Chapter 6 Software Implementation Process Group

Slides:



Advertisements
Similar presentations
Database Planning, Design, and Administration
Advertisements

Ossi Taipale, Lappeenranta University of Technology
Software Quality Assurance Plan
Chapter 2 – Software Processes
More CMM Part Two : Details.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall Essentials of Systems Analysis and Design Fourth Edition Joseph S. Valacich Joey F.
July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.
Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.
Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Lecture Nine Database Planning, Design, and Administration
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Database System Development Lifecycle Transparencies
Introduction to Software Testing
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Handouts Software Testing and Quality Assurance Theory and Practice Chapter 11 System Test Design
CSSE 375 Software Construction and Evolution: Configuration Management
Codex Guidelines for the Application of HACCP
What is Software Architecture?
What is Business Analysis Planning & Monitoring?
Developing Enterprise Architecture
Chapter 9 Database Planning, Design, and Administration Sungchul Hong.
Database Planning, Design, and Administration Transparencies
Database System Development Lifecycle © Pearson Education Limited 1995, 2005.
Overview of the Database Development Process
Introduction to Software Quality Assurance (SQA)
Software Engineering Term Paper
Introduction to RUP Spring Sharif Univ. of Tech.2 Outlines What is RUP? RUP Phases –Inception –Elaboration –Construction –Transition.
Chapter 2 The process Process, Methods, and Tools
Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition Chapter 7 Software Supporting Processes and Software Reuse.
-Nikhil Bhatia 28 th October What is RUP? Central Elements of RUP Project Lifecycle Phases Six Engineering Disciplines Three Supporting Disciplines.
Software Inspection A basic tool for defect removal A basic tool for defect removal Urgent need for QA and removal can be supported by inspection Urgent.
An Introduction to Software Architecture
Software System Engineering: A tutorial
ITEC 3220M Using and Designing Database Systems
1 Chapter 9 Database Design. 2 2 In this chapter, you will learn: That successful database design must reflect the information system of which the database.
Quality Control Project Management Unit Credit Value : 4 Essential
FCS - AAO - DM COMPE/SE/ISE 492 Senior Project 2 System/Software Test Documentation (STD) System/Software Test Documentation (STD)
SENG521 (Fall SENG 521 Software Reliability & Testing Software Product & process Improvement using ISO (Part 3d) Department.
“Software Life Cycle Processes”
1 Minggu 9, Pertemuan 17 Database Planning, Design, and Administration Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Product Development Chapter 6. Definitions needed: Verification: The process of evaluating compliance to regulations, standards, or specifications.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
How To Build a Testing Project 1 Onyx Gabriel Rodriguez.
What is a Business Analyst? A Business Analyst is someone who works as a liaison among stakeholders in order to elicit, analyze, communicate and validate.
Database System Development Lifecycle 1.  Main components of the Infn System  What is Database System Development Life Cycle (DSDLC)  Phases of the.
Lecture 7: Requirements Engineering
1 Introduction to Software Engineering Lecture 1.
Historical Aspects Origin of software engineering –NATO study group coined the term in 1967 Software crisis –Low quality, schedule delay, and cost overrun.
Object-Oriented Software Engineering using Java, Patterns &UML. Presented by: E.S. Mbokane Department of System Development Faculty of ICT Tshwane University.
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
Configuration Management and Change Control Change is inevitable! So it has to be planned for and managed.
PRJ566 Project Planning & Management Software Architecture.
Chapter 2 – Software Processes Lecture 1 Chapter 2 Software Processes1.
Smart Home Technologies
Software Development Process CS 360 Lecture 3. Software Process The software process is a structured set of activities required to develop a software.
LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.
Chapter 9 Database Planning, Design, and Administration Transparencies © Pearson Education Limited 1995, 2005.
 System Requirement Specification and System Planning.
MANAGEMENT INFORMATION SYSTEM
Introduction for the Implementation of Software Configuration Management I thought I knew it all !
