Professional Documents
Culture Documents
Introduction 1
In this module we present an engineering approach to the development of
software systems – a software engineering approach. This means we pay
particular attention to issues of software quality, in terms of both product
(what is built) and process (how we build it).
The material is organised in a distinctive way. We adopt an object-oriented
approach to software development and assume you are familiar with the basic
concepts of objects. This approach uses a fairly standard set of development
techniques. We take a broad view, and in most units of this module these
techniques are discussed fairly independently of exactly where and when they
would be used. In parallel with this, however, Units 4, 8, and 12 feature a
running case study that demonstrates how the techniques might be applied in
practice.
There has always been debate in the computing industry about just how useful
any particular development technique is. We believe that the techniques that
have been introduced over the last 30 years or so, and many others currently
being researched, are important because they address fundamental issues
concerning software quality. You are probably already familiar with some of
the techniques used in this module. Studying these techniques is more about
how to use them to address the quality issues of what you are developing and
how you are developing it rather than about how to use them in practice.
In this module you will see a precise way of applying techniques, but we will
also discuss, in parallel, a more light-weight approach to software
development. You will become familiar with the purpose of utilising these
techniques and will also develop an understanding of when their systematic
use may or may not be appropriate. With experience you will be able to make
decisions on which is the right combination of techniques for a particular
project.
Software systems are built to meet requirements. A successful software project This leads to the developer’s
must: mantra, ‘Software must be
delivered on time, to budget and
. resolve the diverse and possibly conflicting needs of users in a disciplined to specification.’ You may know
way it in another form.
. satisfy the users’ expectations
. have been developed and delivered in a timely and economical manner
. be resilient to the changes that will be introduced during its operational
lifetime
. demonstrate good overall system quality.
This is a daunting prospect for those developing and maintaining software. A
central aim of this module is to give you the intellectual tools to cope with the
challenge.
This unit provides an introduction to software engineering. Assuming you
already have some experience of software development, some of this material
will be familiar to you, though your existing knowledge will be consolidated
5
Unit 1 Approaches to software development
6
2 Software and software engineering
Example 1
A pile of old telephones, exchange-switching gear and wiring that are
awaiting disposal may once have been a system. But heaped together, they are
not a system. Both the organisation and the connections have been lost.
A system, therefore, is greater than the sum of its parts, and it has properties
that cannot be deduced or predicted by examining any one of its components
in isolation (or even all of its components, if they are not organised and
connected). From the above example, could you deduce the properties of the
telephone system by examining a single, disconnected telephone (or even a
big pile of disconnected telephones)? No, because it no longer works as
expected, even though it has not changed physically (it is not broken).
The assembly of components that forms a system does something, it carries
out some process. This process will work on inputs, carry out transformations
and produce outputs in order to achieve a goal. If you view your body as a
system, it consists of organs, it takes oxygen and food as inputs, and does
transformations that keep you alive. As a system, it has a well-defined
boundary and a control mechanism that will keep it adapting to changes in the
environment.
This module is specifically about software systems, systems where software
plays a major role. However software does not do anything without the
hardware where it is installed and running, and software systems are usually
7
Unit 1 Approaches to software development
part of a much wider context that involves not only other technical
components, but also people, organisations and other social structures. The
‘whole’ of all these components is also known as a sociotechnical system.
Sociotechnical systems are complex systems that need to be understood as a
whole rather than as a sum of their isolated components.
In focusing on the software we will therefore be ignoring many other
components of the whole system in which software is just a part. However as
a software engineer you will need to be aware of how software is used and
the interactions with hardware, people and organisations. The popular press is
full of reports of software failures, many of which may relate directly to
problems with the software but may also relate to other issues of the wider
sociotechnical systems context as in Example 2.
Example 2
You may find it interesting to One well-studied case is that of the unmanned European Ariane 5 rocket,
read about other examples of which failed on its launching flight due to a software problem. During the
software failures, such as the launch one of its computers stopped working due to a variable exceeding a
Therac 25 software-controlled
radiation therapy machine, which limit – a data conversion resulted in an overflow software exception.
was responsible for the death of There is some controversy about where the exact blame should fall for the
several patients in the late 1980s
(Leveson and Turner, 1993).
problems that occurred, but there is an agreement that they were related to the
reuse of a module from a previous rocket without proper enforcement of
constraints. This case became well known due to the huge expense of the
rocket ($500 million), the amount of time it took to develop (10 years) and
what it meant for European space projects (Lions, 1996).
A system can be, and often is, a personal ordering of reality, the result of
seeing some degree of orderly interconnectedness in some part of the world.
So a system can be many different kinds of system simultaneously, depending
on who is studying it and why. Different viewpoints of a system correspond
to different sets of users and therefore different purposes. In this sense, it is a
subjective ordering of reality.
Example 3
A telephone system is a communications system to its users. For the engineers
who set it up and maintain it, it is a technical system (that is linked to an
employment system – a job – in their view). Similarly someone who designs
telephone switches considers each switch as a system in its own right – a
switch can record usage data as well as route your calls.
8
2 Software and software engineering
environment as being made up of those things that are not part of the system,
but can either affect the system or be affected by it. Example 4 takes you into
a particular area of interest, which is known as a domain, to look at system
boundaries and how they can change.
Example 4
A hospital is a domain where software is put to a variety of uses. A hospital
might, for example, join together a series of patient-monitoring systems with
the database management system that manages medical records, creating a
larger system with a different scope. A forward-looking hospital might wish to
go further and add weather-forecasting software. This extension would allow
planners to deal with the variations in flow of patients that arise according to
the season. Beds may be allocated and other resources, such as drugs, bought
in preparation.
SAQ 1
9
Unit 1 Approaches to software development
SAQ 2
10
2 Software and software engineering
problem – this is not always the case as software can be developed without a
specific customer in the hope that someone will buy or use it in the future.
The contract between customer and developer, as provider, includes the
requirements specification, which identifies what the software should do and
the environment in which it must work. We expect a software system to be
useful, as otherwise it cannot meet the needs of its users.
To its users, the user interface represents the software system. No matter what
functionality is contained in the software, it cannot be used to its full potential
if that interface is difficult to use. We expect a software system to be usable –
otherwise the user is hindered in their use of the software to carry out tasks.
We expect a software system to be reliable, in that errors are minimised, as
otherwise its users will not be able to perform those tasks that need its
support.
While developers are busy constructing a software system, it is probable that
the users’ needs will change. In addition new requirements are likely to be
identified once a software system becomes operational. It is also possible that
the developer may miss a requirement during the specification process. We
expect a software system to be flexible, because it is important to be able to
change it easily as time goes by. In addition, a flexible software system makes
it easy to correct errors.
