Tech Valley

Software System Evolution

System Evolution – just the thought of it brings me back to my studies of biology but this topic veers a different direction. It’s how software systems evolve to meet new business needs and adapt to changing times.

I love the thought and consideration of system design along with incorporating my consideration for software excellence and quality craftsmanship. I do evangelize “Quality” in my organization and teams at Okta.

The assurance of scalability, performance, and functional experience is fascinating as all facets come together to improve the overall user experience (UX) of a system.

Adaptations to an evolving product lead us to major refactoring of core business logic, replacing and reimagining past held “truths” such as the core belief that “all users will have passwords” in Okta’s original architectural decisions. The models used to create a product are different than those which must be proposed to evolve a product. Continuously, we must ponder to think outside the box as we reimagine what a future product experience can be.

Evolving products must come at the requirement of “do no harm” and this cannot be reiterated enough to ensure we don’t disrupt what’s working and ensure the core paths of our customer’s requirements are maintained. This is contrary from what nature does with evolution due to the notion that a species, a group of individuals, is acted upon by evolution, not the individual itself. In the world of bits, we can act carefully by gating new product features in “feature flag” control switches to revert functionality as quick as possible and leverage the process of canary releases limiting the percentage of our user population exposed to new changes allowing us time to assert expectations and validate for the expected result before finally defaulting to our new evolved user experience.

Bits on Life Tech Valley

Swings in Action

Note — As every aspect of our life is undergoing a monumental shift in response to COVID-19. I want to note my thoughts and readings in order to expose decisions and observations made in a time fraught with uncertainty, fear, and irrationality.


Though COVID-19 was largely obscured from international attention for sometime, China (finally and) officially reported to the World Health Organization on December 31, 2019. Within a month on January 30, 2020 it was declared a Public Health Emergency before first allowing to spread beyond China in January 13, 2020 to Thailand. WHO

Some people were paying attention and this is how I became greatly concerned earlier than the majority of my peers. On January 26th, a precautionary statement was released authored by Nassim Taleb, Yaneer Bar-Yam and Joseph Norman. It’s a strange world when news is more timely and relevant on a social media platform in comparison to professional news outlets.

It will cost something to reduce mobility in the short term, but to fail do so will eventually cost everything—if not from this event, then one in the future. Outbreaks are inevitable, but an appropriately precautionary response can mitigate systemic risk to the globe at large.

Joseph Norman, Yaneer Bar-Yam, and Nassim Nicholas Taleb, Systemic risk of pandemic via novel pathogens – Coronavirus: A note, New England Complex Systems Institute (January 26, 2020)

If you were living in the US, this was largely downplayed by federal officials and consistently compared to another version of the common flu. Before long, as Seattle case count numbers exponentially grew shortly followed by New York, it was tough to for citizens to accept inaction by the government any longer. In the past several weeks, we’ve seen a change in narrative and finally severe restrictions being enacted by officials.

Another terrible twist of this saga was the official statement from the US Surgeon General calling for people to not wear masks claiming they won’t protect you. The motive of this message was understandable, leave the masks to front-line heroes but it was all based off a lie. This led to a long debate on the value of PPE and who should get priority usage.

Current TakeS
  1. Zoom’s incredible ability to scale from 10M to >200M users has been pretty spectacular. I love Zoom and we use it at home and work. There has been a (potentially valid) fear and corresponding reaction by organizations due to Zoom’s privacy and security hardening. Now a growing number of agencies and corporations banned the use of this service for work including SpaceX, NASA and NYC schools. There’s been reports of Google and Microsoft banning Zoom but I discredit that as these companies have their own version of this software. Tech Republic
  2. The stock market has understandably took a nose dive in late May but seems to be irrationally rallying at this time of this writing. This seems irrational with prices echoing a sentiment that things are as good as they were in Q1 of 2019. Nick Maggiulli has had a great series of write-ups on this matter and I’m convinced that we have troubling times and extreme volatility ahead of us. Mohamed El-Erian’s recent interview sits really well with me.
  3. More or less the whole world is under lock down in order to ‘flatten the curve’ and reduce the spread of COVID-19. A crazy figure to consider is that currently 10 percent of the American workforce has filed for unemployment rates. Unfortunately, the true number is hard to gauge and probably higher due to gig-economy workers that lost their income but don’t quality for benefits.
  4. Easing restrictions on lockdown’s is critical to ensure people can get back to earning wages and social unrest is hopefully halted due to increased instability, stress, and lack of income. To do this, we can leverage the concept of a ‘canary release‘ from software development used to introduce changes with minimal risk by gradually rolling out changes to a subset of a population and analyzing the outcome establishing confidence. People are rightly very anxious to get back into their normal way of life and especially return to earning wages. Ray Dalio’s perspective is well worth a read.
  5. #masks4all As the virus can be spread by asymptomatic individuals, many are finally wearing a mask if they find themselves out in public with strangers. On a run to the grocery story to stock up on more produce over the weekend, I however noticed only about 50% of individuals wearing a mask which is deeply concerning. I wear a mask to protect other’s in case I unknowing am carrying the virus – Protect yo neighbors.
— Recent Reads AND listens
— Looking Forward

“There are decades where nothing happens, and there are weeks where decades happen.” — Vladimir Lenin

Bits on Life

Remote Work <> Life Balance

I’ve been working from home professionally for about two years and before that had an incredibly flexible position for three years prior to that. My partner hasn’t experienced remote work for extended periods of time ever so I knew we were embarking on a new experience here.

