Design of Secure Multi-Tier Web
Download
Report
Transcript Design of Secure Multi-Tier Web
CEN 4010
Introduction to Software Engineering
Spring 2006
Instructor: Masoud Sadjadi
http://www.cs.fiu.edu/~sadjadi/Teaching
CEN 4010
Second Lecture
January 23, 2006
Acknowledgements
Overview:
Introduction
Evaluation
Dr. Peter Clarke
Dr. Betty Cheng
Dr. Bernd Bruegge
Dr. Allen Dutoit
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
2
What is Software Engineering? (1)
Overview:
Introduction
Systematic approach for developing software
“Methods and techniques to develop and
maintain quality software to solve problems.”
[Pfleeger, 1990]
“Study of the principles and methodologies for
developing and maintaining software
systems.” [Zelkowitz, 1978]
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
“Software engineering is an engineering
discipline which is concerned with all
aspects of software production.”
[Sommerville]
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
3
What is Software Engineering? (2)
Overview:
Introduction
“Practical application of scientific knowledge
in the design and construction of computer
programs and the associated documentation
required to develop, operate, and maintain
them.” [Boehm, 1976]
“Deals with establishment of sound
engineering principles and methods in order
to economically obtain software that is reliable
and works on real machines.” [Bauer, 1972]
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
4
Questions Addressed by SE
Overview:
Introduction
How do we ensure the quality of the software
that we produce?
How do we meet growing demand and still
maintain budget control?
How do we avoid disastrous time delays?
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
5
Why apply SE to Systems?
Overview:
Introduction
Provide an understandable process for
system development.
Develop systems and software that are
maintainable and easily changed.
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
Develop robust software and system.
Allow the process of creating computingbased systems to be repeatable and
manageable.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
6
How can we apply SE?
Overview:
Introduction
Modeling
Problem-solving
Knowledge acquisition
Rationale-driven
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
7
Modeling
Overview:
Introduction
“A model is an abstract representation of a
system that enables us to answer questions
about the system.”
Why use a model?
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
– Systems are too large, too small, too complicated,
or too expensive, to experience firsthand.
SW Life Cycle
Models allow
– Visualization
– Comprehension
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
8
Problem Solving
Overview:
Introduction
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
Steps in problem solving:
– Formulate the problem
– Analyze the problem
– Search for solutions
– Decide on the appropriate solution
– Specify the solution
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
9
Knowledge Acquisition
Overview:
Introduction
Domain specific knowledge.
New knowledge can affect the development
process.
Knowledge acquisition is nonlinear – affects
several of the software development models.
Risk assessment is important.
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
10
Rationale Management
Overview:
Introduction
Assumptions made about systems change
constantly.
Application domain models stabilize, solution
domain models are in constant flux.
Home Page
SE Overview
Definition
How to apply?
Course Outcome
Evaluation
– Changes to the solution models due to:
SW Life Cycle
design and implementation faults
new technology
Need to understand the context in which each
design decision was made.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
11
Course Outcomes
Overview:
Introduction
Home Page
SE Overview
Course Outcome
Evaluation
SW Life Cycle
Familiarity with the Software Development
Life Cycle.
Mastering the techniques to gather and
specify the requirements of a medium-size
software system using UML.
Mastering the techniques to design and
implement a medium-size software system.
Familiarity with software testing techniques.
Familiarity with software documentation.
Familiarity with working in a small software
development team.
Familiarity with system walkthroughs.
Familiarity with maintaining software and
managing change.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
12
Evaluation
Overview:
Introduction
What is Software Engineering?
What questions are answered by Software
Engineering?
How can we apply Software Engineering?
What should you expect from this class? What
are the outcomes?
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
13
Agenda
Overview:
Introduction
Course Introduction
Evaluation
Software Life Cycle
Evaluation
SW Life Cycle
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
14
Our Intention
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Requirements
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
Software
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
15
Our plan of attack
Overview:
Introduction
Evaluation
SW Life Cycle
Requirements
Analysis
Motivation
Terminology
SW Processes
Design
SW Life Cycle
Cap. Maturity
Implementation
Testing
Delivery and Installation
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
16
How it often goes
Overview:
Introduction
Evaluation
SW Life Cycle
Requirements
Analysis
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
D
E
L
A
Y
CEN 4010: Introduction to Software Engineering
Vaporware
Second Lecture on Jan. 23, 2006
17
Inherent Problems
Overview:
Introduction
Requirements are complex
– The client does not know the functional requirements in
advance.
