Category Archives: Software Engineering

Looking for bugs (in several wrong places)

I recently went on a bug-hunt in a huge system that I knew next to nothing about. The reason I went on this bug-hunt was because, although I didn’t know the system itself, I knew what the system was supposed … Continue reading

Posted in Anecdotes, Software Development, Software Engineering, Software Testing | Tagged | Comments Off

“A camel is a horse designed by a committee”

I don’t usually use this blog to vent frustration, but I’ve been reading standards lately… There are four versions of the horse: Pony. Horses as the Good Lord intended them. Strong and sturdy, yet soft and cuddly; obedient yet intelligent; … Continue reading

Posted in Software Engineering | Comments Off

ICS security and regulatory requirements

In North America, ICS security, as regards the electricity grid, is regulated by NERC, which provides and enforces, among other things, the Critical Infrastructure Protection (CIP) standards. In this post, I’ll provide a quick overview of those standards, provisions slightly … Continue reading

Posted in Industrial Automation, Software Engineering | Comments Off

The Crain-Sistrunk vulnerabilities

In the two previous posts, I’ve shown that industrial control systems — ICSs — are becoming more pervasive, and that they rely on security through obscurity. Now, let’s make the link with current events.

Posted in Industrial Automation, Software Engineering | Comments Off

The importance of ICS security: ICS communications

For an ICS, having communications abilities generally means implementing some machine-to-machine communications protocol, such as DNP3 or Modbus. These protocols, which allow the device to report data to a “master” device and take their cue from those devices w.r.t. things … Continue reading

Posted in Industrial Automation, Software Engineering | Comments Off

The importance of ICS security: pervasiveness of ICSs

Industrial Control Systems (ICSs) are becoming pervasive throughout all branches of industry and all parts of our infrastructure: they are a part of every part of the electricity grid, from the nuclear power station to your home; they’re found in … Continue reading

Posted in Industrial Automation, Software Engineering | 1 Comment

The benefits of formal, executable specifications

While a specification should not specify the C++ code that should be implemented for the specified feature, it should specify the feature in a verifiable manner. In some cases, formal — and even executable — specifications can be of great … Continue reading

Posted in Software Development, Software Engineering, Software Testing | Comments Off

Flawed ways of working: centrally managed version control

Imagine, just for a moment (it would be painful to do this longer than just a moment) that Linus, when he decided to leave BitKeeper behind, switched to Subversion in stead of developing Git and that for any commit into … Continue reading

Posted in Software Development, Software Engineering | Tagged , , , , , | Comments Off

On the importance of clear technical specifications

Even when the code is working like a charm, technical specifications — and their different interpretations by different people — can lead to confusion and hours-long debugging sessions.

Posted in Embedded software development, Software Engineering | Tagged | Comments Off

Hidden complexity

It really surprises me sometimes how much you can have to explain about simple things.

Posted in C++ for the self-taught, Software Engineering | Comments Off