You are on page 1of 75


Our Project is Cyber Security Project, where in we are trying to implement various IT Security aspects along with Complete Cyber Café Management and Surrivalnce system, the system will make Cyber Cafe administrators Job easy by providing him the necessary tool to maintain the cyber café records and manage the services offered to the customer along with complete tracking of Customer usage, activity and accounting aspects. This software give cyber café Administrators complete control over the systems in the network so that they are able to monitor and maintain the systems remotely.




1. System Development Life Cycle
The basic idea of software development life cycle (SDLC) is that there is a well defined process by which an application is conceived, developed and implemented. The phases in the SDLC provide a basis for the management and control because they define segments of the flow of work, which can be identified for the managerial purpose and specifies the documents or other deliveries to be produced in each phase. System Development revolves around a life cycle that begins with the recognition of user needs. In order to develop good software, it has to go through different phases. There are various phases of the System Development Life Cycle for the project and different models for software development, which depict these phases. We decided to use waterfall model, the oldest and the most widely used paradigm for software engineering. The Various relevant stages of the System Life Cycle of this Application Tool are depicted in the following flow diagram.




SYSTEM TESTING ========================================================



Let us have a look on each of the above activities: 1. System Analysis System Analysis is the process of diagnosing situations, done with a defiant aim, with the boundaries of the system kept in mind to produce a report based on the findings. Analysis is fact-finding techniques where problem definition, objective, system requirement specifications, feasibility analysis and cost benefit analysis are carried out. The requirement of both the system and the software are document and reviewed with the user. 2. System Design System Design is actually a multistep process that focuses on four distinct attributes of a program: data structures, software architecture, interface representations, and procedural (algorithmic) detail. System design is concerned with identifying the software components (Functions, data streams, and data stores), specifying relationships among components, specifying software structure, maintaining a record of design decisions and providing a blueprint for the implementation phase.

3. Coding
Coding step performs the translations of the design representations into an artificial language resulting in instructions that can be executed by the computer. It thus involves developing computer programs that meet the system specifications of design stage.

4. System Testing

System testing process focuses on the logical internals of the software, ensuring that all statements have been tested on the functional externals, that is conducting tests using various tests data to uncover errors that defined input will produce actual results that agree with required results.

5. System Implementation
System Implementation is a process that includes all those activities that take place to convert an old system to a new system. The new system may be totally new system replacing the existing system or it may be major modification to the existing system. Coding performs the translations of the design representations into an artificial language resulting in instructions that can be executed by the computer. It thus involves developing computer programs that meet the system design specifications. System implementation involves the translation of the design specifications into source code and debugging, documentation and unit testing of the source code.

6. System Maintenance
Maintenance is modification of a software product after delivery to correct faults to improve performance or to adopt the product to a new operating environment. Software maintenance canot be avoided due to ware & tear caused by users. Some of the reasons for maintaining the software are 1. Over a period of time, software original requirements may change. 2. Errors undetected during software development may be found during user & require correction. 3. With time new technologies are introduced such as hardware, operating system etc. The software therefore must be modified to adapt new operating environment. Type of Software Maintenance


 Corrective Maintenance: This type of maintenance is also called bug fixing that may observed while the system is in use i.e correct reported errors.  Adaptive Maintenance: This type of maintenance is concern with the modification required due to change in environment. (i.e external changes like use in different hardware platform or use different O.S.  Perfective Maintenance: Perfective maintenance refers to enhancement to the software product there by adding or support to new features or when user change different functionalities of the system according to customer demands making the product better, faster with more function or reports.  Preventive Maintenance: This type of maintenance is done to anticipate future problems and to improve the maintainability to provide a better basis for future enhancement or business changes.


1.1.1 Problem Definition
Our Project is Cyber Security tries to implement some important aspect of Cyber Cafe and System Security. Our project will relay information to the network administrator about what is happening on a network node, also the system will provide notifications regarding any file delete etc.

1.1.2 Proposed System
The Proposed system will have the following features:  Cyber Cafe Mangement: This feature allows the cyber café administrator to to maintain the system chart and view which user is sitting on which compuer and maintain the accounting for that particular user. The user account can be topped up by the cyber café administrator with a particular amount and when the user sits on a particular system he is not able to log on to the system until he provides his username/password, as soon as he logs in the system deducts money


from his accounts as per usage similar to what we see in case of prepaid mobile system.  File Delete Notification System: The system will write notification events in case a file is deleted from the system along with all attributes like time,date etc. This module is very useful in case of College Lab as we can track that when a file was deleted from a system.  User Activity Monitoring Module: This module will enable the administrator to keep a track on the activities occurring on a user system in a real time basis. This system will work in the manner that after every few minutes the screen of the user desktop will be catured as an image and will be transferred to the administrator so that can keep the track of what is happening on the user system.  Remote Desktop Login: This module enables the administrator to remotely logon to a particular system on the network to view what all is happening on that remote computer.


1.1.3 Significance of Project
These days information and data security has been a very important concept. This project will help lab administrator to manage the network effectivey and keep a track on students as it is becoming increasingly necessary to prevent the misuse of College IT infrastructure by students.

1.1.4 Advantages of the Proposed System
The various advantages of the proposed System are: Cyber café is automated no need to keep whatching the clock and to maintain the records of cyber café. Prevents and Notifies about deletion of any important files. The culprit can be tracked who has deleted the files Administrator can track user working by keep watch on the activities thus preventing further misuse.

Software requirement analysis is a software-engineering task that bridges the gap between system level software allocation and software design. For Developing our Travel Portal in-depth analysis was deon. The analysis was divided into the following three Parts. ♦ Problem Recognition ♦ Evaluation and Synthesis ♦ Specification & Review

Problem Recognition The aim of the poroject was understood and through research was done on internet to get a deep insight of how the proposed system will work, we went ========================================================

to different travel related sites and understood their working. We recorded what all features will be required when we build our website like for eg. We need to keep a database of destinations, Travel Agents and Hotels should be able to register and post their data online etc. All these features were noted down so that they could be incorporated in our application.

Evaluation and Synthesis Problem evaluation and solution synthesis was the next major area of effort. It was in this step that all externally observable data objects, evaluation of flow and content of information was defined. It was decided in this phase that how our application will look and works, what parameters it will take and what it will return.

Specification & Review The main objective is to improve the quality of software that can be done by inspection or walkthrough of formal technical reviews. The main objective is ♦ To uncover errors in function, logfics or implementation. ♦ Verify software under revies to meet requirement specification. ♦ Ensure that software has been represented according to predefined standards. ♦ Achive software development in uniform manner ♦ Make projexct more meaningfull.

The feasibility study is carried out to test if the proposed system is worth being implemented. Given unlimited and infinite time, all projects are feasible. Unfortunately such resources and time are not possible in real life situations. Hence it becomes both necessary and prudent to evaluate the feasibility of the project at the earliest possible time in order to avoid unnecessarily wastage of time, effort and professional embarrassment over an ill conceived ========================================================

system. Feasibility study is a test of system proposed regarding its work ability, impact on the organization ability to meet the user needs and effective use of resources. The main objective of feasibility study is to test the technical, operational and economical feasibility of developing a computer system Application. The following feasibility studies were carried out for the proposed system:  Economic Feasibility: An evaluation of development cost weighed against the income of benefit derived from the developed system. Here the development cost is evaluated by weighing it against the ultimate benefits derived from the new system. The proposed system is economically feasible if the benefits obtained in the long run compensate rather than overdo the cost incurred in designing and implementing. In this case the benefits outweigh the cost that makes the system economically feasible.  Technical Feasibility: A study of function performance and constraints that may affect the ability to achieve the acceptable system. A system is technically feasible, if it can be designed and implemented within the limitations of available resources like funds, hardware, software etc. The considerations that are normally associated with technical feasibility include development risk, resources availability and technology. Management provides latest hardware and software facilities for successful completion of the project. The proposed system is technically feasible as the Technology we are using to implement the Project (i.e. ASP.NET) is fully capable to implement our projects requirement analysis that was performed in the analysis section.  Operational Feasibility: The Project is Operationally Feasilbe as it can be implemented easily in the college computer Lab.