We’ve been thinking and discussing how difficult it is to maintain a healthy mindset since the transition. I’ve been very fortunate to ramp up to working remotely whereas many people have been thrown into this new territory.

Overall, the main way that I structure my perspectives and thoughts about remote work-life balance is three-fold: Working hours, Life hours, and Health hours. These all weave together in critical ways along with your environment.

Part I – Separating Your Hours
Working Hours
  • Ideas for the space: Warm, bright lighting. Windows. Facing nature.
  • It’s critical for individuals to carve out dedicated deep work hours and strive to stay committed as they were in an office setting
  • The pomodoro technique [1] for productivity is ideal for working from home. I set a mental note of the time and work uninterrupted for anywhere between 25-45 minutes then rest for a couple minutes, stretch, or grab a beverage/snack before getting back to work. After several consecutive sessions of deep work, I take a longer 10-15 minute break in order to stay focused and alert throughout the day.
  • Continue to have time allotted for mental/personal contact either with your work colleagues or your space colleagues. This includes trying to mimic conversations had with colleagues in the office in the common areas asking about life, family, thoughts, gossip, future, et with your work colleagues. If you’re not living alone, this also includes slotting some time to talk together such as sharing coffee during a mutually convenient break.
  • Creating and maintaining a discrete working space is critical. Maddie and I have the luxury of having discrete office spaces for each of us allowing privacy and room during stressful times or meetings.
  • Clothing: Though one can work in pajamas all day doesn’t mean one should. Working from home effectively requires mastering your psychology, incentives, and mindset. I don’t believe that I work worse if I am wearing my pajamas all the time but if I stumble across work and hit a mental lull or a loss of energy and am wearing pajamas, I associate that specific period as a troubling sign and attempt to change my mindset either by refreshing mentally for a couple minutes with a snack or coffee but also altering my outfit to be more conducive to working professionally.
  • Working at home has the devil of being close to a fridge and pantry full of food. Our best advice is to only have healthy snacks (like nuts, peanut butter, and fruits) so that it’s easy to succeed.
  • Use these hours to keep a clean office space
Living Hours
  • Theoretically we can work and work and work until no end but that isn’t sustainable personally. Have a routine of when we usually start and end work is critical to keeping a balance.
  • Differentiating between working during ‘working hours’ and during ‘living hours’ is a requirement. One must not associate all work with ‘working hours’. I collectively group activities during ‘living hours’ as mental leisure such as reading, writing, coding, journaling, and research.
  • This is a stressful situation for everyone and there’s lots to worry about. We had to cancel our wedding due to this pandemic so acknowledging and accepting this fact is very difficult.
  • Use these hours to keep a clean home.
Health Hours
  • With gyms being closed, it’s extra difficult to get a workout in so improvisation is key but as is mentally being in the mindset of “gym time”. Making sure to dedicate hours to working out and sticking to it is key without letting ‘working hours’ or ‘living hours’ get in the way as one does when they take time to work out.
  • We’ve been exploring Nike Training Club Premium [2] which has made their Premium offering free until further notice. The reason we’re giving this app a shot is because of their ability to filter between workouts even if one doesn’t have any equipment at home
Part II – Owning Your Environment

Cleanliness: Clutter and mess is very distracting for thoughts. Opposed to being in an office setting, you can control how much clutter and mess you allow yourself

Hygiene: Our psychology and physiology is very sensitive to routines so it’s best to maintain a consistent schedule as if you were going out in public daily.

Ambience: Being around living beings such as pets or have live plants around is something we’ve found very beneficial for us and have. Artificial plants are also a facet of Maddie’s office adding color and ‘nature’ to the rooms.

Bask in the nature: Starting our day with a run or a walk in addition to separating the hours

Parting Thoughts

Traditional organizations that would have never allowed such a pivotal change in working arrangements have realized (and been forced to) adapt to these restrictions or face being closed for business. Recognize and shift this current working situation as a company perk:

  • Chance to be around family
  • Chance to learn how to cook
  • Chance to use useless commute time to pick up a skill, read, write, etc.
  • Chance to be outside in nature more.

Some people say they’re not productive outside of the office. Though times are challenging, setting up an environment to be comfortable and conducive for work along with separating the separate ‘hours’ is one step to fight this thought.

The importance of personal space cannot be understated, it’s an extreme situation to be with your partner or roommates for pretty much 24/7. Though we are social creatures, we all sometimes need personal space so effective knowledge and communication about when to give space to each other is critical.