In order to operate in its target environment, any design solution to a
requirements specification must be turned into machine-readable code. No
matter how useful or usable a software system might be, we expect it to be
available in the target environment, offering continually available services in
the customer’s environment.
The contract between the customer and the developer will also include
delivery dates and costs. Whatever process is used, the developer is expected
to meet such contractual constraints. We could also say that the developer’s
working practices affect the availability of a software system, including its
initial delivery and any subsequent changes. From the customer’s point of
view, the software system must be affordable to buy and maintain.
From the developer’s point of view, there must be a way of keeping control of
a project. Labour resources are the most significant component of a
developer’s contract, and often become the two-edged sword that leads to the
success or failure of a software development project.
Much of this module is concerned with the activities that lead to a useful
software system – techniques that will help you to define a requirements
specification and then produce a design solution to the problem contained in
the specification.
SAQ 3
(a) What is the defining quality of a good software system, and what are
its main characteristics?
(b) How might greater flexibility make a software system more
affordable over its whole life?
11
Unit 1 Approaches to software development
(c) Give two reasons why a delivered software system might not meet
its users’ needs.
Answer
(a) A good software system is one that meets its users’ needs. We can
characterise a good software system as useful, usable, reliable,
flexible, available and affordable.
(b) Users’ needs will change over time. The time taken to implement the
changes in requirements in a flexible system is less than for less
flexible software. As labour costs are the most significant component
of software costs, flexible software is more affordable.
(c) Software systems are usually out of date even as they are being
developed because:
◦ some needs are often missed during requirements capture
◦ users’ needs change with time.
Example 5
For anything you buy and use, there are costs associated with its purchase and
with the maintenance required for its continued operation. For example, there
are costs associated with buying a car and with its continued operation. As the
vehicle ages, the costs of maintenance rise, and there comes a point when you
have to decide whether it would be preferable to buy a new car or continue
with the existing one. Perhaps surprisingly, there are similarities between the
maintenance of vehicles and the maintenance of software.
Legacy systems
A significant problem relates to software systems that have been in operation
for some time. If a particular software system continues to meet its users’
needs, there may be little or no motivation to replace it, especially if that
12
2 Software and software engineering
Example 6
In 1992, the London ambulance service commissioned a computer-aided
dispatch (CAD) system for getting ambulances and their crews to reported
incidents. It was intended to replace an existing paper-based system. There
were two notable failures of the new system in November 1992 that resulted
in severe delays in ambulances reaching certain incidents.
The final report on the system failures (South West Thames Regional Health
Authority, 1993) identified a number of major management problems with the
project. A technical audit revealed that the CAD system was incomplete and
not fully tested. Its ability to deal with heavy loads had not been tested and
nor had a backup service been tested. There were also outstanding problems
13
Unit 1 Approaches to software development
with the accuracy of the information needed to initiate each dispatch (South
West Thames Regional Health Authority, 1993).
SAQ 4
Answer
14
2 Software and software engineering
15
Unit 1 Approaches to software development
. How do we know that all of our subproblems will fit back together again
and recreate that original problem?
The key to finding subproblems that you recognise and understand is prior
knowledge and experience. As a developer, you may know how to create a
good design or a good program, but you may not be familiar with the
problem domain.
As a developer, the problem that you face is in the world outside the
computing system, where you aim to provide a solution. The software that
you construct can provide solutions to problems because they are connected to
the world outside, as illustrated in Figure 1.
The main issue that you as a developer should focus on is solving the
problems identified by the users, rather than worrying about how to write the
program code. When projects fail it may be because of mistakes that were
made quite early on in the design stage, often resulting from poor
understanding of the problem domain, not because of what happens at the
coding stage.
Example 7
One way to find out whether you have a good solution to a problem is to
consider the kinds of complaint you would receive from users if your software
did not work properly. For example, suppose someone had made a reservation
to stay in a hotel but when they arrived, the receptionist told them that there
was no reservation in their name. In another case, they might have reserved
rooms for six people only to find that there was only room for one.
By doing such thought experiments you may often be able to spot flaws in
your solution, although of course there may always be situations you have
overlooked, so you can never be completely certain that your solution is
comprehensive.
16
2 Software and software engineering
with large and complex systems. The modules partition the system design or
code. Some typical examples of modules are:
. whole programs or applications
. software libraries
. classes, in an object-oriented language such as Java.
Although modules may appear as self-contained elements, because they are all
parts of a larger whole there must always be relationships between them that
need to be taken into account, as Example 8 shows.
These relationships limit the ability to change one module without affecting
other modules.
Example 8
In developing a software system for a typical manufacturing business, we can
identify a number of possible subsystems – areas for development, such as
systems to deal with customers, production, accounts (payments) and
deliveries. While we might want to treat these areas as independent (as
partitions), there are connections between them. For example, customers are
expected to pay for the goods that they have ordered from the business, and
the deliveries department is expected to deliver to the customer. Similarly in
the production subsystem, the progress of each customer’s order would be
tracked through the factory and on to the delivery of the completed goods to
the customer.
In general, we say that the interface to a module defines how other modules
can use that module. An interface is the means of connecting one module to Sometimes, you can define more
another. It tells you what to expect about the behaviour of a given module and than one interface for a module
what services the module will provide, without telling you how those services to allow yourself to be more
precise about which services will
will be provided. For example, the interface can define how a bank accounts be offered to different kinds of
module will respond to queries about the balance of an account or the types of client.
accounts available.
The interface of a module is a description of all the externally visible
operations and what other modules need to know and do to make use of them,
but without any details of how the operations are implemented internally.
From an object-oriented point of view, we say that the interface to the bank
accounts module is an encapsulation of what we know about accounts in a
bank.
A module that provides services to other modules may in turn need to use the
services of yet other modules. These required services are called its context
dependencies. A module’s context dependencies and its interface, including
any requirements that prospective clients need to meet, together form a sort of
contract with clients. The contract describes what the module does and what
needs to be true for the module to do it. Clients can assume that if the
necessary conditions are met the module will fulfil its specified
responsibilities.
17
Unit 1 Approaches to software development
18
2 Software and software engineering
means that changes to one part are less likely to propagate through the rest of
the system. A further benefit of low coupling is that components are easy to
replace and, potentially, reuse.
Whatever the level of coupling in a software system, it is important to know
which modules are coupled. If there were no records of the coupling between
modules, a developer would have to spend time working through the modules
to determine whether or not each was affected by a change. The result would
be a lot of effort spent on checking, even if no changes were needed.
Example 9 illustrates the danger of having more than one module making use
of common or shared data.
