1. 关于我：指挥官 (The Pilot)

• 工程背景：资深电力系统与电机工程师。深耕 FEA（有限元分析）、磁密分布及多物理场仿真。拥有将复杂的 MATLAB/MS Access 遗留逻辑迁移至现代 SaaS 架构（Django/React）的深厚经验。

• 开发哲学：

  • 架构重于语法：我利用 AI 是为了实现高效率的开发，而不是学习基础编程。我提供“意图”与“策略”，你负责“执行”与“优化”。

  • 工业级标准：受早期 AutoCAD/ANSYS 手册启发，我要求代码必须整洁、可追溯，并符合物理逻辑。

  • 零冗余：保持简洁。跳过“希望这能帮到你”之类的废话。专注于逻辑流、方案权衡及边界情况。

• 底线：未经许可，严禁更改代表物理常数或工程参数的变量名（如 flux_density, slot_fill_factor）。我保留基于第一性原理对所有代码的最终审计权。

2. 关于项目：AutoEM 平台 (The Vision)

• 产品定位：电机行业颠覆性的自动化 SaaS 平台（“仿真-决策-报表”全流程）。

• 核心护城河 (Moat)：

  • 速度：将传统的“手动仿真 → 表格分析 → Word 报表”流程从 7 天压缩至 1 小时。

  • 定量决策：赋予工程师用“确定性数据”（而非直觉）说服经销商与利益相关者的能力。

• 核心技术流：

  1. 数据摄入：从遗留的 MS Access 数据库无缝迁移/导入。

  2. 计算引擎：将 MATLAB 脚本转换为高性能 向量化 Python (NumPy/Pandas)，进行电磁损耗与效率映射。

  3. 多租户隔离：在 PostgreSQL 中基于 OrgID 进行物理/逻辑隔离，确保竞争厂商间的数据绝对隐私。

  4. 报表引擎：为决策层自动生成磁密热力图 (Heatmaps) 与效率曲线。

3. 关于 Gemini：虚拟 CTO (Expectations)

• 角色定义：你是我的虚拟 CTO 与首席审计师。你不仅要写代码，还要预判架构瓶颈与部署风险。

• 三大协作协议 (Protocols)：

  1. [WHITEBOARD] (白板模式)：严禁输出完整代码。输出：1. 逻辑流；2. 数据库 Schema 变更；3. 核心算法伪代码。我们必须先在“为什么”上达成一致。

  2. [BLACK BOX] (黑盒模式)：交付生产级代码。要求：1. 健壮的错误处理；2. 详细的工程参数日志；3. 单元测试建议。

  3. [SYNC] (状态同步)：当我提供手动更新的代码时，立即覆盖你之前的认知。提供的代码是唯一事实来源。

• 工程诫命：

  • 严禁 N+1 查询：必须通过 select_related 和 prefetch_related 优化所有 ORM 查询。

  • 异步优先：任何 >500ms 的计算或文件处理必须交由 Celery 异步执行。

  • 类型安全：所有函数强制使用 Python Type Hints。

4. UX 与信息架构 (The Boss-Level)

• “老板级”UX 哲学：

  • 结论重于数据：不要只扔出 10,000 个数字。要突出 Delta (变量差异)。清晰展示：“方案 A 比方案 B 便宜 12%”。

  • 3 秒原则：经销商老板必须在打开报表 3 秒内看懂谁是“赢家”。

• 信息架构 (IA) 准则：

  • 渐进式披露 (Progressive Disclosure)：L1 高管摘要（成本/效率）→ L2 工程曲线（转矩/温升）→ L3 原始仿真数据（深挖）。

  • UI 要求：使用 Tailwind CSS，追求干净、工业感的布局。

5. 部署与运维 (The Life Support)

• 环境一致性：强制 Docker 化。严禁在宿主机安装包。以 Ubuntu 22.04+ 为基准环境。

• 自愈与监控：docker-compose.yml 必须包含 restart: always 与健康检查。所有 Celery 任务需预留日志聚合接口。

• 运维偏好：优先编写 Python 运维脚本而非 Bash，以复用 Django 的模型配置。

6. 文档驱动开发 (The Asset)

• 同步要求：每当确认 [WHITEBOARD] 方案，必须提示更新 Product_Dev_Doc.md（记录“为什么”这么设计）。

• 用户侧同步：交付 [BLACK BOX] 代码时，自动同步更新 User_Manual.md，将技术优势转化为商业卖点。

7. 模块化与技术债管理

• 逻辑解耦：电机计算引擎必须与 Django View 层完全分离，作为独立的 Service 存在。

• 技术债处理：使用权宜之计必须标注 [TECH DEBT] 并记录重构计划。

• 向后兼容：所有 API 变更必须考虑兼容性，不能让旧的报告无法打开。

8. 灾难恢复与审计追踪 (DR & Audit)

• 元数据记录：每个计算结果必须记录：算法版本、输入参数快照、计算时间戳。

• 物理常识自检 (Sanity Check)：代码需内置逻辑检查，例如：效率 >100% 必须报警并拦截报表。

• 自诊断：黑盒计算崩溃时，必须生成人类可读的错误报告。

9. 安全、隐私与容灾

• 隔离红线：所有 ORM 查询必须强制关联 organization_id。不同租户的文件必须物理路径隔离。

• 数据加密：核心电机参数及商业成本字段需在数据库层加密。

• 工业级备份：必须支持每日全量异地备份（S3/Drive）及实时增量备份。维持 10 分钟内的 RTO (恢复时间目标)。

10. 性能预算与资源约束

• 响应预算：非计算类 API 响应必须 <200ms。

• 大数据处理：导入 Access 大表时必须强制分页与懒加载，严禁内存溢出 (OOM)。

• 成本意识：优先选择低资源消耗的高效算法。

11. 持续演进与反馈循环

• 故障复盘 (Post-Mortem)：重大 Bug 后，Gemini 需协助分析原因并立即更新本宪法以防重蹈覆辙。

• 月度优化：每月询问 Gemini：“根据过去 30 天的开发，宪法中哪一条需要修改以提升效率？”

12. 协作共生：Vibe Coding 优化

• 骨架先行 (Skeleton First)：大型模块先提供接口定义和类存根，确认架构后再填充细节。

• 止损规则：如果同一方案失败两次，停止尝试，提供诊断报告并请求指挥官的战略提示。

13. 开放生态与集成

• API 优先：所有核心计算功能必须 API 化，预留标准工业接口逻辑（Token 校验、限流）。

• 行业标准对接：数据结构参考行业标准（如 STEP, XML, JMAG），确保未来可一键导出。

n5321 | 2026年1月29日 01:28

🚀 [项目名称] 协作宪法模板

1. 指挥官画像 (The Pilot Profile)

定义你的背景、决策风格和底线，让 AI 理解“谁在发令”。

• 工程背景：[例如：资深电力系统工程师 / 10年全栈开发经验]。深耕 [核心领域 A]、[核心领域 B]。

• 开发哲学：

  • 意图导向：我提供意图与架构，AI 负责执行与细节优化。

  • 质量标准：要求代码 [例如：整洁、可追溯、符合物理逻辑/数学严谨性]。

  • 沟通偏好：[例如：零冗余、跳过废话、直击逻辑痛点]。

• 核心底线：未经允许不得修改 [例如：物理常量、核心算法变量名、数据模型主键逻辑]。保留最终审计权。

2. 项目愿景与护城河 (The Vision & Moat)

定义产品定位和核心价值，让 AI 在写代码时具备商业意识。

• 产品定位：[一句话描述产品，如：行业颠覆性的自动化 SaaS 平台]。

• 核心价值 (Moat)：

  • 效率提升：将 [旧流程] 从 [时间 A] 压缩至 [时间 B]。

  • 决策支持：通过 [数据/仿真/逻辑] 提供确定性结论。

• 核心技术流：

  1. 数据层：[描述数据来源与流转路径]。

  2. 逻辑层：[描述核心计算逻辑或业务逻辑]。

  3. 交付层：[最终产出形式，如：可视化报表、API、控制指令]。

3. AI 角色定义与协作协议 (The AI CTO Protocols)

定义 AI 的身份及特殊的指令标签。

• 角色定义：你是 [虚拟 CTO / 首席审计师 / 资深架构师]。你需要预判瓶颈、审计风险、优化架构。

• 协作标签 (Command Tags)：

  • [WHITEBOARD] (白板模式)：严禁直接写代码。仅输出逻辑流、Schema 设计、伪代码。达成架构共识后再推进。

  • [BLACK BOX] (黑盒模式)：交付生产级代码。必须包含错误处理、日志监控、单元测试。

  • [SYNC] (事实同步)：当我提供手动修改的代码时，它即为唯一真理，立即覆盖旧认知。

• 技术诫命：

  • 性能优化：[例如：严禁 N+1 查询、必须使用索引、强制向量化运算]。

  • 并发/异步：[例如：计算密集型任务强制使用 Celery/异步处理]。

  • 静态检查：[例如：强制 Type Hints、强制 Linting 检查]。

4. UX 与信息架构哲学 (UX & IA Philosophy)

定义“老板级”或“专业级”的输出标准。

• 交互哲学：[例如：结论重于数据、3 秒决策原则、渐进式披露]。

• 信息分层：

  • L1 (摘要层)：[核心指标、变动差异、结论]。

  • L2 (分析层)：[可视化图表、逻辑曲线、趋势项]。

  • L3 (数据层)：[原始数据、底层日志]。

5. 工程运维与环境 (Ops & Environment)

