Saturday 14 February 2015

AES as a test of software engineering

I've recently been using an AES CCM program that someone wrote at work a while back - apparently downloading one of the many public implementations was a bad idea, for some mysterious reason. It works. I'm using it to compare to hardware, and since the two are completely independent versions, if they agree its virtually certain that the hardware is correct. So far so spiffy.

I've only briefly looked at the internals of the program but I have read the wiki page, and its fairly clear that, whilst not exactly rocket science, getting the code right is far from trivial. And I know this in the other direction from personal experience, as I struggled with getting the encodes to match whilst guessing what byte-ordering the hardware used; as is deliberately the nature of this stuff, if you get even a tiny bit wrong the whole output is junk.

But the interesting bit, to me, is that I regarded the guy who wrote the program as close to incompetent. Certainly I wouldn't have trusted him to do anything major on his own, and I watched him struggle on a variety of tasks making simple mistakes that someone else had to come in and undo. And this throws up the difference between software engineering and programming. I'm a software engineer, at least in my own mind and in my job contract. The amount of time I spend actually writing computer code is a small fraction of my time. Its clear you can be a reasonably decent programmer - at least in terms of making programmes that produce the correct output - whilst being rather poor at the overall software engineering task (though even there I should qualify that somewhat. If you poke into the internals of the code its a mess, sufficiently so that I didn't stay in there for very long. And in terms of design, it doesn't really produce the output you want it to, exactly, nor does it allow you to input data in the form you'd want to, and the commenting is poor, and the documentation also. So much so that a simple perl script to pre-format the input and play with the output massively improved my productivity).

So much for the example. Onto the generics. Software engineering - collaborative working on a large codebase years old - is about far more than just making the bit of code you've got now, to work, just on its own terms. The code has to fit into the overall structure without bending what's already there, without breaking the poorly documented assumptions, permitting future maintenance and extension, to be readable, to run fast enough and not use too much memory; and more. And it has to do what it supposed to do, which - a familiar plaint - is frequently not quite what you've been told its supposed to do.

This makes recruiting people hard. Being able to write coherent C is a basic requirement, but its not sufficient. Unfortunately, its the only bit that really possible to hard-test in the limited time available. You can talk about all the rest, but its hard to judge bluster from real experience. In my experience.

Wednesday 11 February 2015

Notes on The Composition of Kepler's Astronomia Nova by James R. Voelkel

I bought a copy of this, I forget who recommended it, most likely The Renaissance Mathematicus.

These are some notes, not a finished post, and will be updated I hope. Page numbers are from the hardcover edition.

The book, as a whole, is themed around Astronomia Nova being an exposition, rather than being the apparently-historical presentation of the research as it happened, that it appears to be. And the reason for this is that Kepler knew he would not be believed, so had to drag people through carefully contrived false leads, in order that they appreciate the truth when revealed.

p 56. We're still on the Mysterium Cosmographicum. The bollocks about the 5 solids is, errm, bollocks, but forget that. Kepler is thinking about the planets moving more slowly when further away from the Sun, and about the motive force that the sun provides (he has no idea of inertia, of course, so he's still thinking in terms of the Sun making them rotate. Since he has no real physics (he doesn't even really appear to distinguish physics and metaphysics very carefully). He's still rather stuck on the idea of celestial spheres (or is he? Probably, but on p 58 there's a quote where he notices that even without the spheres it all works; Voelkel's text claims that K claims that the spheres are non-existent, but that's not clear to me), but he *has* noticed that the same idea - slower further from the sun - that applies to the speeds of the various planets can apply also to the motion of individual planets. As far as I can see he doesn't try to quantify this, though. He's tried to quantify it for the relation between the size of the orbit and the period (but appears to have got his maths wrong, insofar as I understand it, ending up with *2 instead of ^2; p 109 notes this). But not within an orbit.

Its so hard to write this stuff without adding my own words; without misrepresenting by using words that mean different things; and of course I'm not familiar with their use of words either.

p 64. Letters to Haffenrefer, concerning the physical reality of the subject, and/or whether K could keep his chapter attempting to either reconciling Holy Writ with Copernicus, or showing that the Bible could not refute C. Showing that in 1598 calling heliocentrism a mathematical thing rather than a physical reality was the approved subterfuge. With H saying that good men would be incensed if K did otherwise. The trouble is that, with his wacky solids, K really did think he had managed to make some pure-maths stuff say something about physical reality; he thought he had done the a-priori stuff that previously people had thought impossible, and since this was his major claim to fame, he didn't want to drop it. p 65: H rather suggests that there has been more strife over astronomy within the church than is tolerable; I would take this as a suggestion that things really needed to be toned down, and certain things not talked about, regardless of who was right, for the greater good.

p 86: T saying that the orbits must be compounded of circles, because it would be inconvenient otherwise. WTF? p 87: T (and K, unbeknownst to T) both agree that the celestial spheres are immaterial (and therefore don't exist? Less clear. Aether-like, perhaps).

[Long pause.]

Round about p 138 we're back on Kepler and the shape of orbits. Kepler has come to a version of the "area law" and has decided that circular orbits won't work; he needs the planet "closer" away from perigee / apogee, and hence the orbit is "oval" - but so far, this is qualitative. He's using the word "physics", but perhaps not in the sense we would. The sun is the source of motion - somehow - but the planet has its own spirit moving it closer and further; and since orbital speed depends on distance from the sun, this speeds and slows it. However, the then drifts off to an egg-shaped oval - broader at apogee, for whatever reason.

P 139 is interesting. The prevailing epicycles stuff essentially had the planet orbiting an empty point, not the sun. If you're thinking "physics" rather than geometry, this is incomprehensible. And to be fair to K, though his physics was odd, at least he appreciated this basic point.

P 152: the suggestion that Kepler's battles with Tycho's heirs - Tengnagel - could have lead to the apparently aimless structure of the Nova.

Refs


Feynman on Brahe
The sleepwalkers