Jazoon 2012: Stay Human – on the future of men and robots

4. July, 2012

What I like about the Jazoon is that they try to widen your horizon. We had presentations how to publish books, psychology and the NASA. This year, the closing keynote was about androids – as in artificial humans, not Google.

Henrik Scharfe from Aalborg University talked about “Stay Human – on the future of men and robots” and Geminoid-DK, an android which Scharfe had built after his image (production notes). For this project, Time magazine put him on the “100 Most Influential People” list in 2012.

According to Scharfe, we’re all part of the “ultimate project: Make sense of the world” in a perpetual loop. To achieve this, we communicate. A very powerful means of communication is the story. Stories need not be true, they have to be relevant. In a sense, we talk to scale, to widen our influence.

During the presentation, Scharfe gave some insight into the production of the android. How odd it feels to enter a room where a copy of yourself is assembled. When the skin on the head is hanging open like from a nasty wound. When “your” arms are still missing. A head without hair. The different stages of coloring. When a worker stabs a needle through the skin to add the facial hair. Thoughts how the workers will treat your copy when you’re not around.

The team did celebrate its “birthday,” the date when it was first activated. For Henrik, it “felt like a friend waking from a long coma.”

After the android was assembled, automatic movements were programmed. We don’t usually notice but the facial expressions only “work” when all the details are right. This was hard to achieve because of the properties of the silicone skin, it’s thickness and the distance to the actuators. When the android is presented in public, this leads to opposite reactions by children and adults.

While adults are fascinated how human-like the android is, children are frightened by it because they sense that something is wrong. When the automatic movements (breathing, blinking) are deactivated and Henrik switches to manual control, this flips. Now, adult and teenagers are worried but the children suddenly see the android as a toy – something they can relate to.

When used as a mannequin, customers are hesitant to touch the clothes on the android while they have no problem to touch the dummies.

Looking at the future, Prof. Scharfe sees new modes of presence. Instead of traveling to Australia for a presentation, you might send your android (or just the skin). Over time, there will be a blended presence.

Beware: His android always causes a commotion at customs (when they stuff him into the X-ray) and the cabin crew (“Who is flying?” “I thought you were!”)

Of course, that causes questions: What happens if someone gets hurt by your android? Or when someone hacks into the remote control? As the androids get smarter (= they will be able to do more things on auto pilot like finding a room in a building), are they allowed to protect themselves against theft or attack?

Do we want to allow people to build androids for recreational activities? What about sex?

What if I order an android that looks like my girl friend? My ex-girl friend? Adolf Hitler? The pope? The President of the United States? My beloved dog? A Saber-toothed tiger (scale 1:1)? A child of mine that died in an accident or from an illness (like in A.I. Artificial Intelligence)?

Can I destroy this android? Walk it to a public square and club it with a baseball bat? Run it over with a car? Shoot it? Have it beg for mercy while I’m doing this? It’s just a recording, right?

If androids get really smart, will we grant them rights? How will you feel when your android greets you in the evening with “Honey, we need to talk. There is this really cute model at the other end of the city. Oh, and I’ll keep the kids.”

Will it be murder when I wipe the memory of such an android?

As you can see, these questions are important because technology just plows on. Technology doesn’t decide what’s right or wrong, we do. Answers will come through technology but we must still ask the questions. We must stay human where it counts.

To do that, more advanced research structured need to be built. It must be more simple for researchers to find relevant information (Watson comes to mind). It must be easier to share research. To collaborate. Today, it’s hard to combine resources. Some things aren’t on-line. Instead of individual PCs, universities and high-schools need to offer cloud services for their staff and students.

And most importantly, research needs to get out of the lab. It’s a neat story that people greet Geminoid DK when they enter the lab and say goodbye even when it’s switched off. But seeing surprise in the faces of children in a crowd only happens on the street.


Jazoon 2012: CQRS – Trauma treatment for architects

4. July, 2012

A few years ago, concurrency and scalability were a hype. Today, it’s a must. But how do you write applications that scale painlessly?

Command and Query Responsibility Segregation (CQRS) is an architectural pattern to address these problems. In his talk, Allard Buijze gave a good introduction. First, some of the problems of the standard approach. Your database, everyone says, must be normalized.

That can lead to a couple of problems:

  • Historic data changes
  • The data model is neither optimized for writes nor for queries

The first problem can result in a scenario like this. Imagine you have a report that tells you the annual turnover. You run the report for 2009 in January, 2010. You run the same report again in 2011 and 2012 and each time, the annual turnover of 2009 gets bigger. What is going on?

