Industry News, Trends and Technology, and Standards Updates

Richard Howard: Director of Tech Ops

Richard Howard, Director of Tech Ops, has over 20 years of experience in both vertical and custom software development, the last five of which have been with Cimetrix. Howard has previously worked for Honda of America Manufacturing, Fuji Photo Film, Jet Blue Airways, and other high-tech companies. He has degrees in business and engineering from the University of Utah and is a Professional Scrum Master.
Find me on:

Recent Posts

Making Cimetrix Lean

Posted by Richard Howard: Director of Tech Ops on May 3, 2017 12:40:00 PM

lean-six-sigma-green-belt-t.pngDo you have waste in your organization?  Does your organization do things that seem inefficient? If you answered yes to either of these questions, you might want to consider Lean.  If you answered no, you are in denial!  We all have processes and procedures that are inefficient.  Processes and procedures tend to grow over time with items added on to address changing business needs or special cases.  At some point, the process has grown so huge that two things occur: (1) It becomes very fragile, such that small changes tend to break it or (2) it is so very intensive that the resources it requires outweigh the benefits it provides.

To determine if you suffer from excessive process and should consider investigating Lean, I would recommend you ask yourself the following questions:  As a business, what are we doing that is less productive? How can we eliminate inefficiencies and implement change to address a problem? How do we know if the change made a difference?  Will that difference bring value to our clients?  These four questions are the key to making meaningful changes and getting rid of entropy and waste in an organization.  This is how you introduce Lean principles into your organization.  Cimetrix began introducing Lean last year: Here is our story.

David Warren, Director of Software Engineering, initially introduced the concept of Lean software development through a book club he started for the Engineering group.  David’s book club read the book Implementing Lean Software Development, From Concept to Cash by Mary and Tom Poppendieck.  The book provides insight into the seven lean principles as they apply to software development.  The timing our study of the the Lean concept coincided with the Cimetrix All Company Gathering.  David proposed doing a value-stream map of one of our key processes as an exercise for the entire company as one of our large group activities.  To ensure the success of the activity, David found a local consulting company that is proficient in Lean to conduct a hands-on workshop for the All Company Gathering activity.

Our first workshop in Lean was conducted by Alan Davis of Promontory Management Group.  The initial four-hour workshop focused on generating an as-is map of our process for handling our Software Change Requests (SCR).  The process involved identifying each of the steps currently used for addressing an SCR as well as the time lapse for each step.  Every member of Cimetrix was involved in identifying the steps involved.  At the end of our workshop, there was a great desire by all involved to look at the next step of how to identify our pain points and look for areas to improve our processes. 

The interest by all our employees was great enough that we changed the schedule for the following mornings activities to continue with a follow-on workshop. During that workshop, we identified several pain points that could be addressed.  The top five were identified, by consensus of all involved. Alan Weber put together a proposal for training a group of Cimetrix employees in the process of Lean Six Sigma using the five identified pain points for hands on training.  The Round Table, our leadership team, felt there would be value in moving forward with implementing lean processes in Cimetrix.

The employees who would be trained in the Lean Six Sigma process, and be responsible for the projects, were taken on a volunteer basis.  Nine people volunteered for the training.  I was one of the volunteers and was assigned to be the facilitator for the overall Lean Six Sigma training.  The training occurred over the course of the next five months for the volunteers.  This was done in addition to each members’ regular work requirements.  The training focused on the principles of Lean.  Terms such as DMAIC, 5-whys, baseline metrics, and ROI were not just studied, they were put into practice by the project leads.  Each project lead put together a team consisting of Cimetrix employees to tackle their assigned project.

Each project lead was awarded a Lean Six Sigma Green Belt certification at the conclusion of their training.  A celebration was held to present the awards to each of the project leads.  I would like to congratulate:

  • David Warren
  • Brian Rubow
  • Tami Traci
  • Brent Forsgren
  • Jake Strong
  • Mohammad Islam
  • Jesse Wright
  • Kim Daich

Each project lead did an outstanding job both as a participant and as a team leader in this process.  They took on the responsibility of learning, leadership and project execution in a manner that is true to the core values of Cimetrix. 

Topics: Cimetrix Company Culture

Benefits of Being a Microsoft Gold Competency Partner

Posted by Richard Howard: Director of Tech Ops on Mar 10, 2016 1:02:00 PM

windows_8s.png

In November 2014, Cimetrix attained a status of ISV (IP & Solution Development) Gold Competency Partner with Microsoft®. Now you may be thinking “So what? What could that possibly have to do with me as a client of Cimetrix?” That’s what I would have thought if I had read the headline without knowing what was involved to both achieving and maintaining that level with Microsoft. So let me briefly share the main value of Cimetrix being a Gold Competency Partner and why it matters to our clients and to Cimetrix.

