Oct 26, 2011

UML Review–Views

A brief review of UML.

UML is a modelling system.  Every model is a simplification of the real thing and is intended to highlight the focus of that model and to recede what is not important for that particular model.   Reality cannot be modelled fully.  We will always have to select the perspective, or ‘view’, that we want to focus on.

UML is designed around a set of views. Its notations allow you to create diagrams that model a particular view.

Static View. The static view models the structure of the application domain. You use the Class diagram to represent the static view.

Use Case View.  Shows the functions of the system in its interaction with entities outside of it.  These entities are the ‘actors’.  The functionality is grouped together into use cases, where a use case is a specific transaction (or usage) of the system.  The Use Case diagram is used to present the Use Case View.

Interaction View. UML being object-oriented oriented (sic), entities communicate with each other through messages.  The Interaction View shows the message-passing interaction between the entities (strictly speaking, ‘between the roles’). UML has two diagrams that capture these interactions, the Sequence diagram, and the Collaboration diagram.  The Sequence diagram shows the messages and their sent between the different roles as each role requests and responds to the messaged.  The collaboration diagram focuses on the links between objects during an interaction.  So while the Sequence Diagram highlights the messages and their sequences during a specific transaction, the Collaboration Diagram highlights which objects are involved in the same transaction.  There is clearly some overlap between the two diagrams, and in practice, the Collaboration Diagram tends to be given up in favour of the Sequence Diagram.

State Machine View. Unlike the previous views, the State Machine view focuses on only one object or class.  This view models all the possible states of an object, what states it can transition to from each of those states, and what would cause it to transition to each of those states. The statechart diagram is used to draw this view.

Activity View.  This view maps the activities performed by whatever entity we want to model.  We do not have to pick an entity, in fact, and just proceed to model activities related to a particular outcome.  This view is similar to a project network diagram in that it simply maps dependencies and sequences of activities to produce a result.  You use the activity diagram to create this view.

Physical View. The physical views leave the world of concepts to model the physical realities.  There are two physical views in UML.  The implementation view shows the various software components and the links between them.  This is captured using a Component Diagram.  The other view is the deployment view, which shows the software components in the physical computers and servers they will be deployed in.

Oct 24, 2011

THE TRIPLE CONSTRAINTS ANOMALY

You cannot possibly be a project manager and not have heard of the term 'Triple Constraints', and the surest sign that you are a novice project manager is your belief that the Triple Constraints is made up a 3 things.

That is one of the odd things about this term.  Originally, it was indeed about three constraints: Cost, Time, and Scope – project and programme managers have to deliver the goods (Scope), within the budget (Cost), within the schedule (Time).

Later, thinkers thought to add 'Quality' because well, sure, you can deliver the goods, but are the goods you deliver up-to-spec?. So the Triple Constraints began to consist of four items.  There are some heretics (or perhaps they are prophets of wisdom) who insist that Quality is just part of Scope, and ought not be considered separately from the other.  The argument is, if you delivered 600 green umbrellas rather than the required 600 red umbrellas, it is not a 'Quality' problem but a Scope problem – you simply didn't deliver what was asked for.

Project managers with more than a week experience, began to realise that despite their personal charm, the world doesn't revolve around them or their naive assumptions. 

Things go wrong.

"We need to add another constraint - Risk", came the chorus. And so the Triple Constraints became five (and have to be redrawn as a pentagon – we are not geometrical ignorami, after all)

Courageous project and programme managers soon began to point out their specialty: delivering goods within the constraints of time, cost, scope, quality, and risks. There is no need to be mean-spirited by reminding them that postmen and newspaper delivery kids and mothers and housewives, have been doing the same since the invention of anything.

But no matter how well we think we manage the five constraints, projects still tend to head south, and so we need another constraint to lay the blame on.

Resources.

"Surely Resources are a constraint!" came the battle-cry of the project and programme manager. "Even if I have a budget of $50 million if I cannot find Fortran programmers, my Fortran project cannot succeed." And of course, when they burn up my $50 million without delivering anything, they can point to the incompetent resources they had to work with. 