Evaluation
SW Life Cycle
Motivation
– Technology enablers introduce new possibilities to deal
with nonfunctional requirements.
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
Requirements may be changing
Frequent changes are difficult to manage
– Identifying milestones and cost estimation are difficult.
There is more than one software system
– Backward compatible with existing systems
Let’s view these problems as the nonfunctional
requirements for a system that supports software
development!
– This leads us to software life cycle modeling
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
18
Terminology (1)
Overview:
Introduction
Evaluation
SW Life Cycle
e.g., developers, project manager, client, end users.
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
participants – all persons involved in a
project.
role – associated with a set of tasks assigned
to a participant.
system – underlying reality.
model – abstraction of the reality.
work product – an artifact produced during
development.
deliverable – work product for client.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
19
Terminology (2)
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
activity – a set of tasks performed toward a
specific purpose.
milestone – end-point of a software process
activity.
task – an atomic unit of work that can be
managed and that consumes resources.
goal – high-level principle used to guide the
project.
functional requirement – an area of
functionality that the system must have.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
20
Terminology (3)
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
nonfunctional requirement – a constraint on
the system.
notation – is a graphical or textual set of rules
representing a model (e.g., UML)
method – a repeatable technique for solving a
specific problem e.g. sorting algorithm
methodology – a collection of methods for
solving a class of problems (e.g., Unified
Software Development Process).
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
21
Software Processes
Overview:
Introduction
1.
Specification
– requirements elicitation and analysis.
Evaluation
SW Life Cycle
Motivation
Terminology
2.
Development
– systems design, detailed design (OO design),
implementation.
SW Processes
SW Life Cycle
Cap. Maturity
3.
Validation
– validating system against requirements (testing).
4.
Evolution
– meet changing customer needs and error
correction (maintenance).
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
22
1. Software Specification (1)
Overview:
Introduction
Functionality of the software and constraints
(non-functional requirements) on its operation
must be defined.
Involves:
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Specification
Development
Validation
Evolution
SW Life Cycle
Cap. Maturity
– Requirements elicitation
– The client and developers define the purpose of the
system.
– Output is a description of the system in terms of
actors and uses cases.
– Actors include roles such as end users and other
computers the system needs.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
23
1. Software Specification (2)
Overview:
Introduction
Evaluation
SW Life Cycle
Uses cases are general sequences of events that
describe all possible actions between actor and the
system for a given piece of functionality.
Motivation
Terminology
SW Processes
Specification
Analysis
Development
Validation
Evolution
SW Life Cycle
Cap. Maturity
Objective: produce a model of the system that is
correct, complete, consistent, unambiguous, realistic,
and verifiable.
Developers transform the use cases into an object
model that completely describes the system.
Model is checked for ambiguities and inconsistencies.
Output: Object model annotated with attributes,
operations, and associations.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
24
2. Software Development (1)
Overview:
Introduction
Evaluation
SW Life Cycle
Producing the software that meets the
specification.
Motivation
Terminology
SW Processes
System Design
Specification
Development
Validation
Evolution
SW Life Cycle
Goals of the project are defined.
System decomposed into smaller subsystems
(architectural model).
Strategies to build system identified
– HW and SW platform, data management, control flow,
and security.
Cap. Maturity
Output: model describing subsystem decomposition
and system strategies.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
25
2. Software Development (2)
Overview:
Introduction
Evaluation
Object Design
SW Life Cycle
Motivation
Terminology
SW Processes
Specification
Development
Validation
Evolution
Bridges the gap between analysis model and the strategies
identified in the system design.
Includes:
– Describing object and subsystem interfaces
– Selecting off–the-shelf components
– Restructure object model to attain design goals
e.g., extensibility, understandability, and required
performance.
Output: detailed object model annotated with constraints and
supporting documentation.