Requirements Analysis Scenes
Software Requirements
IS442 Information Systems Engineering
Engineering Processes
ISO/IEC IEEE/EIA Software Life Cycle Processes Supporting Life Cycle Processes IEEE Supporting Processes.
Project Management Process Groups
An Introduction to Software Architecture
Chapter # 8 Quality Management Standards
Engineering Processes
Presentation transcript:

Chapter 6 Software Implementation Process Group Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition Chapter 6 Software Implementation Process Group

Objectives Understand the role and purpose of the software processes in ICT work Understand how software requirements are translated into a working solution Understand how the integrity of a software product or service is sustained through the use of rational processes defined by ISO 12207 in combination with other industry standards Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Overview of Software Implementation Process Group Software implementation process group: aimed at producing a specific software element that is implemented as a software product or service Itemizes a complete set of activities that might be undertaken by an organization fulfilling the role of implementer or developer The standard states that this process group is used to produce a specific system element implemented in software Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Overview of Software Implementation Process Group Consists of six lower-level processes that are part of two categories of software implementation: design or realization Used to create design solutions for the system: The software requirements process (7.1.2), software architectural design process (7.1.3), and software detailed design process (7.1.4) Used to realize the architectural design: The software construction process (7.1.5), software integration process (7.1.6), and software qualification testing process (7.1.7) Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Overview of Software Implementation Process Group Each implemented software module should be constructed, tested, and verified using the verification process (7.2.4) Should be validated using the validation process (7.2.5) The overall goal of this process group is to deliver a satisfactory system, software product, or software service The total process requires the developer to designate a project lifecycle model As well as a set of standardized methods and tools Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Overview of Software Implementation Process Group The implementing organization is obliged by the standard to document all outputs using the documentation process and to document all control changes using the configuration management process Any difficulties should be resolved by employing the problem resolution process The course of actions used to identify, understand, and resolve problems that occur during software development Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Implementation Process (7.1.1) First, the organization must decide which lifecycle model to use By following the recommendations of the ISO 12207 lifecycle model management process The standard recommends that choices made in this part of the process should be based on: The project’s size, scope and complexity The standard itemizes a complete set of activities Organization does not have to adopt all of them The implementer tailors the standards and tools to meet project needs Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Implementation Process (7.1.1) Outputs of implementation are documented based on the activities of the software documentation management process Change control is implemented according to the software configuration management process Problems are documented and resolved through the activities of the software problem resolution process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Implementation Process (7.1.1) The next step in the setup stage is planning The plans can have several layers of detail At least one comprehensive long-term plan is needed for the entire lifecycle Focused plans might also be needed to map the course of particular activities A good plan is essential It creates a mutually understood basis for process assessment and management control across the organization Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Implementation Process (7.1.1) Once the deliverable is transferred to the acquiring organization: The product’s operation and maintenance must not be dependent on any “nondeliverable” items such as compilers or other system utilities unique to the implementer If the successful operation of a product depends on components that are not part of the deliverable: The product is guaranteed to fail Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Implementation Process: Software Implementation Strategy The details of the software implementation process should include the following items in the lifecycle model: The activities and tasks to be completed A schedule for when the activities and tasks should be completed The people responsible for completing each activity and task Guidance for developing these models can be found by referring to the IEEE 1074 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Implementation Process: Software Implementation Strategy The document management process requires the recording of information in some form of media There is a trend toward using collaboration management and knowledge management systems Document management promotes repeatability that leads to continual process improvement Also useful to help organizations establish information assurance policies and procedures for each phase of the process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Implementation Process: Software Implementation Strategy An important aspect of this strategy is to determine how problems will be documented and resolved The implementer can use a grading method Through which specific software items pass as part of configuration control Configuration control determines who controls changes to the software product The standard recommends the implementer document which people have authority to approve making changes Usually a configuration control board Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Implementation Process: Software Implementation Strategy The standard stipulates that the implementer should select appropriate standards, methods, tools, and computer languages for the project All resources used during software