The data model is in third normal form. This is great, no data duplication. It’s not so great when data can change over time. So if your invoices point to the products and the products point to the prices, any change of a price will also change all the existing invoices. Or when customers move, all the addresses on the invoices change. There is no way to tell where you sent something.

The solution is to add “valid time range” to each price, address, …, which makes your SQL hideous and helps to keep your bug tracker filled.

It will also make your queries slow since you will need lots and lots of joins. These joins will eventually get in conflict with your updates. Deadlocks occur.

On the architectural side, some problems will be much easier to solve if you ignore the layer boundaries. You will end up business logic in the persistence layer.

Don’t get me wrong. All these problems can be solved but the question here is: Is this amount of pain really necessary?

CQRS to the rescue. The basic idea is to use two domain models instead of one. Sounds like more work? That depends.

With CQRS, you will have more code to maintain but the code will be much more simple. There will be more tables and data will be duplicated in the database but there will never be deadlocks, queries won’t need joins in the usual case (you could get rid of all joins if you wanted). So you trade bugs for code.

How does it work? Split your application into two main parts. One part takes user input and turns that into events which are published. Listeners will then process the events.

Some listeners will write the events into the database. If you need to, you will be able to replay these later. Imagine your customer calls you because of some bug. Instead of asking your customer to explain what happened, you go to the database, copy the events into a test system and replay them. It might take a few minutes but eventually, you will have a system which is in the exact same state as when the bug happened.

Some other listeners will process the events and generate more events (which will also be written to the database). Imagine the event “checkout”. It will contain the current content of the shopping cart. You write that into the database. You need to know what was in the shopping basket? Look for this event.

The trick here is that the event is “independent”. It doesn’t contain foreign keys but immutables or value objects. The value objects are written into a new table. That makes sure that when you come back 10 years later, you will see the exact same shopping cart as the customer saw when she ordered.

When you need to display the shopping cart, you won’t need to join 8 tables. Instead, you’ll need to query 1-2 tables for the ID of the shopping cart. One table will have the header with the customer address, the order number, the date, the total and the second table will contain the items. If you wanted, you could add the foreign keys to the product definition tables but you don’t have to. If that’s enough for you, those two tables could be completely independent of any other table in your database.

The code to fill the database gets the event as input (no database access to read anything from anywhere) and it will only write to those two tables. Minimum amount of dependencies.

The code to display the cart will only need to read those two tables. No deadlocks possible.

The code will be incredibly simple.

If you make a mistake somewhere, you can always replay all the events with the fixed code.

For tests, you can replay the events. No need to a human to click buttons in a web browser (not more than once, anyway).

Since you don’t need foreign keys unless you want to, you can spread the data model over different databases, computers, data centers. Some data would be better in a NoSQL repository? No problem.

Something crashes? Fix the problem, replay the events which got lost.

Instead of developing one huge monster model where each change possibly dirties some existing feature, you can imagine CQRS as developing thousands of mini-applications that work together.

And the best feature: It allows you to retroactively add features. Imagine you want to give users credits for some action. The idea is born one year after the action was added. In a traditional application, it will be hard to assign credit to the existing users. With CQRS, you simply implement the feature, set up the listeners, disable the listeners which already ran (so the action isn’t executed again) and replay the events. Presto, all the existing users will have their credit.


Jazoon 2012: Spring Data JPA – Repositories done right

4. July, 2012

Oliver Gierke presented “Spring Data JPA – Repositories done right” at the Jazoon. The motto of Spring Data could be “deleted code doesn’t contain bugs.” From the web site:

Spring Data makes it easier to build Spring-powered applications that use new data access technologies such as non-relational databases, map-reduce frameworks, and cloud based data services as well as provide improved support for relational database technologies.

Spring Data is an umbrella open source project which contains many subprojects that are specific to a given database. The projects are developed by working together with many of the companies and developers that are behind these exciting technologies.

When you use any form of JPA, you will eventually end up with DAOs which contain many boring methods: getById(), getByName(), getByWhatever(), save(), delete(). How do you like this implementation:

interface MyBaseRepository<T, ID extends Serializable> extends Repository<T, ID> {
  T findOne(ID id);
  T save(T entity);

interface UserRepository extends MyBaseRepository {
  User findByEmailAddress(EmailAddress emailAddress);

“Wait a minute,” I can hear you think, “these are just interfaces. Where is the implementation?”