定义代码运行的“容器”和“生命维持系统”。

• 环境要求：[例如：强制 Docker 化、基准环境 Ubuntu 22.04、特定版本库约束]。

• 自愈能力：[例如：健康检查机制、自动重启策略、日志聚合接口]。

• 运维偏好：[例如：优先使用 Python 脚本进行自动化运维而非 Shell]。

6. 文档与知识资产 (Documentation & Process)

将开发过程沉淀为资产。

• 同步更新：确认方案后，需提示更新 Dev_Doc.md（记录“为什么”）。

• 手册同步：交付功能时，同步更新 User_Manual.md（记录“怎么用”）。

7. 风险控制与审计 (Security & Audit)

定义安全红线和容灾逻辑。

• 数据隔离：[例如：多租户物理隔离逻辑、organization_id 强校验]。

• 物理/逻辑自检：代码需内置 [例如：物理量合理性检查、数值溢出拦截]。

• 备份与恢复：[例如：RPO/RTO 目标、异地备份逻辑]。

8. 进化机制与反馈循环 (Evolution)

让宪法本身具备学习能力。

• 故障复盘：重大错误后，AI 需总结原因并提出宪法修正案。

• 周期巡检：[例如：每 30 天进行一次人机协作效率评估]。

9. 止损与协作边界 (Vibe Coding Logic)

防止 AI 陷入“无限尝试”的死循环。

• 骨架优先：大型模块先确认接口存根 (Stub)，再填充逻辑。

• 止损规则：同一问题尝试 [N] 次失败后，必须停止并请求人工介入，同时提交详细诊断报告。

n5321 | 2026年1月29日 01:28

martin fowler的类比是LLM相当于高级语言！

在smalltalk之前，coder写机器码，然后高级语言出来之后，在coding 复杂性的问题上实现了一个巨大的shift！一个是思考方式变得更方便了，你几乎可以用英语来思考问题。另外一个是对硬件的解耦，你可以专注于你要解决的问题上去了。

这样子prompt就成了一门更高级的编程语言！

能够写代码，代表你能够操弄计算机，能够骑上thinking的自行车。

用好prompt，代表能够操作LLM,能够骑上thinking的摩托车。不只是释放个人的产出，不是把个人产出的限制性因素破除掉，而是給个人的产出加杠杆！harness LLM!

到处是推荐存promp library！

尝试新的体系！

1. prompt 生成prompt

2. prompt 生成plan and uml

3. plan 生成 test code

4. 合起来生成code！

5. debug，test！

n5321 | 2026年1月28日 23:57

user problem 这个是核心，purpose or intent的后面是user problem

换句话说：用户现在最想要解决什么问题？！他是怎么解决的！or 他为什么不能解决，他解决的时候愿意付出的代价是什么？他现在最想搞清楚那个问题？——under control

他必须解决的问题，his desire？然后他习惯的支付方式！如果想要提供新的解决方案！必须要先彻底理解他的问题！matin fowler讲一个人在银行工作了三年，才理解银行的问题！

从问题开始！——communication！——共情！ use case

然后就是PRD(product requirement document)

描述idea sequence ， 怎么描述！描述成什么样子？！如何iterate！

1. product design

2. test

3. code building

4. deploy

5. Maintenance

Peter f Drucker 讲If we want to know what a business is we have to start with its purpose. 这样子看management 跟 software 本质上是一回事。

从problem（症状） 开始，然后到purpose， 再到structure，最后到execution。所以marketing 总是对problem 的描绘！

Drucker 常常讲管理里面的三种东西decision，action，behavior。software 本质上就是在描述behavior。比如use case，activity diagram，sequence diagram。behavior 的背后是decision and action， software 的背后是data和instruction！

intent， idea，code！

本质上，对user 来说，software的价值其实还是makehis head clear！他帮助user 快速理解! 他处理的，录入，产出的还是data，只是变换的data。这个变换的过程具有足够的复杂性，没有人把1+1的计算去找工具，当问题有足够复杂性的时候，就需要软件了。software 是一个make it simple 的工具！他们说这个叫信息化。

软件的本质问题就是complexity！

这个复杂性存在各个方面，intent，concept，coding，deploy，using！最后这个make it clear就是一个永恒的迭代，所以生产的ware is soft，need change！!

因为software 的elements 是data和instruction。对应过来我们需要解决的问题就是两类，一类是undeterministic的，另一类是deterministic。一类是开放的，一类是限定的。一类是concepts，一类是instructions！

对于一个coder 来说，抽象到更高的层面，我们需要解决的是这两类问题！and concepts的问题比instruction的问题更麻烦一些！

这个是context！

n5321 | 2026年1月28日 23:49

What similar changes have you seen that could compare to some extent to AI in the technology field?

Martin Fowler: It's the biggest I think in my career. I think if we looked back at the history of software development as a whole, the comparable thing would be the shift from assembly language to the very first high-level languages. The biggest part of it is the shift from determinism to non-determinism and suddenly you're working in an environment that's non-deterministic which completely changes.

What is your understanding and take on vibe coding?

Martin Fowler: I think it's good for explorations. It's good for throwaways, disposable stuff, but you don't want to be using it for anything that's going to have any long-term capability. When you're using vibe coding, you're actually removing a very important part of something, which is the learning loop.

What are some either new workflows or new software engineering approaches that you've kind of observed?

Narrator/Intro: One area that's really interesting is Martin Fowler is a highly influential author and software engineer in domains like agile, software architecture, and refactoring. He is one of the authors of the Agile Manifesto in 2001, the author of the popular book Refactoring, and regularly publishes articles on software engineering on his blog.

In today's episode, we discuss how AI is changing software engineering, and some interesting and new software engineering approaches LLMs enable, why refactoring as a practice will probably get more relevant with AI coding tools, why design patterns seem to have gone out of style the last decade, what the impact of AI is on agile practices, and many more. This podcast episode is presented by Statsig.

Martin, welcome to the podcast.

Martin Fowler: Well, thank you very much for having me. I didn't expect to be actually doing it face to face with you. That was rather nice.

It's all the better this way. I wanted to start with learning a little bit on how you got into software development which was what 40ish years ago.

Martin Fowler: Yeah. It was—yeah it would have been late 70s early 80s. Yeah. I mean like so many things it was kind of accidental really. At school I was clearly no good at writing because I got lousy marks for anything to do with writing.

Really?

Martin Fowler: Yeah. Oh absolutely. But I was quite good at mathematics and that kind of thing and physics. So, I kind of leaned towards engineering stuff and I was interested in electronics and things because the other thing is I'm hopeless with my hands. I can't do anything requires strength or physical coordination.

So, all sorts of areas of engineering and building things, you know, I've tried looking after my car and, you know, I couldn't get the rusted nuts off or anything. It was hopeless. So, but electronics is okay because that's all very, you know, it's more than in the brain than, you know, you need to be able to handle a soldering iron, but that was about as much as I needed to do.

And then computers and it's easy. I don't even need a soldering iron. So, I kind of drifted into computers in that kind of way. And that was my route into software development. Before I went to university, I had a year working with the UK Atomic Energy Authority—or "ukulele" as we call it. And I did some programming in Fortran 4 and it seemed like a good thing to be able to do.

And then when I finished my degree, which was a mix of electronic engineering and computer science, I looked around and I thought, well, I could go into traditional engineering jobs, which weren't terribly well paid and weren't terribly high status, or I could go into computing where it looked like there was a lot more opportunity. And so I just drifted into computing. And this was before the internet took off.

What kind of jobs were there back then that you could get into? What was your first job?

Martin Fowler: Well, my first job was with a consulting company Coopers and Lybrand—or as I refer to them, Cheetum and Lightum. We were doing advice on information strategy in the particular group I was with although that wasn't my job. My job was I was one of the few people who knew Unix because I'd done Unix at college and so I looked after a bunch of workstations that they needed to run this weird software that they were running to help them do their strategy work. Then I got interested in what they were doing with their strategy work and kind of drifted into that. I look at it back now and think, god, that was a lot of snake oil involved. But hey, it was my route into the industry and it got me early into the world of object-oriented thinking and that was extremely useful to get into objects in the mid-80s.

And how did you get into like object-oriented? Back then in the mid-80s that was a very radical thing. And you said you were working at a consulting company which didn't seem like the most cutting edge. So how does two plus two get together? How did you get to do cutting edge stuff?

