News from the World of Software Development – January 2018

devnews-januaryWelcome to our first news digest of the New Year. We offer a few interesting stories from the software development world from the previous month with a measure of our own analysis. Hopefully, you are able to wean some actionable information from the latest IT news to help inspire your own development efforts.

If you are interested in checking out last December’s digest, simply click on the following link.

Spectre and Meltdown Fallout continues Unabated

Obviously, the kerfuffle surrounding Spectre and Meltdown – and its mitigation – continues to dominate the tech news this month. We covered the story for the first time last week, and have more information to report in this digest. Let’s take a closer look.

Linux creator, Linus Torvalds offered some pointed criticism at Intel. He called a set of Intel’s patches for the chip flaw vulnerability “garbage.” Linus continues to be known for his outspoken nature, and this incident is no exception. His opinion was reported on in ZDNet as well as other tech media sources.

“They do literally insane things. They do things that do not make sense. And I really don’t want to see these garbage patches just mindlessly sent around,” added Torvalds. This latest outburst comes after a shot at Intel soon after the chip issue first became known.

“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed,” said Torvalds.

Spectre and Meltdown caused a delay in the release of the new Linux version, 4.15. Torvalds expects another release candidate instead of the arrival of the final Linux build.

Intel responds to the Criticism

Earlier this Tuesday, Intel responded to Torvalds’ barb. “We take the feedback of industry partners seriously. We are actively engaging with the Linux community, including Linus, as we seek to work together on solutions,” the chipmaker commented.

In a sense, Intel’s attempts to fix their chip flaw are almost worse than the initial problem. This week, The Verge reported on the chipmaker advising users not to install patches released earlier this month. Users reported servers and PCs randomly rebooting after those patches were installed.

“We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms, as they may introduce higher than expected reboots and other unpredictable system behavior,” wrote Intel Executive Vice President, Navin Shenoy. Needless to say, pay attention to the news around Spectre and Meltdown to ensure minimal disruption to your company’s operations.

Making Application Design Faster

A new product from MEGA International offers the potential to speed up the software architecture process. HOPEX Application Design fosters a common approach to generating application requirements. It leverages a SOA approach while also using traditional modeling methods like UML.

The tool works seamlessly with both Agile and traditional software development methodologies. It promises to reduce the number of sprints while also delivering a more robust application in the end. If your organization is looking for a new app design tool, HOPEX is likely worth your attention.

That’s it for this edition of the Betica Software Development News Digest. We’ll see you next month. As always, thanks for reading!

The Impact of Spectre and Meltdown on IT Operations

Screen Shot 2018-01-19 at 3.03.59 PM


Undoubtedly, the news about the Intel and AMD microprocessor flaws – targeted by exploits known as Meltdown and Spectre – reached your desk over the last few weeks. It is important for these chipmakers to fix the issue, lest those holes provide the means for cybercriminal activity. Unfortunately, some fixes hamper CPU performance, affecting users from the personal to the corporate.

Let’s take a closer look at this important problem that software engineers and their management need to consider. Its impact on the performance of their applications – both deployed and currently in development – is notable.


The CPU Fixes for Meltdown and Spectre

A recent article in TechRepublic analyzed some approaches to fix the CPU architecture flaws used by Meltdown and Spectre. Unfortunately, while offering a measure of protection to computers powered by these Intel and AMD chips, the performance hits are significant. Software patches or not; ultimately, a new chip design is what’s needed for the future.

One patch leverages a technique known as Kernel Page Table Isolation (KPTI). TechRepublic’s James Sanders notes early reports stating a 30 percent performance degradation due to the patch. He feels this number is exaggerated compared to real world usage scenarios.

The KPTI approach essentially separates the chip’s page tables for user-space and kernel-space. Naturally, this comes with a subsequent performance cost. Sanders feels the use of process-context identifiers (PCIDs) helps to mitigate the issue. The problem involves the lack of support for PCIDs in the most recent versions of Linux.

He mentions a few recent benchmarks analyzing server performance on Linux boxes with KPTI enabled. Some of these tests involved running PostgreSQL processes, which should be relevant to many of our readers.


