Saturday, November 12, 2022

Flow-Based Product Development

2022-principles-of-product-development-flow

Notes for the book The Principles of Product Development Flow: Second Generation Lean Product Development (Amazon) by Donald Reinertsen.

As a summary

  • The author has a strongly opinionated view on how product development should be done
  • The book is built as a collection of principles for various areas
  • The author takes inspiration to product development from various domains (e.g. queuing theory, data communication networks, warfare)

The Principles of Flow

It ain't what you don't know that gets you into trouble. It's what you know for sure that just ain't so. (Mark Twain)

  • The author states that the dominant paradigm for managing product development is fundamentally wrong.
  • New paradigm emphasizing achieving flow, emphasizing e.g. small batch transfers, rapid feedback and limiting WIP.
  • Could be labeled Lean Product Development (LPD), though lean manufacturing has very different characteristics than product development.
  • Also ideas from different domains -> the new paradigm is called Flow-Based Product Development

What's the problem?

  • Current paradigm based on internally consistent but dysfunctional beliefs.
    • E.g. combining the belief that efficiency is good with a blindness to queues -> high levels of capacity utilization -> large queues and long cycle times

Problems with the current orthodoxy:

  1. Failure to Correctly Quantify Economics
  • E.g. Focusing too much on proxy variables
  1. Blindness to Queues
  • Too much design-in-process inventory (DIP)
  • Why? Because DIP is typically both financially and physically invisible
  • Also we're often bind to danger with high level of DIP
  1. Worship of Efficiency
  2. Hostility to Variability
  • Without variability, we cannot innovate.
  • Variability is only a proxy variable
  1. Worship of Conformance
  • Utilizing the valuable new information constantly arriving throughout the development cycle.
  1. Institutionalization of Large Batch Sizes
  • Coming from blindness towards queues and focus on efficiency
  • Blindness to the issue of batch size
  1. Underutilization of Cadenza
  • E.g. meetings with regular and predictable cadenza have very low set-up cost.
  1. Managing Timelines instead of Queues
  • Failure to understand the statistics of granular schedules
  • Queues are better control variable than cycle time because today's queues are leading indicators of future cycle-time problems
  1. Absence of WIP Constraints
  2. Inflexibility
  • Specialized resources and high levels of utilization -> delays
  • How to tackle it? Currently focus on the variability
  • Instead, book recommends focusing to making resources, people and processes flexible
  1. Non-economic Flow Control
  • Current systems to control flow are not based on economics.
  1. Centralized Control

Major themes of the book

The book has eight major themes and a major chapter for each.

  • Economics - Economically-based decision making
  • Queues - Even a basic understanding of queuing theory will help a lot with product development
  • Variability
  • Batch Size
  • WIP Constraints
  • Cadenza, Synchronization and Flow Control
  • Fast Feedback (Loops) - Suggesting that feedback is what permits us to operate product development process effectively in a noisy environment
  • Decentralized Control

Relevant idea sources used

  • Lean Manufacturing
  • Economics
  • Queuing Theory
  • Statistics
  • The Internet (protocols)
  • Operating System Design
  • Control Engineering
  • Maneuver Warfare

The Design of the book

The economic view

  • Why do we want to change the product development process? The answer: To increase profits.
  • Proxy objectives/variables often used
  • Experience on asking people what a 60 day delay late to market for a project would cost the company - Typically range of 50 to 1 in answers
  • Approach product development decisions as economic choices

The Nature of Our Economics (Principles E1-E2)

  • Select actions based on quantified overall economic impact.
  • Five key economic objectives: Cycle time, product cost, product value, development expense and risk
  • We can’t just change one thing.

The Project Economic Framework (Principles E3-E5)

  • Unit of measure for a product and project: Life-cycle profit impact
  • If you only quantify one thing, quantify the cost of delay.

The Nature of Our Decisions (... E6-E11)

  • Important trade-offs are likely to have U-curve optimizations.
  • Important properties of U-curves
    • Optimization never occurs at extreme values
    • Flat bottoms -> U-curve optimizations do not require precise answers
  • See e.g. this blog post
  • Even imperfect answers improve decision making
  • Many economic choices are more valuable when made quickly.

Our Control Strategy (E12-E15)

  • Background: Many small decisions creating most value when done quickly
  • Use decision rules to decentralize economic control
    • Instead of controlling the decisions, control the economic logic of the decisions.
  • Ensure decision makers feel both cost and benefit.
  • We should make each decision at the point where further delay no longer increases the expected economic outcome.

Some Basic Economic Concepts (E16-E18)

  • Importance of marginal economics to e.g. avoid "feature creep"
  • Avoid "Sunk cost" fallacy, instead look at the return of the remaining investment

Managing Queues

  • Festina lente
    • Time spent in queues might be more important than speeding up the activities

Queuing theory basics

  • Queuing Theory originates from telecommunication
  • Basic concepts
    • Queue - Waiting work
    • Server - Resource performing work
    • Arrival process - The pattern with which work arrives (can be unpredictable)
    • Service process - The time it takes to accomplish the work (can be unpredictable)
    • Queuing discipline - The sequence/pattern in which waiting work is handled
  • A simple queue: M/M/1/∞ (Kendall notation)
    • First "M" - Arrival process (here a Markov process)
    • Second "M" - Service process (also a Markov process)
    • 1 - Number of parallel servers
    • ∞ (infinite) - (No) upper limit on queue size
  • Measures of queue performance
    • Occupancy
    • Cycle time

Why Queues Matter (Q1-Q2)