SW Life Cycle
Cap. Maturity
Implementation
Translation of the object model into source code.
No general process followed.
There are tools to assists the programmer such as
CASE tools.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
26
Software Development Activities
Overview:
Introduction
Evaluation
Requirements Analysis
What is the problem?
System Design
What is the solution?
SW Life Cycle
Motivation
Terminology
SW Processes
Specification
Development
Validation
Evolution
SW Life Cycle
Object Design
What is the solution in
a specific context?
Implementation
How is the solution
constructed?
Problem
Domain
Implementation
Domain
Cap. Maturity
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
27
3. Software Validation (1)
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Terminology
Ensures the software does what the customer
want.
The software conforms to its specification and
meets the expectations of the customer.
SW Processes
Specification
Development
Validation
Evolution
SW Life Cycle
Cap. Maturity
Validation: ‘Are we building the right product?’
Ensures the software meets the expectations of the
customer.
Verification: ‘Are we building the product right?’
Ensures the software conforms to the specification.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
28
3. Software Validation (2)
Overview:
Introduction
Techniques
– Software inspections (static):
Evaluation
SW Life Cycle
Motivation
Terminology
Analyze and check system representations (e.g.,
requirements documents, design diagrams, and
program source code).
– Software testing (dynamic):
SW Processes
Specification
Development
Validation
Executing an implementation of the software with test
data and examining the outputs against expected
results.
Evolution
SW Life Cycle
Cap. Maturity
V&V process establishes the existence of
defects.
Debugging is a process that locates and
corrects these defects.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
29
4. Software Evolution
Overview:
Introduction
Software must evolve to meet the
customer needs.
Software maintenance is the process of
changing a system after it has been delivered.
Reasons for maintenance
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Specification
Development
Validation
Evolution
SW Life Cycle
Cap. Maturity
– To repair faults.
– To adapt the software to a different operating
environment.
– To add to or modify system’s functionality.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
30
Attributes of Good Software
Overview:
Introduction
Maintainability
– Ease of changing the software to meets the
changing needs of the customer.
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Dependability
– Reliability, security and safety.
Specification
Development
Validation
Evolution
Efficiency
– Responsiveness, processing time, and memory
usage.
SW Life Cycle
Cap. Maturity
Usability
– Appropriate user interface and adequate
documentation.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
31
Software Life Cycle
Overview:
Introduction
Software life cycle modeling
– Attempt to deal with complexity and change.
Evaluation
SW Life Cycle
Motivation
Terminology
Software life cycle
– Set of activities and their relationships to each other
to support the development of a software system .
SW Processes
SW Life Cycle
Cap. Maturity
Software development methodology
– A collection of techniques for building models,
which are applied across the software lifecycle.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
32
Software Life Cycle
Overview:
Introduction
Evaluation
Software construction goes through a
progression of states
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Conception
Childhood
Adulthood
Retirement
Cap. Maturity
PreDevelopment
Development
CEN 4010: Introduction to Software Engineering
PostDevelopment
Second Lecture on Jan. 23, 2006
33
Software Life Cycle Models
Overview:
Introduction
Waterfall model and its problems
– Pure Waterfall Model
– V-Model
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Iterative process models
– Boehm’s Spiral Model
– Unified Process Model
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
Entity-based models
– Issue-based Development Model
– Concurrent Development
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
34
Waterfall Model (1)
Overview:
Introduction
– First described by Royce in 1970
Evaluation
SW Life Cycle
Motivation
Terminology
The waterfall model
There seem to be at least as many versions
as there are authorities - perhaps more
SW Processes
SW Life Cycle
Waterfall
Iterative
Requirements
Definition
System and
software design
Entity-Based
Cap. Maturity
Implementation
and unit testing
Integration and
system testing
Operation and
maintenance
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
35
Waterfall Model (2)
Overview:
Introduction
One or more documents are produced after
each phase and “signed off”.
Points to note:
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
– “Water does not flow up”.
it is difficult to change artifact produced in the
previous phase.
– This model should be used only when the
requirements are well understood.
– Reflects engineering practice.