But let's take a step back (after first checking we are not on the edge of a cliff; risk management in action).

We can take the view that the constraints are about what a project manager has to deliver against. Or we can take the view that the constraints are 'natural' limitations that enterprises have to balance when deciding which projects to undertake.

We want to finish the project as soon as possible so we can reap the benefits and start other projects as well. But to finish faster means applying more resources. This is a natural constraint in our world.

We want to do it right the first time, but it will mean more time and more cost, so we may need to cut a little bit of scope here and there. Another natural constraint.

We want to deliver the project as cheaply as possible, but if we put a limited number of resources will take the project that much longer to finish. Another natural constraint.

I think the Triple Constraints are about having the enterprise (not the project manager) balance between the 3 (not six) constraints.  The project manager, for his part have to deliver the Triple Constraints while working through the constraints of Risks and Resources. (Quality is part of Scope).

Oct 15, 2011

Risk Velocity

Someone asked about ‘risk velocity’ in the Linkedin discussion groups.  She was asking about its use as a criteria in prioritising risks. But she was also interested about the term itself. Why ‘velocity’?  What did the (so far anonymous) coiners of the term have in mind?  The original poster notes that definitions of the term were very vague. 

Subsequent comments from the other posters bear this out – it seems everyone had their own thoughts about what risk velocity meant.  I myself had none, having not heard of this term before.

One poster suggested that risk velocity is about the ‘timeframe within which the risk event might occur’.  That is, ‘risk proximity’ (which begs the question – what’s the difference between the two?).

Another poster posited that risk velocity is not the proximity of the risk itself, but the time to impact of its consequences.  That is, how much time do we have before the consequences happen after the risk occurs?  This poster rather correctly points out that the common measure of risk, which is “probability x impact”, tells us nothing about when either the risk or its impact might occur.

A third poster comments that he sometimes uses ‘Velocity of Risk’ to describe the state of the financial market.  Presumably, during a volatile situation, the velocity is higher.  This is somewhat akin to wind velocity, blowing more violently in a hurricane, and much more calmly in normal weather.

A commenter named Val brings forward her own use of the term. If I understand her correctly, she uses risk velocity to describe how the risk grows the longer it takes to mitigate its occurrence.  Her example tells me she is talking about the impact growing the longer we wait to mitigate. 

Someone named Peter chimes in, properly noting that ‘velocity’ is a vector – a measure containing both magnitude and direction.  He posits that perhaps the term includes (or should include) the idea of something that is moving in a certain direction. Perhaps we are running directly into the risk (or the risk is bearing directly towards us), perhaps it might be a glancing blow, perhaps it may bypass us.

Yet another poster writes that her use of risk velocity is about assessing the likelihood of an event in a specific timeframe, that is, assessing that an event has a 50% chance of happening in the next 3 months, is much more useful than merely saying it has a 50% chance of happening.   While certainly sound, I just don’t see that this has any connection at all about velocity.

In a later post the original poster reveals her own understanding,  which is that risk velocity was about the rate of change of the likelihood, and not at all about the impact.

There were dozens of other further comments, too many to note here.  Some went beyond the original question, but providing interesting insights.

But what of it?  What about risk velocity?  Can it be used to rank risks?  I think the idea of getting a  good understanding of when a risk might occur (risk proximity) and how soon the impact will happen after the risk event occurs is sound, but very inadequate. 

First, which impact are we talking about?  The initial impact?  The follow-on impacts?  The maximum impact?  You need a good understanding of the impacts, when they will occur, how they will occur, in which order, and so on.  Some impacts will occur immediately, some will occur later.  How can a single risk velocity number capture these characteristics?

Risk velocity, as a singular number to be used for ranking risk events according to when their impact is to occur after the event, might appear to be simple and useful.  I think it has a use as a label to allow us to find those risks which may have a early impact, but as a prioritising value, I find it to be too ambiguous and potentially misdirecting.