  • Idle time increases inventory, which is the root cause of many other economic problems.
  • In manufacturing, we are often aware of work-in-progress (WIP) inventory. But in product development, we're often not aware of the design-in-progress (DIP) inventory.
  • Product development queues are often bigger than manufacturing queues.
  • Product development queues are often invisible -> not sticking into the eye.
  • Effect of queues:
    • Increased cycle time
    • Increased risk
    • Increased variability
    • Increased overhead
    • Lower quality (by delaying feedback)
    • Negative psychological effect

The Behavior of Queues (Q3-Q8)

  • For M/M/1/∞ queue, capacity utilization (๐œŒ) allows to predict many properties of the queue
    • E.g. Number of Items in the Queue: ๐œŒ/(1-๐œŒ) -> as the utilization starts approaching 100%, the queues start grow exponentially
  • Capacity utilization is difficult to measure. Instead, queue size and WIP/DIP are practical factors to measure.
  • See also A Dash of Queueing Theory - A good blog post on the topic with live simulations of various processes
  • High-state queues cause most economic damage
  • If possible to balance the load / share a queue between multiple servers, that helps to manage queues. See M/M/c queue for more details (the book uses term M/M/n queue)

The Economics of Queues (Q9-Q10)

  • Find optimum queue size with quantitative analysis, avoiding simple "Queues are evil"
  • Scheduling affects the queue cost (more on scheduling later)

Managing Queues (Q11-Q16)

  • Cumulative Flow Diagrams (CFDs) are useful for managing queues
  • Little's Law: Mean response time = mean number in system / mean throughput
    • Can be applied both to a queue or to the system as a whole
  • Control queue size instead of utilization or cycle time
  • From statistics of random processes: Over time, queues will randomly spin seriously out of control
    • The distribution of cumulative sum or a random variable flattens as N grows
  • "We can rely on randomness to create a queue but we cannot rely on randomness to correct this queue"
  • -> Monitoring the queues and intervening when needed

Exploiting variability

We cannot add value without adding variability but we can add variability without adding value

  • Economic cost of variability (by an economic payoff-function) is more important than amount of variability

The Economics of Product Development (V1-V4)

  • Risk-taking is central to value creation in product development.
  • We cannot maximize economic value by eliminating all choices with uncertain outcomes
  • Asymmetric Payoff is important with creating economic value with variability (See e.g. Product Development Payoff Asymmetry)
    • Note that payoff functions in product development are different than in manufacturing as in manufacturing variance is most typically a negative thing.
  • Variability is not desired or undesired as such. Instead, it is desired when it increases economic value.
    • -> It shouldn't be minimized or maximized
  • A 50% failure rate is usually optimum for generating information. Note here that all activities are not designed to maximize information, though.

Reducing Variability (V5-V11)

  • Two main approaches to improve the economics of variability
    • Change the amount of variability
    • Change the economic consequences of variability
  • Diffusion principle: When uncorrelated random variables are combined, the variability of the sum decreases.
    • E.g. diversifying a stock portfolio
    • Doing many small experiments instead of one big one.
  • Repetition and reuse reduce variation
  • With buffers we can trade e.g. cycle time for reduced variability in cycle time
    • -> Finding the best amount of buffering (not minimizing buffer nor maximizing confidence)

Reducing Economic Consequences (V12-V16)

  • Usually the best way to reduce cost of variability
  • Rapid feedback
  • Aim to replace expensive variability with cheap variability.
  • Note: Often it is better to improve iteration speed than defect rate.

Reducing batch size

  • Product developers don't usually think of batch size, which would be an important tool to improve flow

The Case for Batch Size Reduction (B1-B10)

  • Reducing batch size (normally)
    • Reduces cycle time
    • Reduces variability
    • Accelerates feedback
    • Reduces risk
    • Reduces overhead
  • Whereas large batch sizes (normally)
    • Reduce overall efficiency
    • Lower motivation
    • Cause exponential cost and schedule growth
    • Lead to even larger batches

The Science of Batch Size

  • Economic batch size is usually a U-curve optimization (see Economic Order Quantity (EOQ))
  • Batch size reduction often lowers transaction costs, which saves more than originally assumed
    • -> Usually we don't know the optimum batch size without testing and measuring.

Managing Batch Size

  • Separate
    • "production change batch" - Changing the state of the product
    • "Transport batch size" - Changing the location of the product (typically more important)
  • To enable small transport batch size, reduce distances. -> Co-locate teams etc.
  • Note: Small batches require good infrastructure
  • Consider sequence/order of batches
  • Adjust batch sizes as the context changes

Applying WIP constraints

It is easier to start work than it is to finish it

Start finishing, finish starting.

  • A tool to respond to growing queues
  • WIP constraints, can be seen in e.g.
    • Manufacturing - Toyota Production System (TPS)
      • Note: Mainly repetitive and homogenous flows
    • Telecommunication networks & protocols as inspiration
      • Assuming highly variable, nonhomogeneous flows

The Economic Logic of WIP Control (W1-W5)

  • WIP constraints
    • Enable controlling cycle time and flow
    • Note that also reject potentially valuable demand and reduce capacity utilization
    • -> Cost-benefit analysis
    • Force rate-matching
  • Theory of Constraints (TOC)
    • Identifying the bottleneck in the process -> work according that
    • A global constraint
    • Useful for predictable and permanent bottlenecks
  • When possible, constrain local WIP pools (Local Constraints)
    • E.g. TPS Kanban system
    • Useful when there is no predictable/permanent bottleneck

Reacting to Emergent Queues (W6-W14)

  • The core of managing queues is not in monitoring queues but the actions when the limits are reached

Various ways to respond to high WIP

  • Demand-focused
    • Block all demand on WIP higher limit
    • Purge low-value jobs on high WIP - Kill the "zombie projects"
    • Shed requirements
  • Supply-focused
    • Extra resources
    • Part-time resources for high variability tasks
    • Powerful experts to emerging bottlenecks
    • T-shaped resources
    • Cross-training
  • Mix change

WIP Constraints in Practice (W15-W23)

  • W15-W23 are practical principles for controlling WIP
  • As one pick: Inspired by Internet protocols "window size", adjust WIP as capacity changes

Controlling Flow Under Uncertainty

Anyone can be captain in a calm sea

  • WIP constraints are important but don't solve all our problems.