– Simple management model.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
36
From Waterfall to V Model
Overview:
Introduction
Evaluation
Horizontal lines denote the information flow
between activities at the same abstraction level.
SW Life Cycle
Motivation
Terminology
Requirements
Specification
Acceptance
test
SW Processes
SW Life Cycle
Waterfall
System and
integration test
System design
Iterative
Entity-Based
Cap. Maturity
Detailed Design
Unit Test
Implementation
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
37
V Model
Overview:
Introduction
Similar to pure waterfall model but makes
explicit the dependency between
development and verification activities.
The left half of the V represents development
and the right half system validation.
Note the requirements specification includes
requirements elicitation and analysis.
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
38
Spiral Model (1)
Overview:
Introduction
Basic Idea
– develop initial implementation, expose it to user,
and refine it until an adequate system is produced.
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Two types:
– Exploratory
– Throw-away prototyping
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
Advantages
– model used when problem is not clearly defined.
Disadvantages
– Process not visible, systems are poorly constructed,
may require special tools and techniques.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
39
Spiral Model (2)
Overview:
Introduction
Design objectives,
alternatives, and constraints
Evaluate alternatives,
identify and resolve risks
Evaluation
Risk
analysis
SW Life Cycle
Risk
analysis
Motivation
Terminology
Risk
analysis
SW Processes
Prototype
3
Prototype
Prototype
2
1
SW Life Cycle
Waterfall
Requirements Concept of
plan operation S/w
Reqs.
Iterative
Entity-Based
Development
Plan
Cap. Maturity
Integration
Plan
Design
Validation
Acceptance
Test
Plan next phase
CEN 4010: Introduction to Software Engineering
Detailed
Design
Sys.
Product
Design
Reqs.
Validation
Not shown
in detail
Code
Unit Test
Integration &
Test
Develop and verify
next level product
Second Lecture on Jan. 23, 2006
40
Spiral Model (3)
Overview:
Introduction
Tries to accommodate infrequent change
during development.
Each round of the spiral involves:
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
–
–
–
–
–
–
–
Determine objectives
Specify constraints
Generate alternatives
Identify risks
Resolve risks
Develop and verify next level product
Plan
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
41
Incremental Development (1)
Overview:
Introduction
Mills et al. 1980
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
Define outline
requirements
Assign requirements
to increments
Design system
architecture
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
Develop system
increment
Validate
increment
Integrate
increment
Validate
system
Final
system
System incomplete
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
42
Incremental Development (2)
Overview:
Introduction
Software specification, design and
implementation is broken down into a series
of increments which are developed in turn.
Gives customers some opportunities to delay
decisions on the detailed requirements of the
system.
Services are identified and a priority allocated.
Each increment provides a subset of the
system’s functionality.
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
43
Incremental Development (3)
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Advantages:
– Customers do not have to wait for the entire
system.
– Customers gain experience using early increments
of the system.
– Lowers the risk of overall project failure.
– Most important system services receives the most
testing.
Entity-Based
Cap. Maturity
Disadvantages:
– May be difficult to map meaningful functionality into
small increments.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
44
Extreme Programming
Overview:
Introduction
The incremental approach has evolved to
‘extreme programming’ (Beck 1988).
Extreme programming:
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
Cap. Maturity
–
–
–
–
Development and delivery of very small increments.
Customer involvement in the process.
Constant code improvement.
Egoless programming
Programs are regarded as group property!
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
45
Unified Software Development Process (1)
Overview:
Introduction
Similar to Boehm’s spiral model.
A project consists of several cycles, each
ends with the delivery of a product to the
customer.
Each cycle consists of four phases:
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
Iterative
–
–
–
–
Entity-Based
Cap. Maturity
Inception
Elaboration
Construction
Transition
Each phase consists of a number of iterations.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
46
Unified Software Development Process (2)
Overview:
Introduction
Inception ends with
– commitment from the project sponsor to go ahead.
Evaluation
SW Life Cycle
Motivation
Terminology
Elaboration ends with
–
–
–
–
SW Processes
SW Life Cycle
Waterfall
Iterative
Entity-Based
basic architecture of the system in place,
a plan for construction agreed,
all significant risks identified, and
major risks understood enough not to be too
worried.
