Cloud: Is More Less?
As the major cloud providers have achieved near parity on core functionality, the competitive focus has moved to the extra services they can provide, encouraging them to release new offerings at breakneck speed. In their haste to compete, they release new services with rough edges and incomplete features. The emphasis on speed and product proliferation, through either acquisition or hastily created services, often results not merely in bugs but also in poor documentation, difficult automation and incomplete integration with vendors’ own parts. This causes frustration for teams trying to deliver software using functionality promised by the cloud provider yet constantly hitting roadblocks. Companies choose cloud vendors for a variety of factors and often at a high level in the organization. Our advice for teams: don’t assume that all of your designated cloud provider’s services are of equal quality, test out key capabilities and be open to alternative open source options or a polycloud strategy, if your own time-to-market trade-offs merit the operational overhead of managing them.
Protecting the Software Supply Chain
Organizations should resist ivory tower governance rules that require lengthy manual inspection and approval; rather, automated dependency protection (Dependency drift fitness function), security (Security policy as code) and other governance mechanisms (Run cost as architecture fitness function) protect the important but not urgent parts of software projects. This topic concerning policy, compliance and governance as code reappeared multiple times in our conversations. We see a natural evolution in the software development ecosystem of increasing automation: continuous integration with automated testing, continuous delivery, infrastructure as code, and now automated governance. Building automation around cloud cost, dependency management, architectural structure and other former manual processes shows a natural evolution; we’re learning how we can automate all important aspects of software delivery.
Interpreting the Black Box of ML
Machine learning often appears to discover solutions to problems that humans can’t, using pattern matching, back propagation and other well-known techniques. However, despite their power, many of these models are inherently opaque, meaning that their results can’t be explained in terms of logical inference. This is a problem when humans have a right to know how a decision was made or when there is a risk of introducing prejudice, sampling, algorithmic or other bias into the model. We’re now seeing the emergence of tools such as What-If and techniques such as ethical bias testing that help us find the limitations and predict the output of these models. While these improvements in interpretability are a step in the right direction, explaining deep neural networks remains an elusive goal. For that reason, data scientists are beginning to regard explainability as a first-class concern when choosing a machine learning model.
Software Development as a Team Sport
Since the early days of our Technology Radar, we’ve warned against tools and techniques that isolate members of software teams from one another, hampering feedback and collaboration. Often, when new specializations come along, practitioners, vendors and tools insist that some part of development must be done in an isolated environment, away from the chaos of “regular” development. We reject that claim and constantly look for new ways to reengage software development as a team sport. Feedback is critical when developing something as complex as software. While projects increasingly require specialization, we strive to fit them into regular collaboration and feedback. We particularly dislike the “10x engineers” meme and prefer to focus on creating and enabling “10x teams.” We see this currently playing out in how design, data science and security can be integrated into cross-functional teams and supported with solid automation. The next frontier is bringing more governance and compliance activities into the fold.