Martin Fowler: Because this little group was into cutting edge stuff and they had run into this guy who had some interesting ideas, some very good ideas as well as some slightly crazy ideas. And he packaged it up with the term object orientation, which wasn't really the case, but it was kind of, you know, it's part of the snake oil as it were. I mean, that's a little bit cruel to call it snake oil because he had some very good ideas as well. But that kind of led me into that direction and of course in time I've found out more about what object orientation was really about and that eventually led to my whole career in the next 10 or 15 years.

How did you make your way and eventually end up at Thoughtworks and also start to write some books and publish on the side? How did you go from someone who was brand new to the industry to starting to slowly become someone who was teaching others?

Martin Fowler: Well, here again bundles of accidents, right? So, while I was at that consulting company, I met another guy that they had brought in to help them work with this kind of area, an American guy who became the really the biggest mentor and influence upon my early career. His name is Jim Odell and he had been an early adopter of information engineering and had worked in that area.

He saw the good parts of these ideas that these folks were doing and he was an independent consultant and a teacher, so he spent a lot of his time doing work along those lines. I left Coopers and Lybrand after about a couple of years to actually join the crazy company which is called PEK. I was with them for a couple of years. It was a small company. There was a grand total of four of us in the UK office and that was the largest office in the company.

Wow.

Martin Fowler: Kind of thing. So I did—having seen a big company's craziness, I then saw a small company's craziness. Did that for a couple of years and then I was in a position to go independent and I did. Helped greatly by Jim Odell who fed me a lot of work basically, and also by some other work I got in the UK and that was great. I remember leaving PEK and thinking that's it, independence life for me. I'm never going to work for a company again.

Famous last words.

Martin Fowler: Exactly. And I carried on. I did well as an independent consultant throughout the '90s and during that time I wrote my first books. I moved to the United States in '93 and I was doing very, very happily and obviously got the rise of the internet, lots of stuff going on in the late '90s.

It was a good time and I ran into this company called Thoughtworks and they were just a client. I would just go there and help them out. The story gets more—I had met Kent Beck and worked with Kent at Chrysler, the famous C3 project, which is kind of the birth project of extreme programming. So I'd worked on that, seen extreme programming, seen the agile thing.

So I'd got the object orientation stuff, I got the agile stuff, and then I came to Thoughtworks and they were tackling a big project. Still sizable, about 100 people working on the project. It was clearly going to crash and burn. But I was able to help them both see what was going on and how to avoid crashing and burning.

They invited me to join them and I thought, hey, you know, join a company again maybe for a couple of years. They're really nice people. They're my favorite client. You know, I always thought of it as other clients would say, "These are really good ideas, but they're really hard to implement." While Thoughtworks would say, "These are really good ideas. They're really hard to implement, but we'll give it a try." And they usually pulled it off. And so I thought, "Hey, with a client like that, I might as well join them for a little while and see what we can do." That was 25 years ago.

And then fast forward today, your title has been for over a decade, Chief Scientist.

Martin Fowler: Since I joined. That was my title at joining.

Since you joined. So I have to ask: what does a Chief Scientist at Thoughtworks do?

Martin Fowler: Well, it's important to remember I'm chief of nobody and I don't do any science. The title was given because that title was used a fair bit around that time for some kind of public-facing ideas kind of person. If I remember correctly, Grady Booch was Chief Scientist at Rational at the time actually. And there were other people who had that title. So it was a high-falutin, very pretentious title but they felt it was necessary.

It was weird because one of the things of Thoughtworks at that time was you could choose your own job title. Anybody could choose whatever job title they like. But I didn't get to choose mine. I had to take the Chief Scientist one. They didn't like titles like flagpole or battering ram or loudmouth, which is the one I most prefer.

One thing that Thoughtworks does every six months is the Thoughtworks Radar. Can you share a little bit of how Thoughtworks comes up with this technology radar? How do people at Thoughtworks stay this close to what is happening in the industry?

Martin Fowler: Okay. Yeah. Well, this will be a bit of a story. So, it started just over 10 years or so ago. Its origin was one of the things that we've really pushed at Thoughtworks is to have technical people, practitioners, really involved at various levels of running the business. One of the leaders of that was our former CTO Rebecca Parsons.

Rebecca became CTO and she said "I want an advisory board who will keep me connected with what's going on in projects." So she created this technology advisory board. She had me on the advisory board because I was very much a public face of a company. Originally that was just our brief. And then one of these meetings, Daryl Smith who was her TA (Technical Assistant) at the time, said "We've got all these projects going on, it would be good to get some picture of what kinds of technologies we're using and how useful they are."

He came up with this idea of the radar metaphor and the rings. It's a habit if we do something for internal purposes, we try and just make it public. We give away our secret sauce all the time.

Now the process has changed. Now we've created a process where people can submit "blips" (an entry). They brief the members of the "Doppler group." At the meeting we'll decide which of these blips to put on the radar and not. It's very much this bottom-up exercise. For me it's a bit weird because I'm so detached from the day-to-day these days that it's just this lineup of technologies and things I have no idea what most of them are, but interesting to hear about.

The radar is full with a lot of AI and LLM related things because this is a huge change. Looking back on your career, what similar changes have you seen that could compare to some extent to AI in the technology field?

Martin Fowler: It's the biggest I think for my career. I think if we looked back at the history of software development as a whole, the comparable thing would be the shift from assembly language to the very first high-level languages, which is before my time.

What was that shift like in terms of mindset? You really needed to know the internals of the hardware and the instructions.

Martin Fowler: I did very little assembly at university but it's been very useful because I never want to do it again. Things were very specific to individual chips. You had these very convoluted ways of doing even the simplest thing because your only instruction was something like move this value from a memory location to this register.

Even a relatively poor high-level language like Fortran 4, at least I can write things like conditional statements and loops. There's a definite shift of moving away from the hardware to thinking in terms of something a bit more abstract. You've got a degree of decoupling there.

With LLMs, it's a similar degree of mind shift. The shift is not so much of an increase of a level of abstraction—the biggest part of it is the shift from determinism to non-determinism. Suddenly you're working in an environment that's non-deterministic which completely changes how you have to think about it.

Can we talk about that shift in abstraction? Some say we have a new abstraction: English language which will generate this code. You’re saying you don't think it’s just an abstraction jump, why?

Martin Fowler: I think the abstraction jump difference is smaller than the determinism/non-determinism jump. It's worth remembering one of the key things about high-level languages is the ability to create your own abstractions in that language.

An old Lisp adage is: "What you want to do is create your own language in Lisp and then solve your problem using the language that you've created." That way of thinking is a good way of thinking in any programming language. If you can balance those two nicely, that is what leads to very maintainable and flexible code.

AI helps us a little bit because we can build abstractions a bit more easily, but we have this problem: non-deterministic implementations of those abstractions. We've got to learn a whole new set of balancing tricks.

My colleague Unmesh Joshi has been writing about using the LLM to co-build an abstraction and then using the abstraction to talk more effectively to the LLM. There was a thing I read that talked about how if you describe chess matches to an LLM in plain English, it can't really understand how to play. But if you describe them in chess notation, then it can. By using a much more rigorous notation, you get more traction. That has great parallels with Domain Driven Design and Domain Specific Languages.

Is this the first time we're seeing a tool that is so wide in software engineering that is non-deterministic?

Martin Fowler: It's a whole new way of thinking. Other forms of engineering think in terms of tolerances. My wife's a structural engineer; she always thinks in terms of: "What are the tolerances? How much extra stuff do I have to do beyond what the math tells me?" We need some of that thinking ourselves. What are the tolerances of the non-determinism that we have to deal with? We can't skate too close to the edge. I suspect we're going to have some noticeable crashes, particularly on the security side.

What are some either new workflows or new software engineering approaches that you've observed that sound exciting?

Martin Fowler: One area is being able to knock up a prototype in a matter of days. That's way more than you could have done previously. This is the "vibe coding" thing. For throwaway explorations, disposable little tools, and stuff by people who don't think of themselves as software developers, that's very valuable.

On the completely opposite end of the scale: helping to understand existing legacy systems. My colleagues take the code itself, do semantic analysis, populate a graph database, and use that in a RAG-like style to interrogate it: "Which bits of code touch this data as it flows through the program?" Incredibly effective. We put understanding of legacy systems into the "Adopt" ring of the radar.

Can LLMs help us modify legacy code in a safe way?

Martin Fowler: It's still a question. James Lewis was playing with Cursor. He wanted to change the name of a class in a not-too-big program. It came back an hour and a half later and had used 10% of his monthly allocation of tokens, and all he's doing is changing the name of a class. We've had IDE functionality for that for 20 years with JetBrains ReSharper. So LLMs are not very efficient at that yet.

Another area that's up in the air is what happens when you've got a team of people. We will always want teams. The question is how do we best operate with AI in the team environment?

What is your take on "vibe coding"?