Cap. Maturity
Construction ends with
– a beta-release system.
Transition
– is the process of introducing the system to it users.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
47
Unified Software Development Process (2)
Overview:
System
Development
Introduction
Evaluation
SW Life Cycle
Analysis model
specified by
Motivation
Terminology
realized by
SW Processes
Design model
SW Life Cycle
Waterfall
Iterative
Use case
model
Entity-Based
distributed by
Deployment model
implemented by
Cap. Maturity
Requirements
captured as a
set of use cases.
verified by
Implementation
model
Test model
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
48
Unified Software Development Process (3)
Overview:
Introduction
– physical communication links between hardware
items.
Evaluation
SW Life Cycle
Motivation
– relationships between physical machines and
processes.
Terminology
SW Processes
SW Life Cycle
Deployment model
Waterfall
Iterative
The models in the Unified Process are
traceable
– A model element can be traced to at least one
element in an associated model.
Entity-Based
Cap. Maturity
Transition between models are seamless
– we can tell in a foreseeable way how to get from an
element in one model to one/more elements in an
associated model.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
49
Issue-Based Development
Overview:
Introduction
A system is described as a collection of issues
– Issues are either closed or open.
– Closed issues have a resolution.
– Closed issues can be reopened (Iteration!).
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Waterfall
The set of closed issues is the basis of the
system model
Iterative
Entity-Based
I1:Open
Cap. Maturity
SD.I1:Closed
A.I1:Open
SD.I3:Closed
I2:Closed
I3:Closed
Planning
A.I2:Open
SD.I2:Closed
Requirements Analysis
CEN 4010: Introduction to Software Engineering
System Design
Second Lecture on Jan. 23, 2006
50
What to Choose?
Overview:
Introduction
PT = Project Time, MTBC = Mean Time Between Change
Change rarely occurs (MTBC >> PT):
Evaluation
SW Life Cycle
– Waterfall Model
– All issues in one phase are closed before proceeding to the
next phase
Motivation
Terminology
SW Processes
SW Life Cycle
Change occurs sometimes (MTBC = PT):
– Boehm’s Spiral Model
– Change occurring during a phase might lead to an iteration of
a previous phase or cancellation of the project
Cap. Maturity
“Change is constant” (MTBC << PT)
– Issue-based Development (Concurrent Development Model)
– Phases are never finished, they all run in parallel
Decision when to close an issue is up to
management.
The set of closed issues form the basis for the
system to be developed.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
51
IEEE 1074
Overview:
Introduction
Standard for Developing Life Cycle Processes
Describes the set of activities and processes
that are mandatory for the development and
maintenance of software.
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
Process is a set of activities that is performed
towards a specific purpose.
Processes are grouped into higher
abstractions called process groups.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
52
Software Processes
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Process Group
Project Management Project Initiation
Project Management and Control
Software Quality Management
Pre-development
Concept Exploration
System Allocation
Development
Requirements
Design
Implementation
Post-development
Installation
Operation and Support
Maintenance
Retirement
Integral Processes
Verification and Validation
Software Configuration Management
Document Development
Training
Terminology
SW Processes
SW Life Cycle
Processes
Cap. Maturity
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
53
Capability Maturity Model (CMM)
Overview:
Introduction
Evaluation
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
1. Initial Level
– ad hoc, no feedback from user, black box.
2. Repeatable Level
– Each project has a well-defined sw life cycle model.
3. Defined Level
– A document sw life cycle model for all managerial
and technical activities across the org. exists.
4. Managed Level
– Metrics for activities and deliverables are defined.
5. Optimizing Level
– Process allows feedback of information to change
process itself.
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
54
State of the Software Industry in 1995
Overview:
Introduction
Evaluation
Maturity Level
Frequency
SW Life Cycle
Motivation
Terminology
SW Processes
SW Life Cycle
Cap. Maturity
1. Initial
2. Repeatable
3. Defined
4. Managed
5. Optimizing
70%
15%
< 10%
< 5%
< 1%
Source: Royce, Project Management, P. 364
CEN 4010: Introduction to Software Engineering
Second Lecture on Jan. 23, 2006
55