine scale feedback Test driven development Planning game Whole team (original name: Onsite customer) Pair programming Continuous process rather than batch Continuous Integration Design Improvement (original name: Refactor) Small Releases Shared understanding Simple design System metaphor Collective code ownership Coding standard or Coding conventions Programmer welfare Sustainable pace
Open Source Development Model software developed using the Bazaar model should exhibit the following patterns: Users should be treated as co-developers. Early Releases and Release Often Frequent Integration Several Versions High Modularisation Dynamic Decison Making Structure Many users view the source code they will eventually find all bugs and suggest h ow to fix them, this includes many testing enviroments as well