Possible Game Changer: IBM's Open Source Watson Cloud Platform

When IBM announced its decision last month to turn its Watson cognitive computing technology into an open software development platform, complete with APIs and (Big Blue hopes) a partner ecosystem, the news didn't exactly set the world on fire, but maybe it should have.

News of Watson's victory in 2011 over two human contestants on the Jeopardy game show did spark a mainstream media blaze, albeit a brief one, rife with facile quips about IBM's "Frankenstein of trivia," and repeats of übercontestant Ken Jennings' comment: "I, for one, welcome our computer overlords."

But that was Watson the Machine, a system specifically designed to compete on the game show, comprised 90 IBM Power 750 servers, each running 8 POWER7 cores (3.5 GHz) with 4 threads per core. The OS was SUSE Linux Enterprise Server 11; the software was written in Java, C++, and Prolog; and it used Apache's Hadoop and UIMA and IBM's DeepQA software. The resulting system was able to interpret queries in natural language and used statistical analysis, advanced analytics, and all that processing power to search millions of pages in seconds.

Now comes Watson the Platform -- or more precisely, the Watson Developer Cloud -- a cloud environment for the development of cognitive computing applications that use the big data and analytics capabilities that killed on Jeopardy. Developers will be able to embed a Watson capability into either an existing application or a new app. They'll access the cognitive computing mojo via the Watson Experience Manager, a portal app that provides access to a development sandbox. And each app will be defined on the Watson Developer Cloud by partners adding their own content from the Watson Content Store. The result will be apps labeled "Powered by IBM Watson."

For developers, the IBM Platform/Developer Cloud holds the promise of an entry ramp into the world of cognitive computing, which Big Blue reminds us often is likely to be new territory for most software makers. As IBM puts it, Watson brings to developers its ability "to help facilitate a dialogue, put content in context, maintain continuity of discussions, cull through millions of pages of data, return insights, identify patterns difficult to detect, and learn throughout the process." The ability to add these capabilities to applications "can truly be game-changing," the company says. And it's probably right.

IBM concedes that it will take an ecosystem for this ambition undertaking to succeed, and it's already forming strategic partnerships through the Watson Ecosystem Program. Among the first to sign up was Elance, provider of an online work marketplace. IBM has tapped Elance as its "inaugural talent partner," the company said in a statement, to build a Watson Talent Platform.

"Actually, we're the only talent partner," Elance CMO Rich Pearson told ADTmag.

Elance, which is headquartered in Mountain View, Calif., with offices in Oslo, Norway, matches businesses with freelancers online via a public "talent cloud" comprising about 3 million freelances in 170 countries. The system filled 1.2 million jobs this year, Pearson said.

Working with IBM, Elance developed a private talent cloud for the new Watson Ecosystem. The company's infrastructure, which tests skills and collects job performance data, will help to populate the ecosystem with top performers, Pearson said. The initial talent pool for Watson-enabled apps will likely include data scientists, mobile developers, and designers with experience in data visualization, he said. The company has partnered with Skilled Up to provide online courses for developers who want to ramp up their skillsets. Elance is also planning to apply Watson technology to its own business, Pearson said.

"We're in the business of matching talent and businesses," he said, "and we use our own algorithm for that process. The idea of using IBM Watson technology to improve that process is fascinating from our perspective. The Watson secret sauce is its ability to help with decision making, and we're looking at it as a way of providing richer data to help us make smarter and faster decisions."

IBM's nascent plan is still in the making, though the company has promised to start delivering on all of this in 2014. In the meantime, Watson and Watson-like technologies have already spread beyond that flashy game show debut, perhaps most notably to Memorial Sloan-Kettering Cancer Center. The Center and IBM are working together to combine Watson's supercomputing powers with Sloan-Kettering's clinical know-how—along with "existing molecular and genomic data and vast repository of cancer case histories"—to create a diagnostic and treatment system based on updated research.

Keep an eye on the IBM Watson Web site (and this blog) for further developments.

