SDD 2019 Schedule

Join Jimmy Bogard for a deep dive covering architectural topics like:

• UI decomposition
• Data ownership across the enterprise
• Finding service boundaries

  You’ll also learn the nitty-gritty details of building production-ready systems including:

• Fault tolerance – HTTP and queues
• Reliable integration with 3rd party systems
• Scalability, high availability & monitoring

  Finally, get some hands-on experience in SOA development by building:

• Scalable command-processing endpoints
• Publish/subscribe event-processing interactions
• Long-running multi-stage business processes and policies

The Cloud has fundamentally changed the way apps are written and architected, and building great Cloud-based applications starts with a knowledge of the features and services offered by the host cloud platform. This hands-on workshop introduces software developers to key features, services, and APIs offered by Microsoft Azure. You will learn how to host applications in the Cloud, how to store and secure data in the Cloud, how to incorporate AI in your applications, and more. And you will work a series of hands-on labs designed to reinforce the concepts introduced during lecture and obtain practical experience building Cloud-based applications.

Today, the forefront of web development is boldly moving forward client-side applications connected to a server-side, mostly HTTP-based, API. The most popular options for client-side applications are Angular, React and Vue while ASP.NET Core remains an extremely valid option for the server-side API. There are clear benefits in establishing a client-side development model – mostly on the performance side, both for rendering and bandwidth. On the downside, a more classic server-side rendering approach allows for a seamless data flow from frontend to backend, avoiding a true data disconnection between the frontend and the backend API. In this context, Blazor comes with the true potential of becoming the ideal bridge between the client and server, smoothing significantly the data barrier. Blazor is a .NET web framework that runs in any browser and lets you author web applications using C#, Razor and HTML. Blazor serves a fully client-side framework like Angular or React except that it allows you to use C# for glue code and Razor/HTML for layout. The client application is connected to the backend via HTTP API. The backend can be ASP.NET, ASP.NET Core or anything else you may have that can be reached via HTTP or web sockets. At the same time, though, Blazor allows you share data libraries and data models between the client and the server. This workshop provides a comprehensive view of the framework, from the details of its plugin-free, WebAssembly-based foundation to basic view templates and from API design to model binding and components.

In this day long class, you’ll learn everything you need to build Microservices for the real world. You’ll learn both the nuts-and bolts implementation details and also the Agile architecture techniques you need to develop effective service APIs and good structure.

Server-side monoliths (single programs that provide all back-end services) just don’t work. They are hard to build, impossible to maintain, difficult to test and deploy, and gradually accrete so much baggage that forward development slows to a crawl. Agile development is impossible over this sort of system.

Microservices – systems of small, co-operating server-side agents – solve these problems, but building a Microservice system is not as easy as you might think. They’re nothing like typical web (SOA) services, and getting it wrong is both disastrous and expensive. Many things you think you know about server-side programming are just inappropriate in this context.

This class is a deep dive into practical Microservice architecture and implementation. You’ll learn lots of practical details and common pitfalls that can cause you months of delay or even outright failure. You’ll learn everything you need to be successful building platform-independent, vendor and language neutral Microservice systems. You’ll learn about optimal Microservice architecture and principles, appropriate service-API and UI design, effective interservice communication, and robust failure-handling techniques. Leverage this knowledge to build robust and resilient, secure, platform-independent services with no false starts and rework.

This highly interactive workshop provides a quick introduction to Agile working. Attendees will experience working in Agile twice in one day, and learn about the key ideas underpinning Agile methods. Participants will learn how to work in time-box iterations, prioritise by value, minimise planning, break work down to small chunks, estimate effort, track performance, and know how much work they can do next time.

For the beginner architect, there are many options for doing pretty much anything. But for the master architect, there are only a few. In this intensive workshop, Juval will explain his approach to system analysis and design, using volatility to decompose a system into its comprising services. He will contrast it with the most common mistake made in architecture: using functionality to identify services. These are universal design principles, and Juval will use examples from software and non-software systems alike. You will also see how to overcome the real hurdles architects face when pursuing volatility-based decomposing – simple and practical techniques for identifying areas of volatility, common telltale signs or “smells” when your design is still functional when using the Method, IDesign’s approach for system architecture. You will learn how to literally mechanise software system design, how to do it quickly and effectively. Juval will also discuss logical tiers, security, interoperability, scalability, transactions, and other aspects of a modern application. The workshop concludes with discussion of how modern architecture fits into development processes such as Agile, and how to design the development process for maximum productivity.

Docker is a platform for running applications in lightweight units of compute called containers. You can run new and old apps in containers, and get increased portability, security and efficiency for your software. The platform supports the full development and deployment lifecycle – with Docker you can build, ship and run any app anywhere.

Docker has production support for containers on Windows Server 2019, and Windows containers don’t need separate licencing. Migrating your apps to Docker is a great way to increase utilisation in your datacenter, or to prepare for a move to the Cloud. When your app is running in Docker, it’s easy to break features out and run them in separate containers, so you can modernise your architecture and adopt new patterns without a full Microservices rewrite.

In this workshop you’ll use Docker on Windows Server* and learn:

• How Docker containers work on Windows
• How to package existing .NET apps using Docker
• How to break features out from a monolith into separate containers
• How to use event publishing to modularise the backend of your app
• How to use a reverse proxy to modularise the front end of your app
• How to add monitoring to your containers
• How Docker supports resilience and scale on a single server
• How Docker swarm mode provides production-grade orchestration

* You don’t need your own Windows Server machine, as you’ll be provided with a VM in the Cloud. You just need a remote desktop client so that you can connect.

An evolutionary architecture supports incremental, guided change across multiple dimensions.

For many years, software architecture was described as the “parts that are hard to change later”. But then Microservices showed that if architects build evolvability into the architecture, change becomes easier. This workshop, based on a recent book, investigates the family of software architectures that support evolutionary change, along with how to build evolvable systems. Understanding how to evolve architecture requires understanding how different parts of architecture interact; I describe how to achieve appropriate coupling between components and services. Incremental change is critical for the mechanics of evolution; I cover how to build engineering and DevOps practices to support continuous change. Uncontrolled evolution leads to undesirable side effects; I cover how fitness functions build protective, testable scaffolding around critical parts to guide the architecture as it evolves.

The software development ecosystem exists in a state of dynamic equilibrium, where any new tool, framework, or technique leads to disruption and the establishment of a new equilibrium. Predictability is impossible when the foundation architects plan against changes constantly in unexpected ways. Instead, prefer evolvability over predictability. This hands-on workshop provides a high-level overview of a different way to think about software architecture.

Outline:

• Evolutionary architecture defined
• Fitness functions
• Exercise: fitness function katas
• Engineering incremental change
• Architectural characteristics
• Exercise: determine appropriate characteristics
• Identifying architectural patterns
• Exercise: components and patterns
• Evaluating the evolvability of existing architecture styles
• Retrofitting existing architectures
• Building evolvable architectures
• Automating governance

Asynchronous programming is being pushed further into the mainstream with the introduction of the C# async and await keywords. It is therefore becoming more and more important that when we write libraries for our own application stack we pay attention to which functionality should be async in nature.

During this intensive workshop we will do a deep dive into how these new features work, and into the mechanics of how best to deliver asynchronous functionality into your applications.

We’ll focus not only on asynchronous compute but also on asynchronous IO, and how you can adapt existing old-style APIs to work with the new coolness.

The two speakers co-authored the Apress book Pro Asynchronous Programming with .NET.

Ever since we started writing code in the 1950s, project managers and team leaders have tried to discipline and structure the way we work. However, no matter how many consultants and coaches are hired to implement increasingly complex process frameworks and methodologies, developers and testers always come up with new simplistic approaches. During this talk, Kim and Sander will deal with Flow: the worst software development methodology in history ever, taking inspiration from the worst principles and practices from methodologies such as Waterfall, RUP, Scrum, Kanban, Lean, BDD, LeSS , SAFe, Spotify and of course everything Continuous. Don’t let project failure take you by surprise, be certain!

Microsoft .NET Core lets us quickly spin up services, websites, and create applications that run on a variety of platforms. In this session, we’ll see how to create a self-hosted service and then consume that service in a simple application. We’ll use Visual Studio Code and the command-line interface (CLI) to do all of this (and these exact same projects run on MacOS and certain flavors of Linux, too).

Containers are the next model of compute, after VMs and bare metal. And you all know containers are here to stay. They’re the leaner, faster and more portable alternative, and one day every app will run in a container. Containers will be ubiquitous because of the wide range of problems they solve, and the huge ecosystem that’s making the solutions.