That is the implementation. You can now inject those interfaces as DAOs and call the methods. Behind the scenes, Spring will generate a proxy for you that actually implements the methods. 0 lines of code for you to write for 95% of the basic DAO methods.

The queries can even be more complex:

List findByEmailAddressAndLastname(EmailAddress emailAddress, String lastname);

The method will generate SQL that searches by those two columns. See the documentation for more examples how you can write queries that use joins.

On top of that, they built a REST exporter which exposes your DAO interfaces with a REST API to a web browser plus a web front end to explore the repository, to run the queries and to create new objects. Impressive.

Jazoon 2012: Improving system development using traceability

4. July, 2012

When you develop a software, you will ask yourself these questions (quoted from here):

  • Is it still possible to accept a late change request? What would be the impact?
  • What is the overall level of completion of the system or a component?
  • Which components are ready for testing?
  • A failure occurs because the system is erroneous. What parts of the system should I check?

In his talk “Improving system development using traceability“, Ömer Gürsoy shows an approach to answer these. The idea is to trace changes end-to-end: From the idea over requirements to design, implementation, tests, bug reports and the product manual. For this to work, you’ll need to

  • Analyze
  • Document
  • Validate
  • Manage

At itemis, they developed tooling support. A plug-in for Eclipse can track changes in all kinds of sources (text documents, UML diagrams, requirement DSLs) and “keep them together”. It can answer questions like “who uses this piece of code?”

The answer will tell you where you need to look to estimate the impact of a change. That helps to avoid traps like underestimation or missing surveillance.

Today, the plug-in shows some promise but there are rough edges left. The main problem is integration with other tools. The plug-in supports extension points to add any kind of data source but that only helps if the data source is willing to share. The second problem is that it doesn’t support versioning right now. It’s on the feature list.

On the positive side, it can create dependencies from a piece of text (say a paragraph in a text file). If you edit other parts of the text file, the tool will make sure the dependency still points to the right part of the text. So you can make notes during a meeting. Afterwards, you can click on the paragraphs and link them to (new) requirements or parts of the code (like modules) that will be affected. Over time, a graph of dependencies will be created that helps you to keep track of everything that is related to some change and how it is related: Where did the request come from? Which code was changed?

Always keep in mind that tracking everything isn’t possible – it would simply too expensive today. But you can track your most important or most dangerous changes. That would give you the most bang for the buck. To do that, you must know what you must track and why.

A feature that I’d like to see is automatic discovery. Especially Java source code should be easy to analyze for dependencies.

Jazoon 2012: Software product creation

4. July, 2012

As we all know, there is no surefire way to get rich. But in his talk “Software product creation”, Robert Brazile bombed the audience with lots of useful hints how to shape the odds in your favor when you try to sell software. His focus was on the “product manager.” A product manager (PM) is the interface between customers, developers and sales. She must know:

  • Which features are important
  • And how important
  • To which customer
  • How long they will take to develop
  • What’s really going to be in the next version
  • What to tell sales
  • What to tell the customer
  • Are you selling a product or a feature?
  • The roadmap

The core tasks of a PM are:

  • Gathering data (bug reports, development points, sales figures)
  • Manage the vision for the product
  • Saying “No” to sales (because they always want to promise everything)

Since the PM is so important, one could assume she has a lot of power. This is true but all the power is indirect. She can’t control the customer. She can’t force sales to tell what she wants them to. She can tell the developers what should be in the next version but that doesn’t mean she’ll get it.

In some ways, she is also like an on-site customer: She must know exactly what each customer needs most dearly and what was promised to them. She knows all the requirements and has a clear idea how to evolve the product in the future.

She’s not sales, but must have know exactly why customers should by the product.

When supporting sales in a meeting with the customer, always undersell and over-deliver. Sales tends to promise everything in the kitchen sink (that’s what they are paid for). As PM, it’s your responsibility to build trust. Only promise features that you are 100% sure will be in the next version. There will be a lot of pressure to say “yes” (customer expectations, accusations by sales that “you’re not a team player”). Always remember: It’s hard to build trust but easy to blow it. There is no blame for being early but a lot of negative consequences for being late.

The main tools of a PM are data (a.k.a facts) and persuasion. The aim is knowledge not solutions. She knows what everyone wants but the teams must provide solutions.

To help with the process, she must aggregate the data into consumable chunks. Just don’t aggregate too much.