Congestion (F1-F4)

  • Congestion: A system condition combining high capacity utilization and low throughput
  • Traffic flow = Speed x Density
    • Vehicles/hour = Miles/hour x Vehicles/Miles
  • Bruce Greenshield's Traffic Flow Model
    • As speed increases, the distances increase and the density decreases
    • Throughput is a parabolic curve - Low throughput at both extremes
    • Low-speed operating point ("left") is inherently unstable
      • Increasing density -> Speed decreases -> Flow decreases -> Density increases
    • High-speed operation point ("right") is inherently stable
      • Increasing density -> Decreasing speed -> Increasing flow -> Decreasing Density
    • See also "Traffic Flow Theory" section at The Science of Kanban - Process
  • For a system with a strong throughput peak, we usually want to operate near that point
    • To maintain the system at desirable operation point, easiest to control occupancy (a more general term for density)
  • Use expected flow time instead of queue size to inform users of congestion

Cadence (F5-F9)

  • Cadence - Use of a regular, predictable rhythm within a process
  • Can be used to e.g.
    • Limit the accumulation of variance
    • Make waiting times predictable
    • To enable small batch sizes
  • Some examples for use of cadence: Product introduction, testing, project meetings, ...

Synchronization (F10-F14)

  • Synchronization vs cadence
    • Cadence causes events to happen at regular time intervals.
    • Synchronization causes multiple events to happen at the same time.
  • Valuable when there is economic advantage from processing multiple items at the same time.

Sequencing Work (F15-F21)

  • Sequencing in manufacturing vs product development
    • In manufacturing, like the Toyota Production System, work is processed on a first-in-first-out (FIFO) basis
    • Product development is different as both delay costs and task durations vary among projects.
    • Hospital emergency room is a good mental model for sequencing work
  • The author emphasizes two points
    • Complex prioritization algorithms often used - Instead prefer a simple approach. (Prevent big mistakes)
    • Sequencing matters most when queues are large - Operating with small queues, sequencing is not needed so much
  • When delay costs are homogenous, do the shortest job first (SJF)
  • When job durations are homogenous, do the high cost-of-delay job first (DCS)
  • When delay costs and job durations are not homogenous, do the weighted shortest job first (WSJF)
  • Three common mistakes with prioritizing
    • Prioritizing purely on ROI.
    • FIFO
    • Critical chain (not optimal when projects have different delay costs)

Managing the Development Network (F22-F28)

  • Ideas based on managing product development resource network with ideas from managing a data communication network
  • Routing tailored for tasks
  • Routing based on current most economic route - Often can be selected only at a short time-horization
  • Alternate routes to avoid congestion
  • ...
  • Flexibility helps to absorb variation but requires pre-planning and investment.

Correcting Two Misconceptions (F29-F30)

  • "It is always preferable to decentralize all resources to dedicated project teams"
    • Often the case but not always
    • Centralized resources can enable variability pooling and thus reduce queues
  • "Queueing delays at a bottleneck are solely determined by the characteristics of the bottleneck"
    • The process before the bottleneck has also an important influence
    • -> Aim to reduce variability before a bottleneck.

Using fast feedback

  • Use of feedback loops and control systems
  • Combining ideas from economics and control systems engineering
  • Issues of dynamic response and stability
  • This material will required a mental shift for people with manufacturing or quality control background
    • In economics of manufacturing, payoff-functions have the inverted U-shape curve - Larger the variance create larger losses
    • Product development is different as the goals are dynamic and payoff functions can be asymmetric
  • Fast feedback can alter the economic payoff-function as fast feedback
    • ... allows to truncate unproductive paths more quickly
    • ... allows to raise the expected gains by exploiting good outcomes

The Economic View of Control (FF1-FF6)

  • What makes a good control variable?
    • Economic influence
    • Efficiency of control
    • Ones that allow early intervention
  • Focus on controlling economic impact instead of focusing on the proxy variables
    • -> E.g. set "alert thresholds" to points of equal impact
  • Note the difference between static and dynamic goals
    • In product development, we continually get better information that allows to reevaluate and shift the goals

The Benefits of Fast Feedback (FF7-FF8)

  • Fast feedback
    • Enables smaller queues
    • Allows to make learning faster and more efficient
  • Typically it requires investment to create an environment to extract the smaller signals

Control System Design (FF9-FF18)

  • Note the difference between a metric and a control system
    • "What gets measured might not get done"
  • Short turning radius reduces the need for longer planning horizons -> reduces the magnitude of the control problem
  • Prefer local feedback
  • Combine long and short control loops
    • short time horizon for adapting to the random variation of the process
    • long time horizon for improving process characteristics considered causal to success

The Human Side of Feedback (FF19-FF24)

  • Colocation typically improves communication
    • Faster feedback
    • Psychological aspects
  • Faster feedback improves the sense of control
  • Large queues prevent an atmosphere of urgency
  • Human elements tend to amplify large excursions -> Aim to keep the system within a controllable range
  • Balance personal/local/overall basis of rewarding to align behaviors

Metrics for Flow-Based Development

  • For a list, see page 15 of Agile Metrics at Scale
  • Flow
    • Design-in-process inventory (DIP)
    • Average flow time
  • Queues
    • Number of items in queue (easy)
    • Estimate amount of work in queue (difficult)
    • Quite often the first one is surprisingly effective and enough

