LOGIN | REGISTER NOW | SUBSCRIBE
 
 
News on Monday
more>>
SharePoint Tech Report
more>>


   

 
 
Download Current Issue
ISSUE 2/1/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?


 
blogs tab
Visual Studio 2010 Release Candidate Available Today
A Visual Studio 2010 release candidate is available on MSDN.
02/09/2010 09:45 AM EST

Is Microsoft eyeing Office subscription pricing?
Microsoft may be preparing to offer a new Office pricing option called "union," which charges the same for cloud as on-premises.
02/01/2010 09:38 AM EST

Facebook rewrites PHP runtime
Facebook is about to open source its own PHP runtime, written from scratch for speed.
01/30/2010 08:53 PM EST

 

Events calendar tab
Macworld 2010
2/9/2010 to 2/13/2010
San Francisco
IDG World Expo

SPTechCon 2010
2/10/2010 to 2/12/2010
San Francisco
BZ Media

PyCon 2010 (Python Conf.)
2/17/2010 to 2/25/2010
Atlanta
Python Software Foundation

Southern Calif. Linux Expo
2/19/2010 to 2/20/2010
Los Angeles
SCALE

IBM Pulse
2/21/2010 to 2/24/2010
Las Vegas
IBM


 
print Printable version 
Most Read Latest News Blog Resources
Facebook brings HipHop to PHP
HipHop compiles PHP to speed up the Web layer at world's most popular social networking si...

Adobe moves LiveCycle application platform to the cloud
Release gives developers just what they need to create targeted business process-oriented ...

Syncfusion announces component suite for .NET 4
Essential Studio 2010 has business intelligence, reporting and UI controls, ready for .NET...

Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter

From the Editors: Microsoft right to accept UML


By SD Times News Team
October 1, 2008 — 
Eyebrows were raised when Microsoft released modeling tools as part of its Visual Studio 2005 Team System (VSTS). While it’s certainly common for Microsoft to eschew industry standards for proprietary approaches, few had expected Redmond’s “not invented here” syndrome to extend to the Unified Modeling Language.

Yet, as this newspaper first reported in June 2004, the modeling tools in the Team Architect version of VSTS were based on the company’s own notation, which was quite separate from UML. It wasn’t just a subset; it was an implementation that reflected Microsoft’s own idea of what developers needed for modeling.

Now, more than four years later, Microsoft has done an about-face: It has joined Object Management Group and will contribute to OMG’s UML initiatives. While it’s not clear how UML will be implemented in future Microsoft tools or what will happen to Microsoft’s own modeling notation, we can expect more UML, not less.

Does that mean Microsoft was wrong to avoid UML in its original implementation of VSTS? Not at all. There was no culture of formal modeling in Microsoft’s traditional customer base of smaller and mid-sized companies. Formal UML-based modeling was far too complex for that market segment and would have worked against the rapid application development that characterized .NET development. In 2004, Microsoft was right to introduce modeling but to hold back from embracing UML.

Times have changed. UML is more streamlined, and the projects being constructed with .NET are larger. In 2008, Microsoft is right to join the OMG, to take part in future work on UML development and to help its developers move to model-driven development.

Security in the life cycle
It was no small challenge for Microsoft to make security an integral part of its software development life cycle; the company had to overcome a raft of cultural, political and technical obstacles. So its decision to share its know-how with customers should be a great help to enterprises that are struggling with those same problems.

As we report in this issue, Microsoft has created programs that will eventually build an ecosystem around its security development life cycle (SDL). In doing so, Microsoft is securing its platforms down the stack, helping to assure information integrity and privacy for its customers.

While it will take time for SDL know-how to trickle down from its programs to its customers, Microsoft has also delivered a tool that is suitable for the security layperson. The SDL threat modeling tool takes knowledge that was once the domain of security experts and packages it in a context that developers can more easily understand.

We believe the tool will be an asset to Microsoft shops that are beginning to take a hard look at software security, helping to demystify the topic. There is really nothing else like it out there, and Microsoft has once again demonstrated that its core competency is platforms and tools that people can understand.

But SDL did not spring up overnight; Microsoft has been building out the programs for years. We have to ask why Microsoft did not bring the work to light sooner, because, according to its own data, malicious hackers have shifted their sights away from major operating systems and onto applications. Did Microsoft not see that coming?

The internal build of the SDL threat modeler is version 3.0, and Microsoft created the tool all the way back in 1999. Packaging up the software today is akin to giving children Halloween candy for Christmas.

Our griping aside, Microsoft has done a superb job adopting its SDL, and it has made a public commitment to security that other large vendors have not matched. More important, the software giant is showing a commitment to its customers and to helping secure part of its stack that is not strictly its responsibility.

It is an extraordinary step, and Redmond has earned our praise.


Related Search Term(s): UMLVisual StudioMicrosoft


Share this link: http://www.sdtimes.com/link/32918
 

Add comment


Name*
Email*  
Country     


  • Comment
  • Preview
Loading