The core concepts in container platforms are all open – the image and runtime specifications, the registry, the engines and the orchestrators. The promise of portability makes containers a safe choice for the next generation of software delivery. Companies are making that choice and investing in containers for everything from legacy apps to new cloud-native projects and future innovations like serverless functions.

In this session I’ll walk through the main uses-cases for containers and show why companies are moving to containers to solve real-world problems. And I’ll demonstrate the benefits of a container platform by running a new Microservices Linux app, a legacy .NET 3.5 Windows app and a serverless platform in containers on the same Docker cluster.

WebAssembly is a bytecode browsers can run, and Blazor a framework using .NET, C# and HTML (essentially, the Razor syntax). This effectively allows us to write client-side web applications with the .NET stack, without having to go down the rabbit hole that is web development. Sounds too good to be true? Indeed it is mandatory to remain cautious, Blazor is neither final nor something for everyone. In this session, we will have a look at the current state of the framework, and decide whether and when it should be used.

JavaScript has become one of the most popular programming languages. Many of us who have been working with statically typed, OOP-oriented languages like C# or Java have started working more and more in JavaScript. But while most of these developers have been using TDD in their previous language before coming to JavaScript, they often leave this practice behind. And it’s understandable why. Developers who are familiar with unit testing in C# or Java can struggle with TDD in JavaScript. The language is different, the tooling is different, and all those cool frameworks that we use to build our applications can add complexity to the situation. And on top of that, it seems every two weeks some new framework or tool comes out that changes everything anyway. The good news is that unit testing your JavaScript is easy, and most frameworks have testability already built-in! In this session, you’ll see how to make sure your JavaScript is easy to test. You’ll learn about the most modern testing tools that help you write tests, even for JavaScript that uses frameworks like jQuery, Angular, and React. And you’ll see how TDD can help you start writing better JavaScript.

What are the issues of quality in code? Its judgement, its practice, its neglect and its consequences? One person’s legacy is another person’s blind spot. How do we manage it? How do we navigate a path between idealism and pragmatism, between optimism and despair when addressing legacy code?

Kathleen and Kevlin will structure this session around your questions on these and related topics. Bring your thoughts and your questions!

Microservices, Service-Based architecture, Microkernel, Pipeline, Event-driven, Layered architecture, Space-Based architecture. So many architecture patterns and styles. Which one would you choose for your next project? In this session I discuss the decision criteria and trade-offs associated with each architecture style to help you determine which one would be best for your particular needs and situation. Choosing the right architecture style will help you succeed; choosing the wrong one will lead you to failure. Which one would you choose?

When Agile first burst onto the scene, there was a lot of discussion about how Agile is not just a silver bullet, but THE silver bullet. But is it really? Even after the “mainstreaming” of Agile, projects continue to fail. In this talk we’ll look at a series of failed projects, examine the root causes, and discuss the lessons learned from those failures. Fast failure and careful retrospectives is the best way to continuously improve.

Machine learning expands the boundaries of what’s possible by letting software accomplish tasks that can’t be performed algorithmically. From fraud detection to spam filtering to facial recognition, it touches lives every day. Learn what ML is, what it can do, and how to build and operationalise sophisticated ML models using popular tools and libraries such as scikit-learn, ML.NET, and Azure Machine Learning. And while you’re at it, ensure that you’re employable for years to come by skilling up on the hottest technology in software development.

The garbage collector has been part of .NET since its inception. However, exactly how the GC works is often shrouded in mystery. Also the fact that memory management is automated doesn’t free the developer from caring about memory issues – it’s just that those memory issues appear in a different guise. In this session we take the lid off the GC, look at how it works and is optimised, and then assess what this means for you when you are writing your code: things you do that can help the GC and things that cause it problems.

I presented this topic at SDD 2016, when Docker was a new part of the Windows world. I recommend a feature-driven approach to modernisation, and in this “revisited” session I’ll be using the latest technologies and talking about how the ecosystem has changed.

I’ll take an existing ASP.NET WebForms application and package it as a Docker image, which can run in a container on Windows Server 2019 and Windows 10. I’ll show you how to run the app and a SQL Server database in Docker containers on Windows, and how to use Docker Compose to define the structure of a distributed application.

Then I’ll modernise the application, decomposing the monolith without a full rebuild, using a reverse proxy to break out the front-end, and event publishing to break out the back-end. I’ll take a feature-driven approach and show you how Docker makes it easy to address performance, usability and design issues – feature by feature.

Enterprise design and development teams know all too well the challenges of working in an environment where the urgent trumps the important, where speed and task completion are easily mistaken for value and success. Whether you’re a programmer, designer or product owner, you’re no doubt under tremendous pressure to deliver meaningful improvement – without spending the time or money you know it really takes to do that. You’re likely staring down a seemingly impossible requirements list and coding workload – and now you’re saddled with the responsibility of designing a better user experience, too.

From UI Design to Information Architecture and Interaction Design, you and your team are essentially expected to work miracles. Never mind that (despite your asking) you may have no training in these areas, or that some of these skills are in direct opposition to what you do best.

For far too many product teams, this is familiar territory. We’re all living in a world where burnout factor is high, tempers are short, and the question of how to truly improve product quality and user experience often seems rhetorical. But it doesn’t have to be that way. I do think there’s an answer, and it’s successfully put into practice everyday – at startups.

From front-end developers to mid-tier programmers to database architects and UI designers, I’ve seen teams rise far above what anyone thought was possible within the constraints of time, budget, and personnel. They were able to make quantum leaps in product improvement simply by changing the way they thought about their work. By redefining what it means to design. By adopting and applying practices and principles that are an inherent part of startup life.

I’ve done it and they did it, which means you can do it, too. Let’s dive into what it means to design like a startup, along with the mechanics of adapting these principles over the course of an enterprise project.

Using protocols like OpenID Connect and OAuth 2 for authentication and API access can on the one hand simplify your front-ends dramatically since they don’t have to deal with credentials any more – but on the other hand this introduces new challenges like choosing the right protocol flow for the given client, secure token storage, as well as token lifetime management. This talk gives an overview of the best practices for how to solve the above problems for both native server and client-side applications, as well as browser-based applications and SPAs.

“Those who cannot remember the past are condemned to repeat it”  – George Santayana

“The past is never dead. It’s not even past” – William Faulkner

Most developers pursue the latest and greatest with intense fervor, yet the history of engineering, including software projects, contains rich lessons that we risk repeating ad nauseam. This session recounts a variety of stories of projects that failed… and why. Ranging from the Vasa in 1628 to Knight Capital in 2012, each story tells of a mistaken interpretation of some architectural fundamental principle and the consequences – some good, some less so. I also look at the common threads for these stories, which resonates with problems many companies have but don’t realise.

Over the years the way projects and teams operate in software development has changed quite a bit. From projects where teams were sliced vertically per discipline, to multi-disciplinary teams in Agile approaches and frameworks. Now, as a consequence of increasing velocity, DevOps, DevSecOps and Continuous Delivery, we are on the move again. In Sander’s vision, teams will be even smaller than in Agile, and much more fluent.

Sander has been experimenting with collaboration in teams for years, and refers to this next evolution of collaboration as micro-teams. This talk illustrates how doing projects and product development can benefit from having pools of these ever-evolving and self-organising micro-teams – and how to get there with backlogs, autonomy and less rules.

Microservices (small self-contained modules, often remote, to which an application delegates work) solve many common problems, from multi-threading to demand-based scaling. They also provide an almost ideal architecture not only for web-based applications, but also for all systems developed using Agile principles. Though a Microservice architecture is often associated with distributed applications, they’re equally suitable for use in systems that will never see a network, and they are very robust in the face of change.

However you don’t make Microservices by breaking up a monolith into little chunks and dubbing them “services”. You need to program them in completely different ways than you might be used to.

Building a service is not a simple matter of putting an HTTP-based REST interface in front of a chunk of code. The service interface has to be carefully crafted, and the service itself must be lightweight, decentralised, secure, fault tolerant, transactional, and be vendor and language neutral. This session shows you how to build a service that does all that.

In this session, learn what a Microservice is, how it has to be structured and how it communicates with other services and the outside world. You’ll also learn about service architectures and how they do (and don’t) integrate with various technologies such as Docker.

Big Data is a term that crops up more and more these days. What does it actually mean? In this session you’ll learn about Big Data and Hadoop. We’ll discuss HDFS, MapReduce, Spark, and YARN. We’ll also get through as many Hadoop technologies as time permits, including Pig, Hive, HBase, Impala, Mahout, Spark Streaming, DataFrames, and so on.

Need to incorporate ML and AI into your next project, but not excited about learning Python? ML.NET is Microsoft’s new open-source ML and AI library for .NET developers. With it, you can create sophisticated machine-learning models that perform predictive analytics, as well neural networks backed by TensorFlow and CNTK. And you can do it all in C#. Join the fun as Jeff takes a deep dive into ML.NET, presents numerous real-world code samples, and demonstrates that C# programmers, too, can live on the cutting edge of ML and AI.