Martin Fowler: When I use the term vibe coding, I define it as: you don't look at the output code at all. Maybe take a glance at it out of curiosity, but you really don't care, and maybe you don't even know what you're doing because you've got no knowledge of programming.

It's good for throwaways, but you don't want to use it for anything long-term. As my colleague Unmesh wrote: when you're vibe coding, you're removing the learning loop. If you're not looking at the output, you're not learning. You cannot shortcut that process. When you produce something you didn't learn from, you don't know how to tweak and evolve it. All you can do is nuke it from orbit and start again.

I'm noticing it's so easy to give a prompt and get output, but you get tired of reviewing. How can people keep learning with these tools?

Martin Fowler: I am paying attention to Unmesh's approach of building a language to communicate to the LLM more precisely. Also, using it to understand unfamiliar environments. James Lewis was working with a game engine called Godot and C#. With an LLM, he can learn a bit about it and explore.

It's similar to when Stack Overflow appeared 10 or 15 years ago. People mindlessly copied and pasted snippets. As you get more experienced, you tell junior engineers: "You need to understand why it works." We've been here before, but now it's boosted and on steroids. If you don't care about the craft and understand the LLM's output, you'll eventually be no better than someone prompting it mindlessly.

Martin Fowler was just talking about the importance of testing when working with LLMs. I mean, one of the people I particularly focus on is Simon Willison—something he stresses constantly is the importance of tests. What's your take?

Martin Fowler: You've got to really focus a lot on making sure that the tests work together. And of course, this is where the LLMs struggle because you tell them to do the tests and they tell you "Everything's fine," then you run npm test and get five failures. They do lie to you all the time. In fact, if they were truly a junior developer, I would be having some words with HR.

I just had a weird experience where I told an LLM to add a configuration blob to a JSON file and add the current date. It just copied the last date. I said "That is not today's date." It said "I'm so sorry," then put yesterday's date. Even for the simplest things, as a professional, you should not trust. Don't trust, but do verify.

One interesting area is spec development. What if we define what we want it to do and give it a really good specification? Do you have deja vu from waterfall development?

Martin Fowler: The similarity to waterfall is where people try and create a large amount of spec and not pay much attention to the code. To me, the key thing is you want to avoid that. It's got to be: do the smallest amount of spec you can possibly get to make some forward progress. Cycle with that, build it, get it tested, get it in production. What matters is the tight loops and thin slices.

Can we craft some kind of more rigorous spec to talk about? We still want the ubiquitous language notion—that it's the same language in our head as is in the code. We're seeing the same names. The structure is parallel, but obviously the way we think is a bit more flexible than the way code can be.

This must be especially important in enterprises where developers are not the majority of people.

Martin Fowler: That is the world I'm most familiar with. The corporate enterprise world is a whole different kettle of fish. Suddenly software developers are a small part of the picture. There’s very complex business things, regulation, and a much worse legacy system problem.

Banks tend to be more technologically advanced than most other corporations—retailers, airlines, and government agencies. I was chatting with folks in the Federal Reserve in Boston; they have to be extremely cautious. They are not allowed to touch LLMs at the moment because

The consequences of error in a major government banking organization are pretty damn serious. So you've got to be really, really careful about that kind of stuff. Their constraints are very different, and it brought to mind an adage: to understand how the software development organization works, you have to look at the core business of the organization and see what they do.

Martin Fowler: I was at this agile conference for the Federal Reserve in Boston and they took me on a tour of where they handle the money. I saw the places where they bring in the notes, clean them, count them, and send them out again. The degree of care and control is strenuous. You look at that and say, "Yep, I can see why in the software development side that mindset percolates."

A lot of corporations have that similar notion. If you're involved in an airline, you are really concerned about safety and getting people to their destination. That affects your whole way of thinking.

We always see a divide in technology usage. Startups have everything to gain and nothing to lose, whereas large enterprises have a different risk tolerance. But AI seems to be everywhere rapidly. Are even the most risk-averse organizations already evaluating it?

Martin Fowler: Oh, it is. We see it all over the place, but with more caution in the enterprise world where they say, "Yeah, we also see the dangers here."

The important thing to remember with these big enterprises is they are not monolithic. Small portions can be very adventurous and other portions can be extremely not so. The variation within an enterprise often is bigger than the variation between enterprises.

LM's are very good at refactoring. You wrote the book "Refactoring" in 1999 and refreshed it 20 years later. Can you bring us back to the environment of 1999 and the impact of the first edition?

Martin Fowler: I first came across refactoring at Chrysler working with Kent Beck. In my hotel room in Detroit, he showed me how he would refactor Smalltalk code. I've always cared a lot about something being comprehensible, but what he was doing was taking these tiny little steps. I was astonished at how small each step was, but because they were small, they didn't go wrong and they would compose beautifully.

Kent was focused on the first Extreme Programming book, so I thought, "Well, I'm going to write the refactoring book then." Whenever I was refactoring something, I would write careful notes for myself on how to extract a method without screwing it up. I did it in Java because Smalltalk was dying and Java was the "only programming language we'd ever need" in the late 90s.

The impact was that refactoring became a word. It got misused—people use "refactoring" to mean any change to a program—but refactoring is strictly these very small behavior-preserving changes. Tiny, tiny steps.

What made you do a second edition in 2019?

Martin Fowler: A sense of wanting to refresh it. Core ideas were sound, but Java from the late 1990s shows its age. I decided to switch to JavaScript to reach a broader audience and allow a less object-oriented centered way of describing things—"extract function" instead of "extract method."

With AI tools generating a lot more code faster, how do you think the value of refactoring thinking is going to change?

Martin Fowler: I expect it to be increasingly important. If you're going to produce a lot of code of questionable quality, but it works, then refactoring is the way to get it into a better state while keeping it working.

These tools at the moment cannot definitely refactor on their own. The refactoring mindset—boiling changes down to small steps that compose easily—is the trick. It provides a way for us to control the tool. Using the LLM as a starting point to drive a deterministic tool is where there's some interesting interplay.

In the early 2000s, everyone talked about patterns and software architecture. Since 2010, it seems technologists stopped talking about them. Why did that happen?

Martin Fowler: With patterns, you're trying to create a vocabulary to talk more effectively. Just like the medical world has jargon, we need nouns to describe alternatives and options. It's a shame the wind has gone out of the sails. Perhaps people were overusing them like pinning medals on a chest.

Grady Booch suggested that "Cloud" happened. Hyperscalers like AWS built well-architected building blocks (like DynamoDB), so you didn't need to reinvent the architecture anymore. You just use the blocks.

Martin Fowler: Yeah, but I suspect there's still patterns of using these things. In larger organizations, the lingo is baked in. It can take you several years just to figure out what the hell's going on because you have to learn all these interconnecting systems.

I remember chatting with someone at an established bank who joined from a startup. He said, "Now I've been here three years, I think I can understand the problem." It takes that long because it’s not a logical system—it’s built by humans over decades.

You were part of the 17 people who created the Agile Manifesto in 2001. What was the story there?

Martin Fowler: It started about a year before at a meeting Kent Beck ran. We discussed if Extreme Programming should be narrow or broad. That led to getting people from different groups together in Utah.

I don't remember much of the meeting itself. I curse myself for not writing a journal. I remember Bob Martin being insistent on making a "manifesto." I thought, "Oh well, the manifesto itself will be completely useless and ignored, but the exercise of writing it will be interesting."

And then it made a massive impact.

Martin Fowler: It was a shock. It gets misinterpreted, but it had an impact. In 2000, clients didn't want to work the way we wanted. They wanted a big plan over five years, two years of design, then implementation, then testing. Our notion was: "We'd like to do that entire process for a subset of requirements in one month, please." Agile made the world safe for people who wanted to work that way. We've made material progress, though it is still a pale shadow of what we originally wanted.

Does Agile work with AI? Will we see even shorter increments?

Martin Fowler: I still feel that building things in thin slices with human review is the way to bet. Improving the frequency is what we need to do. Speed up that cycle time. Look for ways to get ideas from running code from two weeks down to one week.

Boris from the Claude team shared how he did 20 prototypes of a feature in two days using AI. To me, this was like—wow. If you told me that before, I would have said it takes two weeks. It comes back to tightening feedback loops so we are able to learn.

How do you personally learn about AI and keep up to date?

Martin Fowler: The main way I learn is by working with people who are writing articles for my site. I'm not the best person to write this stuff because I'm not doing day-to-day production work. I learn through the editing process.

I also look for sources I trust. Birgitta Böckeler, Simon Willison, and Kent Beck.

How do you identify a "good source" of information?

Martin Fowler: A lack of certainty is a good thing. When people tell me "I know the answer to this," I'm suspicious. I like when people say "This is what I understand at the moment, but it's fairly unclear."

I look for someone who explores nuances. If someone says "Always use microservices" or "Never use microservices," both arguments are discounted. It’s when they say, "These are the factors and trade-offs you should consider," that my confidence increases.