Posted by John K. Waters on 12/17/2013 at 12:09 PM0 comments

BSIMM-V: Free Software Security Insights from 67 Companies

Here's a provocative statistic: Within a group of leading companies that includes Microsoft, PayPal, Salesforce, Nokia, Sony Mobile, and Visa, the average ratio of full-time software security specialists to developers is 1.4/100. That's one of the findings in the recently published fifth edition of the software-security "measuring stick" known as the BSIMM (Building Security In Maturity Model).

A "maturity model" describes the capability of an organization's processes in a range of areas, from software engineering to personnel management. The Capability Maturity Model (CMM) is a well-known example from software engineering. The BSIMM (pronounced "bee-simm") is the first maturity model for security initiatives created entirely from real-world data.

The BSIMM was developed as a tool to help organizations evaluate their software security programs by comparing them to the programs of other companies. It's based on data collected by its authors through interviews and direct observations of the most successful large-scale software security programs. Although those programs use different methodologies and terminologies, they're described in a uniform way in the BSIMM via a framework, called the Software Security Framework, which provides a common vocabulary and allows for apples-to-apples comparisons.

So, is that ratio of software security pros to developers the right one? That's not a question the BSIMM was designed to answer, says one of its authors.

"The BSIMM is based on the study of real practices as they exist," explained Gary McGraw, CTO of security consulting firm Cigital and author of eight books on software security. "It describes those practices; it's not a prescriptive model. But it's real data, not hunches and guesses, so I can go to the board and say, here's you, and here are the other 26 firms that look like you that we've measured before. And I can say, it looks like you're the slowest zebra. And then we have a conversation about that."

BSIMM-V includes data from 67 participating companies, up from the 51 included in the fourth edition. The number of companies has grown every year since the first edition was published in 2008; that one was based on studies of nine software security initiatives. BSIMM-V describes the work of about 3,000 people, collectively, McGraw said.

As a measuring stick, the BSIMM allows an organization to compare and contrast its own software security efforts with those of its peers. As the report puts it, "You can then identify goals and objectives of your own and look to the BSIMM to determine which additional activities make sense for you."

BSIMM's authors argue that highly mature initiatives are well rounded, carrying out all of the 12 core practices described by the model, including: strategy and metrics, compliance and policy, architecture analysis, code review, security testing, penetration testing, and configuration management. The model also describes how mature software security initiatives evolve, change, and improve over time.

During the course of their investigation, the researchers have observed a total of 112 activities related to software security. These are actions carried out or facilitated by the software security group within an organization as part of a practice, and each activity is directly associated with an objective. The researchers added two new activities in the last edition of the BSIMM based on their observations in the field: simulate software crisis and automate malicious code detection. BSIMM-V adds another new activity: operate a bug bounty program.

Keep in mind that what the BSIMM is describing is security activities around software development, specifically. The computer security industry as a whole is growing fast, McGraw noted, at a rate of about 8.9% per year, generating between $20 and $40 billion in revenue annually. And while software security accounts for only 10% of that growth, he said, that segment is growing more than twice as fast: 20% per year, by some estimates. "I like to think of us finally as the pinky fingers on the two hands of computer security," McGraw said.

The BSIMM was originally developed by Cigital and Fortify Software (since acquired by HP). The two most recent editions of the study were authored by McGraw; Sammy Migues, Director of Knowledge Management and Training at Cigital, and Jacob West, CTO of Fortify Products in HP's  Enterprise Security group. The first three BSIMMs were authored by McGraw, Migues, and Brian Chess, distinguished technologist at HP (and co-founder and former chief scientist at Fortify).

BSIMM-V is available for download. It is distributed free under the Creative Commons license.

Posted on 12/12/2013 at 10:54 AM0 comments

Cascading: Open Source Java App Framework for Big Data

Enterprise interest in Big Data and associated analytics software has sparked intense interest in Apache Hadoop, the open source framework for running applications on large data clusters built on commodity hardware, and something of a flood of tools for developers working with it. But as an applications market emerges in this space, the next Big Thing for Big Data is likely to be app-oriented middleware.

That's an insight Tony Baer, principal analyst at Ovum, shared with me when I talked with him recently about Continuuity's recent Reactor 2.0 release, which the Java toolmaker billed as the first scale-out application server for Apache Hadoop.