We’ve built on relational databases for decades, and even used SQL databases in the Cloud. But the relational model, as flexible as it is, cannot model every modern scenario we see in our applications. With Cosmos DB, we finally have many kinds of NoSQL database at our disposal, all under one umbrella. Key-value, columnar, document, and graphs, we have many more options to build on. But with all these options, how do our systems change? How do we model differently? How does our application need to change? And finally, how do our domain models change?

In this session, we’ll look at modeling techniques for the NoSQL document DB models in Cosmos DB, and how we can move from the familiar confines of our SQL world into modeling via documents. We’ll also look at the trade-offs and how we can work with the change in transactional, querying, and usage models of Cosmos DB.

ASP.NET has changed in revolutionary ways. In this session I’ll show you what you need to know to move to ASP.NET Core for web applications and RESTful services.

When writing client-side JavaScript applications, performance is critical. As a developer, you want to make sure your application is fast, responsive and feels like it’s seamlessly connected to every resource your users need, anywhere in the world. Creating these types of applications for the browser means having to be conscious of the runtime constraints the browser put upon you, and how to best work within them. For JavaScript, asynchronous programming is one of the most useful tools available to create compelling applications that make the user feel like they have the world at their fingers, while never feeling slow, bogged down or unresponsive. In this session, you’ll learn why asynchronous development is so critical to creating a great JavaScript application. You’ll learn how concurrency works a little differently in JavaScript than you might be used to, and see some patterns to help you deal with even the most complex asynchronous situations. You’ll see that asynchronous JavaScript is an easy and effective way to create great and responsive JavaScript applications.

Estimates are always guesses and they’re always wrong. Consequently, estimate-based planning is foolhardy at best, and time spent creating them is wasted. In spite of this fact, estimates are a central part of most software development processes, even some Agile ones (story points are a kind of estimate, and are a dysfunction). Getting rid of estimates doesn’t mean that you can’t plan, but you have to go about planning in a more effective way. In fact, if you start by eliminating estimates, you’ll eventually arrive at a fully Agile process that’s considerably more effective than many in common use, such as Scrum. This session discusses both the problems surrounding an estimation culture, and how to solve those problems by using actual measurements and priority-based planning.

I love mashing up ideas and seeing what happens. Two areas of deep interest for me over the last two years have been Domain-Driven Design (DDD) and Serverless infrastructure (also known as Functions as a Service). What do these two areas have in common? The central concept of events, of course! Domain-Driven Design helps us to identify Aggregates, or clusters of objects, that maintain both business invariants and transactional boundaries for one or more domain concepts. These Aggregates communicate with other Aggregates through the use of Domain Events, which potentially trigger other behaviours. We can chain these behaviours to create eventually consistent, long-running business processes. Serverless infrastructure, at least as it’s currently expressed in offerings like AWS Lambda and Azure Functions, has also focused on events as the sole mechanism available for triggering the execution of standalone functions. For one function to trigger another function, it must produce an event that is then consumed by the downstream function’s trigger. We can achieve this through the use of queuing mechanisms, data stores, and even HTTP gateways. In this session, we’ll explore a mashup of DDD and Serverless infrastructure, and examine how these two areas can synergise to create evolvable and scalable systems.

The Agile movement promised to free us from the impossible architectures, unconscionable budget overruns, and mindless drudgery of life under Waterfall development. And so it did, replacing them with incomprehensible architectures, velocities measured in half-lives, and endless ritual and ceremony (not to mention, completely bemused managers). Only a few years ago, an Agile-denier was regarded as a heathen, if not a heretic. Now there is a growing apostatical movement, and developers are asking: what can we do that actually works?

The answers are starting to appear. Under names such as “Agile-with-a-lower-case-A”, “modern-craftsmanship”, and “Post-Agile”, we are now rediscovering what the founding fathers of the Agile Manifesto knew perfectly well: that actually, what makes good software is good, and everything else is cost.

In this talk Jules will explore what is good and bad about Waterfall, Agile, and other viable development methodologies, what kinds of tooling and technology are available now and are likely to appear in the foreseeable future, and will try to paint a picture of what the post-Agile world will look like.

Software architecture is hard. It is full of trade-off analysis, decision making, technical expertise, and leadership, making it more of an art than a science. What makes a good software architect? What makes software architecture work, even in an Agile environment? In this session we’ll explore in detail some of the essential software architectural practices that will make you an effective and successful software architect, including:

• Business drivers first, architecture second
• Speaking architecturally
• Domain partitioning, loose coupling, strong cohesion (yeah right…)
• Understanding the “why”
• Assuring architectural vitality
• Lean architecture documentation
• The architect as a leader
• Architectural evolvability

Debugging is a game of strategy. The rules are set by the computer, your debugger, and requirements or user expectations. You may enter the contest expecting a trivial opponent, only to find it like Hydra with two new problems sprouting for each one you solve. It’s a critical game because we fix bugs from the time we first check in code, and the cost of each bug tends to increase across the project lifecycle. In this talk, you’ll learn about debugging strategies that help you ask better questions in order to significantly reduce the amount of time you spend debugging. Poor performance can be a bug, and you’ll learn straightforward profiling techniques to help you understand performance problems. Core debugging principles covered in this talk apply across most languages and platforms; the demonstrations will use Visual Studio 2017. Leave this talk ready to formulate ideas into testable strategies you can use to resolve bugs faster and with more confidence.

What makes a programming language good for new coders to learn? What about coders from other languages? What makes a programming language productive for day-to-day development? And can we achieve all three? We’ll focus mainly on C#, but touch on other languages.

Building an API with ASP.NET MVC in .NET Core is only half the job. If your API is going to live for more than one release cycle, you’re going to need to version it. During this session, you’ll see how easy it is now to version APIs using functionality built into ASP.NET Core.

No week passes by without another successful high-profile attack against a well-known website. The reason is not only that old vulnerabilities still exist, but also that bad guys came up with new approaches to mess with a website. We’ll have a look at some recent events that made the news, and dissect what went wrong, and what we can do about it for our applications.

You will see old attacks with a new twist, and modern ways to mess with a site. We will see different technologies, vulnerabilities, and mistakes, with one thing in common: the victim is rather well-known, and the impact was massive.

Connascence is a term coined by Meilir Page-Jones in his article “Comparing Techniques by Means of Encapsulation and Connascence”. It is a software quality metric that attempts to measure coupling between entities in three dimensions: strength, locality, and degree. Rather than describing architectural coupling as simply loose or tight, Connascence gives us a tool to describe and measure the huge diversity in coupling that we encounter in systems. Relatedly, it also gives us a tool for encouraging high cohesion within modules. Connascence can also be divided into static and dynamic categories, with a long list of specific types such as Connascence of name, meaning, timing and identity. Page-Jones gives us a rule to follow, “Eliminate any unnecessary Connascence and then minimise Connascence across encapsulation boundaries by maximising Connascence within encapsulation boundaries”, which he says can be applied to “any future design paradigm with partitioning, encapsulation and visibility rules”. In this session, we’ll examine Connascence as it appears within architectural patterns such as REST, message-driven collaboration, and Microservices, as well as within various serialisation techniques. You’ll walk away with tools to help you better describe and manage coupling within your system architectures.

Modern development practices rarely use big up-front design, but if you’re still using them, you’ve likely encountered problems as you implement. Nowadays, you must create an architecture incrementally as you work, and you have to be able to easily modify that architecture as new requirements emerge. The solution is to build around a domain-focused metaphor that allows for incremental changes while maintaining coherence throughout. Allen demonstrates how to develop an effective and coherent architecture incrementally as the code evolves. The techniques you’ll learn in this session are essential when building effective Microservice APIs, and in any development shop where requirements change as you’re working.

Topics include: how to develop effective Microservices systems and APIs around bounded contexts, how to define effective user stories, how to develop a domain model and a system metaphor from those stories, how to design as you code in a way that maintains system coherence, how to write systems that can easily accommodate changing requirements, and using TDD-derived techniques to design as you build.

Microservices and serverless are the current hypes, and there are big promises of scalability, replaceability and flexibility. However, when you are knee deep in mud as an architect, (front-end) developer or tester, it’s not always easy to see how. At a recent client, in his role of CTO, Sander created landscapes of small Microservices, that deliver on the promises above, with architectures based on the patterns from Domain-Driven Design. Moreover, these landscapes feature many micro-applications, which are also based on the DDD patterns, that also deliver on the promises of Microservices. During this talk, Sander discusses the set of patterns such as resources, representations, repositories, entities, value objects and factories that helped build these services and applications in an evolutionary architectural style. He’ll also discuss why every micro-application and Microservice has its own bounded context, and how this Domain-Driven Design pattern is essential for enabling these landscapes of small services, using many real-life examples.

