I heard the term “Bikeshed Conversation” the other day and had to Google it…
Category Archives: Uncategorized
Scala in 2012
The Clean Coder
http://www.amazon.com/Clean-Coder-Conduct-Professional-Programmers/dp/0137081073/ref=sr_1_1?ie=UTF8&qid=1320525011&sr=8-1
I’m reading a book right now titled The Clean Coder. Here’s a quote from chapter 1:
Your career is your responsibility. It is not your employer’s responsibility to make sure you are marketable. It is not your employer’s responsibility to train you, or to send you to conferences, or to buy you books. These things are your responsibility. Woe to the software engineer who entrusts his career to his employer.
-Robert C. Martin, The Clean Coder
Initializing Persisted Collections (JPA/Hibernate)
Here’s a good question/answer that I came across today over at Stackoverflow. The answer is that it NOT a good idea to set a collection inside of a getter or setter method because:
I would strongly discourage lazy initialization for properties in an ORM entity.We had a serious issue when doing lazy initialization of an entity property using Hibernate, so I would strongly discourage it. The problem we saw was manifest by a save taking place when we were issuing a search request. This is because when the object was loaded the property was null, but when the getter was called it would return the lazy initialized object so hibernate (rightly) considered the object dirty and would save it before issuing the search.
I’ve been burned by this as well.
[Stackoverflow: Is it good practice to initialize fields inside a JPA entity getter?]
Trello
A friend was showing me Trello. Looks really cool.
Wikibook: CI for Software Medical Devices
I’ve started a Wikibook, and I welcome any contributors: CI for Software Medical Devices.
Ruby and DICOM
I am pleased to see that people are already working on Ruby Gems for DICOM. Makes me want to make a simple DICOM viewer (in all of my “spare time”).
Continuous Integration on Software Medical Device Projects, Part 8
Build Script Creation
Ant should automatically determine which files will be affected by the next build. Programmers should not have to figure this out manually. While we will use an IDE for most development, we must not rely on the build scripts that are generated by the IDE. There are a few reasons for this:
- IDE generated build scripts are not as flexible as we need them to be (it is difficult to add, remove and modify build targets).
- IDE generated build scripts often contain properties that are specified to the environment in which they were generated. Along with this, something that builds okay in one work environment may not build when committed and used by the CI build or when pulled into another environment.
- IDE generated build scripts very likely lack all the build targets necessary.
- IDE generated build scripts may rely on the IDE being installed on the build machine. We cannot assume that this will be the case.
The Ant buildfile (build.xml) should define correct target dependencies so that programmers do not have to invoke targets in a particular order in order to get a good build.
Triggering Builds
As noted, we will use Jenkins-CI to automatically perform a CI build every hour if there is a change in the repository. The system will be configured to send emails to the development team if there is a problem with the build (i.e., if a changeset breaks the CI build). It is anticipated that the CI build will break from time-to-time, however, a broken build should not be left unattended. A broken CI build indicates a number of possible problems:
- A changeset didn’t include a necessary library or path.
- A changeset caused a problem with a previous changeset, and merge of the changes must be address.
- A unit test failed.
- The CI build server has a problem.
- The build script failed to build the new changeset (missing library or required inclusion).
In my experience, the most common cause of a broken CI build is a lack of attention to the build script. Each developer is responsible to making certain that the ant build scripts are up to date with all required changes. We cannot rely on the build scripts that are generated by an IDE. There are certainly more possible causes that could be added to the above list. It is a good idea for each developer to trigger a CI build immediately following any Subversion commit to ensure that the CI build has not been broken. If a CI build continues to be broken without being addressed, the team leader and/or project manager may revert the offending changeset and re-open any related issue.
What is a Software Medical Device?
When writing software for medical purposes, that software may or may not be subject t
o FDA scrutiny. We may or may not be required to submit for a 510k. What does this mean? How do we know? Its all a little confusing.
As I considered a series of articles on the subject, I wanted to navigate through 21 CFR 820.30 — Quality System Regulation, and explain implementation of a quality system for each item in subpart C–Design Controls. The first item, however, deals with medical device classification. This is something that should be left to regulatory and FDA and not an design team working on the quality system. We are not fully qualified to determine whether or not we are working on a medical device, or what classification it is. Left to our own, we can likely come up with many great excuses as to why we think our product is not a medical device!
