Opposing views on the UML {xor} constraint

During my last lecture week at Oxford, a debate arose over the interpretation of the xor constraint within UML class diagrams. We were divided over two differing opinions, but were unable to reach consensus on which was correct. I’ll put forward the two views and give my opinion on the matter, but would be interested to hear if anyone knows the correct way to interpret this constraint.

This is the class diagram I’ll use as a reference for the opinions explained below. I’ve deliberately used simple names for the classes to avoid misinterpretation, as I’ve found that people often get distracted by the “real world” application of the diagram rather than the semantics of the notation – which is what we’re really trying to understand here.

Opinion A: the xor constraint applies to the association
In this case, we say that the xor constraint applies to the association itself, which means that the multiplicity of the association remains in effect. In other words, one of the following must be true (but not both):

  • EITHER: An object of type A may be associated to zero or more objects of type B
  • OR: An object of type A may be associated to zero or more objects to type C

Opinion B: the xor constraint applies to the link (the association instance)
In this case, we say that the xor constraint applies to the link between the objects, which means that the multiplicity specified on the association is effectively ignored. Regardless of the multiplicity specified on the association, the xor constraint requires that one of the following must be true (but not both):

  • EITHER: An object of type A must be associated to exactly one object of type B
  • OR: An object of type A must be associated to exactly one object of type C

According to UML 2 Toolkit (OMG Press), page 108:

The xor constraint specifies that objects of a class may participate in, at most, one of the associations at a time.

From what I can tell, this appears to support Opinion A above, which is also what I believe. This quote appears to be further reinforced on page 303.

It seems unnecessarily restrictive to apply the xor constraint to the links, as this substantially limits the usefulness of the constraint. In addition, Opinion A allows for the modelling of Opinion B by using the xor constraint with multiplicities of 1. So, given that Opinion A may be used to model a much wider range of possibilities, I don’t see how Opinion B would be very useful. Opinion B also opens the model to miscommunication, as the multiplicities would no longer make sense and should be disallowed when the association is used with the xor constraint.

That said, this is simply my opinion based on what I feel is logical. I don’t actually know for a fact which is correct. I completely understand why holders of Opinion B see it their way – I just don’t see how such strict semantics would be useful in this case.

Does anyone else have a different opinion on this? Or perhaps know the correct answer?


Certification and Competence

I found it quite interesting reading Martin Fowler’s recent post about the correlation between certification and competence, especially so recently after writing about the changes to some of Oracle’s certifications!

I have to say that I completely agree with his opinion – and I know it’s shared by most (if not all) of my friends. Having earned a number of certifications over the course of my career, I have seen first-hand just how useless so many of them are. I must emphasise that this is not necessarily true of all certifications. However, from my experience, none have proven enough to establish the holder of the certification to be an expert on the subject – and this is really where they fail.

So why did I decide to take on the Java Enterprise Architect certification? Well, I approached my investigation of it with the usual skepticism, but was finally convinced by one major aspect: it is ultimately assessed by a human being! As Fowler points out:

“At the moment the only way you can tell if someone is a good programmer is to find other good programmers to assess their ability.”

I don’t like certifications that are comprised of nothing by MCQ’s – not enough can be tested in a few multiple choice questions to be able to certify someone as mediocre, let alone an expert! Unless the candidate has had to form an opinion and defend it, you haven’t really tested their ability to apply their knowledge and reasoning. You’ve just asked them to regurgitate simple facts. At best, you’ve tested their ability to recognise a solution to a particular problem – but you haven’t established whether, given a blank sheet of paper, they are able to come to the solution themselves.

I’m hoping that the Java Enterprise Architect certification is able to distinguish the competent from the incompetent, but at this stage I’m not sure. I do know one thing though… adding a course attendance requirement does not strengthen the certification. Unfortunately, I feel this is where the “good money-making opportunity” that Fowler mentions comes into play.

