Saturday, 26 November 2011

Message Sequence Charts

I love me some message sequence charts. I have been using them off and on since I first learned about them in the early '80's. Whenever I have a timing problem, a race condition to explore, a set of interlocked state machines, or some protocols that have to work with each other, I fire up my MSC machine. In my case, the MSC machine is usually a pad of paper, or, when I need to share my thoughts with others, a white board.

Less often, I will use a graphics package, even a CASE package, to put my thoughts into the computer for more permanent documentation. Somehow, the formality of the medium changes the process. I am no longer capturing my thoughts; I am doing "documentation." Putting pen to paper is more exploratory, in my experience, than is using a text editor, word processor, or CASE system.

Either way you choose to do it is fine. The important point is that message sequence charts will bolster your communications, and help you identify problems in the system you are working with. As you explain to your colleagues where you think the problem lies, the MSC will highlight the vulnerabilities; as they explain to you where they think the problem lies, they will refer to the MSC over and over again. It its a sure fire conversation lubricant.

How Do The Sequence Charts Work?

First, you identify the players and then you identify how they communicate and when. We are often faced with a bunch of stock elements, with a familiar cast of characters. We want to see how we might treat those characters.

Let's look at a "typical", blog-style example: a web application. It will be a class sign-up sheet, where you select which class you want to sign up for, the registration is recorded, and a seat is held for you at the time of the class. Some of the characters are coming into focus: the learner signing up for the class, the web application and a database. Undoubtedly, the use cases have already popped into your head; the stick figures and boxes are also a good start for a cast of characters.

In Figure 1, I have the cast of characters, represented by the vertical lines, sending arrows at each other; each arrow represents a message. The underlying protocols don't need to be modelled, at least at this level; we may come back to them later. For our purposes the medium that carries the arrows will make its best effort to deliver the message, and will often allow for a reply. We have three characters in our cast, represented by 3 vertical lines. We have two messages plus two reply messages, represented by the angling arrows.

The Angle of the Arrow ...

The angling arrows are pretty important in the representation. Anybody familiar with MSCs knows that synchronous operations have horizontal arrows, while asynchronous operations, ones off the clock, so to speak, have angling arrows. They angle because time passes differently between the actors sending and receiving the arrows; think Einsteinian relativity: from one observer's viewpoint a pair of events on another timeline might have occurred in a different order than another observer might see.

Whenever arrows angle like that, there is always the chance of arrows crossing; when arrows cross, conflicts occur, and when arrows cross at critical points, race conditions can occur. Our example in Figure 1 shows us 4 places where the arrows are angled. Each of those places is vulnerable to conflicts and race conditions. To do a good job in designing the application, you have to identify those conflicts and engineer solutions that prevent race conditions from occurring and handle conflicts in such a way that bad things don't happen.

Looking at Figure 1 some more, we see arrow 1, the request from the Learner to the Application. How can conflicts occur here? The most basic conflict is where the Learner conflicts with himself: pressing the Submit button twice will generate two reservations. In fact, the browser will close the first connection (making arrow 4 into an orphan) and, in fact, making the entire first transaction into an orphan. We can model this situation readily, as in Figure 2.

Simple web applications, where you have a web server that invokes applications, effectively as subroutines, will see each request from the browser and direct them to different instances of the web application. Each web application that is invoked, AppA and AppB, see an individual exchange with the Learner and try to satisfy it. AppA, not knowing that it has lost its connection with the Learner, will send message 2A to the Database where the class registration is made, returning via message 3A. When AppA tries to send the registration confirmation, message 4A, to the Learner, it finally discovers the closed connection and the confirmation is dropped on the floor.

Meanwhile, AppB has gone ahead, made a reservation, prepared the confirmation and has returned it to the Learner. We now have two copies of the reservation in the database, confusing student and teacher.

In this particular case, we didn't catch the conflict at all, until the teacher reviewing the reservations noticed the duplication. The teacher's annoyance with the web application continues to grow.

From Figure 2, we can see 3 places where the conflict could have been caught and dealt with, in various shades of courtesy. In fact, it is probably best if we could deal with the issue in all three places, but any one place will do for now.

Starting at the right side, with message 2 and response 3, we can see that if we have a proper database that does database-y things it can be set up to properly reject a duplicate reservation by the same person for the same class. It will be up to AppB to recognize that a duplicate was entered, and to provide a duplicate confirmation page to the Learner.