 Schedule Feasibility: “Evaluates the time taken in the development of the project”. The system had schedule feasibility.



The design of an information system produces the detail that state how a system will meet the requirements identified during system analysis. System specialists often refer to this stage as Logical Design, in contrast to the process of development program software, which is referred to as Physical Design. System Analysis begins process by identifying the reports and the other outputs the system will produce. Then the specific on each are pin pointed. Usually, designers sketch the form or display as they expect it to appear when the system is complete. This may be done on a paper or computer display, using one of the automated system tools available. The system design also describes the data to be input, calculated or stored. Individual data items and calculation procedures are written in detail. The procedure tells how to process the data and produce the output.

The following goals were kept in mind while designing the system: • To reduce the manual work required to be done in the existing system.


• •

To avoid errors inherent in the manual working and hence make the outputs consistent and correct. To improve the management of permanent information of the Computer center by keeping it in properly structured tables and to provide facilities to update this information efficiently as possible.

To make the system completely menu-driven and hence user friendly, and hence user friendly, this was necessary so that even nonprogrammers could use the system efficiently.

• • •

To make the system completely compatible i.e., it should fit in the total integrated system. To design the system in such a way that reduced future maintenance and enhancement times and efforts. To make the system reliable, understandable and cost effective.

 Cyber Cafe Mangement: This feature allows the cyber café administrator to to maintain the system chart and view which user is sitting on which compuer and maintain the accounting for that particular user. The user account can be topped up by the cyber café administrator with a particular amount and when the user sits on a particular system he is not able to log on to the system until he provides his username/password, as soon as he logs in, the system deducts money from his accounts as per usage similar to what we see in case of prepaid mobile system.  File Delete Notification System: The system will write notification events in case a file is deleted from the system along with all attributes like time,date etc. This module is very useful in case of College Lab as we can track that when a file was deleted from a system.  User Activity Monitoring Module: This module will enable the administrator to keep a track on the activities occurring on a user system in a real time basis. This system will work in the manner that after every few minutes the screen of the user desktop will be catured as an image and will be transferred to the administrator so that can keep the track of what is happening on the user system.


 Remote Desktop Login: This module enables the administrator to remotely logon to a particular system on the network to view what all is happening on that remote computer.

The design stage takes the final specification of the system from analysis stages and finds the best way of filing them, given the technical environment and previous decision on required level of automation. The system design is carried out in two phases: i) ii) Architectural Design (High Level Design) Detailed Design (Low Level Design)

The high level Design maps the given system to logical data structure. Architectural design involves identifying the software component, decoupling and decomposing the system into processing modules and conceptual data structures and specifying the interconnection among components. Good notation can clarify the interrelationship and interactions if interest, while poor notation can complete and interfere with good design practice. A data floworiented approach was used to design the project. This includes Entity Relationship Diagram (ERD) and Data Flow Diagrams (DFD).

Entity Relationship Diagram

One of the best design approaches is Entity Relationship Method. This design approach is widely followed in designing projects normally known as “ Entity Relationship Diagram (ERD)”. ERD helps in capturing the business rules governing the data relationships of the system and is a conventional aid for communicating with the end users in the conceptual design phase. ERD consists of: ========================================================

 Entity – It is the term use to describe any object, place, person, concept, activity that the enterprise recognizes in the area under investigation and wishes to collect and store data. It is diagrammatically represented as boxes.  Attribute – They are the data elements that are used to describe the properties that distinguish the entities.  Relationship – It is an association or connection between two or more entities. They are diagrammatically represented as arrows. A Unary relationship is a relationship between instances of the same entity. A Binary relationship is a relationship between two entities. A N-ary relationship is a relationship among N entities. It is defined only when the relationship does have a meaning without the participation of all the N entities.  Degree of Relationship – An important aspect of relationship between two or more entities is the degree of relationship. The different relationships recognized among various data stores in the database are:  One-to-One (1:1) It is an association between two entities. For example, each student can have only one Roll No.  One-to-Many (1:M) It describes entities that may have one or more entities related to it. For example, a father may have one or many children.  Many-to-Many (M:M) It describes entities that may have relationships in both directions. This relationship can be explained by considering items sold by ========================================================

Vendors. A vendor can sell many items and many vendors can sell each item.

ERD representation of the project is given below. It follows Chen’s convention in which entities are represented as rectangles and relationships as diamonds.


Entity Relationship Diagram


Context Analysis Diagram

Context Analysis Diagram (CAD) is the top-level data flow diagram, which depicts the overview of the entire system. The major external entities, a single process and the output data stores constitute the CAD. Though this diagram does not depict the system in detail, it presents the overall inputs, process and the output of the entire system at a very high level. The Context Analysis Diagram if the project is given ahead.

Context Level Data Flow Diagram

Computer Users

Cyber Security System


Data Flow Diagrams

A Data Flow Diagram (DFD) is a graphical tool used to describe and analyze the movement of data through a system – manual or automated including the processes, stores of data and delays in the system. They are central tools and the basis from which other components are developed. It depicts the


transformation of data from input to output through processes and the interaction between processes. Transformation of data from input to output through processes logically and independent of physical components is called the DFD. The physical DFD shows the actual implementation and movement of data between people, departments and workstation. DFD’s are an excellent mechanism of communicating with the customers during requirement analysis and are widely used for representing external and top-level internal design specification. In the Later situations, DFD’s are quite valuable for establishing naming conventions and names of system components such as subsystems, files and data links.

In a DFD there are four components:

1. Sources or Destinations of data such as human, entities that interact with system, outside the system boundary, who form the source and the recipient of information are depicted in the form of a closed rectangle. 2. Data flow is a packet of data. It identifies data flow. It is a pipeline through which information flows. It is depicted in DFD as an arrow with the pointer pointing in the direction of flow. This connecting symbol connects an entity, process and data stores. This arrow mark also specifies the sender and the receiver. 3. Process depicts procedure, function or module that transform input data into output data. It is represented as a circle or a bubble with the procedure name and a unique number inside the circle.


4. Data stores are the physical areas in the computer’s hard disk where a group of related data is stored in the form of files. They are depicted as an open-ended rectangle. The Data store is used either for storing data into the files or for reference purpose.

DFD – 1

DFD – 2


DFD – 3

DFD - 4

The Low Level Design maps the logical model of the system to a physical database design. Tables created for the system Entities and Attributes were mapped into Physical tables. The name of the entity is taken as the table name. During detailed design phase, the database if any and programming modules are designed and detailed user procedures are documented. The interfaces between the System users and computers are also defined.

======================================================== APPLICATION DESIGN
After the detailed problem definition and system analysis of the problem, it was thought of designing web based Computer designing. Simplicity is hard to design. It is difficult to design something that is technically sophisticated but appears simple to use. Any software product must be efficient, fast and functional but more important it must be user friendly, easy to learn and use. For designing good interface we should use the following principles. i) ii) iii) iv) Clarity and consistency Visual feedback. Understanding the people. Good response.

