Understanding PlantUML Stdlib puml files

Background PlantUML Standard Library includes several icon libraries from different sources (including myself) and they are varied in functionality and how to use them. The most recent addition is…

Github Actions and Workflows

Goals Auto-generate and commit diagrams on diagram source push to repo Auto-check links from Markdown source files on push to repo Auto-generate html from Sphinx RST or MD files GitHub Actions Github…

Continuous Integration Continuous Test Pipeline

This is a "Postcard from the future" vision of automated testing. It gives an overview and details of the automated test levels. The purpose is to elicit feedback on what we want, by presenting a…

Agile Architecture

Architecture Architecture: "the fundamental concepts or properties of a system in its environment embodied in its elements, their relationships, and in the principles of its design and evolution…

Blogs, Booklets, Projects in GitHub

Content on Github I maintain various content: Blogs, Booklets, Projects. The source for this content is in GitHub in different repos. The documentation source lives with the code source. The content…

Cryptographic Agility

Algorithms and keys sizes change over time as technology advances e.g. from DES (to 2TDEA to 3TDEA) to AES . e.g. from RSA to ECC to future Quantum-resistant cryptography e.g. from MD5 to SHA-1 to…

Plantuml ElasticSearch Icons

PlantUML Elastic Sprites Sprites from Elastic for use with PlantUML: here to share with kind permission from the nice guys at Elastic community team. Thanks to Max, David, Philipp for prompt…

RoseCheckers for CERT Secure Coding Standards for C and C++ checks

Rosecheckers is a static analysis tool for C/C++ source code. Specifically, it applies the CERT Secure Coding Standards for C and C++ checks . In general, relative to cppcheck or "gcc -wall" it…

Documenting Code

See https://crashedmind.github.io/docdac-site/ as an example documentation built with the tool and code it is describing. There are 2 types of documentation: describes the code - aimed at a…

Principles and Patterns For Secure Software

Principles provide the high level guidelines for a system. Patterns can be applied to implement these principles and allow use of known good solutions for common problems. Principles Some of the…

Software Documentation

Doxygen can be used to create software documentation using many input (and ouput) formats. Here we use it to combine doxygen tags that describe function parameters, a PlantUML diagram, and Markdown in…

PlantUML Open Security Architecture Icons

Open Security Architecture (OSA) is an excellent resource for security architects providing a catalog of controls, patterns, and requirements from numerous standards, governance frameworks…

PlantUML

PlantUML can be used to create several UML diagram types from a simple text file description. It can run from command line, editor (e.g. VSCode plugin ), browser (e.g. Chrome browser ) or online…

ARC42 Architecture

Arc42 is a template for architecture communication and documentation. "Arc" is for Architecture, and "42" is based on the book "Hitchhikers Guide to the Galaxy", by Douglas Adams, where "42" is the…

C4 Architecture

“Big design up front is dumb, but doing no design up front is even dumber.” Dave Thomas The C4 Model is a lightweight software architecture description method. It consists of a set of 4 diagrams…

Attack Tree Threat Modelling

Attack trees provide a methodical way of describing the security of systems,based on varying known attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the…

Software Assurance

Software assurance (SwA) is defined as "the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during…

DevSecOps Thoughts from the Trenches

Dev(Sec)Ops Thoughts from the Trenches Presentation This presentation is a tour of a Dev(Sec)Ops factory, highlighting some key points about each part. It emphasises The end goal: Delivering Value…

SONAR Source Code Quality Dashboard

Sonar is an open source platform to manage source code quality: Main objective: make code quality management accessible to everyone with minimal effort with a dashboard view and quality gates. It…

Definition of Ready, Done, Acceptance Criteria

Deliver Value An organisation delivers value to the customer through a timely efficient solution value : we deliver customer value - not hardware - not software - and not the things that have no value…

Value Stream Mapping

Reduce Time to Market with Value Stream Mapping The value stream is the most important organizational construct in SAFe . “Taking a systems view of value delivery" means understanding all the steps…

Trello BookShelf

Trello has many uses - including as a virtual bookshelf organised by the value it delivers to you. Organize books by value to you the area you want to learn about the value of each book in that area…

Deliver Value - Filter - Focus - Flow

Value Stream "Your mental energy is your most valuable asset" so we need to spend it wisely (The Science of Intelligent Achievement: How Smart People Focus, Create and Grow Their Way to Success) Don…

Jira queries

JIRA queries unleash the full power of JIRA. Below is a living list of some useful queries. Find Issues That I Updated Recently Find Only Open Issues That I Updated Recently Find all issues in a user…

Static Site Generation - again

Decades ago (before PHP ), I maintained a photo gallery website of personal images. The content was static i.e. no database or javascript. I wrote some Perl scripts to resize the images (main and…