"It is inevitable that applications will be developed that run against Big Data," Baer said, "and as that occurs, it will be necessary to have an application layer that allows developers with Java and other languages to develop apps that run against it."

Baer's prediction makes perfect sense, and it's one reason Java jocks might want to keep an eye on Concurrent, the company behind the open source Cascading project. Cascading is a Java application development framework for rich data analytics and data management apps running across "a variety of computing environments," with an emphasis on Hadoop and API compatible distributions.

"Big Data is moving to the next phase of maturity and it's all about the applications," the company says on its Web site. "The applications process the data and extract the value at scale and we believe that there must be a simple, reliable and consistent way to build, deploy, run and manage these data driven applications."

Great minds.

Concurrent characterizes Cascading as "a rich Java API for defining complex data flows and creating sophisticated data oriented frameworks," and it claims more than 110,000 user downloads a month. Its published user list includes Twitter, eBay, Square and Etsy, among others.

The San Francisco-based company recently announced Cascading 2.5 with new support for Hadoop 2 and YARN, the next-gen Hadoop data processing framework (sometimes called MapReduce 2.0).

Chris Wensel, Concurrent's founder and CTO, has argued that developing and building applications on Hadoop has proven to be difficult, despite the framework's rapid enterprise adoption. "With Hadoop 2, the community has addressed many concerns, paving a clearer path for enterprise users," he said in a statement. "At Concurrent, we're dedicated to forging a simpler path to mass Hadoop adoption by delivering a framework for building powerful and reliable data-oriented applications supporting data driven business models -- quickly and easily. Our support for Hadoop 2 was an easy decision, as we continue to be an integral part of the Hadoop and Big Data ecosystem, providing solutions that simplify application development and management for the enterprise."

As a Java-based framework, Cascading fits naturally into JVM-based languages, including Scala, Clojure, JRuby, Jython and Groovy. And the Cascading community has created scripting and query languages for many of these languages. The company's extensions page offers a growing list of user contributed code.

Cascading 2.5 is publicly available and freely licensable under the Apache 2.0 License Agreement.

Posted by John K. Waters on 12/04/2013 at 2:45 PM0 comments

Dreamforce 2013: Force.com Rebranding, HP Team Up

The annual Dreamforce conference finally reached street-blocking proportions this year, with a reported 120,000 attendees registering for Salesforce.com's biggest event, winding down this week at San Francisco's Moscone Center. (I remember when it barely took up an auditorium and a hotel hallway.) Attendance-wise, the 2013 edition of the event crushed this year's Oracle OpenWorld, which drew an estimated 60,000 to the same venue in September -- if those numbers are accurate. City officials are dubious, because the conference center can only hold about 60K. And yet, the Salesforce event sprawled beyond Moscone into nearby hotels, including the Palace on Market Street and the Intercontinental at Fifth and Howard. And a bunch of people attended online.

But who's counting?

The event's turnout probably says more about the rise of cloud computing than Salesforce itself. Although, to be fair, the San Francisco-based hosted CRM giant has been a significant driver of that rise. More important than attendee numbers. The company now claims nearly a million-and-a-half developers, which is double the number from a year ago. That's something everyone should be counting.

The company hopes to crank that number even higher with its newly announced Salesforce1 development platform. Launched at the Dreamforce show, Salesforce1 isn't just a massive rebranding of the company's Force.com dev platform, says IDC analyst Al Hilwa, but the launch of a major mobile effort into enterprise mobility.

"Salesforce has been working on this for some time and is now putting together a set of APIs to expose many aspects of the platform to developers," Hilwa told ADTmag. "The company is preparing for the big dive into the Internet of Things (IoT) the industry is expected to make. The mobile stack which connects to Salesforce has been completely updated to allow integration with the backend Salesforce platform.

Salesforce is billing the latest incarnation of its development platform as "the first CRM platform for developers, ISVs, end users, admins, and customers moving to the new social, mobile, and connected cloud." The platform was built "API-first," the company said, and comes with ten times more APIs and services. The company promised to make such ISVs as Dropbox, Evernote, Kenandy, and LinkedIn available on the platform.