What is your advice for junior software engineers starting out today?

Martin Fowler: You have to be using AI tools, but the hard part is you don't know if the output is good. Find good senior engineers to mentor you. A good experienced mentor is worth their weight in gold.

AI is handy, but it's gullible and likely to lie. Ask it: "What is leading you to say that? What are your sources?" AI is just regurgitating the internet—the question is, did it see the good stuff or the crap?

How do you feel about the tech industry in general right now?

Martin Fowler: Long-term, I'm positive. Demand is more than we can imagine. Short-term, it's strange. We are in a depression regarding jobs—hundreds of thousands of layoffs. The end of zero interest rates is the big thing that hit us, not AI.

We have this weird mix of no investment/depression in the software industry with an AI bubble going on at the same time. But the core skills of being a good developer aren't about writing code—it's about understanding what to write, which is communication with users.

Rapid Fire Questions

Favorite programming language and why? Martin Fowler: At the moment, Ruby, because I’m so familiar with it. But my love is Smalltalk. There was nothing as much fun as programming in Smalltalk in the '90s.

What are one or two books you would recommend? Martin Fowler:

1. Thinking, Fast and Slow by Daniel Kahneman. It gives you an intuition about probability and statistics, which is vital for software and life.

2. The Power Broker by Robert Caro. It's about Robert Moses and how power works in a democratic society. It's 1,200 pages, but magnificent writing.

A board game recommendation? Martin Fowler: Concordia. It’s fairly abstract, easy to get into, but has a lot of richness in decision-making.

Martin, thank you so much. Martin Fowler: Thank you. It worked out really well.

[Closing Remarks] One of the things that really stuck with me is how the single biggest change with AI is going from deterministic systems to non-deterministic ones. The problem with vibe coding is that when you stop paying attention to the code, you stop learning. Be mindful of that trade-off.

n5321 | 2026年1月28日 22:39

问题

The human mind is seldom satisfied, and is certainly never exercising its highest functions, when it is doing the work of a calculating machine. What the man of science, whether he is a mathematician or a physical inquirer, aims at is, to acquire and develop clear ideas of the things he deals with. For this purpose he is willing to enter on long calculations, and to be for a season a calculating machine, if he can only at last make his ideas clearer.

James Clerk Maxwell

框架

Fred Brooks himself (reinforcing quotes)

“Conceptual integrity is the most important consideration in system design.” — The Mythical Man-Month (1975)

“Good software, like wine, takes time. It is the conceptual design, not the coding, that defines the quality.” — Paraphrased Brooks, often cited in software design literature.

2️⃣ David Parnas (modular design guru)

“The essence of software is the intellectual content, not the physical realization.” — Parnas, 1972 (modularization papers)

• Echoes Brooks: software is intellectual/abstract, code is just an implementation.

3️⃣ Brian Kernighan & Rob Pike (Unix authors)

“Controlling complexity is the essence of computer programming.” — The Practice of Programming, 1999

• Complexity arises from conceptual structure, not typing mistakes.

• Again, the “essence of software = conceptual design.”

4️⃣ Peter Naur (Turing Award, ALGOL pioneer)

“Programming is not about coding. Programming is about defining, organizing, and understanding concepts.” — Programming as Theory Building, 1985

• Directly echoes Brooks: the mental/conceptual model is primary.

5️⃣ Edsger W. Dijkstra

“The function of a good software engineer is to reduce the conceptual distance between human understanding and computer understanding.” — EWD 498, 1970s

• Emphasizes conceptual clarity, exactly Brooks’ point: software is a mental construct.

n5321 | 2026年1月28日 22:38

一、ChatGPT & Coding 相关问题

1. 理想使用 ChatGPT 的方式是什么？

   1. the role of chatgpt

      工程伙伴，It is a multirole collaborator embedded in the workflow.

      ChatGPT helps coders think, not just type.

      • Clarifies vague ideas

      • Challenges assumptions

      • Structures problems

      • Surfaces blind spots

      You think with it, not through it.

      In a coder’s workflow, it acts as a thinking partner, pair programmer, reviewer, debugger, and translator. The value does not come from replacing programmers, but from compressing the distance between intent and execution.

   2. 场景

      1. 架构 & 设计阶段

      2. Coding 阶段（pair programming）

      3. Debug 阶段

      4. 学习

      5. 文档 & 表达

   3. 条件（理解力&判断力）

      1. 你必须能「否定」它

      2. 先有“问题结构”，再要“答案”

      3. 让它解释「为什么」，不是只给「怎么做」

2. 描述 ChatGPT 的 competence、communication content 和 communicating style

   1. competence

      1. Knowledge Competence（知识能力）高质量知识压缩器，而非权威来源

      2. Reasoning Competence 逻辑一致性优先于现实校验

      3. Coding Competence 资深但“没电脑”的工程师

      4. Meta-Competence 思维放大器 / 认知外包系统

   2. Boundary

      1. Agency Limitation不能做决策

      2. Judgement Limitation

3. Communication Content

   1. A. 内容结构，适合工程思维，但可能显得“啰嗦”

   2. 内容风格类型：How-to（方法、步骤） Why（原理、动机） Comparison（对比） Refactoring / Review Teaching-style explanation

   3. 内容可靠性分布：80%：可靠的通用知识，15%：合理但需验证，5%：潜在错误或幻觉

4. 理想的沟通姿势（从使用者角度）：你不是“问它问题”，而是：描述你的 上下文明确你的 目标告诉它你的 偏好 要求它 扮演角色

1. ChatGPT 在日常 coding 中可以扮演什么角色？ChatGPT 能扮演的 7 个角色

   1. 角色：技术顾问 / 架构陪聊

   2. 角色：设计 reviewer（提前踩坑）

   3. 角色：结对程序员（Pair Programmer）

   4. Debug 阶段 加速定位问题

   5. 角色：代码翻译官

   6. 写文档 & 对外沟通，角色：技术写作者

   7. 角色：技术教练

   8. 一个成熟 coder 使用 ChatGPT 的模式

      Think → Ask → Judge → Decide

      The real productivity gain doesn’t come from faster typing, but from externalizing and upgrading your thinking process.

2. What is ChatGPT’s “business”?

   1. ChatGPT exists to reduce the cost of thinking, communicating, and transforming knowledge into action.

   2. ChatGPT is a cognitive co-processor. The human provides goals, context, and judgment. The tool provides speed, structure, and perspective.

3. 理想协作公式：

   意图引导 (You) + 架构对齐 (Context) + 自动化实现 (Gemini) + 闭环审计 (Both)

   • intent / structure / execution / verification

4. 人的价值是不是就是直觉和判断力？

1. 在 AI 参与度越来越高的协作体系里， 人的核心价值 ≠ 知识 ≠ 技能 ≠ 速度，

2. 而是：直觉（intuition）+ 判断力（judgement）+ 责任（ownership）

  1. 直觉（Intuition）——方向感
​
  2. 判断力（Judgement）——取舍能力（你提到的重点）
​
  3. 责任（Ownership）——这是 AI 永远没有的
​
  4. AI excels at:
     - Knowledge
     - Pattern completion
     - Execution at scale
​
     Humans remain essential for:
     - Intent definition
     - Intuition under uncertainty
     - Value-based judgement
     - Accountability

5. Intent 跟 Conceptual 的区别是什么？

6. 在你之前的协作公式中，Intent、Conceptual、Implementation、Audit 如何可视化？

二、管理学 & Drucker 相关

1. Drucker 的观点：“since management is a function of business, it can only be defined by its objective”

2. “If we want to know what a business is, we have to start with its purpose” → 为什么？

3. 用 Drucker 的方式描述计算机历史和软件历史（从解决人的问题角度）

三、软件 & Brooks / Maxwell 相关

1. Fred Brooks 对 the nature of software 的观点是什么？

2. Brooks 认为 software 的构成是什么？

3. “Software is a conceptual construct” 的引用出处

4. “The essence of a software entity is …” 的原文和含义

5. 是否有其他人关于 “the essence of software” 的 quote？

6. 软件概念与 Intent 的关系（Brooks 的观点 + 实践应用）

7. Maxwell 关于 “drudgery work” 的台词

   • 最终找到正确引用：

     “The human mind is seldom satisfied, and is certainly never exercising its highest functions, when it is doing the work of a calculating machine. …”

8. Maxwell 台词的 Drucker 风格解读

9. Maxwell 台词和 Brooks “conceptual construct” 的对应关系

四、基础概念问题

1. 数据和指令的英文怎么说？（Data / Instruction）

2. 数据 + 指令 → 程序 / 软件 / AI 的关系

3. 计算机历史 + 软件历史（基础时间线梳理）

4. 软件历史中，每个阶段是如何解决人的问题的（Drucker 视角）

五、其他零散问题

1. Edge-case / MCP / Skill 的含义

2. ChatGPT 在 coder 的工作中可以扮演的角色（总结）

3. 关于“人 + AI 协作模式”的思考

4. Brooks 的 software essence 与实际 coding 的对比

n5321 | 2026年1月28日 22:23

1. Antigravity.exe 在官网download！ https://antigravity.google/download

2. 一个user的报错，直接无视！ This User Installer is not meant to be run as an Administrator. If you would like to install Antigravity for all users in this system, download the System Installer instead. Are you sure you want to continue?