Changes to Oracle Certification for Java Architects

I’ve recently completed the first exam towards the Oracle Certified Master, Java EE 5 Enterprise Architect and had aimed to complete the assignment later this year. However, I just happened to go to the Oracle Certification website where I saw that the rules are changing for a few of their certifications.

Quoted from the announcement on their website:

Beginning August 1, 2011, Java Architect, Java Developer, Solaris System Administrator and Solaris Security Administrator certification path requirements will include a new mandatory course attendance requirement.

I can’t say I’m impressed with how quietly they announced this! I haven’t seen anything on the OTN Java site about it, nor have I seen any attempt to make developers aware of this through other channels. I also have not received any emails from them about the changes to a certification track that I am currently working on. Unless I’ve managed to miss the announcement somewhere, I can only guess that they’re trying to sneak this in quietly to get more money out of us. Perhaps I’m being a bit cynical, but I don’t think it’s too far from the truth, given Oracle’s recent track record with the Java community.

So if you’re busy working towards any of these certifications, I suggest you pick up the pace and get it done by the end of July! And here I thought things were starting to settle down.

Fortunately the certification assignment has a very similar focus to my next assignment at Oxford. If all goes well, I might just manage to get it done in time.

Assessing the Single Responsibility Principle with LCOM4 and Sonar 2.0

A while ago I set up Sonar as part of my team’s continuous integration system. Every time I use it, I’m amazed at what a fantastic system it is. It’s incredible that such a seemingly small piece of software can be of such great value!

One of my biggest combined strengths/weaknesses is that I’m a perfectionist in my work. This works to my advantage in that I simply refuse to deliver bad quality work – but it also works to my disadvantage in that I sometimes fix things that aren’t broken. Don’t get me wrong here – I’m very much in favour of refactoring. I’m just conscious of identifying when refactoring has degenerated into needless changes without adding any real value.

So how does this tie into Sonar 2.0, you ask? Well, I’ve recently upgraded to the latest version and was looking into the cool new features it brings – in particular, the LCOM4 measures. This is excellent when used appropriately, but can also be the cause of the dangerous “refactoring” mentioned before.

For those of you who aren’t familiar with LCOM4, here’s the simple definition (as quoted from the Sonar Metric Definitions page):

LCOM4 measures the number of “connected components” in a class. A connected component is a set of related methods and fields. There should be only one such component in each class. If there are 2 or more components, the class should be split into so many smaller classes.

This is a great measure of the complexity of your code. Simply put, it helps you identify when your classes fail to meet the Single Responsibility Principle (or are heading in that direction). Well – at least, that’s the basic idea. The problem comes in when you take the definition as gospel and forget that you need to do some interpretation of the metric yourself.

By ignoring the rule altogether, you run the risk of developing a product that grows in complexity and therefore becomes harder to maintain, troubleshoot, extend, etc. But by accepting the rule without question, you run the risk of adding complexity to an already decent design. You need to find the middle ground for your own situation.

To put this into a real world example, consider the design patterns that we all use in our software designs – in particular, the Abstract Factory pattern. When analysed according to LCOM4 rules, the Abstract Factory is likely to be a high scorer. I’ve seen this in one of the Abstract Factories in one of my own projects, but I’m not about to go changing my design or implementation to reduce the LCOM4 score for this particular class just yet. That’s not to say it can’t be improved – I just need to be clear about how reducing the LCOM4 score is going to improve my code. After all, the metrics attempt to expose problems that should be addressed in the design process in order to produce better code – not the code designed to make better metrics. While this process is cyclical to an extent… the desired outcome should be better code, not necessarily better metrics.

Of course, there are good ways of reducing the LCOM4 score of an Abstract Factory through refactoring, but my point is that you must intelligently assess what the problem is and how to solve it before simply diving in and making changes.

Having seen the benefits of static code analysis performed regularly as part of a continuous integration process, I will never go back. Sonar is an amazing product, and I definitely recommend looking into it if you’re not already using it!

