Developer Ecosystems for Software Safety – Communications of the ACM 🚀
https://cacm.acm.org/practice/developer-ecosystems-for-software-safety/

Describes practices used at Google to improve software quality and security.

Safe deployment practices:

  • Cloud platforms provide higher-level abstractions and consistency.

  • Config-as-code replaces GUI- and CLI-driven configuration with a process that is more trackable and accountable.

  • Zero Touch Prod and safe proxies protect systems from human error.

At Google, we sometimes say, "Software engineering is programming integrated over time."

...Google addresses this challenge by designing a developer ecosystem to ensure that all services developed and deployed in this environment have the desired properties. We achieve high levels of assurance by applying the principle of “Design for Understandability” — Key developer ecosystem components are designed to ensure the property for any arbitrary application, assuming only that application code is well-typed, passes conformance checks, and satisfies basic assumptions.

Jun 20, 2024 (16:27 UTC) google quality security cacm christophkern

recentadvice aftershokz agents agi ai alienhominid alltheplaces android apimanagement apis apisyouwonthate appengine apple art auden automation avro badshah beastieboys benfolds bios blogging boba bobdylan books breaches breakfast brevity brunopedro bsky buf bullshit cacm cameronblevins capitalism changesets chatgpt cherylwaters christophkern cli cloud cloudrun cncf coffee commenting community companies concerts conferences connect cplusplus css dart dartmouth dashboards data databases datalakes datapoisoning debugging defunkt design devex devsite diet dirtywave documentation easteregg eda editions editors edm eks empire endpoints engineering envoy events faith family finch flaxseed frost fruit ftc gallbladder games gateway gateways gcp geekbench geo girard github gloo go google googlemaps gorilla gregorymone grpc grpcweb hacking health healthchecks heartworms help heresy hichord history homelab http hype hypebusting iceberg ideas imgoing india innerengineering inonshkedy integrations interviews iusethis jamesmurphy java jennifergovola jokes json juliaangwin k8s kafka kagi kaitenzushi keithharing kelseyhightower kentstate kexp kiosks kubernetes law lcdsoundsystem licenses linkblogs llms localfirst locations lucagalente lyrics m8 malloryhaigh martinkleppman matduggan materialdesign mccarthy meetups meridethwhittaker meta microsoft middleware minipcs minneapolis minsky museum music nat networking nginx npr nutrition nyt openapi opensource openstreetmap operators oreilly otobokebeaver overture pancakes performances pescatarian peterdenning pharisees pinboard pinkpantheress platformcon platformengineering platforms podcasts poetry portland portugaltheman postgis postideas privacy production productreviews programming prost protobuf protocolbuffers protos pubsub python quality ransomware raphaelpinson recipes repos rss rtree rubrik rust saas sabotage sadhguru santaclarauniversity score scrapers scu sdks seahorse search security sfmoma signal snl snowflake software songs soup spotify spotifyengineering sqlite startups steelydan storage strawberries styleguides sudorandom super73 sushi synthesizer synthhistory teams teensy tiles timbowmanjr timburks tinydesk toddlyons tonic trackers travel turing unkey usps vanta vegan via:license victortangermann videos vulnerability walking web webarchive webinars weezer wikimedia williamdalrymple wix workflows workouts yoga youtube zed zombiezen