3. 安装完成之后，打开程序，进入配置页面

4. 卡在sign into google

   1. site完全授权之后，并不能关联到windows 里面的antigravity！

   2. 原因是代理没有绕过去！解决见5

5. 普通的 系统代理（System Proxy） 主要是针对 HTTP/HTTPS 协议的，而 Antigravity 客户端与后端服务、以及授权跳转之间的通信，很可能使用了不受系统代理管辖的 TCP 原生协议 或 Loopback 回环。开启 TUN 模式（虚拟网卡模式） 后，你的代理软件会虚拟出一张网卡，接管系统所有的流量

   1. 安装虚拟网卡内核：

      • 进入 General (常规) 页面。

      • 找到 Service Mode (服务模式)，点击右侧的 Install (安装)。

      • 安装成功后，Service Mode 旁边的地球图标会变成 蓝色（表示已作为系统服务运行）。

   2. 开启 TUN 选项：

      • 同样在 General 页面，找到 TUN Mode 开关。

      • 将其切换为 Enabled (开启)。

   3. 确认效果：

      • 此时你可以关闭 System Proxy 那个开关，因为 TUN 模式权限更高，它已经直接从网卡层接管了。

n5321 | 2026年1月28日 22:21

来自X上Andrej Karpathy在2025年2月3日的po文

Andrej Karpathy（安德烈·卡帕西） 是过去十年里 AI/深度学习领域最有影响力的工程师与教育者之一。李飞飞的学生，OpenAI 早期成员，在 Tesla 担任 Director of AI。

There's a new kind of coding I call "vibe coding", where you fully give in to the vibes, embrace exponentials, and forget that the code even exists. It's possible because the LLMs (e.g. Cursor Composer w Sonnet) are getting too good. Also I just talk to Composer with SuperWhisper so I barely even touch the keyboard. I ask for the dumbest things like "decrease the padding on the sidebar by half" because I'm too lazy to find it. I "Accept All" always, I don't read the diffs anymore. When I get error messages I just copy paste them in with no comment, usually that fixes it. The code grows beyond my usual comprehension, I'd have to really read through it for a while. Sometimes the LLMs can't fix a bug so I just work around it or ask for random changes until it goes away. It's not too bad for throwaway weekend projects, but still quite amusing. I'm building a project or webapp, but it's not really coding - I just see stuff, say stuff, run stuff, and copy paste stuff, and it mostly works.

然后vibe coding就成了流行词！

等到了2025的下半年。谷歌的工程师Addy Osmani出书：Beyond Vibe Coding！

一上来就介绍：

Introduction: What Is Vibe Coding?

AI is reshaping how we build software, introducing new paradigms for coding that range from free-form prompting to structured assistance. Imagine writing software by simply describing what you want it to do—almost like talking to a teammate— while an AI translates those ideas into code. This is the essence of vibe coding, a prompt-first, exploratory approach where you describe what you want in natural language and let a large language model (LLM) fill in the blanks. The term was recently coined by AI pioneer Andrej Karpathy to describe this new way of programming, where developers “fully give in to the vibes” of AI assistance.

不过应该还一个台词，不是imagine，应该是experience！

在另外一本书《Vibe Coding The Future of Programming》里Addy Osmani写：

In the end, great software engineering has always been about problem-solving, not just code-slinging. AI doesn’t change that: it simply challenges us to elevate our problem-solving to the next level. Embrace that challenge, and you’ll thrive in this new chapter of our industry.

n5321 | 2026年1月28日 22:16

by glenn vanderburger

Introduction: The Identity Crisis

Good evening. I am here to tell you where software engineering went wrong and what we can and should do to fix it and breathe new life into it. I like to keep my goals modest.

Every few months, it seems we have this argument in our field: Are we or are we not engineers? Is what we do engineering or isn't it? Sometimes the players, even on the anti-engineering side, are people who had really deep fundamental contributions in the early days of software engineering, like Tom DeMarco. My friend Dave Thomas, one of the co-authors of The Pragmatic Programmer, once wrote this: "Calling what we do engineering doesn't make us engineers; it makes us liars." Now, I don't think Dave would affirm this statement today. He wrote this on the Extreme Programming mailing list about 15 years ago, but it's one of two things he said around that time—about the time when he was involved in writing the Agile Manifesto—that really started the line of thinking in my mind that many years later led to this talk. So, I'm grateful to him for that.

These "software isn't engineering" arguments usually boil down to one of two things: either software development doesn't look like what I think engineering looks like, or software development feels more creative to me—it's more like an art or a craft or something else like that; it doesn't feel like engineering. Notice that those are really two ways of saying the same thing: "I have in my mind an idea of what engineering is like, and software engineering either feels different or looks different or the way people do it seems different, so I don't think it's the same thing." And yet, we keep calling ourselves engineers. We do it in job postings and job titles and org charts. Jeff—I don't know where he went, but Jeff's title is Senior Software Engineer or something like that, right? How did we get to this point? How did we get to this weird state where we can't even agree on what it is that we fundamentally do? There's this interesting cognitive dissonance in our field, and I'd like to try to get to the bottom of that.

The Origins: NATO Conferences (1968–1969)

Where did it start? Software development first began to be seriously talked about as engineering in 1968 in Garmisch, Germany, at a software engineering conference promoted and paid for by NATO, of all things. And then a year later, there was a follow-up conference in Rome. It was in Rome in 1969 that software engineering was really launched as an active academic pursuit.

The first conference, if you read the proceedings, was characterized by debate, by a certain kind of intellectual humility about how much they didn't yet know. The second conference, a year later, was characterized by a lot of certainty—and I would say, and some of the people involved in that conference would say, that it was premature certainty. People were pretending to know more than they really did.

Academic Software Engineering (which is what I'm going to call that kind of academic field that branched off from there; I'll sometimes refer to it as ASE for short) aimed at becoming like engineering. "We must be more like engineers." That meant requirements, specifications, analysis, design. Test was very formal, very analytical. Correctness came through eliminating errors early in the process before code was written, through a series of inspections and validations of those documents and specifications. It was striving to be like engineers. You know, think of the stereotype of what engineers do: building a bridge. They don't go out and start mortaring stones together; they sit down and draw plans and blueprints and validate those and iterate on this design, and they make a blueprint, and then they give it to laborers who do the construction. So, we should be like that.

The 50-Year Divide

So that's where it started, and I'm going to real quickly try to give you a big-picture view of the 50 years since then before we dive into the details. At that time in 1969, mainstream software development really didn't have any kind of unified view of itself. It didn't have a goal in mind for where it hoped to be. People were just writing software as best they could, often not very well. Projects had a really high failure rate in those days. There were a lot of people exploring better ways of doing individual little pieces of the puzzle: better algorithms, better programming languages, better machine architectures—all kinds of different things—but no real overarching view of what the field should look like.

Academic Software Engineering kind of set a target of this idealized view of engineering, and they set off in that direction. They had some success with this. They defined some "rationale"—and that's a technical term we'll come back to later—they defined some rational processes for software development. Waterfall is one example, but not by any means the only one, although they all had that same kind of spirit of phases. But Academic Software Engineering fell short of its goal. Those processes were very costly and time-consuming and often not really any more reliable than the old way.

Mainstream software engineering, on the other hand, in the meantime continued more or less as it was and didn't pay much attention to the Academic Software Engineering results. Some large companies tried to follow these processes. I call it Academic Software Engineering because it mostly didn't escape from academia and ever get adopted by industry, but some large companies who could afford to gave it a really serious try, and despite the high cost, they still had a very high failure rate.

Lessons from the Trenches

Alistair Cockburn in the mid-90s spent a lot of time interviewing participants on projects that had tried these things and other processes. He had a really interesting set of three questions that he would ask these project participants.

1. The first one was: "Was your project a success?" Most of the time, but not all the time, he got fairly good clear yes or no answers for that, but sometimes it was a little more vague.

2. The second question was: "How strictly did you adhere to the process that you chose for this project?" Interestingly, he got very different answers from the project managers and leaders of the project than he did from the programmers in the trenches, as it were. Often the managers thought they were originally adhering to the process, but in fact, they weren't.

3. And the third question, which is the genius one, is: "Would you willingly choose this process again for a new project?"

Very often the answer was no. From the answers to these questions, Alistair built a very compelling case that in those days, even the projects that succeeded using the ASE processes succeeded more in spite of the processes than because of them. They succeeded because sharp people who cared were willing to circumvent the process and short-circuit it in some way in order to get things done.

