Secure Coding mailing list archives
Hiring folks that are familar with SC practices
From: neumann at csl.sri.com (Peter G. Neumann)
Date: Mon, 5 Jun 2006 9:50:27 PDT
Nice discussion. It arose years ago when software development managers typically had NO experience in software development, but were thought to be good managers. Many disasters ensued. The other side of the coin is that good developers are often TERRIBLE managers. I once wrote Psychosocial Implications of Computer Software Development and Use: Zen and the Art of Computing in Theory and Practice of Software Technolgoy D. Ferrari, M. Bolognani, and J. Goguen (editors), North-Holland, 1983, pages 221-232. An earlier version appeared in Software Engineering Notes, and Will Tracz may even have that online by now. The bottom line is that you need people with well developed and coordinated LEFT- and RIGHT-brained abilities innately. Interviewing someone to be a system-oriented developer is very difficult unless the interviewer has deep knowledge of system-oriented development. Read my DARPA CHATS report on Principled Assuredly Trustworthy Composable Architectures. Your interviewers should have read and understood the essence of that report before being trusted to select good applicants. http://www.csl.sri.com/neumann/chats4.html or pdf or ps Good luck! P
Current thread:
- Hiring folks that are familar with SC practices McGovern, James F (HTSC, IT) (Jun 02)
- Hiring folks that are familar with SC practices ljknews (Jun 04)
- Hiring folks that are familar with SC practices Gunnar Peterson (Jun 04)
- Hiring folks that are familar with SC practices George Capehart (Jun 04)
- <Possible follow-ups>
- Hiring folks that are familar with SC practices Peter G. Neumann (Jun 05)
- Hiring folks that are familar with SC practices ljknews (Jun 04)