The software has been designed in a modular manner. There is a separate module for the every function of the System. These are then integrated to build an easy to use system. The various Modules of the Software were identified as:  Cyber Dafe Mangement: This feature allows the cyber café administrator to to maintain the system chart and view which user is sitting on which compuer and maintain the accounting for that particular user. The user account can be topped up by the cyber café administrator with a particular amount and when the user sits on a particular system he is not able to log on to the system until he provides his username/password, as soon as he logs in the system deducts money from his accounts as per usage similar to what we see in case of prepaid mobile system.  File Delete Notification System: The system will write notification events in case a file is deleted from the system along with all attributes like time,date etc. This module is very useful in case of College Lab as we can track that when a file was deleted from a system.  User Activity Monitoring Module: This module will enable the administrator to keep a track on the activities occurring on a user system ========================================================

in a real time basis. This system will work in the manner that after every few minutes the screen of the user desktop will be catured as an image and will be transferred to the administrator so that can keep the track of what is happening on the user system.  Remote Desktop Login: This module enables the administrator to remotely logon to a particular system on the network to view what all is happening on that remote computer.




2.1 Technical Specifications


PC with the following Configuration Processor RAM HARD DISK Pentium-IV 3.0 GHz 256 DDR 2 RAM 80 GB


Operating System Backend Frontend Case Tool


Microsoft Windows XP. Microsoft Access VB.NET Say Microsoft Word 2003, Ms Front Page



Technology Used: VB.NET

VB.NET introduces many exciting new features to the VB developer, though these enhancements do cause some minor compatibility issues with legacy code. The new Integrated Development Environment (IDE) incorporates some of the best ideas of VB 6.0 and InterDev to make it easier and more intuitive to quickly create applications using a wider variety of development resources.The code developed in the IDE can then be compiled to work with the new .NET Framework, which is Microsoft’s new technology designed to better leverage internal and external Internet resources.The compiler writes the code to Common Language Runtime (CLR), making it easier to interact with other applications not written in VB.NET. It is now possible to use true inheritance with VB, which means that a developer can more efficiently leverage code and reduce application maintenance. Not only is the CLR used for standalone VB applications, it is also used for Web Applications, which makes it easier to exploit the full feature set of VB from a scripted Web application. Another way in which security is enhanced is through enforcement of data type compatibility, which reduces the number of crashes due to poorly designed code. Exploiting the new features of VB.NET is not a trivial task, and many syntax changes were introduced that will cause incompatibilities with legacy code. But, many of these are identified, emphasized, and in some cases automatically updated by the IDE when a VB 6.0 project is imported into VB.NET.

.NET Architecture

The .NET Framework consists of three parts: the Common Language Runtime, the Framework classes, and ASP.NET, which are covered in the following sections. The components of .NET tend to cause some confusion. ========================================================


One major headache that Visual Basic developers have had in the past is trying to reconcile the differences between compiled VB applications and applications built in the lightweight interpreted subset of VB known as VBScript. Unfortunately, when Active Server Pages were introduced, the language supported for serverside scripting was VBScript, not VB. (Technically, other languages could be used for server side scripting, but VBScript has been the most commonly used.) Now, with ASP.NET, developers have a choice. Files with the ASP extension are now supported for backwards compatibility, but ASPX files have been introduced as well. ASPX files are compiled when first run, and they use the same syntax that is used in stand-alone VB.NET applications. Previously, many developers have gone through the extra step of writing a simple ASP page that simply executed a compiled method, but now it is possible to run compiled code directly from an Active Server Page.

Framework Classes

Ironically, one of the reasons that VB.NET is now so much more powerful is because it does so much less. Up through VB 6.0, the Visual Basic compiler had to do much more work than a comparable compiler for a language like C++. This is because much of the functionality that was built into VB was provided in C++ through external classes.This made it much easier to update and add features to the language and to increase compatibility among applications that shared the same libraries. Now, in VB.NET, the compiler adopts this model. Many features that were formerly in Visual Basic directly are now implemented through Framework classes. For example, if you want to take a square root, instead of using the VB operator, you use a method in the System.Math class.This approach makes the language much more lightweight and scalable.

.NET Servers

We mention this here only to distinguish .NET servers from .NET Framework. These servers support Web communication but are not necessarily themselves written in the .NET Framework.

Common Language Runtime

CLR provides the interface between your code and the operating system, providing such features as Memory Management, a Common Type System, and Garbage Collection. It reflects Microsoft’s efforts to provide a unified and safe framework for all Microsoft-generated code, regardless of the language used to create it.

What Is the .NET Framework?
The .NET Framework is Microsoft’s latest offering in the world of crossdevelopment (developing both desktop and Web-usable applications), interoperability, and, soon, cross-platform development. As you go through this chapter, you’ll see just how .NET meets these developmental requirements. However, Microsoft’s developers did not stop there; they wanted to completely revamp the way we program. In addition to the more technical changes, .NET strives to be as simple as possible. .NET contains functionality that a developer can easily access. This same functionality operates within the confines of standardized data types and naming conventions. This internal functionality also encompasses the creation of special data within an assembly file that is vital for interoperability, .NET’s built-in security, and NET’s automatic resource management. Another part of the “keep it simple” philosophy is that .NET applications are geared to be copy-only installations; in other words, the need for a special installation package for your application is no longer a requirement. The majority of .NET applications work if you simply copy them into a directory. This feature substantially eases the burden on the programmer. The CLR changes the way that programs are written, because VB developers won’t be limited to the Windows platform. Just as with ISO C/C++, VB programmers are now capable of seeing their programs run on any platform with the .NET runtime installed. Furthermore, if you delegate a C programmer to oversee future developments on your VB.NET program, the normal learning curve ========================================================

for this programmer will be dramatically reduced by .NET’s Multilanguage capabilities.

Introduction to the Common Language Runtime
CLR controls the .NET code execution. CLR is the step above COM, MTS, and COM+ and will, in due time, replace them as the Visual Basic runtime layer. To developers, this means that our VB.NET code will execute on par with other languages, while aintaining the same, small file size. The CLR is the runtime environment for .NET. It manages code execution as well as the services that .NET provides.The CLR “knows” what to do through special data (referred to as metadata) that is contained within the applications. The special data within the applications store a map of where to find classes, when to load classes, and when to set up runtime context boundaries, generate native code, enforce security, determine which classes use which methods, and load classes when needed. Since the CLR is privy to this information, it can also determine when an object is used and when it is released. This is known as managed code. Managed code allows us to create fully CLR-compliant code. Code that’s compiled with COM and Win32API declarations is called unmanaged code, which is what you got with previous versions of Visual Basic.Managed code keeps us from depending on obstinate dynamic link library (DLL) files (discussed in the Ending DLL Hell section later in this chapter). In fact, thanks to the CLR, we don’t have to deal with the registry, graphical user identifications (GUIDs), AddRef, HRESULTS, and all the macros and application programming interfaces (APIs) we depended on in the past.They aren’t even available options in .NET. Removing all the excess also provides a more consistent programming model. Since the CLR encapsulates all the functions that we had with unmanaged code, we won’t have to depend on any pre-existing DLL files residing on the hard drive. This does not mean that we have seen the last of DLLs; it simply means that the .NET Framework contains a system within it that can map out the location of all the resources we are using.We are no longer dependent upon VB runtime files being installed, or certain pre-existing components. Because CLR-compliant code is also Common Language Specification (CLS)- compliant code, it allows CLR-based code to execute properly. CLS is a subset of the CLR types defined in the Common Type System (CTS), which is also discussed later in the chapter. CLS features are instrumental in the interoperability process, because they contain the basic types required for CLR operability. These combined features allow .NET to handle multiple programming languages. The CLR manages the mapping; all that you need is a compiler that can generate the code and the special ========================================================

data needed within the application for the CLR to operate. This ensures that any dependencies your application might have are always met and never broken. When you set your compiler to generate the .NET code, it runs through the CTS and inserts the appropriate data within the application for the CLR to read. Once the CLR finds the data, it proceeds to run through it and lay out everything it needs within memory, declaring any objects when they are called (but not before).Any application interaction, such as passing values from classes, is also mapped within the special data and handled by the CLR.

