Jon Hagar is a systems software engineer with over thirty years of experience. In this interview, Hagar discusses how reviews impact mobile app development and testing, security issues in the mobile and embedded world, and why you need to do more than just test the requirements.
Jon Hagar is a systems software engineer with over thirty years of experience. His new book is Software Test Attacks to Break Mobile and Embedded Devices. In this interview, Hagar discusses how reviews impact mobile app development and testing, security issues in the mobile and embedded world, and why you need to do more than just test the requirements.
Jonathan Vanian: Why don't you start off by telling us a little bit about yourself and your career thus far?
Jon Hagar: Well, I've been working in software and software testing for about thirty-two, thirty-four years, something like that. It's been long now that I'm starting to forget how long I've been doing this. Most of that time, I've spent in the embedded software world, and recently, I've gotten interested in the mobile and smart phone world, which is a very close cousin, it turns out, to the embedded world. Written a lot of papers; do a lot of research in that area.
JV: Got it.
JH: It's kind of one of my passions.
JV: Can you explain the link between embedded and mobile; how you found out they’re similar?
JH: Sure, and when I say embedded, it's probably best to start with a little definition on that.
JV: Yeah, go ahead. That'd be helpful.
JH: Embedded usually refers to software that's embedded, hence the name, into some unique hardware, which is fundamentally a little different than your typical mainframe or IP kind of system or PC, which has generic types of hardware. So, the embedded systems have this very unique hardware component to them, such things as planes and automobiles, and one of the definitions I give people is that in embedded, a lot of times the user of the software isn't really even aware that they're interacting with software compared with the PC where it's pretty obvious you're using software.
That's kind of the embedded world. The mobile smart phone world came along in the last few years. There were mobile phones for a long time before that, and they were more of the classic kind of mobile phones before you the smart phones; kind of the classic embedded device. People were probably aware there was some software going on there, but it wasn't say like your PC software.
As the smart-phone revolution took place, where you had many of the characteristics of the PC world in the phone itself, people realized, “Oh yeah, there's apps in their software and I'm kind of using this little hand-held computer.” But a lot of the developers used the same kind of approaches that they did in the IT world when they were developing apps.
The problem with that is there's some fundamental problems that very much correspond to the embedded world, which is how I became interested in that; such things as batteries become a big issue. Battery life is a problem for many smart phones, and there's an awful lot of things, bugs even, that can impact an app and how it drains a battery. As that is one example of the kind of thing that the embedded people are always worried about. I became interested in smart phones because it seemed like it shared a lot of the characteristics of the embedded world plus a lot of the characteristics of the typical software world; I started doing research on those.
JV: In the past several years how much has mobile grown?
JH: If you read a lot of the literature, the phones themselves, in terms of just raw numbers in the world, are poised to surpass, if they haven't already done so, the number of regular PCs. Everywhere, everybody's got one across the world. You have this proliferation of the hardware, and then, along with that, kind of a frenzy like what we saw back in the dot-com days of the Web and, maybe, the PC craze before that, where everybody wants to now have a mobile presence.Everybody is creating an app. There's tens of thousands, if not millions, of apps out there. When I started looking at, particularly, mobile app smart phone software, it was pretty obvious to me it wasn't really well tested. People were just putting things out there. I've heard some friends call it the Wild Wild West. Kind of like the web in the early days; people just didn't care about quality.