Deep Learning is a subset of Machine Learning that relies on deep neural networks. It is how computers identify objects in images, analyse sentiment in reviews, translate speech in real time, and perform other tasks that would have been impossible just a few short years ago. Learn what neural networks are, how they work, and how to build them using popular Deep Learning libraries such as Keras and TensorFlow. More importantly, learn how to bring the magic of neural networks to the next software project that you work on.

Reflection is an extremely powerful feature of .NET. But there is a big difference between what we can do and what we should do. Several of these features are useful to the everyday developer. We’ll take a quick look at what reflection is capable of and then narrow our focus to practical uses – balancing flexibility, safety, and performance.

Railway Oriented Programming is a powerful mechanism for error handling in functional languages. Using F#, this session introduces the concept with plenty of examples and then shows how to transfer these ideas to a non-functional language like C#.

ASP.NET Core and MVC is a mature and modern platform to build secure web applications and APIs. Starting with version 2.2, Microsoft has made big investments in the areas of standards-based authentication, single sign-on and API security by including the popular open source project IdentityServer4 in the project templates. This talk gives an overview of the various security features in ASP.NET Core, but focuses in particular on the API security scenarios enabled by IdentityServer.

Message brokers are a well-known mechanism for integrating applications. While it is relatively easy to write code for messaging systems, using and understanding such systems can be difficult because messaging is inherently asynchronous. This talk will look at RabbitMQ, one of the most popular message brokers in use at the moment. We’ll start by covering the basics, such as setting up exchanges and queues and writing publishers and consumers. We’ll then move on to focus on the design decisions you make when writing RabbitMQ applications: we’ll discuss the different exchange types, such as direct and fan-out, and how they’re used in your applications; we’ll look at routing and discuss how to set up consumers to process specific types of messages; and we’ll also examine “poison messages” and look at RabbitMQ’s “dead letter exchanges”. Messaging applications give us mechanisms so that we can be highly available – we’ll look at ways to achieve this by creating services that can be spun up when necessary. We’ll also discuss some of the issues we faced when introducing RabbitMQ into a production environment.

RabbitMQ is written in Erlang, but don’t worry – coding examples will mostly be in C#.

The software industry is in a deep crisis. Projects suffer from low quality; schedule slips and cost overruns are common. But this is hardly ordained, since there are plenty of examples of projects done on schedule, on budget, on quality in a repeatable manner. The key for solving the crisis is to practice software development as an engineering discipline, just like it is done in mechanical or electrical engineering. That is exactly the responsibility of the modern software architect, who must address software systems from an engineering standpoint, applying age-old engineering practices to software development. Armed with that crucial observation Juval will share his perspective on what is the key set of skills required of the architect, the role architects have to plan in order for the project to succeed, what it implies both to companies and to individual architects, and how should architects navigate and manage their own career path and personal growth.

Moving from a layered architecture to a vertical slice architecture can be a bit daunting. If we remove abstractions and complex structures, and focus on building on the axis of change, then what’s next? What new structures, patterns, and policies will need to be introduced in this style of architecture? How will we deal with common business functionality, and where do concepts like CQRS and DDD fit in?

In this session, we’ll introduce the idea of vertical slice architectures, and dive into the patterns, tools, and techniques used with slices. We’ll also cover how you can fit vertical slices into different kinds of systems, from desktop, SPA, and normal MVC applications. Finally, we’ll look at some of the new challenges that come with slices and layers, and how a different approach provides a much more maintainable end result.

One of the expectations of any software architect is to analyse the current technology environment and recommend solutions for improvement. This is otherwise known as continually assessing architecture vitality. Too many times software architects fail to regularly perform this task, leading to emergency refactoring efforts to save a troubled system from failure. The question is, what does it mean to assess an application architecture? In this session we’ll explore both macro and micro techniques for analysis, including static analysis metrics and tools and techniques for detecting structural decay, regardless of your platform (Java or .NET).

Design by Coding (DbC) is a way to develop an architecture incrementally as you code. It builds on Test- and Behaviour-Driven-Development techniques, but adds a focus on the ‘story’ that’s central to all Agile processes. The process answers the question of how you can build a coherent Agile system incrementally, without a formal up-front design process, and addresses a common failing of standard TDD: losing track of the big picture when you focus on incremental improvements. DbC provides a way to both design and develop systems that model the story very closely, resulting in a system that can handle volatility with ease. The technique is also perfectly suited for building effective and minimal Microservice APIs. Since your code is effectively your design artifact, DbC also eliminates the need for a separate design phase in the development process.

We’ll do a live demo of the process in class.

You are effective with the imperative, object-oriented core of .NET but you look longingly at the winsome smile of functional languages. If you’re interested in your language’s functional features, but aren’t sure how to get it right or take full advantage of them, then this talk is for you. In .NET, functional techniques leverage delegates, lambda expressions, base classes and generics, so the talk starts with some basics. You’ll learn which code to attack with functional ideas and how to do it. You’ll look at code similar to what you write every day and see it transform from long difficult to follow code to short code that’s easy to understand, hard to mess up and straightforward to debug. Functional approaches help you write less code and apply patterns in a clear and consistent way. This talk will help you start or continue your journey with functional techniques in C#.

Writing data access code is tedious and mundane. The simple act of creating the CRUD (Create, Read, Update, Delete) operations doesn’t add business value to your application, but it’s an absolute necessity. In this session, I’ll show you the core features of Entity Framework Core 2, and explain how it can save you valuable time that is much better spent on providing business value and compelling features into your applications.

This session takes a TDD approach to ASP.NET Core. We’ll begin the session with a look at the structure and OWIN pipeline in ASP.NET Core, compare and contrast MVC vs API controllers, and have a good discussion about Dependency Injection. Then we’ll branch off and see how to do it all TDD-wise, using XUnit.net and Moq.

The world of software is becoming more disconnected. Be it mobile applications that run on our phone and tablets, or client-side JavaScript applications; the software world is moving to distributed architectures. When done right, these provide scalability and reusability that make applications more efficient to use, easier to write, and tolerant of changes. A well-made REST API can be the centre of a rich and complex family of applications and workflows that can make solving even the most complex business problems as simple as playing with Lego. Still, many developers struggle beyond the basics of REST. What makes an API great and how should I structure mine? How do I deal with things like security and scalability? And what about this “HATEOAS” I keep hearing about, is that something I should be using? In this session, we’ll go beyond the basic verbs and request/response paradigm and explore how to use REST to build APIs that provide the flexibility and reusability to serve your needs today and for years to come. We’ll talk about how to design a great API and care for it after deployment, and how to answer those questions about “HATEOAS” that might be gnawing at you.

When I joined Scuderia Ferrari F1 racing team in 2006, I was asked to increase the speed of software development while at the same time increasing the reliability and reducing the number of bugs. That sounded like a paradoxical puzzle to me. And why didn’t I know the solution already, given that I was hired as an expert? This challenge, in a high-pressure, fast-paced environment, led me to find four Continuous Delivery coding patterns: two that are known nowadays, and two that are new. In this session, I’ll tell you the story of this discovery and the learning, and I’ll introduce you to the four patterns that enabled us to increase the speed of software development without the need to trade speed for quality or safety.

An evolutionary architecture supports incremental, guided change across multiple dimensions.

One of the innovative ideas in the Building Evolutionary Architectures book is the application of fitness functions (inspired by evolutionary computing) to preserving architectural characteristics. But we discovered a second order effect: many of the techniques used for evolution also overlap with architectural governance activities. This session describes the categories of architecture fitness functions defined in Building Evolutionary Architectures, and more than 20 examples of how to use fitness functions to both preserve architectural concerns over time and automate common architectural governance tasks. With lots of practical examples derived from client projects, this session illustrates how to implement architectures that can safely change over time. It also shows how to automate governance at both the project and enterprise level, freeing architects for more pressing concerns.

Many companies have moved to the Microservices architecture style only to experience, frustration, high costs, and complete failure. While Microservices offers many advantages, it is also a very complex architecture style that is not suited for most business applications. In this session I discuss the rise of Microservices in terms of the benefits it provides, and then discuss the fall of Microservices in terms of how most of its promises are not realised due to the many challenges and issues associated with Microservices. I end this session by discussing some ways to address the challenges associated with Microservices.