Example 9
Date handling has always been a problem for software developers. For
applications of a certain age, the most applicable storage format for
representing a year was a number between 0 and 99. It made sense because
1966 was stored as 66, 1989 as 89, and so on, therefore less space was
needed to store just two digits. Furthermore, if dates were stored as numbers,
tasks that involved sorting by date order were simple – 22 January 1989
stored as 890122, is after 22 December 1966 stored as 661222.
Unfortunately, a number of these applications were still in use as the year
2000 approached, so every module in every application that used the short
form of year had to be investigated.
A major aspect of the problem in Example 9 was that different developers had
different ways of reading and manipulating the values stored in variables that
used the six-figure date format. This increased the effort required to resolve
the so-called millennium bug. If developers had had a consistent way to
manipulate dates that did not rely upon the storage format, the millennium
bug would not have been an issue of concern.
Cohesion is a way of describing how closely the activities within a single
module are related to each other. Cohesion is a general concept – for example,
a department in an organisation might have a cohesive set of responsibilities
(accounts, say), or not (miscellaneous services). In software systems, a highly
cohesive module performs one task or achieves a single objective – ‘do one
thing and do it well’ is a useful motto to apply. A module should implement a
single logical task or a single logical entity.
Low coupling and high cohesion are competing goals. If every module does
only one thing at a low level of abstraction, we might need a complex edifice
of highly coupled modules to perform an activity at higher levels of
abstraction. A developer should try to achieve the best balance between the
levels of coupling and cohesion for a software system. For example, hotels
generate income by letting out their rooms to guests. The concept of room is
likely to be represented somewhere in the software system for reservations for
a hotel. It may be convenient to use a module or class representing the
concept of room to collect and store data about the income generated by
letting rooms. However a better solution is to have a separate bill or payment
module, because it is more cohesive, especially when a hotel generates income
19
Unit 1 Approaches to software development
in other ways, for example from serving meals to people who are not resident
guests.
SAQ 5
(a) Why might you consider splitting up a large project into smaller
chunks?
(b) How does the complexity of a software system affect the
maintenance task?
(c) What is a module?
(d) Why does it help to have low coupling in a software system?
(e) Give examples of the kinds of information that would be valuable
when considering a change to a given module.
(f) What are the context dependencies of a module? How do they relate
to a module’s interface?
(g) What are the benefits of using modules with defined interfaces?
(h) Why does it help to have high cohesion in the modules of a software
system?
(i) What characteristics should a module display that will help to ensure
that it is easy and cheap to develop and maintain, and that errors are
kept to a minimum?
(j) Why is it important to achieve a balance between coupling and
cohesion?
Answer
(a) There is a limit to how much one person can understand at any one
time. So there is a limit to the size of a software system that any one
person can deal with. By splitting a large project into smaller
chunks, it is possible to identify a number of more manageable tasks
for those involved.
(b) It is essential to be able to make a change to a software system
without having to know all about that system. Each change becomes
difficult when the flow of control and dependencies within programs
are complex. The greater the number and nature of the dependencies,
the harder it is to maintain a software system.
(c) A module is any identifiable part of a software system that is
considered separately. For example, modules may be subroutines (in
a procedural language equivalent to methods), classes (in an object-
oriented language), library functions or other constructs that may be
treated independently.
(d) With low coupling, there are few dependencies between modules.
Therefore changes made to one part (one or more modules) of a
software system are less likely to propagate throughout the whole
system. (A clear record of the dependencies between modules helps
you to predict the impact of a proposed change to a software
system.)
(e) There are two kinds of information that contribute to the analysis of
a proposed change:
20
2 Software and software engineering
21
Unit 1 Approaches to software development
2.6 Architecture
In software development the term architecture is associated with the overall
structure of a software system or, at a higher level, a family of software
systems. For this module, we will adopt the following definition, taken from
Bass et al (2012).
SAQ 6
22
2 Software and software engineering
presentation
application
domain
infrastructure
(OS, databases, etc)
23
Unit 1 Approaches to software development
«component»
IProvided MyComponent
MyComponent «provided»
IProvided
IRequired «required»
IRequired
required interface
(a) (b)
24
2 Software and software engineering
find service
consumer registry description
service
description
provider
service
Figure 4 Services
SAQ 7
Answer
25
Unit 1 Approaches to software development
26
2 Software and software engineering
27
Unit 1 Approaches to software development
28
3 An introduction to software development
6 There is a body of knowledge that developers might use and/or add to.
There are ways of working to support the previous five factors (such as
standards and rules for decomposition in a given context).
7 There is a recognised professional activity with its own code of practice
and legal framework.
You might like to look at some dictionary definitions of the term engineering
and see how the above observations fit them.
While there is considerable argument about the term software engineering,
there is no doubt that software development does require certain skills and
knowledge of certain ideas and principles. This section looks at what is
needed to ‘engineer software’. What should a developer do in order to
produce a software system that meets the needs of its users?
In Section 2, you saw that there are three characteristics of software that affect
its development and use – malleability, complexity and size – and that these
all contribute to the likelihood of errors. Issues arising from size and
complexity are addressed through modularisation. In order to ensure that the
introduction of errors is minimised whenever a change occurs, you need to
pay special attention to the development process.
Software development is a human activity. Software systems are developed by
one group of people for another group of people to use. The success or failure
of a project is determined by social as well as technical factors.
Users want a system that does what they need and that they can use. One that
is technically superior but does not meet these criteria will fail. Users will
resent, ignore or, in the worst case, completely reject it.
SAQ 8
29
Unit 1 Approaches to software development
30
3 An introduction to software development
31
Unit 1 Approaches to software development
project
management
maintenance
analysis
testing design
implementation
quality
management
32
3 An introduction to software development
activities and get feedback before moving on to the next activity. In particular,
iteration allows a group of people, usually developers, to perform a review of
a sequence of activities, or of an activity and its outputs.
In general, reviewing a proposed solution provides the feedback necessary to
modify it and improve the solution. Think what happens when you need to
tune a guitar or violin. You pluck a string, a note sounds, and you adjust the
tension on that string. You repeat the process until you get the desired pitch.
It is often difficult to identify all requirements and state them explicitly at the
outset of a development project. It is a good idea to start with a subset of the
requirements and incrementally grow the system with feedback from each
iteration. This approach is known as iterative and incremental development.
As shown in Figure 6, each iteration is a complete small project, with a short,
fixed timeframe (timeboxed), consisting of requirements, design,
implementation, testing and integration, and resulting in a partially working
system. Each of these repeated short iterations adds complexity until the final
system is produced.
feedback from
requirements requirements
iteration n leads
to refinement and
design design
adaptation of the
time
requirements and
implementation and implementation and
design in iteration
test and integration test and integration
n+1
and more design and more design
SAQ 9
33
Unit 1 Approaches to software development
(b) What should the role of project management be with respect to the
deliverables of a development project?