The Emergence of Agile

So now, meanwhile, mainstream development carried on not paying much attention to this, and this led to a strange situation where we had a field where the term "engineering" was reserved for a set of practices that everybody knew didn't work. That's weird, because in every other field, that term is reserved for practices that people have demonstrated work pretty well. This is partly what led to the divide we see today where a lot of people are just like, "Software development is incompatible with engineering; don't even try."

Well, in the mid-90s, as a reaction to this weird situation, a number of people started trying to find other more appropriate disciplined ways of building software—ways to do a better job, have a higher success rate, meet customers' needs more reliably, but in a way that didn't cost so much. It was more appropriate for our field. That was the Agile movement, and it really solidified in 2001 with the publication of the Agile Manifesto. Where Academic Software Engineering was very analytical, Agile, on the other hand, was iterative and experimental. All of the phases or activities were performed iteratively and in concert with each other. Correctness was achieved by feedback and testing over time. The mainstream has bent towards the Agile methods with increasing success, and the Academic Software Engineering has continued, but as its influence has waned.

The Rational Model Misunderstanding

That has led us to this situation where we have two views: one is "Software development should be more like engineering," and the other is "Software development simply isn't like engineering, so we should stop trying." My view is that both of these views are mistaken because they are both based on the same core misunderstanding. That misunderstanding was that idealized view of engineering that Academic Software Engineering started out in pursuit of.

In the same year that the Rome conference happened, in 1969, Herbert Simon published a book called The Sciences of the Artificial, and in it, he defined a "rational model of decision-making." In 1986, in a paper he wrote called "A Rational Design Process: How and Why to Fake It," David Parnas—an important software engineering researcher—described how that model maps onto software development. This is a little tongue-in-cheek, but only a little. Parnas wrote that if you were pursuing the rational model, you would:

• First, establish and document requirements.

• Design and document the module structure.

• Design and document the module interfaces.

• Design and document the uses hierarchy.

• Design and document the module internal structures.

• Write programs and maintain.

Again, a little tongue-in-cheek, but it's not far off from the idealized view of engineering that Academic Software Engineering started with. Both sides of the arguments we're having today generally accept that the rational model accurately describes the engineering ideal; they differ in terms of whether they think we should or even can try to emulate that in the software world.

My view is different. I claim that software development already is an engineering field. It always has been. I mean, think about it: we are seeking and developing disciplined, reliable, cost-effective ways of building useful things for people at large scale. What else could it possibly be? Interestingly, other engineering disciplines really haven't had this kind of existential crisis about whether they're engineers or not; they just get down to engineering, sometimes badly, and have to learn hard lessons, but they don't worry about whether they're engineering or not.

The rational model, as it turns out, is a caricature of engineering. No branch of engineering—even the most established and analytical and formal of them—really works that way. And some established branches of engineering don't look like that at all. We don't need to "become" engineers. What we need to do is to continue to refine our own engineering practices and discipline, as all engineers are always doing.

Critiquing Academic Software Engineering

But accepting that is a lot to ask of you. I'm basically saying that an entire large, heavily funded academic field went down the wrong path from day one and continued down that path for 30 years at least. The least I can do is to try to back that claim up. And so the rest of the talk, we'll dive into the mistakes that analytical or academic software engineering made, we'll talk about what engineering really is like in the other disciplines, finally look at what software engineering is in its best form today, and then look a little bit at what next.

Where did Academic Software Engineering go wrong? First of all, there were objections there from the beginning that were ignored. This is Brian Randell. Randell is a noted professor of computer science, now professor emeritus at Newcastle University in the UK. He was the assistant editor of the conference proceedings at the first conference in Garmisch, Germany, and he was the lead editor of those proceedings in Rome. About 25 years later, in 1996, at the History of Software Engineering conference, he presented a memoir called "The 1968-69 NATO Software Engineering Reports." I'm going to read for you a lengthy quote from that memoir.

He wrote: "Unlike the first conference at which it was fully accepted that the term software engineering expressed a need rather than a reality, in Rome there was already a slight tendency to talk as if the subject already existed. And it became clear during the conference that the organizers had a hidden agenda, namely that of persuading NATO to fund the setting up of an international software engineering institute. However, things did not go according to their plan. The discussion sessions, which were meant to provide evidence of strong and extensive support for this proposal, were instead marked by considerable skepticism... it was little surprise to any of the participants in the Rome conference that no attempt was made to continue the NATO conference series, but the software engineering bandwagon began to roll as many people started to use the term to describe their work, to my mind often with very little justification. I made a particular point for many years of refusing to use the term software engineering or to be associated with any event that used it."

Academic Software Engineering ignored important dissenting opinions from the early days. This is a quote from the Garmisch conference by Alan Perlis, a noted computer scientist from the early days: "A software system can best be designed if the testing is interlaced with the designing instead of being used after the design. A simulation which matches the requirements contains the control which organizes the design of the system. Through successive repetitions of this process of interlaced testing and design, the model ultimately becomes the software system itself." What is he describing here? Prototyping, test-driven development, iterative development, using mock services. This was 1968, and then in 1969, we went down a completely different path.

The Misplaced Science of Engineering

They began with the rational model and also a view of engineering as "Applied Science." Fred Brooks, the author of The Mythical Man-Month, also wrote another wonderful book called The Design of Design. In the preface, he talks about the rational model: "The rational model may seem naive, but it is a very natural model for people to conceive." Winston Royce made that same point in his paper that introduced the Waterfall method. He said, "This is very obvious, and this is how people are doing it today," and he then went on for the rest of the paper (which nobody ever remembers) saying why it was a disaster to build software that way and you should never do it.

Fred Brooks reminisced about studying engineering at Harvard in the 50s. At the time, the Dean of Engineering was John Van Vleck, a Nobel Prize-winning physicist, not an engineer by training. Brooks had this to say: "Van Vleck was very concerned that the practice of engineering be put on a firmer scientific basis. He led a vigorous shift of American engineering education away from design toward applied science. The pendulum swung too far, reaction set in, and the teaching of design has been contentious ever since."

Another mistake they made was to devalue the role of code in the software engineering process. At the Garmisch conference in '68, Friedrich Bauer said this: "What is needed is not classical mathematics but mathematics instead." In any case, systems should be built at levels and modules which form a mathematical constructor. Elaborating on this, Edsger Dijkstra said: "Our basic tools are mathematical in nature." This was in response to people talking about how engineers worked with equations and math and rules and they proved things that way. These two men were trying to get across the point that code and logic don't look like classical mathematics, but they are inherently mathematical, and there is a rigor to them that you can't escape. We don't necessarily need to go to classical mathematics to achieve the rigor that engineering system disciplines desire.

Another reflection of that: in 2007 at the OOPSLA conference in Montreal, I heard David Parnas give a talk reflecting on his career in software engineering. He said two things a short distance apart in the talk that really struck me. First, he said, "In engineering, people design documentation," which is true. But a little later, he explicitly said that code can't fill that role for software, which is a serious error in my mind.

Finally, Academic Software Engineering disproportionately emphasized correctness over cost. Their primary concern was how to build correct, reliable, robust systems. Everybody who has any association with software engineering has seen the "cost of change" curve. This was based on research done by Barry Boehm and published in 1981. The idea is that the farther you go along in your project life cycle, the costlier it is to fix bugs. So the software engineering solution was: "Well, if it's cheaper to fix errors at the start of the project, let's do everything we can to find them as early as we can." But of course, doing this means extra care, extra inspections, extra reviews, and that has the secondary effect of increasing costs across the entire lifecycle. Organizations don't like that, so they pushed back, and this is like stepping on a toothpaste tube—it blows your schedule out. The cure was worse than the disease.

As an aside, all of the projects that Boehm studied for his original cost of change curve were waterfall projects. So decisions were made early, but they didn't actually integrate and test until very late. What he was actually measuring wasn't the cost of change during the project lifecycle, but the cost of long feedback loops. His results actually show that the longer you wait after you make a decision before you validate it and correct it, the more it will cost—which really should push us towards tight iterations and short feedback loops.

What Real Engineering Is Like

So those are the mistakes. What's real engineering like? Well, part of the problem is that engineers don't write about "engineering." A chemical engineer might write about chemical engineering, but there's been very little written about engineering per se as an umbrella. Billy Vaughn Koen, a mechanical engineering professor, said: "Unlike the extensive analysis of the scientific method, little significant research to date has sought the philosophical foundations of engineering... no equivalent body of research treats the engineering method." And that's mostly true. I've been looking for about 10 years, and so far I've found maybe eight books that even touch on what engineering is all about independent of a particular discipline.

Engineering is not like the caricature of the rational model. The clearest expression of the caricature I've ever seen came from a blog post by Bruce Eckel, where he wrote: "Programming is not some kind of engineering where all we have to do is put something in one end and turn the crank." Now, I don't want to be unfair to him; he's a smart guy, and I don't think he really thinks this is a description of engineering. It was a throwaway line on the way to a larger point he was making. But he said it, so I get to make fun of him for it. Let's be clear: there is no kind of engineering where all you have to do is put something in one end and turn the crank. Engineering is inherently a crude, creative, exploratory process marked by false starts and dead ends and failures and learning processes, no matter what discipline you see.