“Pricing is an art,” says Robert. In some cases, a higher price can make it easier to sell because cheap means “no value” in the customer’s brain. You might feel compelled to split the product so customers can pay only for what they need. On the other hand, the product should work out of the box – meaning it should have all the features, or customers might feel cheated “why do I have to pay so much for one little extra feature?”

When it comes to selling, faster almost always wins. The generation MTV can’t wait.

When it comes to features, don’t be a victim of your last conversation. Always keep the big picture in mind. Yes, some features are an incredible great idea but do they really fit into your long-term strategy? What do you win if you sell more for a few months just to end up with a product that you can’t evolve anymore?

Biggest Mistakes

  • Telling people what they want to hear
  • No Plan B. Some things will go wrong. Always consider worst cases and risks.
  • Ignoring technical debt and focusing on features only

Jazoon 2012: Agile Chartering: Energize Every Project Liftoff

4. July, 2012

In her talk “Agile Chartering: Energize Every Project Liftoff,” Diana Larsen presented approaches how you can set up your agile projects. Why is that important? When a rocket is launched into space, a lot of preparation happens to make sure the move from ground to space is smooth and successful.

Software projects often ignore this important step.

For example, it would make sense to check the commitment of team members. Commitment comes in two flavors:

  1. Yes, I want to do this
  2. … with the other members of my team

Another important question that each team member will ponder is WIIFM – What’s in it for me? Answers to these questions will have a huge impact on the success of a project.

Regulations are important but don’t forget that the human brain has a limited capacity. If you want them to follow the rules, you must restrict them to five tops.

Member Shields

Another strategy is to create “member shields” where each member writes their name on top of a shield like shape. The shield is then separated into four quadrants:

  1. Which skills to I bring into the team?
  2. What do I need to be successful in the team?
  3. What’s in it for me?
  4. Something personal. No dark secrets, just something that turns you into a person.

Write a motto below the shield.

Put those in a place where every team member can see them.


Make sure that the team members know where the team fits into the organization. Post a 10’000 feet view of the company somewhere.


Agile development is all about risk management: Notice them, rate them, discuss them, act on them.

Good places to look for risks: Team boundaries and interactions: Who depends on the team’s work? On whom does the team depend? Does the team have everything it needs?

What does the team know about the future? What do we not know? What are opportunities and threats?

Remember the PAC triangle: Purpose – Alignment – Context. Every move of one corner influences the other two as well.

Also a lot of risks have their roots in VUCA:  volatilityuncertaintycomplexity and ambiguity.


Jazoon 2012: Serialization: Tips, Traps, and Techniques

29. June, 2012

Every once in a while, you learn something new even though you thought you’d know it all. That’s what happened to me during the talk “Serialization: Tips, Traps, and Techniques” by Ian Partridge.

Serialization is such a basic, old technique that it’s surprising that you can learn something new about it. In a nutshell, serialization converts between object graphs and byte streams.

Unfortunately, the API is one of the oldest in the Java runtime. And it’s not one of the best. On the other hand, it’s used in many places like RMI, EJB, SDO, JPA and distributed caching.

What did I learn? Let’s see.

Did you know that it’s possible to serialize a class (without error) that you can’t read back in? It’s actually pretty simple to do: Don’t provide a default constructor (you know, those without any arguments).

You also shouldn’t try to serialize non-static inner classes because they keep a hidden reference to the outer instance.

When you use serialization, then you must take into account that the serialized form becomes part of the public API. This means that private and even final fields are suddenly part of your API that you need to document. Why? Because ObjectInputStream creates an instance using the default constructor and then it sets the final fields using Unsafe.putObject().

If you check the parameters in your constructor, then you will have to repeat them in readObject(). On top of that, you can’t trust the instances which you get from the Serialization API. An attacker can manipulate the byte stream to get references to internal data structures which you most certainly don’t want to expose.

There were *Unshared() methods added with Java 1.4 to solve these but they don’t work. Forget about them.

Anything else? Oh, yes: The serialVersionUID. Besides all the known problems, there is another one:

private static int COUNTER = 0;</pre>
public static class Version1 implements Serializable {
    void foo() {
        COUNTER = COUNTER + 1;

If someone fixes this code to

private static int COUNTER = 0;</pre>
public static class Version1 implements Serializable {
    void foo() {
        COUNTER += 1;

then deserialization fails for some versions of Java because the generated hidden accessor methods change.

The Serializable Proxy Pattern solves many of the problems.

If you use proxies, consider using Externalizable instead of Serializable