implementation must be consistent across the board In addition to selecting the above, the implementer should also plan for their use within the software implementation process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Requirements Analysis Process (7.1.2) Software requirements analysis: the process of identifying and documenting the specific needs of a software product Considered on of the most critical areas of software implementation The ISO 12207 standard itemizes a set of criteria that must be met for the software requirements specification (SRS) to be approved as correct Serves as a general table of contents for the deliverable Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Requirements Analysis Process (7.1.2) The standard stipulates that the SRS must contain a valid set of functional and qualitative requirements The standard requires a separate listing of the inherent performance, physical characteristics, and environmental conditions under which the software item is to perform The standard also requires: Explicit representation of all interfaces The implementer define a set of qualification criteria for each software item Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Requirements Analysis Process (7.1.2) The standard stipulates that the SRS must consider: Methods of operation and maintenance Environmental influences Potentials for personnel injury from each software item The compromise of sensitive information Requires the specification to consider a range of ergonomic elements including: Manual operations, human-equipment interactions, constraints on personnel, etc… Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Requirements Analysis Process (7.1.2) Any definitions and requirements determined by the implementer must be explicitly considered and itemized The SRS must itemize installation and acceptance requirements Must also consider all user documentation and aspects of anticipated operation, maintenance, and execution The implementer must conduct a software review in accordance with ISO 12207 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Requirements Analysis Process Software requirements analysis may sometimes be referred to as: Requirements engineering Software requirements The ISO 12207 standard refers to it as software requirements analysis Software requirements identify the needs and constraints placed on a product to solve the problem Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Requirements Analysis Process Software requirements is performed by the implementer on each software item included in the system architecture Purpose of analysis is to identify and document the requirements for each software item as a basis for its design And to assure that each requirement is traceable, consistent, testable, and feasible The end result is a document that describes each requirement Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Architecture Design Process (7.1.3) Software architecture design: the translation of software requirements into a high-level design Often treated as a two-step stage of development The implementer establishes an explicit and consistent software architecture using software requirements analysis The goal is to incorporate every requirement into a logical model that represents the top-level model By itemizing its basic components and relationships Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Architecture Design Process (7.1.3) The standard requires the implementer to: Define and document a top-level design for the interfaces between software items Develop and document a top-level design for the database Create preliminary versions of the user documentation Conduct initial planning for the test requirements and determine the schedule for software integration Conduct reviews in accordance with the software review process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Architecture Design Activity Architecture should be described with multiple viewpoints Each of which illuminates properties of an aspect of design Commonly included viewpoints are: Logical view - shows software functionality Process view - shows the correlation between software processes Physical view - shows distribution of components Development view - shows decomposition of software artifacts Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Architecture Design Activity The appropriate viewpoints of software project must be adequately presented before they can be transformed into a detailed design in the next stage of the process An international standard exists to aid the implementer: ISO/IEC 42010 Its purpose is to provide a set of guidelines for identifying the appropriate set of viewpoints for a software project Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Detailed Design Process (7.1.4) Software detailed design - the activity most commonly connected with software engineering The implementer produces the detailed design for each of the software units defined in the top-level architecture The standard stipulates that all requirements defined in the SRS must be directly traceable to a software unit created in this stage The implementer develops and documents a design for all interfaces Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Detailed Design Process (7.1.4) Just as in the architectural design phase, the implementer produces a detailed design for the database And updates the user documentation The standard requires the implementer to define and document the specific testing qualification requirements for each component in the design These test requirements must stress the software unit to its reasonable limits The implementer then updates the schedule for software integration Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Detailed Design Activity Nearly all detailed design methodologies have certain underlying principles: Abstraction Cohesion Coupling Decomposition Encapsulation Information hiding IEEE 1016 provides an example table of contents in its Annex A Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Detailed Design Activity The IEEE 1016 standard recommends 12 specific views: 1. Context 2. Composition 3. Logical 4. Dependency 5. Information 6. Patterns 7. Interface 8. Structure Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Detailed Design Activity The IEEE 1016 standard recommends 12 specific views (cont’d): 9. Interaction 10. State dynamics 11. Algorithm 12. Resource Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Construction Process (7.1.5) During