Getting Started with Software Engineering Best Practices

Post by 
October 6, 2020

his week’s Select focuses on things you will learn in your first year as a Software Engineer - things that bring Software Engineering beyond coursework or an academic endeavour to a practice. These skills will allow you to increase your impact from developing small/standalone projects to an industrial scale.

We always want to improve our selection and curation process by including other topics not covered in this shortlist. To that end, we kindly encourage sending your feedback and suggestions to We look forward to your guidance on how we can continue to improve ACM Selects together.

Read more about ACM's ongoing efforts to provide resources for students and professionals through the ACM Learning Center.

"When building software and moving fast, people don't always have enough time to learn everything they need to bridge their gaps. So each person will make assumptions or concessions that can impact the effectiveness of any software that individual works on."

-- Kate Matsudaira,
Director of Engineering, Google

Organizing a software project

One of the biggest differences when graduating from classwork, or research, programming to Software Engineering is scale. Scale allows you to build world class industry products or open source projects. Scale also requires working with people.

Bad Software Architecture is a People Problem

First published in ACM Queue, Vol. 14, Issue 3, July 18, 2016.

Technology leader Kate Matsudaira provides 6 actionable Software Engineering best practices. Each of these practices (from creating test plans, to versioning, to code reviews) serve as the fundamentals to how every major software organization functions and deserves a deeper dive of its own.
[Read more]

Testing and debugging code

Programmers often spend more time finding and fixing errors in code than developing new code. Experienced Software Engineers explain how to plan for debugging when writing code, and their favorite tools for hunting down elusive bugs in Another Day, Another Bug, and planning ahead for testing in complex software systems in Testing a Distributed System.

Another Day Another Bug

First published in ACM Queue, Vol. 1, Issue 6, October 2, 2003.

In this classic article from the very first volume of ACM Queue, readers describe their favorite debugging tools, philosophies, and the worst bugs they encountered.
[Read more]

Testing a Distributed System

First published in ACM Queue, Vol. 13, Issue 7, July 1, 2015.

In this article, author Philip Maddox shares strategies towards designing and testing distributed software systems from his real world experiences. He focuses on two common issues with distributed data systems, asynchronous data delivery and node failures.
[Read more]

Finding security vulnerabilities in your code

Good Software Engineers keep security in mind when designing, programming, and testing. Security is an incredibly broad and complex domain with countless research articles, conferences, and a market size in the 100s of billions. While great Software Engineers do not need to be security experts, they do need to be familiar with the basics and broad concepts. One security concept to know about is Fuzzing, which treats code as a black box and tests how an application processes inputs.

Fuzzing: Hack, Art, and Science

First published in Communications of the ACM, Vol. 63, No. 2, February 2020.

Software applications commonly have to process untrusted inputs spanning complex data formats, and any errors or bugs can be exploited by attackers with unintended consequences. In this article, Patrice Godefroid from Microsoft Research gives an overview of various forms of “Fuzzing”, an effective method of testing software with the goal of finding security vulnerabilities.
[Read more]

Depending on other software packages

Your software project probably depends on libraries and packages written by many other developers. Perhaps you obtained a dependency via PyPi, NPM, or Maven; how do you trust that it does what you expect it to do?

Surviving Software Dependencies

First published in ACM Queue, Vol. 17, Issue 2, July 8, 2019.

A guide from Russ Cox, Principal Engineer at Google and Golang Technical Lead, on how to inspect software dependencies to validate code and design quality, keep them up-to-date, and build safeguards in your software for when dependencies go wrong.
[Read more]

Allowing others to use your code with APIs

After you developed, tested, and debugged your code, you probably want people to use. Thinking about clear and well designed APIs, standards, and infrastructure early are all important for promoting adoption.

APIs, Standards, and Enabling Infrastructure

First published in Communications of the ACM, Vol. 62, No. 5, May 2019.

Vinton G. Cerf  is the co-designer of the TCP/IP protocols, the architecture of the Internet, and is widely known as one of the "Fathers of the Internet". In this Select, Vinton G. Cerf compares the properties of APIs to the Internet Protocol and discusses the key role APIs play in enabling infrastructure. 
[Read more]

API Practices If You Hate Your Customers

First published in Communications of the ACM, Vol. 62, No. 12, December 2019.

In this amusing article, Thomas Limoncelli, an SRE Manager at Stack Overflow, shares his opinion on common pitfalls in API practices that can result in poor customer experiences. 
[Read more]

Operating in a Software Engineering environment

Beyond an understanding of the technical skills and organizational processes we discussed, great Software Engineers also refine their personal and soft-skills.

What Makes a Great Software Engineer? 

First published as an ACM Tech Talk, October 9, 2015.

In this talk, experienced Researcher and Software Engineer Paul Li discusses the traits he found common among great, impactful Software Engineers. Li breaks up the attributes of great Software Engineers to both internal (personality traits and decision making skills) and external (nature of team interactions and Engineering approach).
[Watch the Tach Talk]

THere's More

Recommended Selects

See all selects
Getting Started Series

Getting Started with Internet of Things: IoT Applications

This Selects finalizes with an example application domain of Industrial Internet ofThings (IIoT), and a source to delve into state-of-the-art IoT research trends.
Getting Started Series

Getting Started with Internet of Things: Computing and Communication

The selection includes easy to read articles describing and motivating the IoT, and later deep dives into the major aspects of IoT such as communication protocols, edge-to-cloud continuum, AI and data analytics, and security/privacy.
Computing in Practice Series

Trustworthy AI in Healthcare #02

AI needs to be trustworthy. Trustworthiness means that healthcare organizations, doctors, and patients should be able to rely on the AI solution as being lawful, ethical, and robust.

Help guide ACM Selects!

Let us know how we can improve your ACM Selects experiences, what topics you would like us to cover in the future, whether you would like to contribute and/or subscribe to our newsletter by emailing

We never share your info. View our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
continue learning with the acm digital library!
explore ACM DL