微软研发探秘系列课程(1)：卓越软件开发工程师

微软研发探秘系列课程微软研发探秘系列课程(1)(1)：：卓越软件开发工程师卓越软件开发工程师钟钟卫卫微软（中国）有限公司微软（中国）有限公司ISVISV客户支持工程师客户支持工程师Whoarewe?Whoarewe?TotalEngineersTotalEngineers––29,47229,472DevelopmentDevelopment––8,6728,672TestTest––7,2417,241ProgramManagementProgramManagement––6,0136,013InformationTechnologyInformationTechnology––4,0134,013ContentPublishingContentPublishing––1,5831,583InternationalProjectEngineeringInternationalProjectEngineering––592592MultiMulti--DisciplineManagementDisciplineManagement––554554UserExperienceUserExperience––475475CreativeCreative––329329Challenges:LaunchyearFY06Challenges:LaunchyearFY06––0707WehaveaWehaveahugewaveofhugewaveofproductproductlauncheslaunches……KeytransitionwindowsKeytransitionwindowsfollowtheselaunchesfollowtheselaunchesImportantopportunitytorenewourImportantopportunitytorenewourengineeringsystemsengineeringsystemsIndustryleadershipIndustryleadershipOpen,transparentOpen,transparentInteroperabilityInteroperabilityEmbracingEmbracingopenopenstandardsstandardsPredictablePredictableMaintainableMaintainableResilientResilientRecoverableRecoverableProvenProvenSecureagainstattacksSecureagainstattacksProtectsconfidentiality,Protectsconfidentiality,integrity,andavailabilityintegrity,andavailabilityofdataandsystemsofdataandsystemsManageableManageableProtectsfromProtectsfromunwantedunwantedcommunicationcommunicationControlsforControlsforinformationalprivacyinformationalprivacyProducts,onlineProducts,onlineservicesadheretofairservicesadheretofairinformationprinciplesinformationprinciplesAlldaysofriskAlldaysofriskMicrosoftMicrosoftRedHatRedHatDebianDebianMandrakeMandrakeSUSESUSE25255757828274740010010080806060404020205757350300250200150100500MicrosoftMicrosoftRedHatRedHatDebianDebianMandrakeMandrakeSUSESUSEHigh:June2002High:June2002––May2003*May2003*MediumMediumLowLow1010313186861281288686141416616699992222120120686888111111535399Source:“IsWindowsMoreSecurethanLinux?”,Forrester,March2004NIST:U.S.NationalInstitutesofStandardsandTechnologyMicrosofthaslowesttotal42lesshigh-severityvulnerabilitiesthanRedHatMicrosofthasfastestsecurityresponseMicrosoftSDLisproducingresultsLesstotalandhigh-severityvulnerabilitiesFasterfixesforpubliclydisclosedissuesMicrosoftSDLisproducingresultsMicrosoftSDLisproducingresultsLesstotalandhighLesstotalandhigh--severityvulnerabilitiesseverityvulnerabilitiesFasterfixesforpubliclydisclosedissuesFasterfixesforpubliclydisclosedissuesSecurityqualitySecurityqualityBeBeStateoftheArtStateoftheArtWhatdoesitmeanWhatdoesitmeantobestateoftheart?tobestateoftheart?Usingcurrentbestpractices,Usingcurrentbestpractices,processes,andtoolsprocesses,andtoolsDesigningstateofthearttechnologyDesigningstateofthearttechnologyBeingagileandcompetitiveasBeingagileandcompetitiveasweweinnovateinnovateSatisfyingcustomersSatisfyingcustomers100100110110120120130130140140FY99FY99FY00FY00FY01FY01FY02FY02FY03FY03FallFallFY04FY04SpringSpringFY04FY04FallFallFY05FY05SpringSpringFY05FY05117117117117114114108108116116117117120120121121125125FallFallFY06FY06SpringSpringFY06FY06127CustomersatisfactionwithMicrosoft(NSAT)Whyimproveengineering?Whyimproveengineering?Whyimproveengineering?Whyimproveengineering?PerformanceofengineeringsystemsR&DspendingCustomervaluedeliveredExistingengineeringsystemUpdatedengineeringsystemMicrosofttodayEngineeringExcellencetenetsEngineeringExcellencetenetsLineengineeringgroupsareaccountableLineengineeringgroupsareaccountableConstantimprovementConstantimprovementPeople+process+toolsPeople+process+toolsSimplicitySimplicityEfficiencyEfficiencyWhatisEngineeringWhatisEngineeringExcellence?Excellence?EngineeringEngineeringExcellenceExcellencePeoplePeopleProcesProcesssToolsToolsPeopledevelopmentPeopledevelopmentEngineeringEngineeringExcellenceExcellenceProcessProcessPeoplePeopleToolsToolsPeoplePeopleCareerModelsLearningStrategyCareerStagesExperiencesCompetenciesNew!New!MyLearningCenterMyLearningCenterUpdateddesignUpdateddesignPersonalizedplanPersonalizedplanEasiertouseEasiertouseAlignedtocareermodelsAlignedtocareermodelsMyLearningCenterMyLearningCenterProcessimprovementProcessimprovementEngineeringEngineeringExcellenceExcellencePeoplePeopleToolsToolsProcessProcessProcessProcessEngineeringHandbookProductLifeCycleHWHWITITSWSWPracticetypeDefinitionWhogetsitthere?EnforcementmodelPracticetypeMandatoryPreventsshippingasPreventsshippingasapprovedbyapprovedbySteveBSteveBstaffstaffMSDLTapprovalMSDLTapprovalSteveBSteveBStaffapprovalStaffapprovalSignoffviaSignoffviaCheckPointCheckPointExpressExpressFinalsecurityreviewFinalsecurityreviewGeopoliticalGeopoliticalPrivacyPrivacyJavaJavaLicensingLicensingVirusscanningVirusscanningTrademark/copyrightTrademark/copyrightWindowsAPIusageWindowsAPIusageExpectedIswidelyassumedtobeIswidelyassumedtobeadoptedasapprovedbytheadoptedasapprovedbythePDLTsPDLTsMSDLTapprovalMSDLTapprovalFormalexceptionFormalexceptionrequiredrequiredAspartofBGAspartofBGstrategyandstrategyandbusinessplanbusinessplanreviewsreviewsReliabilityReliabilityStaticcodeanalysisStaticcodeanalysisSecuritySDLSecuritySDLAccess