Webinar Recap | Applying First Principles to Application Development and Source Code Quality

21 May 2021 Webinar

On Friday, 21st May 2021, Shinming Liu, co-founder and chief architect of Xcalibyte, shared his views on first principle thinking, and how this concept helps us in programming, and source code quality.

The concept of “First Principles”, often referred to by Elon Musk, can actually be traced back to the philosophy proposed by the ancient Greek thinker Aristotle more than 2,000 years ago: In any system, there is a first principle. A first principle is an axiom that cannot be deduced from any other within that system. We are always inclined to learn from the experience of others. This is not a wrong approach as iterative development is often achieved this way. However, only by setting aside existing solutions can we start a process of thinking again from the beginning which can result in a disruptive breakthrough.

A good example of this is the creation of Reduced Instruction Set Computer (RISC) chips in the 1970s. Prior to this, Complex Instruction Set Computers (CISC) took a longer time to complete tasks. In order to alleviate this pain point, the large instruction set was cut and redundant instructions were removed. The result was greatly increased operating speeds which opened up the creation of various new programming languages. The number of software applications exploded exponentially but the drawback was that this increased the number of software bugs.

Looking at the work of developers, it is common for them to encounter difficult problems. When this happens, they will turn to their partners to discuss, subdivide the problem into several parts and find ways to resolve the issues. This can lead to the application becoming more complicated and confusing. Many developers have a simple and crude way to solve problems, that is, looking for existing solutions everywhere, copying and pasting regardless of the quality. But if every problem can be resolved by solutions that already exist, how can there be a chance to truly innovate?

There are many tools to identify software defects and vulnerabilities through pattern matching in the market, but it is impossible to prevent some vulnerabilities before they happen. We chose to apply first principles thinking when developing our SAST tool, Xcalscan. By analyzing data streams to identify code vulnerabilities rather than solely pattern matching, it not only prevents hacker attacks, but also uses cross-function and cross-language analysis which lets you find those hard-to-find bugs.

Watch the recording of the webinar. Note, the webinar is in Chinese. 

Download the full presentation.



Find out more about how Xcalscan helps developers

identify hard to find bugs or contact us for a demo.