Achieving Decentralized Control

  • Decentralized control allows fast local feedback loops (the topic of the previous chapter) to work best
  • Examining what we can learn from military doctrine
    • Military has long history on balancing centralized and decentralized control
    • Advanced models of centrally coordinated, decentralized control
  • The Marines
    • ... believe that warfare constantly presents unforeseen obstacles and unexpected opportunities.
    • ... believe that the original plan was based on imperfect data

How Warfare works

  • Typically one side attacks and the other defends
    • Typical understanding: attack and defense require different organizational approaches
    • Old military adage: Centralize control for offense, decentralize it for defense
    • Rule of thumb: For an attacker to succeed, they should outnumber defenders by 3 to 1
  • Attacker can concentrate the forces, the defender must allocate forces to the entire perimeter
  • Various approaches for the defender
    • Harden the perimeter at the most logical places for attack. But, often circumvented
    • Better: Mass nearby forces to counteract the local superiority of the attacker.
    • Related: Defense-in-depth approach: Outer perimeter that slows attacking forces, allowing to move more defending forces to the area of the attack.
  • Maneuver warfare: Use of surprise and movement

Balancing Centralization and Decentralization (D1-D6)

  • Decentralize control for problems and opportunities that are best dealt with quickly
  • Centralize control for problems that are infrequent, large or have significant economies of scale
  • Adapt the approach as the knowledge increases
    • Triage process approach (works if there is enough information when a new problem arrives)
    • Escalation process
  • Value of faster response time can out-weight the inefficiency of decentralization
  • Pure decentralization is rarely optimal, instead finding a balance

Military Lessons on Maintaining Alignment (D7-D16)

  • Misalignment is the risk of decentralized control

    • Locally optimal choices might be bad at the system level
    • Overall alignment creates more value than local excellence
  • Maintaining alignment is "the sophisticated heart of maneuver warfare"

  • Mission: Specify the end goal, its purpose and minimal possible constraints

  • Establish clear roles and boundaries

    • Avoid both excessive overlap and gaps
  • Designate a main effort and focus on it

    • Often only a small set of product attributes truly drive success
  • The main effort can be shifted when conditions change

    • -> Develop ability to quickly shift focus
    • OODA loop (Orient->Decide->Act->Observe->) by Colonel John Boyd
  • Localize tactical coordination

  • Make early and meaningful contact with the problem

    • In product development, our "opposing forces" are the market and the technical risks
    • There is no substitute for quick POC-ing and early market feedback

The Technology of Decentralization (D17-D20)

  • Key information is needed to make decisions -> share
    • In the Marine Corps, the minimum is to understand the intentions of commanders two level higher in the organization
  • Accelerate decision-making speed
    • Fewer people and layers of management -> Giving authority, information and practice to lower organizational levels to make decisions.
    • When response time is important, measure if.

The Human Side of Decentralization (D21-D23)

  • Cultivate Initiative
    • The Marines view initiative as the most critical quality in a leader.
  • Face-to-face communication
  • Decentralized control is based on trust. Trust is built through experience.

Monday, October 10, 2022

Building Evolutionary Architectures

2022-building-evolutionary-architectures

Notes for the book Building Evolutionary Architectures by Neal Ford, Rebecca Parsons and Patrick Kua.

Main take-aways / Summary

  • Software architectures are not created in a vacuum - They always reflect the ecosystem in which they were defined
    • E.g. When SOA was popular, all infrastructure was commercial, licensed and expensive.
  • An evolutionary architecture supports guided, incremental change across multiple dimensions.
  • Anything that verifies the architecture is a fitness function
    • -> Treat those uniformly
    • Think of architectural characteristics as evaluable things.

Software Architecture

  • There are many definitions for software architecture.
  • There are many "-ilities" for software architecture to support. In this book adding a new one: evolvability.
  • Whatever aspect of software development - we expect constant change.
  • Alternative to fixed plans? Learning to adapt. Make change less expensive e.g. by automating formerly manual processes etc.
  • Yet another definition of software architecture: "parts hard to change later"
    • Convenient definition but blind spot as a potentially self-fulfilling prophecy.
  • -> Building changeability into architecture?
    • Having ease of change as a principle.

Evolutionary architecture

  • Book's definition:

An evolutionary architecture supports guided, incremental change across multiple dimensions.

  • Incremental change - Two aspects: How teams build software incrementally and how they deploy it.
  • Guided changes - Once architects have chosen important characteristics, they want to guide changes to the architecture to protect those characteristics.
  • There are many dimensions of architecture
    • Architectural concerns, i.e. the list of "-ilities".
    • Not only "-ilities" but other dimensions to consider for evolvability
      • Technical dimensions
      • Data
      • Security
      • Operational/System
  • There are various techniques for carving up architectures
  • In this book, in contrast, we don't attempt to create a taxonomy of dimensions but rather recognize the ones extant in existing projects.
  • Impact of team structure on surprising things, e.g. architecture -> Conway's law

Organizations which design systems ... are constrained to produce designs which are copies of the communication structures of these organizations.

  • So one should not pay attention only to the architecture and design of the software, but also the delegation, assignment, and coordination of the work between teams.
  • Inverse Conway Maneuver - Structuring teams and organizational structure around the desired architecture.

Structure teams to look like your target architecture, and it will be easier to achieve it.

  • Two critical characteristics for evolutionary architecture: incremental and guided.

Fitness Functions

  • Book's definition for a fitness function:

An architectural fitness function provides an objective integrity assessment of some architectural characteristic(s).