Velocity. Sprints. More points, more speed. An obsession with speed often overtakes the core values of Agile software development. It’s not just development of software; it’s development of working software. Sprints are not about sprinting; they’re about sustainable pace. Time to market is less important than time in market. Full-stack development is normally a statement about technology, but it also applies to individuals and interactions. The full stack touches both the code and the world outside the code, and with that view comes responsibility and pause for thought. Doing the wrong thing smarter is not smart. The point of a team is its group intelligence not its numbers. Is scaling up the challenge, or is scaling down the real challenge? The distraction and misuse of speed, velocity, point-based systems, time, team size, scale, etc. is not the accelerant of Agile development. Agility lies in experimentation, responsiveness and team intelligence.

Many of our modern frameworks have Dependency Injection (DI) built in. But how do we use that effectively? We’ll look at what DI is and why we might want to use it. We’ll see the problems caused by tight coupling. Then we’ll use some DI patterns such as constructor injection and property injection to break that tight coupling. We’ll see how loosely-coupled applications are easier to extend and test. With a better understanding of the basic patterns, we’ll remove the magic behind DI containers so that we can use the tools appropriately in our code.

Open your mind to the wonderful world of Object Orientated Design Patterns. Every OO developer should carry this virtual toolbox around in their head. In this talk you will perhaps discover new patterns, or re-discover existing techniques and learn the pattern vocabulary associated with it so that you can effectively communicate with other developers. This will be a fast action talk, with a lot of code demos, and an immersive deep dive into the world of design patterns.

ASP.NET Core is primarily a server-side web development framework in which the rendering of HTML takes place on the server resulting in a strong centralisation of CPU effort and large bandwidth consumption. Shifting towards a client-centric model poses a few challenges – first and foremost, data-binding. You can rely on jQuery or vanilla-JS to place dynamic calls and grab JSON from the backend, but you still have the problem of turning that JSON in HTML. Popular frameworks like Angular and React solve the problems but, although for different reasons, place further challenges and require some paradigm shift. VueJS, instead, seems to be the perfect fit especially for developers with a strong ASP.NET background. In this session, we’ll see how to use VueJS in conjunction with an ASP.NET and ASP.NET Core backend and how to mix and match client-side programming with a server-side markup language like Razor.

The concept of cross-site scripting (XSS) is over 20 years old, but the attack is still very common, despite the best efforts of developers, frameworks, and even browsers. But there is finally light at the end of the tunnel: Content Security Policy is a W3C standard that can effectively limit which JavaScript code a browser is allowed to run. And there is more: similar restrictions exist for other types of resources and content, mitigating many dangerous attack vectors. In this session we will have a look at different features and versions of CSP, provide best practices for using this technology, and also analyse browser support and implementation strategies.

With Agile principles and practices reaching maturity, in many organisations the focus for the coming years will be on the next steps. Beyond Agile. Fast-moving organisations are adopting Agile, DevOps, Continuous Delivery and new architectures such as Microservices. Often all at once. Although from a perspective of similarities between these paradigms this makes sense, this also requires increased collaboration between business, development and operations. During this session, Kim will give practical insights on the process of transformation to continuous delivery, with real-life examples from her experiences. She’ll share the main lessons learned and the mess-ups that preceded them. How can organisations deal with the complexity of simultaneously changing architectures, ways of working, technology, and culture? How can we still deliver software during the transition? How can we deliver continuous delivery?

An evolutionary architecture supports incremental, guided change across multiple dimensions.

The two “Big Ideas” in the Building Evolutionary Architectures book are fitness functions and architectural quanta. This session delves into this new measure of architectural modularity, the quantum, and shows how to use it to analyse and restructure architectures. The quantum is an operational view of architecture that encapsulates architectural characteristics. This session defines the quantum, how to measure it across a variety of architectures, and how to use it to migrate from existing monolithic architectures to finer-grained, service-based architectures.

Do you want to migrate your existing systems to a Microservices ecosystem? If so, this talk is for you. Whether your organisation is a large enterprise with legacy systems or a growing startup with a business model based on a monolith (or somewhere in between), you are here because you have decided that migrating towards a Microservices ecosystem will liberate you from the constraints of your existing architecture. Experience shows that navigating this journey is challenging. Each organisation has its own distinct culture, constraints, and state of architecture that demand its own unique path of migration. In this talk I’ll lay out an essential set of pragmatic guides, distilled from the lessons I’ve learned making the journey to Microservices in different domains such as finance, telecommunications, supply chain and retail. You’ll leave with a collection of patterns and anti-patterns for migrating and decomposing large monoliths that are in-use and alive; trade-offs you need to repeatedly evaluate to prioritise your next steps; founding principles that support the hard decisions you need to make; and a sample roadmap for an organisation-wide migration. This synthesis will help you to build and execute a migration strategy unique to your needs.

For the beginner architect, there are many options for doing pretty much anything. But for the master architect, there are only a few. In this dense session Juval will explain his approach to system analysis and design, using volatility to decompose a system into its comprising services. He will contrast it with the most common mistake made in architecture - using functionality to identify services. These are universal design principles, and Juval will use examples from software and non-software systems alike. You will also see how to overcome the real hurdles architects face pursuing volatility-based decomposing, simple and practical techniques for identifying areas of volatility, common telltale signs or “smells” when your design is still functional when using the Method – IDesign’s approach for system architecture.

Most developers use LINQ on a daily basis, but do you really understand how it works? In this session we will re-implement LINQ to Objects from the ground up. We’ll show how the underlying mechanics of LINQ work, and expose the many gotchas that developers encounter when using LINQ. Having established how LINQ to Objects works we will then move on to understanding how LINQ works with non-object stores such as relational databases. Again, with a solid knowledge of how LINQ works with these kinds of stores we can eliminate much of the head scratching that occurs when things go wrong.

Starting with .NET Core 2.1 a new feature called Local GC has been added. It allows you to do magic things – you can completely replace the default GC used by the runtime with your own, or you can use the default GC outside the .NET environment. In this session we’ll look at these possibilities – and how and why we can do it. We’ll find out exactly where to start writing your own GC and whether it is difficult or not.

An interface has to be much more than a collection of isolated interactions. In order for people to be able to use something easily – and well – our minds need to perceive that smaller interactions are related to each other. That they work together to complete a larger task. If users are not able to perceive this, the disconnect leaves a great deal of room for confusion. People get stuck, or enter the wrong information. Tasks take twice as long as they should, or they abandon the screen altogether. Every one of these scenarios has significant consequences for the organizations that create these products.

Far too many developers, designers and clients tell me they’re unsure where to start in evaluating UX issues; they’re hoping to get off the starting block with some common, universal things that are easy to spot (and quick to fix). That’s not only possible, it’s necessary.

The first pass at improving an existing product should be running down a checklist of things that you can spot easily – provided you know what you’re looking for. In this crash-course style session, I’ll show you what to look for across 9 specific types of product attributes: Content, Labeling, Presentation, Navigation, Interaction, Feedback, Visual Hierarchy, Forms, Accessibility.

Whether you’re developing a new product, starting a comprehensive redesign, or just looking to improve product quality in your organization, these tried-and-tested rules will help you work smarter. And what’s more, you’ll have a method for building a solid body of UX and UI design knowledge that you and your team can leverage time and again.

Functional programming offers an approach to code and architecture centred on the function. The clue is in the name. But what does that mean in practice? There’s more to functional programming than the function and more to good functional programming than using collection pipelines in hybrid languages. What are the benefits and design differences? What changes of style, convention and thinking get the most out of this approach? What distinguishes a good function from simply being procedural but with fewer side effects? From composability and immutability to concurrency and testing, this pair of sessions uses functional, non-functional, quasi-functional and hybrid languages to introduce key ideas in functional programming.

Many codebases contain code that is overly complicated, hard to understand, and hence expensive to change. The pressure of new features and user needs makes it hard to stop and backtrack, and the longer we wait, the worse it’s going to be. Mix in the people side with frequent organisational change, and the siren song of a system rewrite becomes more and more attractive. It doesn’t have to be that way, and in this presentation you’ll see how easily obtained version-control data lets us uncover the behaviour and patterns of the development organisation to prioritise and guide refactorings. We cover refactoring techniques that reduce excess complexity, address hidden implicit dependencies, and discuss architectural restructuring that reduces inter-team coordination needs. Since behavioural code analysis also lets us consider the social side of code, such as refactoring modules that are under development by our peers, we explore novel patterns that help us limit risks and code conflicts. The specific examples are from real-world codebases like Android, the Linux Kernel, ASP.NET Core MVC, and more.

Microservice swarming is a technique for Microservices to scale and balance load directly, with no need for centralised discovery or other heavyweight single points of failure in the system. A Swarm architecture is a server-side architecture based on small, independent Microservices that use a set of simple rules to automatically scale based on actual load. The services are highly decoupled, there is no need for a single-point-of-failure discovery service or external load balancing, the systems are extremely robust, adaptive, and maintainable. This session looks in depth at the architecture of a Swarming system, focusing on implementation. We’ll cover lightweight messaging, Microservice structure, and look in depth at how the system scales and adapts to actual use as it runs.