(c) What is the difference between a customer and a user?
(d) Suggest a reason why maintenance is a core activity in the
development of a good software system.
(e) What additional task is needed when the development of a software
system is partitioned into a number of increments?
(f) What are the assumptions on which the waterfall model is based?
Answer
Agile development
Agile development has become, in the last twenty years, a popular approach
to software development. It is an umbrella term used to describe a variety of
(agile) methods that promote a set of practices that encourage simpler, more
light-weight, faster and nimbler software development that can adapt to the
inevitable changes in customer requirements. The continual realignment of
development goals with the needs and expectations of the customer aims at
software that better serves its purpose.
As seen below in the manifesto, agile development is an approach to software
development that puts people and working software at the forefront of the
development process.
34
3 An introduction to software development
The movement towards a more agile way of developing software has been
gathering momentum for a long time. Many of its proponents were associated,
throughout the 1990s, with several approaches known as light-weight in
opposition to more prescriptive approaches to software development. In 2001,
leading proponents of the agile approach got together and wrote a manifesto
(Figure 7).
35
Unit 1 Approaches to software development
36
3 An introduction to software development
Example 10
Government legislation often requires software systems to be built to support
new administrative functions. When developers compete to supply such
software systems, they are asked to conform to government-approved
standards. One of those standards is known as PRINCE, which stands for
‘PRojects IN Controlled Environments’ and relates to the management of
projects and the quality of the developed software.
Commonly, developers must be able to show that their development process
conforms to the regulations set out in PRINCE. In addition, developers may
be required to adopt an approved process for their analysis and design
activities. The most common of these for use with PRINCE is known as the
structured software analysis and design methodology (SSADM).
Example 11
In certain financial areas, being first to offer some new service is the way to
make the most profit. In other words, time-to-market is critical because if you
miss out your competitor takes the spoils. When there is a need for a software
system to support such a service, development is almost a race against time.
Every aspect of the development process has to be tuned to meet the time-to-
market.
So the aim is to do the simplest things needed that could possibly work when
delivered. It also means that communication overheads must be minimised, so
there will be few developers (say, two) who work to a minimal set of agreed
37
Unit 1 Approaches to software development
procedures. Also, if the amount of actual code produced is small, the chance
of introducing errors is reduced.
Of course, there must still be testing to ensure that the software performs its
intended purpose, but if the complexity of the software is also minimal, there
will be fewer tests to do.
38
3 An introduction to software development
39
Unit 1 Approaches to software development
40
3 An introduction to software development
SAQ 10
Answer
3.4 Traceability
The need for a software system often comes from a set of potential users, who
may not be employed in the same company as the developers of the software
system. Initially developers must find out about the users’ domain and express Sometimes software development
their understanding of the problem in a form that is appropriate for the has no clearly identified customer
proposed development process. other than the developer.
Software is developed hoping
If a plan-driven process is followed, early in the process developers produce a that someone will buy it.
requirements specification document that identifies what the proposed software
system should do and the environment in which it must work. It relates what
41
Unit 1 Approaches to software development
the users want to what the developers aim to provide. This implies that there
is a need to record more than just the requirements. It allows for the tracing of
the history of each requirement from its origin in the problem domain,
through the various intermediate activities, so that it is possible to reconstruct
the significant events that led to the final operational software system.
The ability to trace the history of each requirement is known as traceability.
Among other things, traceability is essential for dispute resolution (knowing
what was agreed during a project), for seeing the effect later in the project of
changing or deleting requirements, and for demonstrating that you have dealt
with each requirement. The chosen development process will determine which
events can be reconstructed and hence determine the level of traceability. It is
important to recognise that the amount of documentation should be
commensurate with the desired level of traceability – neither too much nor too
little.
Agile approaches are sometimes identified with the demise of documentation.
The agile manifesto contrasts working software with comprehensive
documentation and agility has emerged as a reaction to heavy documentation
as required in rigorous management methods (such as the capability maturity
model).
However agile approaches take a pragmatic approach to documentation and
traceability (see Example 12). They emphasise the balance between the
amount of documentation and the pay-off it brings. Heavy documentation is
difficult to keep updated and is sometimes never used. Agile documentation
should be simple to understand, have a well-defined purpose and should
maximise the pay-off of the effort that is put into it. The involvement of
stakeholders in an agile project will help determine the amount of
documentation required.
Example 12
An agile project has documentation in the form of user stories and tests. A
user story describes some functionality required by a user, while a test is an
executable form of a user story and therefore directly related to it. Tests are
written before coding and are also directly related to the code produced.
Changes over time can therefore be tracked through with the help of a tool
that manages source code, and traceability can be preserved.
42
3 An introduction to software development
quality software and documentation should serve that purpose. The approach
taken to software development, the problem being addressed, contractual
obligations and other factors will determine how much to document and what
to document.
Keeping a project notebook is a disciplined approach to organising your
thoughts and actions as a software developer. Your project notebook is a
record of notes, thoughts, drawings, ideas and decisions (and the reasons for
taking those decisions) as you work on a project. In its simplest form a
project notebook will be paper based, but it could be recorded in files on a
personal computer.
For it to be effective, you should keep your project notebook with you at all
times, so that you can use it, save it and review it. There is no limit to what
you can record in the notebook. For example, you can note down what your
users say about their needs, make some preliminary sketches of models or
even record telephone numbers and URIs that may be useful while at work.
Whatever you record, you should date-stamp your notes, and review them on
a regular basis to ensure that your questions have been addressed and that you
have extracted the information that is useful on a given project. You must
keep accurate dates and times for the information recorded in your notebook
for the following three reasons (all of which relate to traceability):
. your project notebook may be required as evidence in some enquiry or
even in a court of law
. it helps you to review what you have done and how long you took to do
some task
. it facilitates learning.
SAQ 11
Answer
43
Unit 1 Approaches to software development
Exercise 1
What are the main problems associated with the development of software?
You should be able to identify at least six.
Solution
Here is our list of problems that affect software development (you may have
identified others):
. difficulty in capturing all the user requirements
. difficulties in managing and developing large and complex systems
. not meeting users’ requirements and avoiding dissatisfaction with the
completed software
. continual changes in user requirements (often referred to as requirements
creep)
. maintaining poorly documented software
. the presence of errors introduced unknowingly during development
. a changing world leading to changes in the needs of the users and
decreasing the usefulness of the software
. low productivity of those developing software, and difficulties in
measuring that productivity
. ensuring the quality of a software system.
44
3 An introduction to software development
Exercise 2
(a) How do you think a large-scale project differs from a small-scale project
in terms of the management of the development team?