A requirement for Cimetrix to reach the Gold Level was that we had to have, at a minimum, three (3) products that passed the Gold Competency Test for Windows® 8. This test (commonly referred to as a “logo” test) ensures that the software applications adhere to patterns and practices consistent with Microsoft’s operating system architecture. The logo compatible applications must conform to the following:

  1. Compatibility and Resilience – Apps are expected to be resilient and stable, and eliminating failures helps ensure that software is more predictable, maintainable, performant, and trustworthy.

  2. Adherence to Windows Security Best Practices – Using Windows security best practices will help avoid creating exposure to Windows attack surfaces. Attack surfaces are the entry points that a malicious attacker could use to exploit the operating system by taking advantage of vulnerabilities in the target software. One of the worst security vulnerabilities is the elevation of privilege.

  3. Support Windows Security Features – The Windows operating system has many features that support system security and privacy. Apps must support these features to maintain the integrity of the operating system. Improperly compiled apps can cause buffer overruns that may, in turn, cause denial of service or allow malicious code execution.

  4. Adherence to System Restart Manager Messages – When users initiate shutdown, they usually have a strong desire to see shutdown succeed; they may be in a hurry to leave the office and just want their computers to turn off. Apps must respect this desire by not blocking shutdown. While in most cases a shutdown may not be critical, apps must be prepared for the possibility of a critical shutdown.

  5. Support of a Clean, Reversible Installation – A clean, reversible installation allows users to successfully manage (deploy and remove) apps on their systems.

  6. Digitally Signing Files and Drivers – An Authenticode digital signature allows users to be sure that the software is genuine. It also allows one to detect whether a file has been tampered with, such as if it has been infected by a virus. Kernel-mode code signing enforcement is a Windows feature known as code integrity (CI), which improves the security of the operating system by verifying the integrity of a file each time the image of the file is loaded into memory. CI detects whether malicious code has modified a system binary file. It also generates a diagnostic and system-audit log event when the signature of a kernel module fails to verify correctly.

  7. Prevention of Blocked Installations or App Launches Based on an Operating System Version Check – It is important that customers are not artificially blocked from installing or running their app when there are no technical limitations. In general, if apps were written for Windows Vista or later versions of Windows, they should not have to check the operating system version.

  8. Does Not Load Services or Drivers in Safe Mode – Safe mode allows users to diagnose and troubleshoot Windows. Drivers and services must not be set to load in safe mode unless they are needed for basic system operations of such as storage device drivers or for diagnostic and recovery purposes, such as anti-virus scanners. By default, when Windows is in safe mode, it starts only the drivers and services that came preinstalled with Windows.

  9. Follows User Account Control Guidelines – Some Windows apps run in the security context of an administrator account, and apps often request excessive user rights and Windows privileges. Controlling access to resources enables users to be in control of their systems and protect them against unwanted changes. An unwanted change can be malicious, such as a toolkit taking control of the computer, or be the result of an action made by people who have limited privileges. The most important rule for controlling access to resources is to provide the least amount “standard user context” necessary for a user to perform his or her necessary tasks. Following user account control (UAC) guidelines provides an app with the necessary permissions when they are needed by the app, without leaving the system constantly exposed to security risks. Most apps do not require administrator privileges at run time, and should be just fine running as a standard-user.

  10. Installation to the Correct Folders by Default – Users should have a consistent and secure experience with the default installation location of files, while maintaining the option to install an app in the location of their choice. It is also necessary to store app data in the correct location to allow several people to use the same computer without corrupting or overwriting each other's data and settings. Windows provides specific locations in the file system to store programs and software components, shared app data, and app data specific to a user.

Microsoft provides a suite of tests that ensure compliance to the standards listed above. Cimetrix, as part of our release process, now runs the logo testing suite against all products prior to a scheduled release. To date we have received logo certification for our latest versions of CIM300, EDAConnect, and ECCE Plus. We have also submitted the latest release of CIMConnect for endorsement. We will continue to make sure all new product releases are subject to and pass the logo certification process. Committing to making sure our products are logo tested not only ensures our continued status as a Gold Competency Partner, but it also lets our clients know of our commitment to deliver quality software that is compatible with Microsoft’s current operating systems. 

The largest benefit Cimetrix receives from our Gold Partner status is the access to Microsoft tools and technologies. As a Gold Competency Partner, Cimetrix receives premium MSDN subscriptions to ensure each engineer in Engineering, Quality Engineering, and CT&S have the most up-to-date technology tools, training, and information they need to get their respective jobs done. Having access to the right tools ensures that our engineers can be as efficient and effective as possible. In addition, the cost savings of having these tools provided to us, as opposed to having to purchase a subscription for each engineer, is significant. By saving money on tools, we can devote those monies to product development. 

Application certification and the tools provided by MSDN subscriptions are just a couple of examples of how our Gold Competency Partner status provides benefits to our clients. Cimetrix greatly values its partnership status with Microsoft. We are committed to continuing to adhere to the requirements and standards set by Microsoft in order to retain our Gold status.

Topics: Partners, Doing Business with Cimetrix, Programming Tools, Cimetrix Products