Fixes for Intel Chip Flaws impact PostgreSQL Performance

 Developer, Andres Freund, ran a few Postgres processes on servers using KPTI without PCID enabled. His full set of benchmarks are available here. Notably the results showed a performance hit of anywhere from 7-17 percent to 16-23 percent depending on the workload of the individual process.

Sanders feels changing to a Linux kernel with PCID support helps to mitigate the degradation in performance. Still, this causes extra work for network administrators ultimately due to a mistake in chip architecture from the two leading manufacturers in the industry. This reflects poorly on both companies in a Cloud-based era where so many businesses of all sizes depend on good performance.

Other high throughput databases, like the in-memory NoSQL data store, Redis, display similar performance issues due to the patches for Meltdown and Spectre. They also get a subsequent boost in horsepower by using the Linux kernel with PCIDs enabled.

According to the article, these benchmark results don’t necessarily apply in other computing scenarios. Blender, the 3D graphics tool, and the venerable web server Apache don’t receive a performance boost from PCID. The performance impact of the KPTI patch was also smaller.

Other companies, notably Google, are taking steps to protect CPUs from the Meltdown and Spectre exploits without performance issues. Google’s Reptoline especially shows promise, but requires a full recompilation of the OS and all applications. Ultimately, make sure to research these other options to ensure your servers stay protected while maintaining the highest performance possible.


Stay tuned to the Betica Blog for additional news and insights from the software development world. Thanks for reading!

2018 Trends in Agile and DevOps


2017 saw Agile remain a preeminent methodology for software development, while DevOps continued to become an industry standard for progressive IT organizations. The New Year is expected to bring more of the same, especially as DevOps matures and companies become more adept at its techniques. What follows is a look at some of the major trends for both frameworks in the upcoming year.

If you are interested in checking out our 2018 trends for software development, simply click on the following link.

Lifecycle Management Software combines Agile and DevOps Approaches

At their core, both Agile and DevOps helps organizations better manage the application lifecycle of their software. In 2018, expect the tools used for lifecycle management to leverage approaches from both frameworks. This isn’t surprising, since we previously discussed how companies already experienced with Agile find it easier to implement DevOps.

Considering pushback against inflexible DevOps tool chains was one of our software development trends for this year, improving the toolset by adding the flexibility typical of Agile makes perfect sense. Keep an eye on enhancements in ALM tools throughout 2018.

Getting Executive Buy-in for DevOps Initiatives becomes Easier

DevOps becoming an industry standard obviously means more companies are spending resources on its adoption. Since executives tend to pay close attention to what their competition is doing, they are likely to be more willing to approve the budget for DevOps projects in 2018.

A recent Gartner study notes that IT-related initiatives are now the second highest priority for executives for this year. This is the highest ranking for technology projects since Gartner began tracking that metric. In short, expect DevOps projects to be the rage all across the technology world over the next 12 months.

Traditional Business Metrics no longer applies to Agile

With Agile becoming more entrenched as a software development methodology, traditional project metrics aren’t as useful for tracking business value. Expect better reporting tools to become more popular for companies using Agile in 2018. Those who also follow DevOps can take advantage of metrics able to track the entire lifecycle from development to deployment to maintenance.

Companies able to combine Agile and DevOps with their strategic planning initiatives stay ahead of the game compared to those firms taking an individual silo-based approach.

Improved DevOps Training helping Companies’ Transformation

Even as DevOps becomes ingrained throughout the business world, good companies still struggle with its adoption. Organizations typically add experienced practitioners of the framework on a temporary basis to help to get up to speed. In 2018, improved DevOps training courses are expected to become more widely available.

It is also reasonable to predict DevOps certifications to become popular as companies look to hire IT pros with the right skills as part of their new initiatives. Considering the growing importance of Information Security throughout the tech world, specialized DevSecOps certifications are another easy bet to make for 2018.

So, keep an eye on these trends throughout the year to see if our predictions came true once 2019 is upon us. Hopefully, your projects over the next 12 months are successful!

Keep coming back to the Betica Blog for additional dispatches and analysis from the constantly changing software development world. Thanks for reading!