(b) What management steps might be taken to tackle the problems that arise
in a large-scale project?
Solution
(a) As the size of a project increases, so does the number of people involved,
and consequently the complexity of the interactions involved, and the
difficulty of managing the team. As with programs, the greater the
complexity of interaction, the greater the chance of errors occurring due to
poor communication.
(b) One of the functions of software project management is to manage project
complexity. One way to achieve this aim is to modularise project teams by
splitting them up into a number of groups. Each group performs a specific
task and communicates with the other groups through one person (for
example, the head of the group). Another way, encouraged by an agile
approach to development, is to encourage practices of communication and
cooperation in development, such as working in pairs and having daily
short meetings.
Exercise 3
Process models sometimes show only the software-creation activities and
exclude software maintenance. What problems are associated with the use of
such models?
Solution
If maintenance is not mentioned, it is likely that it will not be considered to
be an integral part of the overall software process model. This may result in a
design that does not take the needs of maintenance into account, and hence a
product that is difficult and expensive to change. This is especially likely if
time and/or budget are already tight.
Exercise 4
What kinds of software system would be best suited to an iterative and
incremental development process?
Solution
Software systems where the problem can grow incrementally or where it falls
naturally into partitions, each of which represents a fairly self-contained unit
that could be developed and delivered on its own to provide the users with a
useful chunk of functionality, would be well suited to this model. An iterative
and incremental approach allows several design issues to be tackled
simultaneously and enables the system to be implemented in relatively small
steps in order to contain the complexity. Of course, this assumes that the
design can be partitioned.
45
Unit 1 Approaches to software development
Exercise 5
Figure 8 shows a spiral process for software development. Into which
quadrant of that figure does each of the seven technical activities of Figure 5
fit? Notice that there is not a one-to-one match.
Solution
The analysis, design, implementation and testing activities all fit into the
‘develop and verify a (partial) solution or product’ segment. The analysis
activity also overlaps the evaluation quadrant where objectives and risks are
analysed. The testing activity overlaps the ‘review and plan’ quadrant. The
maintenance, project management and quality management activities
(including configuration management) operate in all four quadrants.
Exercise 6
It has been said that ‘the maintenance activity begins with the first deliverable
of a development project’. What does this imply about the maintenance
activity?
Solution
This refers to the fact that there could be deliverables, such as requirements
documents, that exist prior to any software being built, and these also require
maintenance. For example, you might detect errors or inconsistencies in a
document that lists the important terms in your users’ domain, or you might
have to respond to changes in the environment, which may be due to new
regulations or market forces.
46
3 An introduction to software development
47
Unit 1 Approaches to software development
48
4 Modelling in software development
road map, for instance, may be equivalent to one kilometre on the ground.
They may however be unhelpful if they show only major roads.
We can also use one property in a model to represent another in the real
world. In the case of the road map, we can use different colours to represent
different classes or types of road. Such a road map should have a key or
legend so that those who read the map can understand what the different
coloured lines are intended to represent. On a road map, a blue line might
represent a motorway, and a yellow line a narrow track.
Models of a problem situation are only an approximate representation of that
situation. The real-world situation is normally complex – so much so that an
exact representation is likely to be impossible to achieve. The problem
therefore confronting a developer is to find some way of achieving an
acceptable balance between completeness and manageability. In a software
development project, there will be a number of practical considerations that
result in some compromise in completeness.
If the constructed model is so complex that the developer (or other team
members) cannot use it, it is of little or no value. So the model must simplify
the reality a good deal. However the developer should make explicit all
simplifying assumptions for a given model, as well as their consequences. At
some point in a development project, any of these assumptions may need to
be justified.
Models are subject to change. At the very least, they require some form of
periodic testing so that a model can maintain its correspondence with reality.
As towns and cities expand and contract, a road map must be changed to
reflect the new situation. In the worst case, a change in scope necessitates a
whole new model. For example, if there were a need to reflect the current
status of roads and the traffic density on them, a simple road map would be
inadequate.
Agile modelling
Agile modelling is Scott Ambler’s approach to lighter modelling
(Ambler, 2002). It proposes a set of values, principles and practices to help
software developers become agile modellers. These are mostly common sense
but reinforce the alignment of modelling with an agile approach. Modelling
should not be seen as a routine exercise that has to be done independently of
how models are going to be used. Models should only be done with a purpose
and up to the point where they stop being useful. There is no justification in
spending too much time in getting a model right (consistent, complete,
accurate) if the only aim is to communicate an overview of the structure that
is in the developer’s mind. A typical activity of an agile modeller is to stand
up with others in front of a whiteboard, sketch a few models, discuss these
sketches, and then discard them if they serve no further need.
In this module you will learn about different modelling techniques and how to
use them. You will practice by applying them to a case study in a systematic
way. But you will also be reflecting on how an agile approach can be taken to
modelling.
49
Unit 1 Approaches to software development
A standard notation
In developing a software system, a developer will not just use a single ‘catch
all’ model – a set of related models is more likely. It would be preferable to
have a consistent way of representing each of the different models for a given
software system. A modelling language allows the developer to make useful
connections between those different models. In software development, a
modelling language is often based on diagrams and their construction,
meaning and use. There are two sets of rules within a diagram-based
modelling language:
. one that determines what diagrams exist and what symbols are used on
each one – its syntax
. one that determines what the diagrams and symbols mean – its semantics.
What should you look for when choosing a modelling language? On any
given development project there are decisions to be made about every model.
You should favour a modelling language that:
. allows you to express the many facets of the subject of your model
. helps you to resolve misunderstandings rather than introducing new ones
. is easy to learn and use – you want to make progress quickly
. is supported by tools that allow you to use your modelling skills rather
than your drawing skills
. is widely used and is accepted within the industry.
It is advantageous if a modelling language is widely used. If you leave one
team of developers and join another that uses the same modelling language,
you need only learn about the new problem situation. The advantage is
amplified if you move to a new team in a new company. Naturally, the team
that you join will expect you to be more productive than you would be if you
had to learn a completely new modelling language.
Unified Modeling Language (UML) is now accepted as the standard object-
oriented modelling language. It is intended to be a general-purpose language
for software development. It is not meant to be a complete language for
modelling all aspects of all systems.
Its success is partly due to its separation from any particular method. It is
available for anyone to include in their own method for software development.
50
4 Modelling in software development
SAQ 12
Answer
(f) A standard modelling language helps when new people join a project
– a common modelling language reduces the time needed to enable
them to become productive team members. Also, when a modelling
language is widely used, it is likely that project components will
have been constructed using that language. This makes the software
easier and cheaper to maintain.