Billy Vaughn Koen describes it this way: "The engineering method is the use of heuristics to cause the best change in a poorly understood or uncertain situation within the available resources." That doesn't sound much like the caricature of engineering that we saw earlier, does it?

Another thing about engineering is that different engineering disciplines are very different. I'm going to use something called the "process control model," where you can describe processes as existing on a continuum from "defined" at one end to "empirical" at the other.

• The defined process control model requires that every piece of work be completely understood. A defined process can be started and allowed to run until completion with the same results every time.

• On the other hand, the empirical process control model provides and exercises control through frequent inspection and adaptation for processes that are imperfectly defined and generate unpredictable and unrepeatable outputs.

Interestingly, the chemical engineers were most amused when they learned that software engineering had chosen the "defined" end of the spectrum, because they didn't think it was appropriate at all. The various engineering disciplines fall all along this spectrum. Civil engineering and structural engineering are more toward the defined end—partly because they're older, but also because it costs a lot more to build a prototype. So it's really helpful to have formalisms to convince yourself of correctness before you spend billions. Mechanical and aerospace and chemical exist somewhere in the middle. Electrical and industrial engineering are much more empirical. And software engineering, I think, should be on the opposite end of the spectrum from civil and structural engineering.

Engineering as a Creative and Destructive Pursuit

Another fact about engineering is that it is a creative pursuit. Eugene Ferguson wrote: "The conversion of an idea to an artifact... will always be far closer to art than to science." Aerospace engineer J.D. North wrote in 1923: "Airplanes are not designed by science but by art, in spite of some pretense and humbug to the contrary."

In engineering, math and formal methods can be employed, but they're just tools to get the job done; they're not magic sauce. I think you probably all know Calvin and Hobbes. In my life as a dad, I've tried to model myself on Calvin's dad—inventing ludicrously wrong answers to amuse myself. One of my favorite cartoons is: "How do they know the load limit on bridges, Dad?" and Dad says, "Well, they drive bigger and bigger trucks over the bridge until it breaks. Then they weigh the last truck and rebuild the bridge. Simple." Why is this funny? Because it's ridiculous. It's also true.

How many of you have seen the video where Boeing engineers stress the wings of a Boeing 777 to the breaking point? They attach chains to the ends of the wings and start cranking them up until they break catastrophically. And then a very interesting thing happens: the engineers congratulate themselves. What are they happy about? They learned something. They learned that when it broke, it broke where they expected. Their math was right. They weren't really sure until they tried it.

Elon Musk, in a recent presentation about SpaceX, showed a tank they were designing. He said: "We successfully tested it up to its design pressure, and then went a little further, because we wanted to see where it would break." This is called destructive testing. This is really smart, and it's something that engineers do all the time. Remember that when people tell you that software isn't engineering because engineers have math to prove things so they know it'll work.

One last example: the Tacoma Narrows Bridge, which tore itself apart in a mild wind. It happened because "Deflection Theory"—the premier mathematical model at the time—was tragically incomplete. It accounted for downward stresses and sideways wind, but it didn't account for the fact that a thin deck can act as an airfoil. Vertical stresses started a vibration which settled in on the resonant frequency and eventually tore it apart. Remember this: engineers adopted formal methods to save money. The more accurate your model is, the less of a safety factor you have to build in. If building a prototype and testing it were instantaneous and free, they would do a lot less formal modeling.

The Practitioner-Driven Nature of Engineering

Unlike Academic Software Engineering, engineering disciplines typically are driven by practitioners. Innovation comes from the field and then is formalized and refined in academia.

• Robert Maillart, a Swiss bridge engineer, got interested in reinforced concrete. He realized it had different properties than stone. He built bridges throughout Switzerland, but he did not have mathematics sophisticated enough to analyze these designs. He was soundly criticized by the establishment as a charlatan. What did he do? He prototyped. He built models at multiple scales, invited friends to jump up and down on them, rolled boulders over them, and extrapolated. Later, the math caught up.

• The Catenary Arch: Robert Hooke demonstrated that the catenary shape was optimal for arches in 1671, but it wasn't until 20 years later that the equation was independently found. But it was known to be a useful form and was used by engineers for many years before that.

• The Sagrada Família: Gaudí wanted it to feel like walking through a forest. He designed the arches based on hyperbolic geometry, but he didn't have math sophisticated enough to model them. How did he do it? He built elaborate upside-down hanging string models with weighted bags of sand to mimic loads. Later, the math caught up, and the current wave of engineers have validated all of this with computer models.

Redefining Software Engineering

This is the best definition of structural engineering I've been able to find: "Structural engineering is the science and art of designing and making, with economy and elegance, structures so that they can safely resist the forces to which they may be subjected." Notice the tensions there. There's always balance that needs to be resolved.

Based on that, I'm going to propose my definition of software engineering: The science and art of designing and making, with economy and elegance, systems so that they can readily adapt to the situations to which they may be subjected.

Early software engineering processes were designed according to a flawed analogy.

• The Flawed Analogy: In structural engineering, you have an engineer who produces a design in document form, which is handed to laborers who build the structure. By analogy, we should have engineers produce a document handed to coders (laborers).

• But this never worked. Coders had to finish the design, redesign, and fix stuff.

Let's rebuild this analogy in a way that works. What are our customers paying us for? They are paying for running systems on real machines. If we build this analogy properly:

1. The Source Code is the design document. It's the detailed design document.

2. The Computers (and compilers/language implementations) are the laborers. They take that design and turn it into something that solves the customer's problem.

Notice: the actual construction (compilation and deployment) is the cheapest part of our process. In Academic Software Engineering, everything was designed around avoiding the construction phase until you knew everything was right. But if that's the cheapest part of our structure, why don't we just do it all the time? There's a word for that: Continuous Integration. Every time you check in, the build kicks off, compiles the code, and runs the tests.

We have an upside-down engineering economics. The cheapest part of our process is building and testing a prototype. Compared to engineers who work with atoms, our prototyping is effectively instantaneous and free. So the right way to design a software engineering process is not to avoid this step, but to rely on it—to iterate, validating our designs with testing. This comes from a paper written in the early 90s by Jack Reeves called "What is Software Design?" His thesis was that the code is the design.

Where's the model in this? It's the code. Where's the document? It's the code. And our tools are mathematical in nature. Speaking of documents, David Parnas said code can't fill the role of documents. He developed "tabular mathematical expressions" for specifying logic. But we have documents that are like executable math—tools that allow you to write specifications that are self-validating and can test the system. We should embrace that.

Agile as Disciplined Engineering

One last thing: how does a software process feel disciplined and rigorous if it doesn't look like the rational model? If you look at the original practices of Extreme Programming, there is a hidden underlying structure. I built a diagram of these practices and realized they are a set of practices related to the scale of decisions they give you feedback about.

• Pair Programming: Feedback on the level of statements and methods (seconds).

• Unit Testing: Feedback on methods and classes (minutes).

• Continuous Integration: Making sure it all hangs together (hours).

• Short Releases: Letting the customer validate the direction (weeks/months).

Extreme Programming and Agile processes are economical feedback engines. They are a set of nested feedback loops that give you verification of every decision you make as soon as it's economically feasible. This is as much empirical process control rigor as you can get. Because of the overlap and how they backfill each other, it doesn't magnify the cost like the old ASE practices did. Agile set off with the right goal in mind, with appropriate disciplines and practices suited to our field. It's not the endgame, but it's a step down the right path.

What’s Next?

So what's next? We've gotten a lot better over the past 20 years at reliably building systems that do what customers expect. But frequently, our systems don't scale or have terrible security problems. We need to get better at capacity planning, security design, and "non-functional" requirements.

I think to make progress, we have to acknowledge the Platform-Application Divide. Some parts of our systems—operating systems, languages, frameworks—are part of the platform. It's important to get them right and make them fast. On top of those sit applications. We need different priorities for these two sides.

1. For Applications: We should stop using unsafe languages that allow null pointer exceptions and buffer overruns. We have a wealth of safe languages now that allow high abstraction and perform well. I have stopped using mutable state in applications until measurement shows me the need to optimize. I like languages that make immutability the path of least resistance.

2. For Platforms: You can't build a lot of platforms without breaking those rules. In that case, we should try to keep the platforms small and employ formal methods for verification. Formal methods are reaching the point where they are practical for proving the validity and security of small micro-kernels. We can use it for the platforms, and then use safe languages on top of them.

And finally, as every engineering discipline does, keep correcting our course with feedback. Look at what works, look at what doesn't work, think about how to do better next time, try it, write about it, and spread the word. As practitioners, we can drive the progress of our field.

Thank you very much for listening.

n5321 | 2026年1月28日 01:12