The update of Force.com includes an update of its Visualforce component-based user interface framework to Visualforce1. As the company put it in a press release, "With Salesforce1, the more than 10 million Visualforce pages and custom actions are mobile-enabled."

"Enterprise mobility is happening today as companies are investing most of their new application development efforts on mobile related projects," Hilwa added. "IoT, however is still nascent and will be embraced first in the consumer space over the next two years."

Another notable piece of Dreamforce news was the announcement of a teamup between Salesforce and HP to create the "Salesforce Superpod," which is a dedicated instance of the Salesforce multi-tenant cloud running on HP's "converged infrastructure" technology, which manages equipment across an entire data center.

"This deal is noteworthy because of what it says about Salesforce and its strategy to reach higher up into the enterprise," Hilwa said. "Salesforce has determined that it is already extremely successful in the small to medium sector, but that there is still a lot of opportunity in the Global 1000 set. Large companies prefer to run dedicated computing environments, or even private clouds. The HP Salesforce deal brings this type of solution inside the Salesforce cloud. We are at the point now where Salesforce is letting go of multi-tenancy as the only defining criteria of its as-a-Service offerings."

BTW: Salesforce commissioned what has been reported to be the largest inflatable structure ever erected in North America to cloak Howard Street between the north and south wings of the Moscone Center. It was very cool.

Posted by John K. Waters on 11/21/2013 at 3:02 PM0 comments

Oracle Joins HSA Foundation To Help Java Devs with Heterogeneous Computing

Oracle wants to make it easier for Java developers to leverage the combined power of CPUs, graphics processing units (GPUs), field programmable gate arrays (FPGAs) and digital signal processors (DSPs) -- so-called heterogeneous computing -- and the database giant has thrown in with other organizations in an industry consortium to do it.

Oracle was among several industry leaders to announce plans to join the Heterogeneous System Architecture Foundation (HSAF) at this year's 2013 AMD Developer Summit. The not-for-profit consortium of system-on-a-chip vendors, OEMs, academics, ISVs and others is developing royalty-free specifications for system architectures that combine different kinds of processors. The foundation's goal is to make it easier to write code for these multi-breed systems, and to grow a heterogeneous compute ecosystem based on an industry standard.

Among other things, the Foundation is defining "key interfaces" for parallel computing with CPUs, GPUs, DSPs and other programmable and fixed function devices to create "the next foundation in general purpose computing," the group explains on its Web site. "Most importantly," the group says, "we are driving to bring greater developer productivity to heterogeneous computing by removing many of the barriers of traditional heterogeneous programing so they can focus on their algorithms and not managing system resources."

"Joining the HSA Foundation represents the next step towards bringing heterogeneous computing to millions of developers, as well as the introduction of new server and cloud programming paradigms," said Nandini Ramani, VP of development in Oracle's Java Platform group, in a statement. "Our work with the HSA Foundation will help provide Java developers with the ability to quickly leverage GPU acceleration, and explore how the Java Virtual Machine (JVM), as well as the Java language and APIs, might be enhanced to allow applications to take advantage of heterogeneous compute."

The HSAF is currently working on several standards projects: the HSA Platform Systems Architecture Specification version 1.0; an update of the HSA Programmer's Reference Manual: HSAIL Virtual ISA and Programming Model, Compiler Writer's Guide, and Object Format; the HSA System Runtime Specification  Draft Specification; and the HSA Tools project. The Foundation has published the AMD IOMMUv2 Architectural Specification and the first version of HSA Programmer's Reference Manual: HSAIL Virtual ISA and Programming Model, Compiler Writer's Guide, and Object Format

The Foundation is reaching out to a specific group of developers with its new Open Source Developer Program, also announced at the conference. With this program, the Foundation is aiming to drive developer productivity in heterogeneous computing environments. The idea is to free developers from the need to manage system resources in these environments (so they can focus on their algorithms) with core tools, runtimes, and simulators designed to allow coders to access HSA technologies. The program will also seek to provide documentation and tools designed to accelerate the development of apps on top of HSAF runtimes technologies, and just generally provide devs with a place to contribute to open source HSAF tools and runtimes.

No launch date has been announced for the Open Source Developer Program. A "coming soon" message is currently posted on the Web site.