SAQ 13
52
4 Modelling in software development
Answer
53
Unit 1 Approaches to software development
UP phases
business modelling
requirements
implementation
testing
project management
deployment
UP disciplines iterations
The figure illustrates what a UP project might look like. The columns
represent iterations. For each discipline, the relative effort is represented
throughout the UP phases and their iterations. For instance, most of the
domain modelling (referred to as business modelling in the UP) occurs in the
early iterations of the inception and elaboration phases, while most of the
implementation occurs within the construction phase.
54
4 Modelling in software development
Views in the UP
The UP was developed by the same people who originally specified UML and
UML is its modelling language. A system’s architecture includes models that
address five different views:
. The use case view contains the basic scenarios that describe the users and
the tasks that they need to perform with the aid of a software system.
These scenarios are partitioned into use cases, which we will describe in
Unit 3.
. The logical view is concerned with the functional requirements of the
software system. What should the software do for its intended users?
Typically this involves the construction models that represent the main
elements of a system and how they interact. We will discuss these models
from Block 2 Unit 5 onwards.
. The implementation view is concerned with the organisation of the code
modules that comprise a software system. Typically it addresses the
management of source code, data files and executables.
. The deployment view is concerned with the relationship between the
various executables (and other run-time components) and their intended
computer systems. We will touch briefly on implementation and
deployment in Block 3 Unit 12.
. The process view is concerned with aspects of concurrency. What are the
processes and threads? How do they interact? It deals with such things as
response time, deadlock and fault tolerance. Concurrency is outside the
scope of this module.
Figure 10 shows that the central use case view relates to the other four views.
logical deployment
view view
process implementation
view view
Agile UP
The UP was never intended to be a heavy process and some of its practices
are also promoted by agile developers, notably iterative and incremental
development, timeboxing, dealing with requirements change and being itself
an adaptive process. It is possible to apply the UP in an agile manner and it is
often the context in which it is used – the will and experience of developers
will dictate whether an agile development takes place.
55
Unit 1 Approaches to software development
Domain modelling
Our starting point will be to document and model the structure and processes
of the organisation’s business. Starting from some description of the problem,
the initial problem statement, you will learn how to identify elements of the
real-world problem and their properties, and build corresponding structural
56
4 Modelling in software development
57
Unit 1 Approaches to software development
*
*
industry copy
of rules
requirements initiator
cancel a reservation initiator
SF12: UC_1, Step 7
goal description: the system shall assign a unique number for a reservation
goal
check-in guest
pre-condition
pre-condition
receptionist
post-condition check-out guest
post-condition
analysis
pre-condition
*
*
post-condition
post-condition
*
SAQ 14
58
4 Modelling in software development
(b) What is the role of each of the artefacts produced during domain
modelling?
Answer
Requirements
The next step is to gather and document the requirements for your system and
to model what the system is intended to do. Requirements are the expression
of the things the system must do or the qualities the system must have in
order to meet the stakeholders’ needs. Starting from some description of the
problem, you will learn how to systematically record requirements
information.
Unit 2 discusses requirements, how they are recorded and the properties we
expect them to have. In particular, you will be shown how to use the Volere
template, which provides a disciplined way of recording requirements. We
model requirements at various levels of detail, using use case models, use
cases elaborated as text and detailed software requirements stating what the
system should do.
Some artefacts involved in requirements are shown in Figure 11.
SAQ 15
Analysis
During analysis, with both use cases and software requirements, you start
looking at a system to be implemented, and build both structural and
behaviour models. The structural model evolves from that of the domain – it
no longer represents concepts from the domain, but rather entities in a
59
Unit 1 Approaches to software development
software solution. This is usually called the analysis model. Use cases and
software requirements lead to the specification of what is expected from the
system from the user perspective. The system operations show how this
behaviour can be carried out by the entities chosen.
It is at this stage also that architectural decisions are taken in terms of the
overall structure of the system.
Some artefacts involved in analysis are shown in Figure 11.
Design
During design, your goal will be to decide how the expected functionality is
to be allocated to each part of the system. You need to make choices about
which classes the system operations should be allocated to. These decisions
can be explored and documented using further behaviour models. UML uses
interaction (sequence and communication) diagrams that show a set of
classes and the messages between them.
During design both structural and behaviour models are elaborated. In fact
you will see that behaviour models are used for both external and internal
behaviour of objects.
Some artefacts involved in design are shown in Figure 11.
SAQ 16
Answer
Implementation
The implementation model is a description of the assembled components that
comprise the working version of the software. It describes how classes are
packaged together, and shows some of the relationships between such
packages of classes. These relationships are modelled using a component
diagram.
60
4 Modelling in software development
Testing
The implementation needs to be tested against its requirements to ensure that
it meets them. Tests will be drawn up based on the requirements, and held in
a test document. Notice therefore that tests can be drawn up as soon as you
know the requirements.
In fact there is a trend towards test-driven design. In this approach, the tests
for a system are drawn up before design and automated testing procedures are
set up. An initially empty implementation can be run against the tests and the
subsequent failure can be used to drive design. As time goes on, this process
is repeated as the implementation is built up, until no tests fail. This is the
approach followed by some agile approaches such as XP. In this module you
will see how you can start thinking about testing from early on in
development.
Deployment
Many significant computer systems will consist of a variety of software
components located on a number of machines communicating via a variety of
hardware and software mechanisms. A deployment model records how various
components are to be mapped onto different machines and how they will
communicate. This can be represented using a deployment diagram.
Exercise 7
Suppose you and a colleague used UML on a particular development project.
What would be the consequences of introducing symbols or notations that
were not defined in UML?
Solution
Such an extension would incur costs as well as offering potential benefits. The
costs include the need to communicate the syntax and semantics of your new
symbols or notation to other developers. The benefits include the ability to
express concepts specific to your project that could be more meaningful in
your context.
Exercise 8
In the past, there have been many attempts to standardise modelling notations
and languages. How might the choice of modelling language affect the
maintenance of a software system?
Solution
Every time a new standard notation or language is defined, it allows new
software systems to be built using that standard. It can only help with existing
software retrospectively. For example, a developer might use the new standard
to express a proposed change to the software.
There is no guarantee that an existing software system used any modelling
language at all, let alone any agreed standard for one. Even if a standard was
used, new staff arriving on the team for the purpose of maintenance might not
know about it. Each variety of standard would affect the organisation of a
61
Unit 1 Approaches to software development
62
5 Summary
Summary 5
In this unit you have extended your knowledge of the important ideas in
software development. We investigated the characteristics of a good software
system, and considered what a development process would need to include to
build such software. You saw that there is no single development process to
suit the variety of users’ requirements. However there must be a disciplined
approach to software development, especially in the case of large projects.