Using .NET-Compliant Programming Languages
.NET isn’t just a single, solitary programming language taking advantage of a multiplatform system. A runtime that allows portability, but requires you to use a single programming model would not truly be delivering on its perceived value. If this were the case, your reliance on that language would become a liability when the language does not meet the requirements for a particular task. All of a sudden, portability takes a back seat to necessity—for something to be truly “portable,” you require not only a portable runtime but also the ability to code in what you need, when you need it. .NET solves that problem by allowing any .NET compliant programming language to run. Can’t get that bug in your class worked out in VB, but you know that you can work around it in C? Use C# to create a class that can be easily used with your VB application. Third-party programming language users don’t need to fret for long, either; several companies plan to create .NETcompliant versions of their languages. Currently, the only .NET-compliant languages are the entire Microsoft flavor; for more information, check these out at _ C# _ C++ with Managed Extensions _ VB.NET _ ASP.NET (although this one is more a subset of VB.NET) _ Jscript.NET

Visual Basic for Windows is a little over ten years old. It debuted on March 20, 1991, at a show called “Windows World,” although its roots go back to a tool called Ruby that Alan Cooper developed in 1988.

Origin of .Net Technology 1. Ole Technology
Object linking and embedding technology was developed by Microsoft in the early 1990 to enable easy interprocess communications. To embed documents from one application into another application. This enabled users to develop applications which required inter- operability between various products such as MS Word and MS Excel.

2. Com Technology
Microsoft introduced component-based model for developing softwares programs. In the components –based approaching a program is broken into a number of independent components where each one offers a particular service. It reduces the overall complexity of software. Enables distributed developments across multiple organization or departments and Enhances software maintainability

3. Dot Net Technology
component model.

.NET technology is a third-generation

This provides a new level of inter-operability

compared to COM technology. COM provides a standard binary mechanism for inter-module communication .this mechanism is replaced by an intermediate language called Microsoft Intermediate language (MSIL) or simply IL.

Introduction to the .NET Framework and Visual Studio .NET
The .NET Framework (pronounced “dot net framework”) defines the

environment that you use to execute Visual Basic .NET applications and the services you can use within those applications. One of the main goals of this framework is to make it easier to develop applications that run over the Internet. However, this framework can also be used to develop traditional business applications that run on the Windows desktop. To develop a Visual Basic .NET application, you use a product called Visual Studio .NET (pronounced “Visual Studio dot net”). This is actually a suite of products that includes the three programming languages described. Visual Basic .NET, which is designed for rapid application development. Visual Studio also includes several other components that make it an outstanding development product. One of these is the Microsoft Development Environment, which you’ll be introduced to in a moment. Another is the Microsoft SQL Server 2000 Desktop Engine (or MSDE). MSDE is a database engine that runs on your own PC so you can use Visual Studio for developing database applications that are compatible with Microsoft SQL Server. SQL Server in turn is a database management system that can be used to provide the data for large networks of users or for Internet applications. The two other languages that come with Visual Studio .NET are C# and C++. C# .NET (pronounced “C sharp dot net”) is a new language that has been developed by Microsoft especially for the .NET Framework. Visual C+ + .NET is Microsoft’s version of the C++ language that is used on many platforms besides Windows PCs.

Programming languages supported by Visual Studio .NET Language Description
Visual Basic .NET Designed for rapid application development Visual C# .NET - A new language that combines the features of Java and C++ and is suitable for rapid application development. Visual C++ .NET - Microsoft’s version of C++ that can be used for developing high- performance applications.


Two other components of Visual Studio .NET
Component Description
Microsoft Development Environment The Integrated Development Environment (IDE) that you use for developing applications in any of the three languages Microsoft SQL Server 2000 Desktop Engine A database engine that runs on your own PC so you can use Visual Studio for developing database applications that are compatible with Microsoft SQL Server. Platforms that can run Visual Studio .NET
• Windows 2000 and later releases of Windows

Platforms that can run Visual Studio .NET applications • Windows 98 and later releases of Windows, depending on
which .NET components the application uses.

Visual Basic .NET Standard Edition
• An inexpensive alternative to the complete Visual Studio .NET
package that supports a limited version of Visual Basic .NET as its only programming language.

• The .NET Framework defines the environment that you use for
executing Visual Basic .NET applications. • Visual Studio .NET is a suite of products that includes all three of the programming languages listed above. These languages run within the .NET Framework. • You can develop business applications using either Visual Basic .NET or Visual C# .NET. Both are integrated with the design environment, so the development techniques are similar although the language details vary. • Besides the programming languages listed above, third-party vendors can develop languages for the .NET Framework. However, programs written in these languages can’t be developed from within Visual Studio .NET. ========================================================

The components of the .NET Framework
The .NET Framework provides a common set of services that application programs written in a .NET language such as Visual Basic .NET can use to run on various operating systems and hardware platforms. The .NET Framework is divided into two main components: the .NET Framework Class Library and the Common Language Runtime. The .NET Framework Class Library consists of segments of pre-written code called classes that provide many of the functions that you need for developing .NET applications. For instance, the Windows Forms classes are used for developing Windows Forms applications. The ASP.NET classes are used for developing Web Forms applications. And other classes let you work with databases, manage security, access files, and perform many other functions. Although it’s not apparent in this figure, the classes in the .NET Framework Class Library are organized in a hierarchical structure. Within this structure, related classes are organized into groups called namespaces. Each namespace contains the classes used to support a particular function. For example, the System.Windows.Forms namespace contains the classes used to create forms and the System.Data namespace contains the classes you use to access data. The Common Language Runtime, or CLR, provides the services that are needed for executing any application that’s developed with one of the .NET languages. This is possible because all of the .NET languages compile to a common intermediate language, which you’ll learn more about in the next figure. The CLR also provides the Common Type System that defines the data types that are used by all the .NET languages. That way, you can use more than one of the .NET languages as you develop a single application without worrying about incompatible data types. If you’re new to programming, the diagram in this figure probably doesn’t mean too much to you right now.


• .NET applications do not access the operating system or computer hardware directly. Instead, they use services of the .NET Framework, which in turn access the operating system and hardware. • The .NET Framework consists of two main components: the .NET Framework Class Library and the Common Language Runtime. • The .NET Framework Class Library provides pre-written code in the form of classes that are available to all of the .NET programming languages. This class library consists of hundreds of classes, but you can create simple .NET applications once you learn how to use just a few of them. • The Common Language Runtime, or CLR, is the foundation of the .NET Framework. It manages the execution of .NET programs by coordinating essential functions such as memory management, code execution, security, and other services. Because .NET applications are managed by the CLR, they are called managed applications. • The Common Type System is a component of the CLR that ensures that all .NET applications use the same basic data types regardless of what programming languages were used to develop the applications. ========================================================

The Common Language Runtime
Visual Basic has always used a runtime, so it may seem strange to say that the biggest change to VB that comes with .NET is the change to a Common Language Runtime (CLR) shared by all .NET languages. The reason is that while on the surface the CLR is a runtime library just like the C Runtime library, MSVCRTXX.DLL, or the VB Runtime library, MSVBVMXX.DLL, it is much larger and has greater functionality. Because of its richness, writing programs that take full advantage of the CLR often seems like you are writing for a whole new operating system API. Since all languages that are .NET-compliant use the same CLR, there is no need for a language-specific runtime. What is more, code that is CLR can be written in any language and still be used equally well by all .NET CLR-compliant languages. Your VB code can be used by C# programmers and vice versa with no extra work. Next, there is a common file format for .NET executable code, called Microsoft Intermediate Language (MSIL, or just IL). MSIL is a semi compiled language that gets compiled into native code by the .NET runtime at execution time. This is a vast extension of what existed in all versions of VB prior to version 5. VB apps used to be compiled to p-code (or pseudo code, a machine language for a hypothetical machine), which was an intermediate representation of the final executable code. The various VB runtime engines, interpreted the p-code when a user ran the program. People always complained that VB was too slow because of this, and therefore, constantly begged Microsoft to add native compilation to VB. This happened starting in version 5, when you had a choice of p-code (small) or native code (bigger but presumably faster). The key point is that .NET languages combine the best features of a p-code language with the best features of compiled languages. By having all languages write to MSIL, a kind of p-code, and then compile the resulting MSIL to native code, it makes it relatively easy to have cross-language compatibility. But by ultimately generating native code you still get good performance.