In subpart C—Design Controls of 21 CFR part 820, we are presented with the following:
(a) General.(1) Each manufacturer of any class III or class II device, and the class I devices listed in paragraph (a) (2) of this section, shall establish and maintain procedures to control the design of the device in order to ensure that specified design requirements are met.(2) The following class I devices are subject to design controls:
(i) Devices automated with computer software; and
(ii) The devices listed in the following chart.Section Device
868.6810 Catheter, Tracheobronchial Suction.
878.4460 Glove, Surgeon’s.
880.6760 Restraint, Protective.
892.5650 System, Applicator, Radionuclide, Manual.
892.5740 Source, Radionuclide Teletherapy.
Thomas H. Farris, in Safe and Sound Software – Creating an Efficient and Effective Quality System for Software Medical Device Organizations, offers us a definition of a medical device:
Medical Device
Any equipment, instrument, apparatus, or other tool that is used to perform or assist with prevention, diagnosis, or treatment of a disease or injury. As an industrial term of art, a “medical device” typically relates to a product that the FDA or other regulatory authority identifies as a regulated device for medical use. [2]
I’ve been contemplating a detailed writeup on this subject, but I haven’t had a good idea of where to begin, especially since my own regulatory experience is, at best, limited. Today I stumbled upon this article on the subject over at MEDS Magazine. Bruce Swope (the author), offers a little bit of insight on the 3 medical device classifications:
Generally, these three classes are determined by the patient risk associated with your device. Typically, low-risk products like tongue depressors are defined as Class I devices, and high-risk items like implantable defibrillators are defined as Class III devices. The marketing approval process is usually determined based on a combination of the class of the device and whether the product is substantially equivalent to an existing FDA-approved product. If the device is a Class I or a subset of Class II and is equivalent to a device marketed before May 28, 1976, then it may be classified as an Exempt Device. A 510(k) is a pre-marketing submission made to the FDA that demonstrates that the device is as safe and effective (substantially equivalent) to a legally marketed device that is not subject to Pre-market Approval (PMA). For the purpose of 510(k) decision-making, the term “pre-amendment device” refers to products legally marketed in the U.S. before May 28, 1976 and which have not been:
- significantly changed or modified since then; and
- for which a regulation requiring a PMA application has not been published by the FDA.
PMA requirements apply to Class III pre-amendment devices, “transitional devices” and “post-amendment” devices. PMA is the most stringent type of product marketing application required by the FDA. The device maker must receive FDA approval of its PMA application prior to marketing the device. PMA approval is based on the FDA’s determination that the application contains sufficient valid scientific evidence to ensure that the device is safe and effective for its intended use(s). For some 510(k) submissions and most PMA applications, clinical performance data is required to obtain clearance to market the device. In these cases, trials must be conducted in accordance with the FDA’s Investigational Device Exemption (IDE) regulation.
Ultimately, however, we cannot classify our own software medical device. That is the job of the FDA.
[MEDS Magazine: Executive Overview of FDA Medical Device Approval Requirements]
[1] 21 CFR Part 820—Quality System Regulation
[2] Safe and Sound Software – Creating an Efficient and Effective Quality System for Software Medical Device Organizations, Thomas H. Farris. ASQ Quality Press, Milwaukee, Wisconsin, 2006, pg. 118
EHRs on iPad
A brief article over at Medical Electronics Design Magazine points out that doctors, while they are loving iPads, have yet to fully embrace them for use with electronic health record systems. It seems simple enough, given the fact that many EHRs are now web-based, or at least have some sort of web-based UI.
The article ends with this question:
If fancy tablets aren’t doing the trick, what will it take to get doctors to embrace EHRs?
I suspect its just has to do with the fact that iPads are new and many doctors still have expensive computers (expensive because of support and installation agreements) computers in each room. Its difficult to give up on something that cost a lot of money. Remember the pain you felt throwing your old Gateway 486 computer in the trash?
I have yet to see a doctor walk into the room with an iPad in hand. I was very impressed that my new dentist had iMacs and had gone digital with his x-rays. I was far less impressed by the old cracked filling that I had to have replaced.
Why Turn Your .JAR Into a .EXE?
I’ve worked in a few environments where IT/IS maintains very strict control over what software is installed on employee computers. As a developer this can be a real annoyance, especially when people from the IT/IS department question the needs of software developers to install, update, remove and re-install software on their computers. I understand that an IS department may find it necessary to control corporate machines, but engineering needs to be a clear exception to this rule.