The Blockchain is described as the next revolution in computing as it solves the problem of distributed trust when there is no trust on the internet (Byzantine Generals Problem). Blockchain technology is generating an enormous amount of interest and is a current hot topic with financial institutions, insurance companies or any industry that works with transactional data that could benefit from the distributed trust it gives. The Blockchain is also generating lots of investment from venture capital funds, so learning about this technology could certainly be career changing.

In this talk, we will explore what Blockchain is in some detail, from the conceptual use cases through to looking under the covers at how it works. As the talk progresses, we will build up a sample implementation that will help developers form their mental model of what a Blockchain is. 

In this talk, I will cover

We’ll cover: cryptographic principles, how transactions are stored, how transactions are hashed in Merkle trees, authorising transactions, verifying transactions, solving the Byzantine Generals Problem, proof of work vs proof of stake, and maintaining consistency and consensus.

You will leave this talk with a very good understanding of how the Blockchain technology works, and how it helps you solve the problem of trust on a trustless internet. I will be demonstrating code written in C# and .NET Core 2 (Standard 2) specifically.

More than a decade ago, Juval envisioned the world of Microservices, where every class was a service. A decade came and went, and Microservices became mainstream, but it turns out that Juval’s vision of every class as a service did not go far enough. Every -thing- will be services called actors. In this thought-provoking session Juval will examine the drivers of the Actor Model and why the large Cloud vendors have started offering Actor-based solutions. He makes sense of it all by outlining the long-term trend in software methodologies that brought this computational model to the fore, and how the demise of Moore’s Law coupled with the rise of the IoT will force us to abandon sequential programming. Juval will examine the origin of the Actor model; demonstrate Actors using conceptual examples, outline emerging design patterns, point out common misconceptions and conclude with his views on the future of the Actor Model.

There’s a lot of confusion about Async/Await, Task/TPL, and asynchronous and parallel programming in general. So let’s start with the basics and look at how we can consume asynchronous methods using Task and then see how the “Await” operator can makes things easier for us. Along the way, we’ll look at continuations, cancellation, and exception handling.

SQL Server databases need DevOps love too. How do you manage the necessary changes needed to support your applications but make sure you don’t lose data? How do you track these changes and follow a change from development to test to production? How do you move fast and shift left in a world filled with fear? In this session, you’ll learn where SQL Server fits in to DevOps and how you can use tools to extend your infrastructure to make the database a first-class citizen, just like your source code. You’ll see how to track changes with version control; create update packages; and deploy to multiple environments with complete automation like development, test, UAT, and production. You’ll bring things under control with Database Lifecycle Management. You’ll learn the process as well as see examples using the Visual Studio SQL Server Database Tools, and Azure DevOps.

Web Forms helped me pay the mortgage and grow my kids. It was the right thing at the right time. And it was so much the right thing that it is still right today in many small and not-so-small businesses. Even devoid of the marketing layer of self-reference, every other week some player in the component industry comes up with a report or a survey that explains how faithful to Web Forms their customers are. I stopped using Web Forms over ten years ago but I haven’t found another pragmatically productive environment. If you’re still on Web Forms, though, there are a few reasons to move away and there’s room to do it towards another productive combination of tools and techniques that doesn’t require to be locked-in into some comprehensive web platform or gigantic library. Some call it Vanilla-JS.

See part 1 for details of what this session will cover

This session provides an integrated look at the architecture of an entire “vertical slice” of a contemporary (active front end, Microservice back end) web-application stack, from the UI at the top to the database at the bottom, and all of the interior plumbing (messaging, caching, etc.) in the middle. We’ll discuss various trade-offs and alternatives (several UI architectures are available, for example) as well as specific technologies that you can use to implement various components, and you’ll see how all the pieces work together. The focus is on good structure throughout.

Have you ever wondered how to do data synchronisation between Cloud-based services and on-prem databases? Have you ever wondered how to share a single database schema between hundreds (or even thousands) of Microservices? Have you ever wondered how to significantly increase the performance of Microservices? Have you ever wondered how to version relational database changes when sharing data in a Microservices environment? In this session I describe and demonstrate space-based Microservices; an architecture hybrid combining space-based architecture with Microservices. This hybrid architecture style leverages replicated caching to significantly increase performance, manage common data in a highly distributed architecture, and even manage data synchronisation from Cloud-based Microservices. I also describe the differences between a distributed and replicated cache and how to calculate the number of caching collisions you’ll likely have. Finally, I will run a live demo using Hazelcast to demonstrate the power of this hybrid architecture style.

Architects often look harried and worried because they have no clean, easy decisions: everything is an awful trade-off. Architecture has lots of difficult problems, which this talk highlights by investigating what makes architecture so hard. At the of core many architectural problems: getting good granularity, which we illustrate via event-driven architectures, teams, components, architectural quantum, and a host of other examples. We also illustrate reuse at the application, department, and enterprise level, and why /reuse/ seems simple but isn’t. We also discuss difficult decisions, how to do trade-off analysis, tools like MECE lists, and how to decouple services to achieve proper granularity. Architecture is full of hard parts; by tracing the common reasons and applying lessons more universally, we can make it softer.

Much as you need to design the system, you must also design the project: from scheduling resources behind the services, the staffing distribution, examining the planned progress and even to validating your plan, and accommodating changes. This requires understanding the inner dependencies between services and activities, the critical path of integration, the available floats, and the risks involved. All of these challenges stem from your design, and addressing them properly is a hard-core engineering task – designing the project. In this intensive session Juval shares his approach to software project design, along with his unique insight for delivering software on schedule and budget. You will also see how to deal with common misconceptions, and typical roles and responsibilities in the team.

Code that is easy to maintain, extend, and test is key to applications that can move quickly to meet our users’ changing needs. Interfaces in C# can help us get there. First, we’ll look at the mechanics (“What are interfaces?”) and why we want to use them. Next, we’ll create our own interfaces to make it easy to change or swap out functionality. When we’re done, we’ll have a good understanding of interfaces and how to use them effectively in our applications.

Have you heard? Containers are where it’s at, and where you want to run your ASP.NET Core apps on .NET Core! But what’s this K8s thing all about? Will Azure make it easier? In this session, Brian will give you a crash course in taking an ASP.NET Core app and getting it up and running in a container on Azure managed with Kubernetes and all driven from a CI/CD pipeline in Azure DevOps services (formally Visual Studio Team Services).

We’re living in a time where, increasingly, safety and responsibility are taking a back seat to being first-to-market, in the name of innovation. Where “moving fast and breaking things” is a badge of honour. The result? User experiences with digital products that at best, create barriers to use and adoption – and at worst, cross the boundaries of personal privacy and leave users exposed to harm.

Some of this is intentional, but much of it isn’t. In many cases, product teams don’t realise the risks they’re taking, or the potential damage that could be done once a build is out in the world. It’s the direct result of us believing the myths and mantras of failing faster, a misunderstanding of what an MVP is supposed to be, and a resistance to looking before we leap. The price of this approach has become quite high, and the people paying the price are the developers, designers and product owners doing the work. And if it’s our feet being held to the fire, then it’s on us –  ALL of us – to do better.

This talk explores “dark patterns” in UX and software design. Deceptive UX and UI interactions that mislead, trick and expose users to harm on any number of levels. We’ll explore what they are, how they occur, who they hurt and what we must do to prevent them.

A new wave of technology forces have put the tectonic plates of distributed architecture in motion towards a state of hyper decentralisation. In this talk we’ll look at the progression of the distributed architecture in implementing infrastructure capabilities such as traffic management, establishing security and exposing APIs. We’ll deep dive into the driving technological forces such as Service Mesh, Microservices API management toolkits and SPIFFE, and their ongoing impact on how distributed infrastructure supports security, reliability and speed.

As enterprises are attempting to develop more advanced Microservices architectures, synchronous request/reply-centric operations are presenting multiple complex data challenges. How do we achieve transactional behaviour without the complexity of two-phase commit? How do we reference common entities from multiple services without overwhelming the hosting services? How do we answer questions spanning multiple services without the convenience of SQL JOINs? Event Sourcing and Command-Query Responsibility Separation (CQRS) are an effective pair of data and collaboration patterns that can help us address these challenges. One of the key tasks involved in designing an Event Sourcing and CQRS solution is the choice of write and read models. The ideal write model supports long-term retention of an immutable, append-only log of events, organised by topics to which clients can subscribe. The ideal read model is… well, whatever you need it to be to support your query needs! In this session, we’ll examine how effective Apache Kafka can be at supplying both write and read models, and also look at other options for read models in the open source ecosystem.