Completely Object Oriented
The object-oriented features in VB5 and VB6 were (to be polite) somewhat limited. One key issue was that these versions of VB could not automatically initialize the data inside a class when creating an instance of a class. This led to classes being created in an indeterminate (potentially buggy) state and required the programmer to exercise extra care when using objects. To resolve this, VB .NET adds an important feature called parameterized constructors. ========================================================

Another problem was the lack of true inheritance. Inheritance is a form of code reuse where you use certain objects that are really more specialized versions of existing objects. Inheritance is thus the perfect tool when building something like a better textbox based on an existing textbox. In VB5 and 6 you did not have inheritance, so you had to rely on a fairly cumbersome wizard to help make the process of building a better textbox tolerable.

Automatic Garbage Collection: Fewer Memory Leaks
Programmers who used Visual Basic always had a problem with memory leaks from what are called circular references. (A circular reference is when you have object A referring to object B and object B referring to object A.) Assuming this kind of code was not there for a reason, there was no way for the VB compiler to realize that this circularity was not significant. This meant that the memory for these two objects was never reclaimed. The garbage collection feature built into the .NET CLR eliminates this problem of circular references using much smarter algorithms to determine when circular references can be “cut” and the memory reclaimed. Of course, this extra power comes at a cost.

Structured Exception Handling
All versions of Visual Basic use a form of error handling that dates back to the first Basic written almost 40 years ago. To be charitable, it had problems. To be uncharitable (but we feel realistic), it is absurd to use On Error GoTo with all the spaghetti code problems that ensue in a modern programming language. Visual Basic adds structured exception handling the most modern and most powerful means of handling errors.

True Multithreading
Multithreaded programs seem to do two things at once. E-mail programs that let you read old e-mail while downloading new e-mail are good examples. Users expect such apps, but you could not write them very easily in earlier versions of VB.

How a Visual Basic application is compiled and run
Figure below shows how an application is compiled and run when using Visual Basic .NET. To start, you use Visual Studio .NET to create a project, which is made of one or more source files that ========================================================

contain Visual Basic statements. Most simple projects consist of just one source file, but more complicated projects can have more than one source file. A project may also contain other types of files, such as sound files, image files, or simple text files. As the figure shows, a solution is a container for projects, which you’ll learn more about in a moment. You use the Visual Basic compiler, which is built into Visual Studio, to compile your Visual Basic source code into Microsoft Intermediate Language (or MSIL). For short, this can be referred to as Intermediate Language (or IL). At this point, the Intermediate Language is stored on disk in a file that’s called an assembly. In addition to the IL, the assembly includes references to the classes that the application requires. The assembly can then be run on any PC that has the Common Language Runtime installed on it. When the assembly is run, the CLR converts the Intermediate Language to native code that can be run by the Windows operating system. Although the CLR is only available for Windows systems right now, it is possible that the CLR will eventually be available for other operating systems as well. In other words, the Common Language Runtime makes platform independence possible. If, for example, a CLR is developed for the Unix and Linux operating systems, Visual Basic applications will be able to run on those operating systems as well as Windows operating systems.


1. The programmer uses Visual Studio’s Integrated Development Environment to create a project, which includes one or more Visual Basic source files. In some cases, a project may contain other types of files, such as graphic image files or sound files. A solution is a container that holds projects. Although a solution can contain more than one project, the solution for most simple applications contains just one project. So you can think of the solution and the project as essentially the same thing. 2. The Visual Basic compiler translates or builds the source code into Microsoft Intermediate Language (MSIL), or just Intermediate Language (IL). This language is stored on disk in an assembly that also contains references to the classes that the application requires. An assembly is simply an executable file that has an .exe or .dll extension. 3. The assembly is then run by the .NET Framework’s Common Language Runtime. The CLR manages all aspects of how the assembly is run, including converting the Intermediate Language to native code that can be run by the operating system, managing memory for the assembly, enforcing security, and so on.

The VB .NET IDE: Visual Studio .NET
The concept of a rapid application development (RAD) tool with controls that you to drag onto forms is certainly still there, and pressing F5 will still run your program, but much has changed and mostly for the better. For example, the horrid Menu Editor that essentially has been unchanged since VB1 has been replaced by an in-place menu editing system that is a dream to use. Also, VB .NET, unlike earlier versions of VB, can build many kinds of applications other than just GUI-intensive ones. For example, you can build Web-based applications, server-side applications, and even console-based (in what looks like an old-fashioned DOS window) applications. Moreover, there is finally a unified development environment for all of the “Visual” languages from Microsoft. The days when there were different IDEs for VC++, VJ+ +, Visual InterDev, Visual Basic, and DevStudio are gone. Another nice feature of the new IDE is the customization possible via an enhanced extensibility model. VS .NET can be set up to look much like the IDE from VB6, or any of the other IDEs, if you like those better.


VB .NET is the first fully object-oriented version of VB

Introduction to OOP
OOP is a vast extension of the event-driven, control-based model of programming used in early versions of VB. With VB .NET, your entire program will be made up of self-contained objects that interact. These objects are stamped out from factories called classes. These objects will: • Have certain properties and certain operations they can perform. • Not interact with each other in ways not provided by your code's public interface. • Only change their current state over time, and only in response to a specific request. (In VB .NET this request is made through a property change or a method call.) The point is as long as the objects satisfy their specifications as to what they can do (their public interface) and thus how they respond to outside stimuli, the user does not have to be interested in how that functionality is implemented. In OOP-speak, you only care about what objects expose.

Classes As User-Defined Types
Another way to approach classes is to think of them as an extension of user- defined types where, for example, the data that is stored inside one can be validated before any changes take place. Similarly, a class is able to validate a request to return data before doing so. Finally, imagine a type that has methods to return data in a special form rather than simply spew out the internal representation. From this point of view, an object is then simply a generalization of a specific (data-filled) user-defined type with functions attached to it for data access and validation. The key point you need to keep in mind is that: • You are replacing direct access to data by various kinds of function calls that do the work. For example, in a user-defined type such as this: Employee Info Type Name As String Social Security Number As String Address as String End Employee Info Type the pseudocode that makes this user-defined type "smart" would hide the actual data and have functions instead to return the values. The pseudocode might look like this: Employee Info as a CLASS (hidden) Name As String - instead has functions that validate and return and change name ========================================================

(hidden)Social Security Number As String - instead has functions that validate and return and change the Social Security number (hidden) Address as String - instead has functions that validate and return and change the address and also return it in a useful form End Employee Info as CLASS

How Should Objects Interact
One key practice in OOP is making each class (= object factory) responsible for carrying out only a small set of related tasks. You spend less time designing the class and debugging it when your classes are designed to build small objects that perform relatively few tasks, rather than architected with complex internal data along with many properties and methods to manipulate the internal data. If an object needs to do something that is not its responsibility, make a new class whose objects will be optimized for that task instead of adding the code to the first object and thus complicating the original object. If you give the first object access to the second type of object, then the first object can ask the second object to carry out the required task.

Abstraction is a fancy term for building a model of an object in code. In other words, it is the process of taking concrete day-to-day objects and producing a model of the object in code that simulates how the object interacts in the real world. For example, the first object-oriented language was called Simula, because it was invented to make simulations easier. Of course, the more modern ideas of virtual reality carry abstraction to an extreme. Abstraction is necessary because: • You cannot use OOP successfully if you cannot step back and abstract the key issues from your problem. Always ask yourself: What properties and methods will I need to mirror in the object’s code so that my code will model the situation well enough to solve the problem?