this process, the implementer writes the code and creates a full set of documentation for each of the software items and database units Then, test procedures are conducted and data from each test is recorded The standard requires that all of these elements be evaluated based on criteria of traceability, external and internal consistency, appropriateness of the methodology and standards employed, and feasibility Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Construction Activity Failure to follow structured software engineering practices and principles often leads to confusion and chaos Four practical considerations are needed during software construction: Construction design Construction languages Coding Construction testing Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Construction Activity Construction languages can be considered one of four types: Configuration languages Toolkit languages Programming languages Domain-specific languages Techniques applied during the construction process include: Resource management, proper use of data structures, proper reuse practices, and general software engineering best practices Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Construction Activity Software construction normally includes three types of testing: Unit testing - handled as part of the construction activity Integration testing - included in the software integration process Qualification testing - part of software qualification testing Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

The Software Integration Process (7.1.6) The implementer must bring software units together into a complete system using a fully documented software integration plan Plan must integrate the components developed in the coding phase into a single piece of software The plan must include: Test requirements, procedures, data, responsibilities, and schedule Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Integration Activity At the conclusion of this activity: Software units are pieced together and tested to ensure compatibility between each unit Success depends on developing an integration plan Also called a test plan or software quality assurance plan Integration plan should include a description of the test environment, a rationale, and data recording and analysis procedures for each integration and qualification test case Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Integration Activity The integration plan should also: Identify the software and system requirements addressed by each test case Ensure that all software requirements are included as part of the qualification testing process Include the appropriate time to begin qualification testing Provide details regarding pretest procedures, roles, and responsibilities Include test documentation Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Integration Activity The IEEE 829 standard provides detailed descriptions of each section of the software test plan ISO/IEC 29119 is currently being developed to replace IEEE 829 and is comprised of: Part 1: Definitions & vocabulary Part 2: Test process Part 3: Test documentation Part 4: Test techniques Part 5: Process assessment model for software testing processes Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Integration Activity The ISO 12207 standard requires the user documentation to be updated based on discoveries made during integration testing Software reviews should also be conducted The implementer should conduct a “dry run” of all qualification test cases and procedures To ensure the test documentation is correct and the software performs as expected Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Software Qualification Testing (7.1.7) Software qualification testing: the process of identifying and documenting the specific needs of a software product To determine whether the product meets the qualification requirements itemized in the design process The implementer must support and document all audits in accordance with ISO 12207 If an audit is done successfully, the standard contains delivery requirements Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Qualification Testing The outcome of software qualification testing is to provide a definitive answer to two questions: 1. Does the software meet the requirements of the software requirements specification? 2. Do the requirements and the resulting software meet the intended quality needs of the acquiring organization? The primary purpose of software qualification testing is to demonstrate compliance with levels of design, performance, and quality Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Detail of Software Qualification Testing The tests are intended to demonstrate the system meets or exceeds the requirements of the acquiring organization The tests must be designed to evaluate compliance with the software requirement specification As well as with the requirements of the acquiring organization and its own standards and legal obligations Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Summary Software implementation is the software-specific specialization of the ISO 12207 standard The results of implementation planning are documented and maintained under configuration management In software requirements analysis, the need for software and other established system requirements are analyzed to identify software requirements Software requirements must be traceable to and consistent with the requirements identified and developed through the technical process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Summary Software requirements include specifications for functionality, performance, security, safety, interfaces, databases, qualification requirements, operations, maintenance, and user documentation The software detailed design process translates the components detailed in software architecture into lower levels of abstraction necessary for coding Software construction uses the detailed design of each software component to code and test the software according to specification Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Summary In the software integration process, a documented plan is developed and executed for the integration of each software unit Software qualification testing uses a series of audits to verify that the software requirements have been satisfied and to validate that the software has been developed in accordance with its intended use and at an appropriate level of quality Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.