Microservices and Blockchain smart contracts have a lot in common. They’re both expected to run in isolation (on-chain) and communicate with the outside (off-chain) via a message-based channel. They should both be small in size, developed to run auto­nomously and independently, and perform better when they’re deployed on a decentralized network.

This session presents design principles, artifacts and code samples for building Blockchain applications using a Microservice architecture style and deploying them on the Microsoft Azure Blockchain platform.

Large systems tend to leverage one of about a dozen common architectural patterns – ways that architectual components are organised and interact. Those patterns run from traditional structured monoliths to modern Microservice-based systems. This class goes though a catalogue of common patterns, explaining how the patterns work, their benefits and their problems. The patterns approach is particularly useful when you’re starting a new system for Agile development, because it quickly lets you choose a basic structure and actually get to work.

If project duration is of no consequence, you should design your project for the lowest cost. But if cost is immaterial, you should design it for the least duration. The best solution for every project lies between these two extremes, yet finding it is a highly engineered design task. This session will provide you with the tools and techniques required to achieve a balanced and even optimal solution, enabling you to determine best overall plan for your system while eliminating gambling, death marches, wishful thinking, and expensive trial and errors. The session assumes that you have knowledge of basic critical path concepts such as network design, resource allocations and floats, and will expand on these essentials to include finding your project time/cost curve, network compression techniques, activity crashing, risk analysis, staffing distribution options and project design. You will also see a comprehensive case study and walk through its various permutations in determining the best plan that will keep the project on time all the time at the best risk and cost available.

Who doesn’t want to build a 100% reliable distributed system? – the answer is no one, but you may not due to engineering resource presssure. Polly is a .NET resilience and transient-fault-handling library that allows developers to express policies such as Retry, Circuit Breaker, Timeout, Bulkhead Isolation, and Fallback in a fluent and thread-safe manner. During this short talk we’ll take a look at Polly and see how it can inject a greater degree of reliablity into your solutions.

Few of us today would consider developing code without the support of a version-control system. And yet our data – which is the lifeblood of our business – tends to exist only in a “present tense”, with no versioning at all.  

What would it mean to version data? What would versioned data look like, and how would it differ from versioned code? Most importantly: what would be the business benefits of routinely version-controlled data? In this talk, Jules presents some of the key learnings from a recent project he led which was set up to answer these questions.

Writing asynchronous JavaScript is a necessity, but has often resulted in hard-to-read and hard-to-maintain code soup. Early attempts were often a callback pyramid-of-doom before the promise of using promises started to make things better. Join Tom as he walks through the history of different approaches to asynchronous JavaScript, and explains how, over time, it’s become a cleaner better way to write code.

Every web developer should know about typical attacks such as SQL Injection, Cross-Site Request Forgery, or Cross-Site Scripting. And even though those risks still exist, the bad guys worked on finding new twists to old attacks, or even find new kinds of vulnerabilities on a web site. In this session, we will show and discuss several of those new vectors, including attacks against Angular applications, abusing external links, and a few more. Technology never stops evolving, so it’s crucial to stay on top of current developments.

The answer to “what do you do with mistakes?” is simplistic, trite, and true: you learn from them. Take a journey along my programming path as I’ve ducked the swinging pendulums of technology and fashion. I thought the Internet would go nowhere, recommended Windows Workflow, wrote a book on code generation with XSLT, continued to teach generics after everyone got it, and built a mutable mimic for the Roslyn semantic tree. I’m now thrilled to work in a company where failure is an option and know that if I was asked to build something where I was the smartest in the world, the first thing I’d do is find people that weren’t to teach me. Watch me correct a few of my mistakes to illustrate how stripping away everything but humility, shines a better light on the nature of programming and makes it easier to say “I don’t know” and “I was wrong”.

At SDD 2016, Adam delivered the talk Treat Your Code As A Crime Scene. The session combined ideas from criminal psychology with software research to identify design issues and coordination bottlenecks in large codebases based on how the organisation actually works with the code. In this retrospective session we revisit the ideas to see what really works and what doesn’t when it comes to prioritising technical debt. Adam will also share some common patterns, found across different codebases, on the things we tend to get wrong in our software designs as well as how the social side of code – our organisation – might lead to a codebase spiraling out of control. Finally, we will look at how you apply the techniques in a modern context to analyse Microservice architectures and the effectiveness of feature teams. Just like the original session, you will gain insights into how software evolves combined with findings from various fields of psychology. This is code as you haven’t seen it before!

Once upon a time there was IT, and IT departments had projects. Projects were always a bad fit for software development but somehow we made them work. As IT became Agile the damage caused by the project model became obvious and #NoProjects emerged to help teams go beyond projects. Today growth businesses are digital. Technology is the business and the business is technology. Projects end but do you want your business to end? Or do you want it to grow? Growing a digital business means growing software technology. In this session Allan will look at how #NoProjects came about, how it evolved into Continuous Digital and why it is the future of management.

Lean has been applied as a toolkit to fine-tune development processes and organisational workflow, but what does it mean when we apply the practices to the detail of the code, the practices used to develop it and the people who develop it? What does Lean Code and its creation look like? There is a need to move beyond often separated worlds of software craft and Agile development, to properly embrace code in its detail, but to also connect it more completely to the flow of business and the intelligence of people around it. To move beyond simple exhortations of clean code to something more human. This talk offers a fresh look at Lean principles and practices from the perspective of the code and the coder, rather than the usual scale of the organisation and the development process.

Who doesn’t want to make their code go faster? Parallel loops open up the possibility to simply parallelise your code to achieve that “free lunch” we are so often promised. During this talk we’ll demonstrate how to effectively make use of Parallel.For and ForEach to retrieve real performance benefits.

Alongside more well-known database paradigms – relational, graph, structured document, and KVP – there is a relatively overlooked strategy called “Event Sourcing”. It represents an immutable approach to data storage, having the same relationship to the more familiar approaches as functional programming does to procedural programming.

It’s not a new approach: it was invented by the Babylonians, and Is used extensively in the financial industry. It has more recently been popularised by Greg Young and Martin Fowler alongside their CQRS Microservices patterns.

It’s not suited for every data store, but for the right applications it offers enormous benefits: security, audibility, flexibility, and plasticity. In this talk, we’ll explore what it is, what it’s best used for, and how it delivers its unique benefits.

Join Laurie and Luke as they talk though a series of real life examples of designers and developers when they work together. We explore the conflicts and the tensions this creates, their root causes, and how understanding and addressing them leads us to believe that yes, designers and developers can and should co-exist peacefully!

With .NET Core 2.0, Microsoft added Razor pages as a more lightweight approach to creating web applications, a kind of mix between the legacy WebForms technology and the Razor syntax of ASP.NET MVC. This session will tell you everything you need to understand and get started with Razor pages, when to use this technology, and when to absolutely avoid it.

We all know passwords are bad, just look at the number of security breaches and the need for services such as haveibeenpwned and pwnedpasswords. So what’s the alternative? There are dramatic articles telling us that common 2FA techniques are phishable. Should we therefore disregard them? Is there even an unphishable way to authenticate? Should we all just up sticks and move to the Blockchain? In this talk I’m going to move past the rhetoric and sensationalism surrounding passwords and authentication, taking a pragmatic look at the past, the present, and the future of user authentication. Topics will include: evolution of passwords, storing passwords & what that really means, MFA, Phishing & MFA phishing, secrets and ciphers, spooky biometrics, and FIDO2.

In this session we’ll create an Angular application from the ground up, using Angular CLI. We’ll add some components, services, directives and pipes. We’ll discuss component hierarchies and dependency injection. We’ll also think about how to test all that!

Despite some exuberant claims from Agilists and tool vendors, the requirements side of software development is alive and well. Reports of the death of business analysis seem exaggerated. But the role is changing. In many cases business analysts are working undercover as product owners and product managers. Not that there is any shortage of pretenders to the crown: customers, sales, developers, any-old manager and other well-intentioned amateurs all want to usurp the incumbent requirements guardian – be they business analyst, product managers, product owner, system analyst, requirements engineer, analyst/programmer, or whatever.

In fact, that is half the problem. Whose job are requirements anyway?

In this talk Allan will attempt to disentangle these roles and explain where companies are making mistakes in their approach to the requirements role, why business analysts need to change, what exactly a product manager is, and why the roles are colliding.