Encapsulation is the formal term for what we used to call data hiding. It means hide data, but define properties and methods that let people access it. Remember that OOP succeeds only if you manipulate data inside objects, only sending requests to the object. The data in an object is stored in its instance fields. Other terms you will see for the variables that store the data are member variables and instance variables. All three terms are used interchangeably, and which you choose is a matter of taste; we usually use instance fields. The current values of these instance ========================================================

fields for a specific object define the object’s current state. Keep in mind that you should: • Never ever give anyone direct access to the instance fields.

As an example of inheritance, imagine specializing the Employee class to get a Programmer class, a Manager class, and so on. Classes such as Manager would inherit from the Employee class. The Employee class is called the base (or parent) class, and the Manager class is called the child class. Child classes are: • Always more specialized than their base (parent) classes. • Have at least as many members as their parent classes (although the behavior of an individual member may be very different).

Traditionally, polymorphism (from the Greek “many forms”) means that inherited objects know what methods they should use, depending on where they are in the inheritance chain. For example, as we noted before, an Employee parent class and, therefore, the inherited Manager class both have a method for changing the salary of their object instances. However, the RaiseSalary method probably works differently for individual Manager objects than for plain old Employee objects. The way polymorphism works in the classic situation where a Manager class inherits from an Employee class is that an Employee object would know if it were a plain old employee or really a manager. When it got the word to use the RaiseSalary method, then: • If it were a Manager object, it would call the RaiseSalary method in the Manager class rather than the one in the Employee class. • Otherwise, it would use the usual RaiseSalary method.

Advantages to OOP
At first glance, the OOP approach that leads to classes and their associated methods and properties is much like the structured approach that leads to modules. But the key difference is that: • Classes are factories for making objects whose states can diverge over time. Sound too abstract? Sound as though it has nothing to do with VB programming? Well, this is exactly what the Toolbox is! Each control on the Toolbox in earlier versions of VB was a little factory for making objects that are instances of that control’s class. Suppose the Toolbox was not a bunch of little class factories waiting to churn out new textboxes and command buttons in response to your requests. Can you imagine how convoluted your VB code would been if you needed a separate code ========================================================

module for each textbox? After all, the same code module cannot be linked into your code twice, so you would have to do some fairly complicated coding to build a form with two identical textboxes whose states can diverge over time.

Windows Forms, Drawing, and Printing
magazines or online seems to focus on features such as Web Services, using the browser as the delivery platform, ASP .NET, and other Web-based topics. The many, many improvements made to client-side Windows GUI development under .NET using the Visual Studio IDE are barely mentioned. This may sound strange to say of a Microsoft product, but GUI development in Visual Studio is underhyped; there are, in fact, many improvements that VB programmers have long awaited! Although we agree that using the browser as a delivery platform is clearly becoming more and more important, we also feel pretty strongly that the traditional Windowsbased client is not going away. In this chapter, we hope to counterbalance this general trend by showing you the fundamentals of the programming needed to build GUIs in VB .NET. We will not spend a lot of time on how to use the RAD (Rapid Application Development) features of the IDE,1 or the properties, methods, and events for the various controls in the Toolbox—doing this justice would take a book at least as long as this one. Instead, by concentrating on the programming issues involved, we hope to show you how GUI development in .NET works. At that point, you can look at the documentation as needed or wait for a complete book on GUI development to learn more. After discussing how to program with forms and controls, we take up the basics of graphics programming in VB .NET, which is quite a bit different than it was.

Form Designer Basics
For VB6 programmers, adjusting to how the VS .NET IDE handles forms and controls is pretty simple. You have a couple of new (and very cool) tools that we briefly describe later, but the basic idea of how to work with the Toolbox has not changed very much. (See the sections in this chapter on the Menu Editor and on how to change the tab order, for our two favorite additions.) For those who have never used an older version of the VB IDE, here is what you need to do to add a control to the Form window: 1. Double-click on a control or drag it from the Toolbox to the form in the default size. 2. Position it by clicking inside it and then dragging it to the correct location.


3. Resize it by dragging one of the small square sizing boxes that the cursor points to.

You can also add controls to a form by following these steps: 1. In the Toolbox, click on the control you want to add to your form. 2. Move the cursor to the form. (Unlike earlier versions of VB, the cursor now gives you a clue about which control you are working with.) 3. Click where you want to position the top left corner of the control and then drag to the lower right corner position. (You can then use Shift+ an Arrow key to resize the control as needed.)

For controls without a user interface, such as timers, simply doubleclick on them. They end up in a tray beneath the form, thus reducing clutter. You can use the Format menu to reposition and resize controls once they are on the form. Of course, many of the items on the Format menu, such as the ones on the Align submenu, make sense only for a group of controls. One way to select a group of controls is to click the first control in the group and then hold down the Control key while clicking the other members you want in the group. At this point they will all show sizing handles but only one control will have dark sizing handles.

MDI Forms
In earlier versions of VB, Multiple Document Interface (MDI) applications required you to decide which form was the MDI parent ========================================================

form at design time. In .NET, you need only set the IsMdiContainer property of the form to True. You create the child forms at design time or at run time via code, and then set their MdiParent properties to reference a form whose IsMdiContainer property is true. This lets you do something that was essentially impossible in earlier versions of VB: change a MDI parent/child relationship at run time. It also allows an application to contain multiple MDI parent forms.

Database Access with VB .NET
With each version of VB came a different model for accessing a database. VB .NET follows in this tradition with a whole new way of accessing data: ADO .NET. This means ADO .NET is horribly misnamed. Why? Because it is hardly the next generation of ADO! In fact, it is a completely different model for accessing data than classic ADO. In particular, you must learn a new object model based on a DataSet object for your results. (Because they are not tied to a single table, ADO .NET DataSet objects are far more capable than ADO RecordSet objects, for example.) In addition, ADO .NET: • Is designed as a completely disconnected architecture (although the DataAdapter, Connection, Command, and DataReader classes are still connection-oriented). • Does not support server-side cursors. ADO’s dynamic cursors are no longer available. • Is XML-based1 (which lets you work over the Internet, even if the client sits behind a firewall). • Is part of the .NET System.Data.DLL assembly, rather than being language-based. • Is unlikely to support legacy Windows 95 clients. The other interesting point is that in order to have essential features such as two-phase commit, you need to use Enterprise Services (which is basically COM+/MTS with a .NET wrapper). In VB6, a typical database application opened a connection to the database and then used that connection for all queries for the life of the program. In VB .NET, database access through ADO .NET usually depends on disconnected (detached) data access. This is a fancy way of saying that you most often ask for the data from a database and then, after your program retrieves the data, the connection is dropped. With ADO .NET, you are very unlikely to have a persistent connection to a data source. (You can continue to use persistent connections through “classic” ADO using the ========================================================

COM/Interop facilities of .NET with the attendant scalability problems that classic ADO always had.) Because data is usually disconnected, a typical .NET database application has to reconnect to the database for each query it executes. At first, this seems like a big step backward, but it really is not. The old way of maintaining a connection is not really practical for a distributed world: if your application opens a connection to a database and then leaves it open, the server has to maintain that connection until the client closes it. With heavily loaded servers pushing googles of bits of data, maintaining all those per-client connections is very costly in terms of bandwidth.

Retrieving data from a SQL Server database is similar: the syntax for the OleDb and SqlClient namespaces is almost identical. The key difference (aside from the different class names) is the form of the connection string, which assumes there is a test account with a password of apress on a server named Apress. The SQL Server connection string requires the user ID, password, server, and database name. We pass the connection string to get a connection object. Finally, as you can imagine, more complicated SQL queries are easy to construct: just build up the query string one piece at a time.



