Jim Allchin, group vice president of platforms at Microsoft Corp., said developing the company"s "big dream" for SQL Server 2005 offered humbling lessons that inspired changes in the way the company builds Windows. Allchin went on to describe those changes in software development and talked about how much of the company"s resources goes to bolstering software security.
The development process for the new version of SQL Server turned out to be a lot longer than anybody expected. There were difficulties integrating SQL Server and Visual Studio. What lessons did you take from that development experience? Good software takes time. It"s always a lesson. It"s a humbling lesson. And if you have big dreams, big dreams take a while to build. We learned that the deep integration of the runtime itself within the process of SQL, that was hard. That was really hard.
Harder than you expected? Harder than we expected, because we have a situation where out-of-memory problems have to be handled. We can"t just take the app down. The [Common Language Runtime] CLR was just what"s called fast fail. You just kill the app. Move on. But if you"re building an operating system, or if you"re building something like a database, you can"t go down. You keep going. You handle the error, and you figure out some way to go. So we had to go back and re-engineer. There are paths that we say, from here on, we cannot fail because of out-of-memory. We pre-allocate. We figure out some way around it, so when we make this call, we know it"s going to complete and not run out of memory. That"s just one example of a painful experience that took us longer than we thought.
The end result"s going to be incredibly awesome. The feedback on both of these products is unbelievable. But you know, we had a big dream -- a unified programming model using .Net languages -- and we wanted to do everything else, too. We wanted an incredible advancement in the programming tool, and we wanted to address business intelligence in the SQL Server group. Big dreams.
How did you take the lessons from that experience and apply them to future development, with what you"re doing now? A few years ago, we started to re-engineer the engineering process within Windows. There aren"t many projects of this size. We"ve got so many developers, so much code and so many audiences that we"re trying to handle, so many different variations in terms of hardware and versions on so many different platforms, etc. And compatibility is always staring us in the face, because that"s what our customers are demanding.
So a few years ago, I asked a set of people who were from the research team to come and join the Windows organization. We started to re-engineer the way we"re building the product. And that has been incredibly beneficial. So much has changed in the way we"re building Windows today that it"s night and day to go back a few years. And we"re still learning.
When was this? We really got serious about two years ago, and the improvements in terms of what I call engineering excellence are consequential. We"re using computers to help us build the software much more than we did before. And that sounds easy to say. But when we sit down and do a code review, we have a computer doing some analysis at the same time the architect"s looking at the code. [With] the computer, we"re using tools in a deeper way than we could have ever done before. We"re trying to do it right the first time, in the sense that we"re trying to keep the problems as close to the developer as possible -- on their desk, if possible, and certainly at the virtual build lab, before it gets to the main system, before it ever gets to what"s called the build verification task, before it ever gets to the system integration and certainly before it goes to customers.
So we"re trying to find the problems earlier. We created something called quality gates. These quality gates prevent code from being checked unless it has been verified to pass a very reasonable first-cut quality and then have massive testing after that. But given the magnitude of what we"re trying to do, that has helped keep that quality up the whole time that we"re building the product.
With the development of the operating system, have you finally gotten to the point where security isn"t driving the train to the degree that it has been during the past few years? I believe that we will be investing in security-related technology for as far as I can see in the future. Are we able to do other capabilities besides [being] focused on just security? The answer is yes. But if I look at the number of resources that I"ve applied to what I consider engineering excellence/security, it"s huge, because we"re coming up with new inventions all the time. I"m sure you"ve heard of full volume encryption -- what we used to call secure start-up -- trying to use the hardware in order to provide a safer environment in case you lose your laptop. I can go on and on and on, whether it"s related to the hardware or innovations like the low-rights [Internet Explorer] work. All of those capabilities are in the security space, and we have many more that I think that we have to do. Network Access Protection, that"s one we"ve been working on for years and will finally come to be come Vista.
Do you devote the same percentage of resources to security? In terms of the number of people, it"s still a very, very large focus. I have a very large security organization that focuses just on security, but it"s also in other areas. To make user account protection come to pass, it takes user interface work. It takes work in the operating system itself.
Or take another space. Content companies want to be able to play content on PCs, but they want to protect it. So we have all this work on what we call the protected media path. That"s all security related.
I"ll put improvements in quality top of mind for me in Windows Vista -- absolutely top of mind. And when I think about corporations, we"re going to have so much capability in the system. But we must step up and have a dramatic improvement in terms of all the isolation technology that we can provide to corporations and let them feel like they can be safe. This is also true for home. We want people to feel safer.
What"s up with Next Generation Secure Computing Base technology? We"re continuing to make progress. In Windows Vista, we will have a piece of it, which is the Full Volume Encryption, secure start-up. It takes advantage of something called a TPM [Trusted Platform Module], which is a way to manage keys from the hardware to interface to the software. That was a capability we talked about as part of NGSCB. We have more work continuing besides that. But our top priority right now is to get that work done.
Are you frustrated with how long it"s taking to fully realize the NGSCB vision? I"m not frustrated at all. When we go out into the front tier, where nobody has been, it"s not surprising that we occasionally get lost. And we have a compass, and we get it back out, and we figure our way back.
WinFS is no longer in Windows Vista/Longhorn, and Microsoft just released a client-centric beta. What"s the vision for the server-side WinFS capabilities? In storage, there are subtle differences in terms of the environment that you"re in, between the client and server. One needs scale; one needs smaller size, that sort of thing. But in terms of raw capabilities, do you want to have schemas that work in both [client and server]? Do you want to have transactions that work across all the heterogeneous data there? Do you want to have a common programming model? Do you want all of those? Because of that, although the environments are different, the need is the same.
So the work to date that they"ve been doing and the drop they just did is focused on client. But you have to understand that this work is being done by some of the best engineers we had from the old SQL organization. These are our best core-engine-type people and API people, so they"re not confused about what they need to do longer term.