Architects often look harried and worried because they have no clean, easy decisions: everything is an awful trade-off. Architecture has lots of difficult problems, which this workshop highlights by investigating what makes architecture so hard. At the core of many architectural problems is the challenge of getting good granularity, which we illustrate via event-driven architectures, teams, components, architectural quantum, and a host of other examples. We also illustrate reuse at the application, department, and enterprise level, and why /reuse/ seems simple but isn’t. We also discuss difficult decisions, how to do trade-off analysis, tools like MECE lists, and how to decouple services to achieve proper granularity. Architecture is full of hard parts; by tracing the common reasons and applying lessons more universally, we can make it softer.

Interested in ASP.NET Core 2.x and Entity Framework Core 2.x, but not sure where to begin? Start here with an all-day hands-on lab where you’ll build a complete solution using the latest development technology from Microsoft. Using Visual Studio 2017 (15.7 or greater) and .NET Core 2.1, you’ll build a data access library using Entity Framework Core, complete with repos and migrations. Next, you will build an ASP.NET Core web application, leveraging all of the latest that ASP.NET Core has to offer, including Tag Helpers, View Components, Dependency Injection, and more!

You will learn about:

• The new project structure for .NET Core 2.x apps
• Creating a data access layer with Entity Framework Core 2.x
• Initialising data for testing with EF Core 2.x
• Building a website with ASP.NET Core 2.x
• Configuring the HTTP pipeline and routing
• Using and creating Tag Helpers
• Creating and using View Components
• Leveraging Dependency Injection

DevOps is the union of people, process, and product to enable continuous delivery of value for your users. Implementing a DevOps practice in your organisation is a complex multi-step process. Assuming you get organisational buy-in and your team is ready to go, how can you implement it practically if you’re committed to building high quality applications? How can you use Azure DevOps to create an effective CI/CD pipeline? In this workshop, you’ll learn how you can use any editor or IDE, Git, and Azure DevOps to create an effective, automated pipeline. Examples will be shown using C#, Swift, node.js, and more, deploying on Windows, devices, and Linux.

The day will be broken down into five sections: Level Set, Plan & Track, Develop & Test, Release, Monitor & Learn.

The workshop will start by level-setting everyone on terms and technology. Then you’ll explore four phases where development and operations can come together around the process of getting - and keeping - an ASP.NET Core application running smoothly. By the end of the day, you’ll have seen how to start with just code and end up with a fully functioning continuous delivery pipeline running in the cloud with Azure and Azure DevOps.

You’re an intermediate to advanced C# programmer excited about attending a conference filled with cutting edge talks from amazing speakers. It’s important to stay up to date, but you keep wondering if you’re effectively using new features and fundamental aspects of C# and .NET.

You’ll learn more about the type system. Along with its garbage collector it remains the foundation of all variations of .NET. You’ll also see how delegates have evolved while remaining one of the most important building blocks. You’ll see a sampling of ways that C# and the .NET can surprise you, in possibly unpleasant ways. You’ll look back at effectively using generics, how to use new generic constraints, type hierarchies, and the complex signatures that can result from tuples and functional techniques. You’ll dive into async to see some of the most common mistakes, recognise places that async isn’t gong to help, and understand how to use async to improve server throughput or desktop responsiveness. You’ll learn a bit about the Roslyn compiler and how it allows editors to change your relationship with code. You’ll see how Visual Studio and Visual Studio Code can remove mundane aspects of code reviews, protect you from common mistakes, overlay code coverage and provide tricks for navigation, selection and search. Some of this is based on rules implemented as analysers and code fixes. You’ll learn how to provide these details for all of your code, or customise rules for each project or repository. You’ll go on a tour of recent features. C# 6.0 to C# 7.3 includes things like tuples and local functions that can be used well, or badly. Also, recent releases of .NET Core include features like ref struct, Span and Memory that can be hard to understand and use correctly. You’ll take a look forward at new C# 8 techniques that change the way you interact with nulls, manage async streams and features not yet decided.

Throughout the day the focus is on how you can use these features and techniques to make the code you write better – more reliable, easier to comprehend, and better performing.

More and more, we need to design systems incrementally as the system evolves rather than in one giant up-front phase, and our designs must still be coherent and able to easily stand up to the stress of changing requirements. We have to design effectively while we’re building. These facts are particularly true in the Microservice and Agile worlds. Design by Coding (DbC) is a way to design incrementally literally while you’re coding, and doing that in such a way that you get an optimal design and architecture, with solid APIs and well organised services and subsystems. DbC is an evolutionary approach based on TDD and BDD techniques mixed with Domain-based architecture, and is particularly effective in a collaborative environment. We also look at Event Storming, a way to implement complex reactive systems such as choreographed Microservices systems. This workshop takes you through the entire process. Starting with user stories and domain analysis, we’ll create a system metaphor to ensure architectural coherence, identify key abstractions and bounded contexts, and then construct a system incrementally, coding and designing in parallel. The result is a coherent and highly maintainable system and architecture that can easily accommodate changing requirements.

This workshop involves a minimum of lecture and a lot of doing. Starting with user stories, we’ll create a system metaphor that ensures architectural coherence, and then we’ll construct the system incrementally using code-focused techniques based on TDD principles and merciless refactoring. We’ll use Event Storming to design a reactive messaging layer. We’ll also use (and you’ll learn about) Mob Programming and other contemporary Agile practices that will greatly improve both your effectiveness as a programmer and the quality of your code.

New architectural paradigms like Microservices and evolutionary architecture, as well as the challenges associated with managing data and transactional contexts in distributed systems, have generated a renewed interest in disciplined software design and modular decomposition strategies. We know that the secret to obtaining the benefits of these architectures is getting the boundaries right, both at the team and the component/service level, and then keeping them right as the software continues to evolve! A key reason for getting the boundaries right is that it allows us to create a unified and ubiquitous language within the bounded contexts those boundaries enclose, allowing the business and engineers to have productive and coherent conversations. Fortunately, there is a mature, battle-tested approach to domain modeling and system decomposition that is a perfect compliment to these architectures: Domain-Driven Design (DDD). In this workshop, we’ll leverage an exemplar business domain, that of a pizza delivery store, to illustrate DDD-based decomposition strategies, data architecture patterns, and implementations.

Artificial Intelligence was born as soon as sci-fi books and movies became overwhelmingly popular. The theory of neural networks was developed decades ago, but only recently has the level of digitalisation promoted a larger and larger use of it in many different segments of industry. As a result, AI is a widely abused term today. This workshop sets the rather ambitious goal of explaining what it is, since the very beginning, and how it can be realistically used today and for achieving what. AI is made of software and is not magic, but it’s a form of software that is devastatingly more powerful than plain software. The key to this is that AI may be configured to let machines learn from operations and data so that the limits of an AI-system are potentially unlimited and unknown. Today, the term AI is more commonly an umbrella term for many different levels of logic hard-coded into software solutions and external services. The purpose of this workshop is simply to clarify concepts and technologies giving each the appropriate coordinates in the space of software. We’ll talk about the mechanics of learning, static intelligence, and automatic learning. In this context, we’ll explore algorithms, data models and their relationship to BigData, data lakes and data collection and supervised and unsupervised learning. We’ll play with .NET frameworks such as ML.NET and Azure services and discuss industry scenarios in which AI is most used today and where it can be potentially quite useful.

Architects always strive for modularity to achieve extensibility, maintainability and reuse. The technology for the modules, these Microservices, changes over time, and yet the very use of smaller blocks introduces inherent complexity. When you design a highly modular system, it would be naive of you to expect that the only things you will do differently will be limited to design and technology. The development process itself needs to be modular, accommodating the complexity of the Microservices as a system. In this intense session, Juval will share his original techniques, metrics and ideas, all practiced in real life, allowing for a Microservices-oriented development process. He will present a battle-hardened approach that you can immediately apply to achieve robust applications, manage requirements, and ensure faster time to market. You will also see how the various team members – the architect, the project manager and the developers – should work in concert, and their respective tasks and responsibilities towards the system and the Microservices.

In this workshop you will learn novel analysis techniques that support both technical and organisational decisions around your codebase.The techniques use data from the most underused informational source that we have in our industry: our version-control system. Combined with metaphors from forensic psychology, you’ll learn how to analyse version-control data to:

• Identify the code that’s most expensive to maintain amongst millions lines of code
• Detect architectural decay and learn to control it
• Analyse different architectures such as layers and Microservices
• Measure how multiple developers influence code quality and what you can do about it
• Uncover the social side of your codebase and learn to use the data to guide on- and off-boarding

During the workshop you’ll get access to CodeScene – a project analysis tool that automates the analyses – which we use for the practical exercises, and we also discuss open source alternatives where suitable. Participants are encouraged to take this opportunity to analyse their own codebase and get specific take-away information around their system.

Workshop style: Hands-on, bring your own laptop. The practical exercises use Git and CodeScene. Make sure you have a Git client and a Java runtime, version 8, installed on your laptop if you want to analyse your organisation’s private repositories.