Posted by John K. Waters on 11/20/2013 at 9:42 AM0 comments

HTML5 App Builder Updated with the Enterprise in Mind

How do enterprise developers extend their corporate apps to the ever expanding universe of mobile devices with the least amount of pain? Visual dev tool maker Sencha made the argument this week for the less-coding-is-more approach provided by Sencha Architect, the latest version of which the company just released.

Sencha Architect is a visual app builder designed to allow developers to create applications using the Redwood City, Calif.-company's enterprise-class frameworks: Sencha Touch, which is an HTML5 framework for building mobile applications, and Ext JS, which is a JavaScript framework for business-grade Web app development.

Sencha Architect 3, just announced this week, is part of a suite of solutions for developing "universal" apps from a single code base, explained Jeff Hartley, vice president of Sencha's products and services group. The visual app builder is designed, essentially, to provide best-practice code without requiring much in the way of actual coding.

"This release is about minimizing development complexity, while still allowing for plenty of extensibility to our frameworks and customization of the application," Harley told ADTmag. "It allows developers to focus more on user needs than the intricacies of coding user interface stuff, and reduces the potential for errors the goes with coding by hand."

Architect 3 comes with three new feature sets: Project Templates, User Extensions, and Theming and Styling. The new Templates feature gives developers access to a "gallery" of common templates and layouts for creating projects -- everything from introductory layouts for those new to the company's frameworks to fully fledged example applications. Projects created in Architect 3 can be saved as templates and shared via a personal template gallery.

"We've seen situations a lot in the wild," said Gil Gordon, Sencha's senior product manager, "where a guru type in an enterprise is the one driving the framework decisions, while others are coding the business logic and taking the designs from the designers and making them real in the product. We think Architect will help these folks to work together better when they can share Templates and use them as starting points."

There are about 18 Templates currently available in the gallery for each framework, Gordon said. The company plans to add more Templates in the future for different verticals.

The new User Extensions feature allow developers to customize the company's Sencha Touch and Sencha Ext JS frameworks. Architect 3 makes it easy to add extensions -- little bits of code packaged for reuse -- as first-class toolbox components, including both home-made extensions and extensions from the growing ecosystem of extensions built on Sencha frameworks.

Sencha's frameworks support CSS and come with a selection of canned themes. The new Theming and Styling capabilities in Architect 3 allows users to control CSS from directly within the tool to establish the appearance of an application.

Architect 3 is now a tool that can be used by both developers and designers, Harley added. "Everything they make is sharable with other people on their teams," he said. "This release is not just about individual developers, but about expanding its ability to help facilitate development within teams."

Sencha bills its Architect tool as "the ultimate HTML5 app builder," and really drives home the idea in this announcement that HTML5 is becoming the de facto standard in the enterprise for building Web and mobile applications.

"HTML5 has proven to be an ideal development language to tackle the fragmented world of multiple operating systems and browsers, and hundreds of mobile devices and desktops," said Michael Mullany, CEO of Sencha, in a statement. "Sencha Architect 3 empowers developers to create robust applications through a complete app-building experience, providing the kind of control, flexibility and ease of use that produces high quality apps faster."

Posted by John K. Waters on 11/14/2013 at 3:35 PM0 comments

New Virtual Java Users Group Goes for Global Membership

Ready for a shot of "Vitamin V"? If you're one of those Java jocks with no access to a local User Group, that's just the professional supplement you need, say the folks at Zeroturnaround's RebelLabs. The Java toolmaker's research and content organization has launched a new virtual Java User Group (vJUG) that aims to provide "a central online hub of Java-related knowledge, accessible to developers everywhere regardless of location," according to the company.

Although it was officially unveiled Tuesday, this online version of the real-world social component of the Java community already has almost 400 member signups. The vJUG initiative is sponsored by RebelLabs and it was launched by the company's technical evangelist, Simon Maple. "Whether you don't have access to a local Java community, your current JUG isn't active, or you are simply looking to expand your network, vJUG is the modern solution for today's developer," Maple said in a statement. "You can think of us like a supplement for existing JUGs, 'Vitamin V' if you will…."