Software Engineering process
The attribute of web based system and application have a profound influence on the web engineering process that is chosen. If immediacy and continuous evolution are primary attribute of a web engineering, a web engineering team might choose an agile process model that produces web applications releases in the rapid fire sequence. On the other hand, if the web application is to be developed over a long time period) e.g., a major (e-commerce application), an incremental process model can be chosen. The network intensive nature of the application in this domain suggests a population of the user that is diverse (thereby making special demands on requirements elicitation and modeling) and an application architecture that can be highly specialized. Because web applications are often content-driven with an emphasis on aesthetic, it is likely that parallel development activities will be scheduled within the web applications process and involve a team of both technical and non technical people (e.g., copywriter, graphic designer). Defining the framework Any one of the agile process models (e.g., extreme programming, adaptive software development, SCRUM) To be effective, any engineering process must be adaptive. That is, the organization of the project team, the modes of communication among team members, the

engineering activities and tasks to be performed, the information that is collected and created, and the methods used to produce a high quality product must all be adapted tom the people doing the work, the project time line and constraint, and the problem to be solved. Before we define a process framework for web engineering, we must recognize that:


are often



That is, frame work activities will occur repeatedly as each increment is engineered and delivered.

Changes will occur frequently. These changes may occur as a result of the evaluation of a delivered increment or as a consequence of changing business conditions. Timelines are short. This mitigates against the creation and review of voluminous engineering documentation, but it does not preclude the simple reality that critical analysis, design, and testing must be recorded in some manner.



Software Model of the Project
The software model used in our Project is the Increment Model. We used incremental model because the project was done in increments or parts and these parts were tested individually. For ex. Like the Candidate Registration and music uploading Page was developed first and tested thoroughly, then other part the registration module was developed and tested individually. Incremental model combines elements of the linear sequential model with the iterative philosophy of prototyping. The incremental model applies linear sequences in a staggered fashion as time progresses. Each linear sequence produces a deliverable increment of the software. For example, word processing software may deliver basic file management, editing and document production functions in the first increment. More sophisticated editing and document production in the second increment, spelling and grammar checking in the third increment, advanced page layout in the fourth increment and so on. The process flow for any increment can incorporate the prototyping model. When an incremental model is used, the first increment is often a core product. Hence, basic requirements are met, but supplementary features remain undelivered. The client uses the core product. As a result of his evaluation, a plan is developed for the next increment. The plan addresses improvement of the core features and addition of supplementary features. This process


is repeated following delivery of each increment, until the complete product is produced.
As opposed to prototyping, incremental models focus on the delivery of an operational product after every iteration.

Advantages: • Particularly the business deadline. •





inadequate for a complete implementation by Early increments can be implemented

with fewer people. If the core product is well received.


• • • •

System / information engineering
Analysis Design Code

Increment 1


can be



Delivery of 1st increment



implement the next increment.
• Increment 2 Increments Analysis
Design Code


Delivery to manage of 2nd Test increment

technical risks. For example, the system may require
Increment 3

availability of some hardware that is under development.
Delivery of 3 It may be possible to plan early increments without the Analysis Design Code Test increment

use of this hardware, thus enabling partial functionality and avoiding unnecessary delay. Increment 4
Analysis Design Code Test

Delivery of 4th increment

Calendar time

Figure 1.6: The incremental model


Time Scheduling
Scheduling of a software project does not differ greatly from scheduling of any multitask development effort. Therefore, generalized project scheduling tools and techniques can be applied to software with little modification. The program evaluation and review technique (PERT) and the critical path method (CPM) are two project scheduling methods that can be applied to software development. Both techniques a task network description of a project, that is, a pictorial or tabular representation of tasks that must be accomplished from beginning to end of project. The network is defined by developing a list of all tasks, sometimes called the project work breakdown structure (WBS), associated with a specific project and list of orderings (sometimes called a restriction list) that indicates in what order tasks must be accomplished. Both PERT and CPM provide quantitative tools that allow the software planner to: i) Determine the critical path- the chain of tasks that determines the duration of the project ii) Establish most likely time estimates for individual tasks by applying statistical models iii) Calculate boundary times that define a time “window” for a particular task. Boundary time calculations can be very useful in software project scheduling. Riggs describes important boundary times that may be discerned from a PERT or CPM networks. • Earliest time that a task can begin when all preceding tasks are completed in the shortest possible time • The latest time for task initiation before the minimum project completion time is delayed • The earliest finish-the sum of the earliest startand the task duration • The latest finish-the latest start time added to task duration

• The total float-the amount of surplus time or leeway allowed in scheduling tasks to that so that the network critical path is maintained on schedule. Boundary time calculations lead to a determination of critical path and provide the manger with a quantitative method for evaluating progress as tasks are completed. The planner must recognize that effort expended on software does not terminate at the end of development. Maintenance effort, although not easy to schedule at this stage, will ultimately become the largest cost factor. A primary goal of software engineering is to help reduce this cost. Time-scheduling for Our Project will be like this: • • • • Project Analysis: Two Weeks GUI Designing: Three Weeks Core Coding and Algorithm: Four Weeks Testing and Debugging: Two Weeks



All software intended for public consumption should receive some level of testing. The more complex or widely distributed a piece of software is, the more essential testing is to its success. Without testing, you have no assurance that software will behave as expected. The results in a public environment can be truly embarrassing. For software, testing almost always means automated testing. Automated tests use a programming language to replay recorded user actions or to simulate the internal use of a component. Automated tests are reproducible (the same test can be run again and again) and measurable (the test either succeeds or fails). These two advantages are key to ensuring that software meets product requirements. Developing a Test Plan The first step in testing is developing a test plan based on the product requirements. The test plan is usually a formal document that ensures that the product meets the following standards:









unknown element to the product and increases the risk of product failure.

Meets product requirements. To meet customer needs, the product must provide the features and behavior described in the product specification. For this reason, product specifications should be clearly written and well understood. Does not contain defects. Features must work within established quality standards .Having a test plan helps you avoid ad hoc testing—the kind of testing that relies on the uncoordinated efforts of developers or testers to ensure that code works. The results of ad hoc testing are usually uneven and always unpredictable. A good test plan answers the following questions:

How are tests written? Describe the languages and tools used for testing. Who is responsible for the testing? List the teams or individuals who write and perform the tests. When are the tests performed? The testing schedule closely follows the development schedule. Where are the tests and how are test results shared? Tests should be organized so that they can be rerun on a regular basis. What is being tested? Measurable goals with concrete targets let you know when you have achieved success.


Types of Tests The test plan specifies the different types of tests that will be performed to ensure that product meets customer requirements and does not contain defects.