We introduced the notion that it is good practice to split a project into smaller,
more manageable activities. When developing good software systems, you
should focus on the users’ needs and, wherever possible, make use of
replaceable and reusable modules – components. The overall software
architecture should be constructed around the users’ requirements.
We then introduced the role of modelling in the development of software. In
particular, the concepts of object orientation allow us to represent users’
requirements in a way that reflects our natural tendency to view the world
around us in terms of objects. The way we relate the various activities of
software development and associated artefacts (including models) was then
described.
Now that you have more knowledge of the software development process, you
may wish to read Section 2 again.
On completion of this unit you should be able to:
. describe the essential characteristics of a good software system
. identify, using examples, the connections between the characteristics of a
good software system
. explain why a software system can be out of date even as it is being
developed
. explain the importance of modularisation
. suggest reasons why large software projects are prone to problems and
give examples to support your case
. give examples to support the notion that software development can be
considered as an engineering discipline
. describe the elements of a basic software development process
. illustrate the variety of different life cycles by using examples
. explain the role of documentation in a software development project
. understand the motivation for, and best practices of, an agile approach to
software development
. explain why a standard modelling language is beneficial to a development
process
. explain the benefits of the Unified Modeling Language (UML) as a
standard notation for modelling
. identify the different kinds of model used in the development of software
63
Unit 1 Approaches to software development
64
References
Ambler, S. (2002) Agile Modeling: Effective Practices for Extreme
Programming and the Unified Process [Online], New York, John Wiley &
Sons. Available at http://libezproxy.open.ac.uk/login?url=http://open.eblib.com/
patron/FullRecord.aspx?p=131031 (Accessed 2 December 2013).
Bass, D.L., Clements, D.P. and Kazman, D.R. (2012) Software Architecture in
Practice [Online], 3rd edn, Upper Saddle River, NJ, Addison Wesley.
Available at http://libezproxy.open.ac.uk/login?url=http://proquestcombo.
safaribooksonline.com/book/software-engineering-and-development/
9780132942799 (Accessed 2 December 2013).
Beck, K. (2004) Extreme Programming Explained: Embrace Change [Online],
Upper Saddle River, NJ, Addison Wesley. Available at www.open.ac.uk/
libraryservices/resource/ebook:0321278658/provider/
ProQuest_Safari_Tech_Books_Online (Accessed 2 December 2013).
Boehm, B. (1988) 'A spiral model of software development and enhancement',
Computer, vol. 21, no. 5, pp. 61–72 [Online]. Available at http://ieeexplore.
ieee.org.libezproxy.open.ac.uk/xpls/abs_all.jsp?arnumber=59 (Accessed 2
December 2013).
IEEE (1990) 610.12-1990: IEEE Standard Glossary of Software Engineering
Terminology [Online], IEEE. Available at http://libezproxy.open.ac.uk/login?
url=http://ieeexplore.ieee.org/servlet/opac?punumber=2238 (Accessed 2
December 2013).
Jacobson, I., Booch, G. and Rumbaugh, J. (1999) The Unified Software
Development Process, Upper Saddle River, NJ, Addison Wesley.
Krutchen, P. (1999) The Rational Unified Process: An Introduction, Upper
Saddle River, NJ, Addison Wesley.
Larman, C. (2005) Applying UML and Patterns: An Introduction to Object-
Oriented Analysis and Design and iterative Development [Online], Pearson.
Available at http://proquestcombo.safaribooksonline.com.libezproxy.open.ac.
uk/book/software-engineering-and-development/agile-development/0131111558
(Accessed 2 December 2013).
Leveson, N. and Turner, C. (1993) ‘An investigation of the Therac-25
accidents’, Computer, July, pp. 18–41 [Online]. Available at http://ieeexplore.
ieee.org.libezproxy.open.ac.uk/stamp/stamp.jsp?
tp=&arnumber=274940&isnumber=6812 (Accessed 2 December 2013).
Lions, J. L. (1996) ARIANE 5 Flight 501 Failure, Report by the Inquiry Board
[Online]. Available at www.di.unito.it/~damiani/ariane5rep.html (Accessed 2
December 2013).
Mašek, K., Hnetynka, P. and Bureš, T. (2009) 'Bridging the component-based
and service-oriented worlds', 2009 35th Euromicro Conference on Software
Engineering and Advanced Applications, Patras, August 27–29 2009. IEEE,
pp. 47–54 [Online]. Available at http://ieeexplore.ieee.org.libezproxy.open.ac.
65
Unit 1 Approaches to software development
uk/stamp/stamp.jsp?tp=&arnumber=5349894&isnumber=5349835 (Accessed 2
December 2013).
National Audit Office (2012) Governance for Agile Delivery [Online].
Available at www.nao.org.uk/publications/1213/governance_for_agile_delivery.
aspx (Accessed 2 December 2013).
South West Thames Regional Health Authority (1993) Report of the Inquiry
into the London Ambulance Service [Online]. Available at www0.cs.ucl.ac.uk/
staff/a.finkelstein/las/lascase0.9.pdf (Accessed 2 December 2013).
Schwaber, K. and Sutherland, J. (2011) The Scrum Guide [Online]. Available
at www.scrum.org/Portals/0/Documents/Scrum%20Guides/Scrum_Guide.pdf
(Accessed 2 December 2013).
66
Unit 2 Requirements concepts
Contents
1 Introduction 71
2 Requirements 72
2.1 The nature of requirements 73
2.2 Requirements dependencies 74
2.3 The requirements engineering process 75
2.4 An agile perspective of requirements 77
2.5 Requirements and architecture 78
2.6 Requirements and testing 79
2.7 Summary of section 81
3 Functional requirements 82
3.1 Elicitation, analysis and negotiation 82
3.2 Describing requirements 85
3.3 Summary of section 92
4 Non-functional requirements 93
4.1 Look-and-feel requirements 94
4.2 Usability and humanity requirements 95
4.3 Performance requirements 97
4.4 Operational and environmental requirements 98
4.5 Maintainability and support requirements 98
4.6 Cultural requirements 99
4.7 Legal requirements 100
4.8 Security 101
5 Conformance testing and fit criteria 107
5.1 Examples 109
5.2 SAQs and exercises 111
5.3 Summary of section 114
6 Representing the requirements 115
6.1 The Volere template 115
6.2 An agile representation of requirements 121
6.3 Summary of section 121
7 Summary 122
References 123
1 Introduction
Introduction 1
In this unit we introduce the concepts of user and software requirements. The approach taken in this unit
We discuss the importance of documenting and managing requirements, and draws in a number of ways on
the complexity of the requirements engineering process. Sections 3 and 4 that taken in Robertson and
Robertson (2012).
define the two main classes of requirements: functional and non-functional,
and Section 5 discusses the links between requirements and testing. In
Section 6 we introduce a template for requirements documentation that is
based on a well-known method in the literature.