JUGs have long been a valuable community resource for Java professionals, not to mention a great place for cheap beer and pizza. These volunteer organizations create opportunities to share information and to network with other Java practitioners. Most have some kind of Web presence, of course, and there are virtual groups out there. But the essential purpose of a JUG has been to get people together, in the flesh. (And to drink beer and eat pizza.)

"We're not looking to steal the spotlight [from] local JUGs," Maple said, "which we love. In fact, the opposite: we want to work with JUGs to expand the benefits of membership and give the community more content, ideas and reach."

And yet, in its announcement, RebelLabs sort of damns the status quo with faint praise. To wit: "While traditional Java User Groups act as the main official Oracle/Java-endorsed vehicle for collaboration, conversation, and various opportunities within local developer communities, vJUG provides a central online hub of Java-related knowledge, accessible to developers everywhere regardless of location."

And then there's a comment in the press release that I think is attributed to Oliver White, head of RebelLabs (the punctuation makes that unclear): "Local Java communities benefit most from remaining tight-knit, and we're excited bring support to a community that some say has lost much of its former strength and voice. Through vJUG, we hope to reinforce the global JUG community with more interaction, stronger networks and a louder voice."

The Java community can always use more resources and opportunities for interaction, and if vJUG fills a real need, it should get a big thumbs up. And I get that they're going for a global version of the local organizations, an entity that "aims to close the geographic constraints among Java developers around the world."

I'm not sure, however, about this idea that the existing JUGs are losing their "strength and voice." According to Patrick Curran, chair of the Java Community Process (JCP), the recent success of the Adopt-a-JSR program has been largely due to the efforts of JUGs around the world. In fact, as I reported last month, that program is considered "JUG-lead," and was the brainchild of two user groups: the London Java Community in the U.K. and SouJava in Brazil. Both are voting members of the organization, which gives them a pretty big voice. The list of participating JUGs also includes GoJava (Brazil), Houston JUG (US) and Chennai JUG (China).

Also, it's hard to get excited about virtual beer and pizza.

BTW: The java.net Web site maintains a nice list of JUGs and JUG resources.

Posted by John K. Waters on 11/05/2013 at 4:37 PM0 comments

GitHub Launches Government Portal, Opens New Offices

Earlier this month GitHub, the hosted collaboration platform that all but defined "social coding," launched a new portal site designed to encourage governments and public organizations to connect and share best practices. The new government portal is "dedicated to showcasing the amazing efforts of public servants and civic hackers around the globe," the company says.

The new portal was just announced, but we got an early peek when San Francisco Mayor Ed Lee revealed that the city's municipal code would be posted on the GitHub platform on September 30 during the grand opening of GitHub's new South of Market headquarters. Lee used the event to kick off the city's second annual "Innovation Month," which celebrates the burgeoning tech-industry presence in San Francisco. (The festivities officially started on October 11.)

Posting SF's municipal code on GitHub will make it easier to navigate the dense layers of laws and amendments that affect the city's streets, parks, vehicles, building activities, land use, and public safety, Lee said. More access fosters greater understanding, he said. But more to the point, making the code available in "modern, programmer-friendly formats" opens a new, extremely creaky door to innovation.

"One of the things we're doing together is to get data out of the hands of bureaucrats, who just seem to want to sit on it and protect it...to where people can really use it," the mayor said.

GitHub has deep roots in San Francisco. The founders started their enterprise almost six years ago, the story goes, in a bar just a block from their new offices. The company's new digs, a restored dried fruit storage facility that withstood the 1906 earthquake and fire, includes a ground-floor space set aside for tech talks, meetups, and non-GitHub activities. The company hopes the space will foster what CIO Scott Chacon called "the serendipitous interactions that result in companies like ours."

"I don't think GitHub would exist if it weren't for the vibrant tech culture that exists here," Chacon said. "And we wanted to give back to that community."

From those roots a big organization has grown. The company has expanded its staff from an initial handful of employees to 210 today. More than 4 million users are currently collaborating on GitHub on 8 million projects, and the site sees 16 million unique visitors every month, according to the company.