That rant aside, I’ve found myself working on a few small desktop applications for users that require an application be placed on a computer. Its very easy to create a simple Java application without an installer than can be run from wherever. What isn’t so easy is instructing a user how to use the “java jar…” command, or, worse, installing the JRE on a computer that doesn’t already have it (or has an outdated version). There are tools out there to take care of this problem, JSmooth and Launch4j being two freebies among them.
These tools make it very convenient to package a .jar as a native Windows executable file, and bundle a JRE along with it (the bundled JRE being placed in some path relative to the .exe file).
Big cable-backed broadband bill soars through NC House, one step closer to stifling ISP competition — Engadget
.NET on a Resume a Libability?
The CEO of Expensify wrote a post on the company’s blog about why he considers .NET experience on a resume to be a general liability. Wow. I can’t say that I agree, but there are some interesting points. I have been known to think of Windows developers as somehow having less experience, but this is probably more of a personal bias than anything. Many great developers work in .NET because they have no choice.
Good Recruiting
Last night I finally made it to a Ruby Hack Night in Raleigh… And it was good. Being a “techie” the single MOST important thing we can do for our career is to stay relevant (and any techie who does this because he/she likes it should never have a problem in this department). The folks who attend a “hack night” on a Thursday evening are the types that do this stuff because they enjoy it.
Last night a lady showed up who was not a programmer or a Ruby enthusiast. She was there because she wanted to know more about how to hire a good programmer for her company. Having spoken to countless recruiters over the years who had no idea what they were talking about, I immediately had a great deal of respect for the approach this lady was taking. The approach she is taking is not the easy one: Find a programmer and get a butt in a chair; Rather, she is looking for someone who is good at what he/she does and will be a real asset. (And, frankly, if I wasn’t committed to my new role, I may have thrown my resume her way!)
So this got me thinking… I know what I dislike when I am approached by recruiters, but what is it that I like? At this point in my career it is about much more than having a job and programming. I asked this lady if she was looking for a “code monkey” or a leader, and her response was something that was indeed very honest: “I’m not sure yet.”
I think the fact that she wasn’t sure points to the answer: They need a geek with solid programming skills, organizational and management skills, current knowledge and business sense. This is VERY DIFFICULT to come by (and I’ve alluded to the reason why in pasts posts).
Anyway, when I have more time, I’m going to put my thoughts about what I think high level techies want to see in a position.
Redmine on Oracle
Riding Rails: DoS Vulnerability in Ruby
Note to Self
This helped me…
Open Source Support
Will we ever be past the point where management, in an almost predictable manner, rejects open source solutions on the basis of “lacking support?”
Just the other day a friend of mine spend a good portion of his day troubleshooting an open source package with, get this, THE DEVELOPER who wrote the code! I cannot recall every having direct contact with a developer from Microsoft or Oracle. I’m not suggesting that open source is always perfect, but concern about support should not be an issue. When it comes down to it, I can look directly at the source code to troubleshoot an issue (if I even need to). Generally, however, I have never had to take it to this level, since all the widely used open source libraries/applications/packages have a community of support that contributes to user forums. I can find all the support I need with Google.
Anyway, this argument is nothing new. When it comes to deciding between Microsoft Team Foundation Server or Subversion/Redmine, I think it is better to consider the needs of the company/project/team and not let concern about “support” be a factor. (And if concern about support is still a factor, perhaps it is the team that is lacking, not the software vendor. Good developers need to realize that they must also be able to understand and support their own tools.)
I don’t say any of this to be idealistic (some open source supporters can get downright religious about it), but my experiences in supporting and using open source software has almost always been positive.
Move a Subversion Repo
Jenkins CI Thoughts
I got a laugh out of a link I saw on the Jenkins CI page today: “Upgrading from Hudson?” Of course, I’ll be using Jenkins going forward, as it appears that most people in the community are already heading this direction (because Jenkins IS the real Hudson). Comparing the Jenkins CI change log to the Hudson CI change log, already we see that there is more activity on Jenkins.
I read somewhere, and I can’t remember where (so I can’t give a link), that Hudson CI is (was) the CI tool of choice for the Java community, with over 80% of Java projects using it. That’s a pretty large following. It will be interesting to see how this plays out, but my money is on Jenkins.
Of course, when creating software solutions in a corporate environment, most of us don’t intend to update our build server frequently at all. Its simply not feasible to do so.