Types of Tests Test type Ensures that Each independent piece of code works Unit test correctly. Integration test All units work together without errors. Newly added features do not introduce Regression test errors to other features that are already working. Load test (also The product continues to work under called stress test) extreme usage. The product works on all of the target Platform test hardware and software platforms. These test types build on each other, and the tests are usually performed in the order shown


The testing cycle 5.1 Unit Testing A product unit is the smallest piece of code that can be independently tested. From an object-oriented programming perspective, classes, properties, methods, and events are all individual units. A unit should pass its unit test before it is checked into the project for integration. Unit tests are commonly written by the developer who programmed the unit and are either written in the

same programming language as the product unit being tested or in a similar scripting language, such as VBScript. The unit test itself can be as simple as getting and setting a property value, or it can be more complicated. For instance, a unit test might take sample data and calculate a result and then compare that result against the expected result to check for accuracy. 5.2 Integration Testing The first integration test always answers the

question, “Does the application compile?” At this point, a compilation error in any of the components can keep the integration testing from moving forward. Some projects use nightly builds to ensure that the product will always compile. If the build fails, the problem can be quickly resolved the next morning. The most common build problem occurs when one component tries to use another component that has not yet been written. This occurs with modular design because the components are often created out of sequence. You solve this or problem method by creating that stubs. provide used by Stubs the the are other nonfunctional property, components class,


component. Stubs are a kind of outline of the code you will create later. When all of the build problems are resolved,

integration testing really becomes just an extension of

unit testing, although the focus is now whether the units work together. At this point, it is possible to wind up with two components that need to work together through a third component that has not been written yet. To test these two components, you create a driver. Drivers are simply test components that make sure two or more components work together. Later in the project, testing performed by the driver can be performed by the actual component. Top-down integration testing is an incremental

approach to construction of program structure. Modules are integrated by moving downward through the control hierarchy, beginning with the main control module. Modules subordinate to the main module are incorporated into the structure in steps. The integration process is performed in five steps: 1. The main control module is used as a test driver and stubs are substituted for all components directly subordinate to the main module. 2. Depending on the integration approach selected, subordinate stubs are replaced one at a time with actual components, in breadth-first or depth-first order. 3. Tests are conducted as each component is integrated. 4. On completion of each set of tests, another stub is replaced by the real component. Regression testing may be conducted to ensure that new errors have not been introduced. The top-down strategy

verifies major control or decision points early in the test process. In a well-factored program structure, decisionmaking occurs at higher levels in the hierarchy and is thus encountered first. Bottom-up testing Bottom-up integration testing, as the name implies, begins construction and testing with atomic modules (i.e. components bottom-up, at the lowest levels in for the program structure). Because components are integrated form the processing required components subordinate to a given level is always available and the need for stubs is eliminated. A bottom-up integration strategy may be implemented using the following steps: 1. Low-level components are combined into clusters that perform a specific sub-function. 2. .The cluster is tested. Drivers are removed and clusters are combined moving upward in the program. An overall plan for integration of the software and a description of specific tests are documented in a test specification. This document contains a test plan and a test procedure. It is a work product of the software process, and becomes a part of the software configuration.





5.4 Validation testing Software validation is achieved through a series of black box tests that demonstrate conformity with requirements. A test plan outlines the classes of tests to be conducted and a test procedure defines specific test cases that will be used to demonstrate conformity with requirements. After each validation test case has been conducted, one of two possible conditions exists: i) accepted. ii) An important A deviation element of form specifications testing is is discovered and a deficiency list is created. validation configuration review. The intent of the review is to ensure that all elements of the software configuration have been properly developed and are well documented. The configuration review is sometimes called an audit. If software is developed for the use of many customers, it is impractical to perform formal acceptance tests with each one. Many software product builders use a process called alpha and beta testing to uncover errors that only the end-user is able to find. 1. The alpha test is conducted at the developer’s site by the customer. The software is used in a natural setting with the developer recording errors and usage problems. Alpha tests are performed in a controlled environment.





characteristics conform to the specifications and are


Beta tests are conducted at one or more customer

sites by the end-users of the software. Unlike alpha testing, the developer is generally not present. The beta test is thus a live application of the software in an environment that cannot be controlled by the developer. The customer records all the errors and reports these to the developer at regular intervals. 5.5 system testing System testing is actually a series of tests whose purpose is to fully exercise the computer-based system. Although each test has a different purpose, all work to verify that system elements have been properly integrated and perform allocated functions. Some types of common system tests are: Recovery testing Many computer-based systems must recover from faults and resume processing within a pre-specified time. In some cases, a system must be fault-tolerant, i.e. processing faults must not cause overall system function to cease. In other cases, a system failure must be corrected within a specified period of time or severe economic damage will occur. Recovery testing is a system test that forces the software to fail in a variety of ways and verifies that recovery is properly performed. If

recovery is automatic, re-initialization, check-pointing mechanisms, data recovery and restart are evaluated for correctness. If recovery requires human intervention, the mean-time-to-repair (MTTR) is evaluated to determine whether it is within acceptable limits. Security testing Any computer-based system that manages sensitive information or causes actions that can harm individuals is a target for improper or illegal penetration. Security testing attempts to verify that protection mechanisms built into a system will, in fact, protect it from improper penetration. During security testing, the tester plays the role of the hacker who desires to penetrate the system. Given enough time and resources, good security testing will ultimately penetrate a system. The role of the system designer is to make penetration cost more than the value of the information that will be obtained. Stress testing During earlier testing steps, white box and black box techniques result in a thorough evaluation of normal program functions and performance. Stress tests are designed to confront programs with abnormal situations. Stress testing executes a system in a manner that demands resources in abnormal quantity, frequency or volume. Essentially, the tester attempts to break the program.

A variation of stress testing is a technique called sensitivity testing. In some situations, a very small range of data contained within the bounds of valid data for a program may or cause extreme and even erroneous Sensitivity processing performance degradation.

testing attempts to uncover data combinations within valid input classes that may cause instability or improper processing. Performance testing Software that performs the required functions but does not conform to performance requirements is unacceptable. Performance testing is designed to test run-time performance of software within the context of an integrated system. Performance testing occurs through all the steps in the testing process. However, it is not until all system elements are fully integrated that the true performance of a system can be ascertained.










unexpected boundary condition or an overload causes an error. Sometimes the o/p fails to pass controls. Sometimes program bugs may appear. No matter what the problem, a previously working system that ceases to function, Isolating requires emergency when maintenance. of operational are

problems is not always an easy task, particularly combinations circumstances responsible. The ease with which a problem can be corrected is directly related to how well a system has been designed and documented. Changes in environment may lead to maintenance requirement. For example, new reports may need to be generated, competitors may alter market conditions, a new manager may have a different style of decision-making, organization policies may change, etc. Information should be able to accommodate changing needs. The design should be flexible to allow new features to be added with ease. Although software does not as wear a out result will like of hardware, integrity of the program, test data and documentation modifications. maintenance. degenerate Hence, the system need


Maintenance covers a wide range of activities such as correcting code, design errors, updating documentation types: 6.1 Types of maintenance Corrective maintenance It means repairing processing or performance failures, or making changes because of previously uncorrected problems or false assumptions. It involves changing the software to correct defects. 1. Debugging and correcting errors or failures and emergency fixes. 2. Fixing errors due to incomplete specifications, which may result in erroneous assumptions, such as assuming an employee code is 5 numeric digits instead of 5 characters. Adaptive maintenance Over time the environment for which the software was developed is likely in to change. Adaptive to the maintenance environment. For example: 1. Report formats may have been changed.





Software maintenance can be classified into four



software to accommodate changes in the external

2. New hardware may have been installed (changing from 16-bit to 32-bit environment) Perfective maintenance (Enhancement) This implies It changing the the performance beyond type or its of modifying the program to improve or enhance the system. original extends software functional requirements. This

maintenance involves more time and money than both corrective and adaptive maintenance. For example: 1. Automatic generation of dates and invoice numbers. 2. Reports with graphical analysis such as pie charts, bar charts, etc. 3. Providing on-line help system Preventive maintenance (Re-engineering) Preventive maintenance is conducted to enable the software to serve the needs of the end-user. It is done to prevent any more maintenance to the application keeping future results in focus. Changes are made to the software so that it can be corrected, adapted and enhanced more easily. For example: 1. Application rebuilding from one platform to another.

2. Changing from a single-user to a multiuser environment. In general software maintenance can be reduced by keeping the following points in mind: • • • • • • A system should be planned keeping User specs should be accurate. The system design should be the future in mind.

modular. Documentation should be complete. Proper steps must be followed during Testing should be thorough.

the development cycle.


Gather change requirements
Analyze change requirements

Device code change strategies

Apply code change strategies

Update documents

Integrate and test

Software maintenance has become an important area of work for many companies. It is mostly being carried out as fire fighting operations, rather than as systematic and planned activities.