This is a time to be here for each other, family, and loved ones. Transitioning to remote check-ins, happy hours, and game nights are some of our new favorite activities. Ensuring that you ask how your contacts are coping with this situation by checking up on each other, getting to the crux of how they’re doing, and active listening is important because everyone expresses stress and uneasiness in different ways.

This is also a moment for us to perform an audit of how we spend our time. Consider what we want to do more off and less off. Consider relationships that are worth growing. Consider the important things of life and how to achieve a state of equanimity regardless of the external conditions occurring in the world.

  1. The Pomodoro Tracker – A useful tool for time management based on Pomodoro Technique.
  2. Nike Training Club App. Home Workouts & More.
Tech Valley

On The Intersections of Complexity and Software Quality

I’ve been trying to deal with how Quality Assurance(QA) leadership and test engineers need to consider QA with a new lens due to increasingly complex, interdependent software architecture designs. A new lens that is appreciative of the multi-faceted nature of software infrastructure, application architecture, dependency risk, and hidden complexities that creep up as the number of interdependent components increases. As a result of my training in biology and having coauthored several peer-reviewed papers, my takeaway of approaching problems is aided by asking the right questions, the openness of being wrong, and calling upon the scientific method which is a hypothesis-driven way of exploring questions and observations. While I’ve taken a left turn away from life sciences and shifted into computer science, I haven’t forgotten my background and process for which to uncover complexity and solve problems.

Over the past year, more and more aspects of complexity theory and algorithms have been on my reading radar mostly to fulfill my interests in big data, scalability, artificial intelligence and networks. At first, these readings seemed disparate from my day job, but slowly pieces laid together with their application to software quality due to the fact that ever-more complex, integrated platforms are being built in order for businesses to better compete in the marketplace.

Failures can stem from development bugs, component integrations, infrastructure glitches, scalability issues, data issues, security vulnerabilities, UI variations, UX flow errors and compatibility issues just to name a handful. We principally suffer from an inability to accurately predict where and when failures will arise from. The traditional approaches of creating elaborate test plans used to be the gold standard when applications were developed as monoliths, however now that software development is shifting to creating functioning components that are dynamic, integrated and iterating quicker than ever. Due to this, the test plan that you think is complete is already two steps behind as development iterations continue steadfast.

Hello Chaos Engineering:

In comes Chaos Engineering theory, Chaos Monkey, and Gremlin with principles that product technologists should keep at the tip of their minds. The tenants of simulating failures at the DNS level, dependency level, CPU level, and network level is incredible to include as part of a product’s verification checklist when the goal is to create reliable systems. Chaos Engineering lives and breaths upon a scientifically-driven execution of random system faults that are controlled and measured in order to better design systems tolerant of turbulent environments. Our goal here is to create a system that, even when it is misbehaving, problems and risks are mitigated, controlled, and appropriate failovers are activated. As Nora Jones from Netflix points out, if a single module within the platform is down (Ex. Movie/Show Recommendation Engine), the result is to elegantly remove that module without disrupting other system components with the user’s positive experience left happily intact.

Hello Continuous Verification:

I’m ashamed to say that I’ve never heard of this term until Casey Rosenthal presented around this topic at a recent conference but it exactly embeds our continued evolution of software craftsmanship. We already orchestrate the technical pieces of software delivery well by leveraging continuous integration and continuous deployments in our processes, however, we have two critical questions left to ask ourselves: Does the output of the system match our expectations and how can we be sure? While creating unit tests, performance tests, and dynamic automated testing harnesses does wonders to ensure regression isn’t introduced and performance doesn’t fall below a specified threshold, we have unknown-unknowns that can wreak havoc on tightly-coupled systems. Thus passive monitoring and static checks aren’t the answer, but proactive and continuous system measurements are critical because we must know how our systems are behaving normally in order to diagnose failures when our systems are experiencing faults.

We already do a great job at the low hanging fruit of quality assurance: static code quality checks, security gaps, functional automation, cross-browser, accessibility, along with operating system variation handling and scalability/performance stress tests. Future software craftsmanship will build atop of the principles of continuous verification. This is inherently tough due to the impossibility of knowing every single use case a feature can be leveraged for keeping in mind that products aren’t always used how their creators designed them (See: Instagram’s deep dive of determining why people post and delete photos days apart. Answer: Merchants using Instagram as a marketplace.). This is where principles of chaos engineering and observability come into play by simulating environment faults and observing application usage from production (respecting privacy concerns and laws). Teams ought to test as close to production as possible with considerations of proper complexity, continuously measure and observe system outputs, create and track effective metrics, and consider failover operations.


Breaking to Learn: Chaos Engineering Explained

Chaos Engineering: Breaking Your Systems for Fun and Profit

Automating Failure Testing Research at Internet Scale

Chaos Engineering Scenarios

Continuous Verification

Continuous Verification: The Missing Link to Fully Automate Your Pipeline

Principles of Chaos Engineering

AWS re:Invent 2017 – Nora Jones Describes Why We Need More Chaos – Chaos Engineering, That Is