  • Systemwide fitness function - a collection of fitness functions corresponding for different dimensions of the architecture.
  • It is an important architectural decision to define important dimensions (scalability, performance, security, ...)
  • Different "categories" of fitness functions
    • Atomic vs Holistic
    • Triggered vs Continual
    • Static vs Dynamic
    • Automated vs Manual
    • Temporal (e.g. "break upon upgrade"
    • Intentional over Emergent (There will usually be unknown unknowns)
    • Domain-specific
  • Fitness function categories to classify them into
    • Key - Crucial ones
    • Relevant
    • Not relevant

Engineering Incremental Change

Architecture is abstract until operationalized, when it becomes a living thing

  • Long-term viability of an architecture cannot be judged until design, implementation, upgrade and inevitable change are successful.
  • Common combinations of fitness function categories
    • atomic + triggered - e.g. unit tests
    • holistic + triggered - e.g. wider integration testing via a deployment pipeline
    • atomic + continual
    • holistic + continual - e.g. Chaos Monkey
  • Hypothesis- and Data-Driven Development
    • Hypothesis-driven development - Include users also in the feedback loop

Architectural Coupling

  • Focusing appropriate coupling - how to identify which dimensions of the architecture should be coupled
  • Term definitions here
    • module - some way of grouping related code together
    • modularity - logical grouping of related code
    • components - physical packaging of modules
    • Modules imply logical grouping while components imply physical grouping.
    • library is one kind of a component
  • functional cohesion - business concepts semantically binding parts of the system together
  • architectural quantum - independently deployable component
    • quantum size determines the lower bound of the incremental change possible
  • One key thing: Determining structural component granularity and coupling between components
  • In general, the smaller the architectural quanta, the more evolvable the architecture will be.
  • JDepend for package dependencies

Evolvability of architectural styles

  • Different architectural styles have different inherent quantum sizes

Big Ball of Mud

  • Quantum: The whole system
  • Increment change is difficult because of scattered dependencies
  • Building fitness functions is difficult because no clearly defined partitioning
  • Good example of inappropriate coupling

Unstructured monoliths

  • Large quantum size hinders incremental change
  • Building fitness functions difficult but not impossible
  • Somewhat similar coupling as with Big Ball of Mud

Layered monoliths

  • Quantum is still the whole application
  • Incremental change easier particularly if changes are isolated to existing layers
  • Easier to write fitness functions with more structure
  • Often easy understandability

Modular monoliths

  • Many of the benefits of microservices can be achieved also with monoliths if developers are extremely disciplined about coupling
  • Incremental change easier because of modularity
  • Easier to design and implement fitness functions
  • Appropriate coupling

If you can't build a monolith, what makes you think microservices are the answer (Simon Brown)

Microkernel

  • Commonly used in e.g. browsers and IDEs
  • Typically a core system with an API for plug-ins
  • Quantum: One for the core, another for the plug-ins

Event-Driven architectures - Broker pattern

  • Typically message queues, initiating event, intra-process events, event processors
  • Coordination and error handling typically difficult
  • Allow incremental change in multiple forms
  • Atomic fitness functions typically easy to write but holistic fitness functions are both necessary and complex in this architecture
  • Low degree of coupling - Between services and the message contracts

Event-Driven architectures - Mediator pattern

  • Has a hub that acts as a coordinator
  • Primary advantage: Transactional coordination
  • INcremental change as with the broker pattern
  • Holistic fitness functions easier to build than with the broker version
  • Coupling increases

Broker or mediator - classic example of an architectural tradeoff

Service-Oriented Architectures - ESB-driven SOA

  • Enterprise Service Bus (ESB) - Mediator for event interactions
  • Style differs but is based on segregating services based on reusability, shared concepts and scope.
  • Architectural quantum is massive - Entire system
  • Incremental change allows reuse and segregation of resources but hampers making the most common types of change to business domains.
  • Testing in general is difficult.
  • Note: Software architectures are not created in a vacuum - They always reflect the ecosystem in which they were defined
    • E.g. When SOA was popular
      • Automatic provisioning of machines wasn't possible
      • all infrastructure was commercial, licensed and expensive.

Service-Oriented Architectures - Microservices

  • Combines engineering practices of Continuous Delivery with logical partitioning of bounded contexts
    • Typically separated along domain dimension
    • Compared to typical layered architecture, a microservice has all the layers but handles only one bounded context
  • 7 principles from Building Microservices
    • Modelled around the business domain
    • Hide implementation details
    • Culture of automation
    • Highly decentralized
    • Deployed independently
    • Isolate failure
    • Highly observable
  • "Share nothing" - "No entangling coupling points"
  • Service templates as DropWizard and Spring Boot
  • Why not done before? See the earlier not on e.g. SOA

Evolutionary standpoint:

  • Supports both aspects of incremental change
  • Easy to build both atomic and holistic fitness functions.
    • (Well, I wouldn't agree 100% myself about holistic fitness functions)
  • Two kinds of coupling: Integration and service template

Service-based architectures

  • Similar to microservies but differ in one or more:
    • service granularity - bigger services / quantum size
    • database scope - sharing a database
    • integration middleware - a mediator like service bus
  • Incremental change relatively functional
  • Potentially more difficult to write fitness functions
  • More coupling

"Serverless" Architectures

  • Broadly, two different meanings
    • BaaS - Backend as a Service
    • FaaS - Function as a Service
  • Supports incremental change
  • Typically requires more holistic fitness functions
  • Attractive because it eliminates several dimensions/concerns
  • Suffers from serious constraints also

Evolutionary Data

Migrations

  • Developers should treat changes to database structure the same way as to source code: tested, versioned and incremental
  • Most teams have moved away from building undo migration capabilities
    • If all the migrations exist, database can be built just to the point they need without backing up to a previous version
    • Why maintain two versions of correctness, both forward and backward?
    • Sometimes daunting challenges / impossible (e.g. dropping a column or a table)

Shared Database integration

  • Shared Database Integration pattern
  • Using the database as an integration point fossilizes the database schema across all sharing projects
  • To evolve the schema: Expand/contract pattern
  • Options on example change
    • No integration points, no legacy data -> straight-forward
    • Legacy data, no integration points -> migrate the data, after that done
    • Existing data and integration points -> Potentially DB triggers etc.

