Messages from the Director

It my pleasure to welcome two new faculty members to the Institute for Software Research: Dr. Joshua Garcia and Dr. Iftekhar Ahmed. They both join the School of ICS as Assistant Professors in the general area of Software Engineering. Dr. Joshua Garcia has been a post-doctoral researcher working with Prof. Sam Malek. His research is in security and quality of software, especially in the mobile domain. Dr. Iftekhar Ahmed comes to us from Oregon State University, where he received his Ph.D. His research interests combine software testing, analysis, and machine learning. We are very excited to have them both join ISR, and wish them great success here at UCI!

Interim Director Prof. Cristina Videira LopesFor all who read the ISR Connector newsletter, you will notice that this space has a new author: me. As of July 1st, 2017, Prof. Richard (Dick) Taylor retired from the directorship; I have the honor of being Interim Director for this academic year. Under Dick’s leadership, ISR was a solid rock that supported important research in software engineering and computer-supported cooperative work; it gave faculty, students, alumni, industry, and friends a sense of community. I plan to continue what Dick started, and will support research in topics that are especially relevant today. Cybersecurity is one of those topics.

ISR Director Richard N. TaylorOn July 1 of this year Professor Crista Lopes became the Interim Director of the Institute for Software Research. Crista has served as Associate Director during this past year and will be leading ISR forward. I am very happy with this transition, as it will provide new energy to ISR as it expands in new directions. Crista is eminently qualified. She is a Distinguished Scientist of the ACM, the premier professional computer science association, and a Senior Member of the IEEE.

Cybersecurity has moved from an occasional-but-unnerving news item to a persistent, pervasive concern.  As the White House has made clear, “cybersecurity is one of the most important challenges we face as a Nation.  Advances in cybersecurity science and engineering are urgently needed to preserve the Internet’s social and economic benefits.”  Neither Southern California, nor our Nation, is where it needs to be to protect against trade secret and other theft, compromise of private information, threats to our critical infrastructure, and, most recently, attempts to influence democratic processes.  We believe that this is one of the grand technical and policy challenges of our time.

The ISR Research Forum held at UCI in late May of this year was highlighted by two keynote addresses, one by Dr. Eric Dashofy from The Aerospace Corporation and the other by Dr. Marija Mikic from Google, Inc. Though titled differently and addressing somewhat different concerns the two talks both fundamentally addressed how software can be, and is being, built in industry today. Software architecture was a common theme, but with two very different takes: Dashofy highlighted the limits imposed on principle-driven design by the ever-encroaching maw of frameworks; Mikic highlighted how up-front, clear, documented design coupled with an admirably comprehensive development process rules the day within Google. The ensuing discussion centered around what corporate and/or financial characteristics need to be in place before a “doing it right” approach is both feasible and cost-effective.

It used to be that only an absolute monarch like Louis XIV of France would have the temerity to say, “The state, it is I.”  Now everybody is in on the act.

“It’s like déjà vu all over again.”

Perhaps you saw the news headlines in late July that the Social Security Administration has spent close to $300 million to procure a system known as the Disability Case Processing System (DCPS). According to a letter to the SSA from the House Committee on Oversight and Government Reform, “The DCPS project was intended to improve case processing quality, enhance customer service, and reduce administrative costs among SSA and state disability determination services.” But unfortunately the letter goes on to say, “While the Committee supports modernizing antiquated technology, the DCPS project is costly and years behind schedule.” Because of problems with the procurement, McKinsey & Company was hired to investigate. Their report notes “the project has permanently been in `beta,’ meaning a pre-release version.” Indeed. According to the McKinsey report, now available in redacted form on the House Committee’s website, “For [the] past 5 years, Release 1.0 [is] consistently projected to be 24-32 months away.” The House letter and the redacted report never mention who the prime vendor on the procurement is, but it is easy to ascertain. Recalling my commentary in the previous issue of the ISR Connector noting some failures of a CMMI Level 5 organization at the heart of the healthcare.gov fiasco, you might think you know where this SSA story is going to end up. Well, not exactly. While the parent organization advertises in a slide deck from 2012 that it is “CMMI Level 5,” a closer study reveals that the sub-group within that parent organization that has been doing the work was assessed at level 3 in 2013.

Taylor imageSpoken to any software developers about HealthCare.gov?  Everyone that I’ve spoken with, of whatever political persuasion, cringes when the topic comes up.  It seems that every conceivable principle of software development was, and is being, violated.  In a perverse way it is the ultimate source of compelling illustrations of what not to do.  Whether the issues are requirements, design, testing, deployment, or management, HealthCare.gov is replete with anti-patterns.  From the oldest lessons captured in The Mythical Man-Month to the latest best practices in website architecture, HeathCare.gov seemingly has gone the opposite direction.

ISR Director Richard N. TaylorRetirement!  Or not!

If you had the pleasure of attending the most recent ISR Forum, on May 31st, you heard me announce that I am retiring from the University of California, effective July 1st.  You also heard me say that I am continuing as Director of ISR for the coming year.  

What gives?

Director Richard N. TaylorIn the parlance of the University of California system, the Institute for Software Research is an “Organized Research Unit,” or ORU.  All ORUs are reviewed at five-year intervals by the University to determine if they are still performing top-tier research and providing important services to the University and to the community at large.  ISR’s most recent review began last summer, with our preparation of a large summary-of-progress report, followed by scrutiny by anonymous reviewers external to the university, followed by still-further review by a committee within the university.  After all that work (whew!) I am happy to report that we were renewed for another five years! 

Pages