GitHub, has become one of the world's most popular social coding sites. As I've pointed out before in this space, developers love the Git distributed version-control system developed by Linus Torvalds, and GitHub has played no small role in the growth of that popularity. The service has also enjoyed endorsements from the likes of the Eclipse Foundation, which has begun to allow the hosting of its projects on GitHub to attract new and maturing projects.

The company points to a number of existing GitHub projects now incorporated into the new Government portal, including the Treasury Board Secretariat of Canada's Web Experience Toolkit, which allows for the creation of a set of shared templates for all government Web sites; and the City of Chicago's invitation to coders to issue pull requests from its Open Data Portal of bike routes, bike racks, pedway routes, street locations, and building footprints.

The new GitHub offices also include what I'm pretty sure is a unique reception area: It's a replica of the Oval Office, but instead of the Seal of the President of the United States, the rug features the company's multi-armed feline mascot/logo, the Octocat.

CEO Tom Preston-Werner explained the design to me at the office ribbon cutting: "Who are you if you're sitting on one of those couches in the real Oval Office? You're someone very important, and that's exactly how we want visitors to GitHub to feel."

I understand that a few industry wags have used this whimsical design as an example of high-tech-company wastefulness. I think it offers a peek into the workings of some creative minds.

Posted on 10/21/2013 at 10:29 AM0 comments

Java Community Process: Still Making Progress on Reform

When the Java Community Process (JCP) set out four years ago to take advantage of the Oracle acquisition to implement some much needed reforms, the Java standards organization started with what JCP Chair Patrick Curran referred to as the "low-hanging fruit."

That first Java Specification Request, JSR 348, was all about transparency, participation, agility and governance. It was approved without much fuss. A year later, the JCP sought to merge the two JCP Executive Committees (ECs) -- the SE/EE EC and the ME EC -- under JSR 355. That plan was also approved.

By 2012 the JCP was ready to reach a bit higher in this metaphorical fruit tree, into a tricky tangle known as the Java Specification Participation Agreement (JSPA). Issuing JSR 358 ("A major revision of the Java Community Process") around last year's JavaOne, the JCP started the process.

Reworking the JSPA is a much bigger challenge than anything the JCP has done so far in this multi-year makeover, so no one expected the organization to be finished by this year's JavaOne. JCP Chair Patrick Curran was on hand again at this year's event, and he reported that there has been progress, but offered no specifics.

"The JSPA is big, and it's scary," Curran said. "And you have to be careful what you touch. It's just like modifying legacy code. Sometimes you don't know why some language is in there, so you've got to be careful."

The JSPA sets forth the basic legal structure that allows companies and individuals to participate in the development and distribution of specifications, reference implementations, and technology compatibility kits (TCKs) within the JCP. The current version was created in 2002 through JSR 99. A lot changed in the decade that followed, and sponsors of JSR 358 argue that it's high time for the JCP "to revise this document to ensure that it meets our current needs."

Part of the reason the JCP is working to reform its sign-up contract is that the organization wants to make it easier for individuals to participate in the community, Curran said.

"They're the ones who are actually doing the work," he said. The JCP wants to attract more individual members, he said, because they produce JSRs that are more likely to fit the real needs of Java developers, and decrease the number of "ivory tower" JSRs.

Toward that end, the JCP launched the "Adopt a JSR" program, which encourages individual members of the community to "adopt" a spec request by following its progress, supporting its expert group, and/or reporting back to the wider community on its progress and evangelizing its benefits.

The primary vehicle for the Adopt-a-JSR program is the Java User Groups (JUGs), which can reach out to their memberships and promote participation. In fact, the program is considered "JUG-lead," and was the brainchild of two user groups: the London Java Community in the UK and SouJava in Brazil, who approached the JCP with the idea. Both are voting members of the organization. The list of participating JUGs also includes GoJava (Brazil), Houston JUG (US), and Chennai JUG (China).

The program has been very successful, Curran said: 11 JSRs have been adopted so far, and 18 JUGs are contributing to the Java EE spec.

"This is one of the best things to happen to the organization," Curran said. "It has added some great energy and real enthusiasm."

Posted by John K. Waters on 10/09/2013 at 10:51 AM0 comments

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.