Two-phase commit Transactions

  • Transactions are a special form of coupling because transactional behavior doesn't typically appear in traditional architecture-centric tools
  • Heavily transactional systems difficult to translate to e.g. microservices
  • Binding by databases is imposing because of transaction boundaries, which often define how the business processes work.

Database transactions act as a strong nuclear force, binding quants together.

Age and Quality of Data + summary

  • adding another join table is a common process used for t expand schema definitions
  • For evolutionary architecture, make sure developers can evolve the data as well (both schema and quality)

Refusing to refactor schemas or eliminate old data couples your architecture to the past, which is difficult to refactor.

Summary

  • The database can evolve alongside the architecture as long as proper engineering practices are applied, such as continuous integration, source control etc.
  • Refactoring databases in an important skill and craft.

Building Evolvable Architectures

  • Tieing previously handled aspects together (fitness functions, incremental change and appropriate coupling)

Mechanics

  • Identify Dimensions Affected by Evolution
  • Define Fitness Function(s) for Each Dimension
  • Use Deployment Pipelines to Automate Fitness Functions

Retrofitting existing architectures

  • Three factors
    • Component coupling and cohesion
    • Engineering practise maturity
    • Developer ease in crafting fitness functions
  • Refactoring vs Restructuring
    • Refactoring - No changes to external behavior
    • Restructuring an architecture - Often changes also behavior
  • Migrating architectures
    • Architects are often tempted by highly evolutionary architecture as a target for migration but this is often difficult, mainly because of existing coupling.
    • Trap of Meta-work is more interesting than work (rather writing a framework than using a framework)

Don't build an architecture just because it will be fun meta-work.

When restructuring architecture, consider all the affected dimensions.

Migrating Architectures

  • When decomposing a monolithic architecture, finding the correct service granularity is key.
    1. Partitioning - considering
    • Business functionality groups
    • Transactional boundaries
    • Deployment goals
    1. Separation of business layers from the UI
    1. Service discovery

When migrating from a monolith, build a small number of larger services first. (Sam Newman)

Various Guidelines for building Evolutionary Architecture

All architectures become iterative because of unknown unknowns, Agile just recognizes this and does it sooner.” (Mark Richards)

  • Build Anticorruption Layers
    • Encourages one to think about the semantics of what is needed from a library, not the syntax.

Developers understand the benefits of everything and the tradeoffs of nothing! (Rich Hickey)

Service Templates

  • Remove needless variables
  • Services templates are one common solution for ensuring consistency
    • Pre-configured sets of common infrastructure libraries (logging, monitoring, ...)
  • Seen as appropriate coupling by the book.

Build Sacrificial Architectures

The management question, therefore, is not whether to build a pilot system and throw it away. You will do that. […] Hence plan to throw one away; you will, anyhow. (Fred Brooks)

Mitigate External Change

  • When relying on code from a third party, create own safeguards against unexpected occurrences: breaking changes, unannounced removal, and so on

Transitive dependency management is our "considered harmful" moment (Chris Ford)

Updating Libraries vs Frameworks

  • "a developer's code calls library whereas the framework calls a developer's code"
  • Libraries generally form less brittle coupling points than frameworks.
  • One informal governance model treats framework updates as push updates (~ASAP) and library updates as pull updates ("update when needed")

Various

  • Version numbering vs internal resolution
    • Prefer internal versioning to numbering
    • support only two versions at a time

Evolutionary Architecture Pitfalls and Antipatterns

  • Pitfalls and antipatterns
    • An antipattern is a practice that initially looks like a good idea, but turns out to be a mistake
    • A pitfall looks superficially like a good idea but immediately reveals itself to be a bad path

Antipattern: Vendor King

  • To escape: Treat all software as just another integration point

Pitfall: Leaky Abstractions

All non-trivial abstractions, to some degree, are leaky (Joel Spolsky)

Antipattern: Last 10% Trap

  • Experiences from a project with 4GL (rapid application development tools)
    • 80% of the functionality was quick and easy to build
    • Next 10% was extremely difficult but possible
    • Last 10% wasn't achieved
  • IBM's San Francisco Project
    • infinite regress problem

Antipattern: Code Reuse Abuse

Software reuse is more like an organ transplant than snapping together Lego blocks. John D. Cook

  • Ease of code use is often inversely proportional to how reusable that code is.
  • Microservices might adtop the philosophy of prefer duplication to coupling

When coupling points impede evolution or other important architectural characteristics, break the coupling by forking or duplication.

Antipattern: Inappropriate Governance

  • Software architecture never exists in a vacuum but it's often a reflection of the environment in which it was designed
  • Goal in most microservices projects isn't to pick different technologies cavalierly, but rather to right-size the technology choice for the size of the problem.
  • Goldilocks Governance model: Pick three technology stacks for standardization: Simple, intermediate and complex

Pitfall: Planning Horizons

  • The more time and effort you invest in planning or a document, the more likely you will protect what's contained in the plan/document even when it is inaccurate or outdated.