From the left side, we can presume we require a modern browser, and then we can "require" that Javascript be enabled on the browser in order to filter the redundant Submit button operation. This is often a weak and onerous requirement: some people won't know how to enable Javascript readily and in a safe manner; other people are strict about trusting sites. If the rest of your application does not require Javascript, it may not be practical to require it for this one operation.

In the middle, we would like the application itself to recognize when redundant requests occur. This is where the application server, if you have one, comes in, by supplying credentials on the Learner's browser that determine the web application instance and makes sure to route the submission to the correct application instance. Alternatively, supplying a transaction ID as a hidden field in the browser that is submitted with the button click might be enough to recognize the duplicated transaction. AppA and AppB from Figure 2 would merge but messages 1A, 1B and 2A would still be initiated. The application is then responsible for recognizing that it got 2 submissions, perhaps with identical content, and suppressing message 2B and somehow getting response 3A to present reservation confirmation 4B.


There are several other places where race conditions occur in our very simple application but I will leave them as an exercise for the reader. Here are the things I would like you to take away with you:

* Race conditions are a fact of life. Good software deals with all of the race conditions, at least to the point of recognizing when they occur. Some times all you can do is make sure to fail gracefully.

* The 3 points where you can deal with the example collision are the browser (suppressing multiple clicks), the web application (in an application server environment) and the database (presuming an ACID database is available). All of these solutions have to be included for comprehensive protection: in the browser to prevent accidental multiple-click submissions, in the application to at least report when a collision has occurred, and in the database to, once and for all, catch race conditions.

Friday, 25 November 2011

Five F’s of Release Management

Releasing an update to a software system requires balancing a number of factors: budget, time window, people and, of course, the expectations of your clients and community. How do you balance all of the different demands? How do you move forward?

I am assuming that you have client involvement and they help you set priorities on the things that matter to them. They have requested features and capabilities and understand where the users are coming from. The not-so-easy part is the backlog of items that are sitting there, staring at you, not blinking ...

My approach has been to select items from several different aspects of the system, much as you might plan a meal. I presume that all of your work has been itemized into tasks or issues; it doesn’t matter if you are using a trouble tracking system or a project scheduler. You have a backlog of items and need to get the mound of items reduced in size.

Foundation - The Bricks and Mortar

The foundation of your system is the pieces that none of your clients really see, the operating system, the database management system, middleware, etc. You might want to bring in a new library or use a new set of table indexes. They may be part of a planned upgrade cycle or necessary for a function to be delivered down the road. These kinds of nuts and bolts are the things that your clients will say, “Why are you bothering me about that?”

Functions and Features

Functions are the operations and mechanisms your software carries out behind the scenes. Features are the benefits the system provides, the things that customers refer to when they think about your system. Functions and features blur together, but I tend to think of features as consisting of several functions wired together to provide a specific benefit to the customer. A function can be used by several different features. A search function is the mechanism for using search criteria to return a set of results. The search feature is looking up a customer to schedule a sales call.

Facade - The Face You Put On Things

The facade is primarily the user interface of the system. It includes the color schemes, screen work flows, form design and report layouts. You can also include help text here. This aspect is often described as the cosmetics of the system.

It can also include using radio buttons versus pop-up menu, making a label have the same case on every screen that uses that label, tool tip consistency and punctuation.

Fixes - The Bugs

Bugs and issues in software systems have to be dealt with. During maintenance mode, it can be tempting to only include bug fixes. Except for high profile or urgent fixes, such releases won’t engage the interest of people using the system. If you have clients testing the system, it always helps to dangle some enhancements in front of them.

Some Other F's
There are some other F's that you can add in, but they are more variations on a theme. 

Faster: We always want the system to go faster but first we want it to go right. Once you gain a bit of breathing space, speeding up the system brings lots of benefits. I tend to roll Faster aspects into Foundation, Function or Facade, the places were perceived slowness appear most.

Free: Everybody likes free. Some issues can be dealt with "for free" because they come along as part of the package. Highlighting free stuff for your clients provides them with the sense that you are looking out for value.

Mixing the Release Items

I advocate taking a mix of items from each aspect. If you have a number of components that are visible to the client, it is also useful to include issues for those components.

I have been in development projects where there was a lot of pressure from on high to do "bug fix" only releases, and then "feature releases", or just focus on features leaving the bugs outstanding. They never seemed to feel right; someone always got left out and some of the piles kept getting bigger and bigger. 

A balanced approach seems to provide something for everyone. Everybody wins.