EDIT: Check out this blog post if you want to know more about what’s new in Sonar 2.0

Book Reviews: UML Distilled and Sun Certified Enterprise Architect Study Guide

One of my personal goals for 2010 is to do more reading – specifically related to software development, design and architecture. So far everything’s going pretty well!

The plan actually started in December with Martin Fowler’s UML Distilled, which I found to be an excellent introduction to UML 2. January followed with Professional Apache Tomcat 6 – which I’m admittedly still busy reading, although over half-way through. February then continued with Sun Certified Enterprise Architect for J2EE Technology Study Guide (the book is actually shorter than the title though), which I have just finished reading.

UML Distilled
I’ve always been a big fan of Martin Fowler’s books. He has an excellent writing style that makes the content easily understandable, and he gets to the point clearly and succinctly. UML Distilled is a brilliant introduction to UML 2 and goes into a reasonable level of detail for the most commonly used diagrams. Some of the less frequently used diagrams are also covered, but in only enough detail to give the reader a basic understanding of their purpose.

Fowler seems to approach UML, and pretty much everything else software-related, in a very pragmatic way. He clearly advocates the use of UML, but in a way that works for you in your environment. Every company is different, as is every project – and as such, your usage of the tools should reflect this. Although do bear in mind that if you deviate too far, you eventually get to the point where you’re not using a modified version of UML anymore – you’re using a custom language inspired by UML. This can be a bigger difference than it sounds!

I really enjoyed reading this book – and we now have two copies in the office so there’s no waiting time for anyone else that wants to read them. Highly recommended!!

Sun Certified Enterprise Architect Study Guide
I’ve just finished reading this book today. Well, I’ve read everything except the last chapter – but that’s preparation for the assignment part of the certification, which I’m not doing just yet. The first 7 chapters are intended as preparation for the SCEA Certification Exam (Part 1 of 3) and provide a very good high-level overview of a number of topics, all of which are very relevant to modern software development.

Admittedly, the section on EJB was still based on the old version – referring to home & remote interfaces, rather than annotations – but this could’ve easily been my fault in not properly reading the book overview on Amazon before buying it. That said, the explanation was still good and the rest of the book is very interesting.

I particularly like the fact that each chapter starts with a prerequisites section, which clearly establishes the knowledge you are assumed to have before continuing. This is very useful for professionals that have been involved in software development for many years and have a good understanding of the issues that affect it – which is exactly the target market for the certification itself.

It is a true study guide, in that everything is in summary form and assumes the reader already has more in-depth knowledge of the individual subjects, where required. This is not a course book designed to teach you everything – but you’re probably not ready for this certification if you don’t already have the in-depth knowledge anyway, whether by hands-on experience or otherwise.

Overall, I found this a very interesting read, and definitely worth the few hours it took to get through it – it’s only about 200 pages. Also highly recommended – although I haven’t taken the exam yet, so can’t vouch for how close it matches the exam content. Look out for the new edition being released within the next month!

LinkedIn Amazon Reading List
In the last few months, I’ve started using the Amazon Reading List in LinkedIn. It’s a very useful app that allows you to tell everyone what you’re reading, and recommend books once you’ve read them. I’m already following two other reading lists of current & past colleagues, which gives me some interesting ideas of books that I may want to read in the coming months. I’d highly recommend that you participate in this, or perhaps some other shared list that you have access to within your company.

We’ve also set up a company library, which hopefully encourages people to read more and share what they’ve read with co-workers. The library is relatively small at the moment, but it is growing fast and we now have a somewhat regular order of new books to stock up the shelves.

Next up…
So, now that I’ve finished those books… what’s next?

In parallel, I’m starting on these two excellent books – both of which I’ve read before, but I honestly believe they are worth reading every few years!

Design Patterns: Elements of Reusable Object-Oriented Software
Core J2EE Patterns: Best Practices and Design Strategies

What are you reading? Got any suggestions that I can add to my “to-read” list?