Putting Evolutionary Architecture into Practice

  • Cross-Functional Teams
    • One goal here is to eliminate coordination friction
  • Organize teams around business capabilities, not job functions
  • Product over Project
    • Products live potentially forever, unlike the lifespan of project
    • Inverse Conway Maneuver
  • Dealing with external change: Consumer-driven contracts
  • Culture
    • Adjusting the behavior of a team often involves adjusting the process around it

Tell me how you measure me, and I will tell you how I will behave. (Dr Eliyahu M. Goldratt / The Haystack Syndrome)

  • Culture of Experimentation

The real measure of success is the number of experiments that can be crowded into 24 hours. (Thomas Alva Edison)

  • Finding the sweet spot between the proper quantum size and the corresponding costs.
  • The role of an Enterprise architect (in an evolutionary architecture): Guidance and enterprise-wide fitness functions

Why should a Company choose to build an Evolutionary Architecture? (A bit of a last chapter sales pitch)

  • Predictable vs evolvable
  • Scale
  • Advanced business capabilities
  • Cycle time as a business metric
  • Isolating architectural characteristics at the quantum level

Why Should a Company Choose Not to build an Evolutionary Architecture?

  • Can't evolve a ball of mud
  • Other architectural characteristics dominate
  • Sacrificial architecture

Tuesday, January 11, 2022

A Philosophy of Software Design

Notes for the book A Philosophy of Software Design by John Ousterhout (see also his home page.

Introduction

  • The author starts with an interesting thought: Writing computer software is one of the purest activities in the history of the human race.
  • The greatest limitation in writing software is our ability to understand the systems we are creating
  • Two general approaches to fighting complexity
    • Eliminate complexity by making code more simpler and more obvious
    • Encapsulate it
  • Incremental development
    • Software design is never done.
    • You should always be on the lookout for opportunities to improve the design of the system
  • Red flags - signs that a piece of code is probably more complicated than it needs to be.
    • One of best ways to improve your design skills: To Recognize red flags

What is complexity?

  • Book's definition

    Complexity is anything related to the structure of a software system that makes it hard to understand and modify the system.

  • Crude mathematical definition of overall complexity of a system (C) with parts. (Though this kind of excludes interaction between parts - that will be addressed later)

  • Complexity is more apparent to readers than to writers.

  • Symptoms of complexity - Three general symptoms

    • Change amplification
    • Cognitive load
    • Unknown unknowns
  • A very important design goal for a system is to be obvious.

  • Two main causes of complexity

    • Dependencies - In this book: When a given piece of code cannot be understood and modified in isolation
    • Obscurity - When important information is not obvious

Tactical vs strategic programming

  • Tactical: Main focus to get something working
  • Strategic: Working code isn't enough but you need to produce good design
  • Recommendation to continually spend 10-20% of total development time on investment
  • Research data on this would be interesting
  • "Tactical tornado" - Quick progress leaving mess behind
  • A related quote from Uncle Bob: The only way to go fast is to go well

Deep vs shallow modules

  • For this book: A module is any unit of code that has an interface and an implementation. (class, method/function, ...)
  • Viewing each module in two parts: an interface and an implementation
  • Best modules are those whose interfaces are much simpler than their implementations
  • Interface has two parts of information: Formal and informal
  • An abstraction is a simplified view of an entity, which omits unimportant details
  • Abstraction can go wrong in two ways
    • An abstraction can include details that are not really important
    • An abstraction can omit details that really are important
  • Deep vs shallow modules
    • Deep modules: Powerful functionality (lots of functionality) with simple interfaces
    • Shallow modules: Ones whose interface is relatively complex compared to the functionality it provides (Red flag ๐Ÿšฉ)
  • Classitis: Syndrome stemming from mistaken view that "classes are good, so more classes are better"
    • Java Streams as an example
  • Interfaces should make the common case as simple as possible

Information hiding

  • Each module should encapsulate a few pieces of knowledge.
  • Information hiding reduces complexity in two ways
    • Simplifies the interface to a module
    • Makes it easier to evolve the system.
  • When designing a new module, you should think carefully what information can be hidden in that module.
  • The opposite of information hiding is information leakage.
    • One of the most important red flags in SW design (Red flag ๐Ÿšฉ)
    • Causes dependencies
    • Common cause: temporal decomposition
  • Note: Information hiding can often be improved by making a class slightly larger
  • Overexposure (Red flag ๐Ÿšฉ) - If API for the common case requires users to learn about rarely-used cases

General-Purpose Modules are Deeper (generality vs specialization)

  • Design decision: Whether to implement a new class/module in a general-purpose or special-purpose fashion.
    • In general, the author has found that specialization leads to complexity
    • Sweet spot: Implement new modules in somewhat general-purpose fashion: Functionality should reflect your current needs but interface should not.
  • Questions to ask yourself (when designing an interface)
    • What is the simplest interface that will cover all my current needs?
    • In how many situations will this method be used?
    • Is this API easy to use for my current needs
  • Push specialization upwards (or downwards)
    • General-purpose API, specific use of API
    • OTOH downwards: Device drivers - Very specific to devices but APIs are generic
  • Eliminate special cases in code
  • Summa summarum: Unnecessary specialization is a significant contributor to software complexity.
    • Whether in form of special-purpose classes/methods or special cases in code

Layers & abstractions

  • In a well-designed system, each layer provides a different abstraction from the layers above and below it.
  • (Red flag ๐Ÿšฉ) Pass-Through methods / adjacent layers with similar abstractions
  • Each new method should contribute significant functionality
  • Decorators - often pass-through methods, easy to overuse
  • Pass-through variable - another form of API duplication - a variable passed down through a long chain of methods

Pull Complexity Downwards

  • It is more important for a module to have a simple interface than a simple implementation (deep modules)
  • E.g. configuration parameters might be an easy excuse to avoid dealing with important issues - though also needed in many cases
  • When developing a module, look for opportunities to take a little bit of extra suffering upon yourself to reduce the load of your users.

Better Together Or Better Apart

  • Given two pieces of functionality, should they be implemented together or separate?
  • The decision should reduce the complexity of the system as a whole and improve its modularity.
  • Some guidelines
    • Bring together if information is shared
    • Bring together if it will simplify the interface
    • Bring together to eliminate duplication
      • (Red flag ๐Ÿšฉ) Repetition
    • Separate general-purpose and special-purpose code
      • (Red flag ๐Ÿšฉ) Mixing special/general-purpose code
  • (Red flag ๐Ÿšฉ) Repetition
  • Method length - Author's opinion: Length by itself is rarely a good reason to split up a method
    • Additional interfaces -> additional complexity
    • When designing methods, most important goal should be to provide clean abstractions
    • Each method should do one thing and do it completely.
    • (Red flag ๐Ÿšฉ) Conjoined methods
  • A different opinion: Uncle Bob's Clean Code

The first rule of functions is that they should be small. The second rule of functions is that they should be smaller than that.

Define Errors Out Of Existence

  • Summary: Reduce the number of places where exceptions must be handled
  • Exception here - any uncommon condition that alters the normal flow of control in a program
  • Two typical approaches to deal with exceptions
    • Move forward and complete the work despite the exception
    • Abort the operation in progress and report the exception upwards
  • Exceptions make interfaces more complex - Classes with lots of exceptions are shallower than classes with fewer exceptions
  • Ways to reduce the number of places to handle exceptions
    • Define errors out of existence
    • Mask exceptions
    • Exception aggregation (both this and masking position exception handler where it can catch the most exceptions)
    • Just crash?

Design it Twice

  • When designing a piece of software, design it twice - consider multiple options.
  • If you're accustomed to solving problems with the first quick idea, it doesn't typically work with harder problems
  • Avoid the fallacy of "smart people get it right the first time"

Why Write Comments? The Four Excuses

  • The process of writing comments, if done correctly, will actually improve a system's design
  • Four excuses
    • Good code is self-documenting
      • If users must read the code of a method in order to use it, then there is no abstraction
    • I don't have time to write comments
      • Vs. long-term investment mindset
    • Comments get out of date and become misleading
      • Organizing the documentation to be as easy as possible to keep it up-to-date
      • Code reviews
    • All the comments I have seen are worthless
      • See the next sections
  • Benefits of well-written documents - Overall idea - Capture information that was in the mind of the designer but couldn't be represented in the code
  • A different opinion from Uncle Bob: ... comments are, at best, a necessary evil...

Comments should describe things that aren't obvious from the code

  • Comment categories
    • Interface
      • For users of the interface
      • Note: Separate interface/implementation comments
      • (Red flag ๐Ÿšฉ) Implementation documentation contaminates interface
    • Implementation comment
      • Main goal: Help readers understand what the code is doing (not how it does it)
      • Also why
    • Data structure comment
    • Cross-module comment - Describing dependencies
  • Pick conventions
  • Don't repeat the code
    • (Red flag ๐Ÿšฉ) Comments repeating the code
  • Lower-level comments add precision
  • Higher-level comments enhance intuition
  • Document cross-module design decisions - "Design notes" documentation (that can be referenced from comments in code)

Choosing names

  • Bad names create bugs
  • Names are a form of abstractions
  • Names should be precise
    • (Red flag ๐Ÿšฉ) Vague names
    • (Red flag ๐Ÿšฉ) Hard to pick name - a hint that the underlying thing may not have a clean design
  • Use names consistently
  • Avoid extra words
  • A different opinion from the Go style guide on variables: "Keep them short; long names obscure what the code does."

Write The Comments First

  • Write the comments first
  • Comments as a design tool, "Comment-driven design"
  • (Red flag ๐Ÿšฉ) Hard to describe - a hint that the underlying thing might be a problem with the design of the thing you're describing

Modifying Existing Code

  • Improving & cleaning as changing code: Ideally, when you have finished with a change, the system should have the structure it would have if you had designed it from the start with that change in mind.

Consistency

  • Consistency applies at many levels is a system, e.g.
    • Names
    • Coding style
    • Interfaces
    • Design patterns
    • Invariants
  • How to ensure consistency?
    • Document
    • Enforce
    • "When in Rome, do as the Romans do"
    • Don't change existing conventions - Even if the new idea would be better, value of consistency over inconsistency is almost always greater than value of one approach over another

Code should be obvious

  • Code being obvious: One can read the code quickly, without much thought, and their first guesses about the behaviour or meaning of the code will be correct.
  • "Obvious" is in the mind of the reader - It's easier to notice that someone else's code is non-obvious than to see problems with your own code.
  • (Red flag ๐Ÿšฉ) Non-obvious code
  • Software should be designed for ease of reading, not ease of writing.
  • To make code obvious, ensure that the reader always has the information they need to understand it.
  • Inheritance
    • Should be used with caution
    • Consider composition over inheritance
  • Agile development
    • Risk of focusing to features, not abstractions
    • Risk of encouraging developers to put off design decisions in order to produce working software ASAP
    • The increment of development should be abstractions, not features
  • TDD
    • The writer states that TDD would focus on getting features working instead of finding the best design
    • The writer kind of ignores "refactor" step typically stated important with TDD
  • Getters and setters
    • Although it may make sense to use getters/setters if you must expose instance variables, it's better not to expose instance variables in the first place.

Designing for Performance

  • Measure before (and after) modifying
  • Design around the critical path

Decide What Matters

  • Separate what matters from what doesn't
  • Structure software systems around the things that matter.