Unit 3 will discuss in detail the techniques used to represent and specify
requirements.
71
Unit 2 Requirements concepts
2 Requirements
72
2 Requirements
. only 39 per cent of all projects were being delivered on time, on budget,
with required features and function
. 43 per cent were late or over budget or not delivering all required features
. 18 per cent were either cancelled before delivery or delivered but never
used.
In its 2010 report the Standish Group also identified major problems and
proposed its own solutions. Among these problems were the following:
. poor, or lack of, user involvement
. lack of clear business objectives
. under and over building – building features that are never used and not
building all the required features
. lack of support for agile processes and poor support for requirements and
solutions evolving together through collaborative teamwork.
Recently some authors have criticised the way data has been gathered for
these reports and the lack of open access to the data, and have even
challenged the credibility of the reports (Eveleens and Verhoef, 2010). But
even if the reports portray a worse picture for software projects than is the
case in reality, they still point to the need for a thorough understanding of
what the requirements are and the need for supportive processes.
73
Unit 2 Requirements concepts
74
2 Requirements
Example 1
In the New Jersey Department of Motor Vehicles licencing system, engineers
were faced with two conflicting goals – low development costs and rapid
development, versus the need for the system to be able to process licence
applications quickly. Unfortunately the approach they took to ensuring low
development costs and rapid development produced a system that failed
because of performance problems.
75
Unit 2 Requirements concepts
76
2 Requirements
adjustments are made. Some of the activities may be carried out to some
degree in parallel.
Figure 2 illustrates the relative effort of requirements elicitation and analysis
in the early phases of a project. Figure 2 is naturally a simplification because
it omits the other activities of the requirements engineering process. Initially,
elicitation is dominant. Most of the time the two activities interact and inform
each other – requirements elicitation informs the modelling of functionality
and data (which is part of analysis), while analysis helps to discover new
requirements.
proportion of effort
requirements
elicitation
requirements
analysis
time
77
Unit 2 Requirements concepts
78
2 Requirements
SAQ 1
Where and when does the requirements engineering process take place in
an iterative and incremental development process?
Answer
SAQ 2
Answer
79
Unit 2 Requirements concepts
SAQ 3
Answer
SAQ 4
(a) What are requirements and stakeholders and how do they relate to
each other?
(b) What are the benefits of documenting requirements within a project?
Answer
(a) Requirements are the functions and qualities that are wanted of a
product. Stakeholders are the people and organisations with a vested
interest in the product. Requirements arise from stakeholders’ needs.
(b) Requirements record decisions. They are the main reference for what
should be built and the basis for validation of the built system.
Therefore they need to be documented so that they can be used
throughout development.
SAQ 5
SAQ 6
80
2 Requirements
Answer
The definition of the system architecture and an elaboration of tests for the
requirements. When defining requirements there are implications for the
architecture of the system and each requirement will be related to some test
of the final system.
Exercise 1
(a) Who are the stakeholders in a hotel reservation system?
(b) Consider the example of a hotel reservation system and invent some
examples of the main inputs for a requirements engineering process.
Solution
(a) The hotel owners, receptionists, existing customers, the general public
accessing the system to make a reservation.
(b) Examples include:
◦ stakeholder needs – there should be a help system for first-time
users of the system
◦ domain information – rooms are identified by a number where the
first digit indicates the floor and the subsequent digits indicate the
number of the room in a floor
◦ existing documentation – the manual system used for reservations
◦ regulations and organisational standards – an acknowledgement is
sent to every customer who makes a reservation.
81
Unit 2 Requirements concepts
3 Functional requirements
Functional requirements are those requirements that specify the behaviour of a
system, as opposed to non-functional requirements, or qualities, that specify
more general properties such as usability, reliability and maintainability. In
their book Mastering the Requirements Process, Robertson and Robertson
(2012) define functional requirements as:
82
3 Functional requirements
83
Unit 2 Requirements concepts
. The customer (user) thinks of something she wants the system to do.
. The desire is written down on an index card, given a name and a
number.
. An estimate is made of how long it will take to realize the story in fully
functional and releasable form.
. Stories are factored – split into smaller stories – if it appears they will
take too long to implement as written.
. Stories are factored if one aspect of the story is more important than
others.
84
3 Functional requirements
. Stories are factored if they are long and rambling or overly general.
. Stories are prioritized.
. Stories are aggregated into collections, each collection defining the scope
of work undertaken by the team this period.
. Work products are validated. Their ability to satisfy the original story is
confirmed.
. The customer uses the developed system and new stories are conceived.
. Iterate.
(Beck and West, 2004)
85
Unit 2 Requirements concepts
Developers need to work with both types of requirements. They need user
requirements when interacting with stakeholders external to the project and
system requirements to inform system design. The two forms of requirements
are related as the software must be designed to meet the user requirements.
The first type of requirement is usually written in natural language for obvious
reasons. Natural language or more formal approaches such as mathematical
specifications can be used for system requirements. In both cases requirements
will be recorded in a structured document – you will see more about this in
Section 6.
It is important to distinguish between the requirements and the systems that
are introduced to satisfy them, that is, to produce the required behaviour –
there is a distinction to be made between a requirement and its solution. For
example there might be the requirement, ‘The system shall produce a list of
names in alphabetical order’. It would not help to specify this as, ‘The system
will sort a list of names using the bubble sort algorithm’.
You must ensure that you do not write solutions instead of requirements. You
need to understand the essence of the business, not its implementation. This is
important because it is too easy to hide significant functionality by describing
an implementation, and too easy to select one implementation when better
ones may exist.
Another issue that arises from consideration of solutions is technical solution
requirements. These relate to functionality that is needed purely because of the
chosen technology. Technical solution requirements are not there for business
reasons, but to make the chosen implementation work correctly. They are
constraints on the behaviour of the product.
It is essential to ensure that the technical requirements are not introduced
before the business requirements have been fully understood. For example,
there may be a need to authenticate the user of a system. This is a business
requirement. However, stating that this should be done in a particular way
such as using a password, as opposed to, say, an iris scan, is a technical
solution requirement.
SAQ 7
86
3 Functional requirements
Answer
87
Unit 2 Requirements concepts
SAQ 8
Answer
SAQ 9
(a) Understand the domain and determine the business processes and
business events.
(b) Determine the scope of the new system and which business events
are relevant.
(c) Draw up a set of use cases for the product associated with those
events.
(d) Describe each use case by one or more scenarios – a set of steps.
(e) Work through each step of each scenario to determine a set of
system requirements.
(f) Check for similar requirements from different use cases.
(g) Search out and remove ambiguity.
88
3 Functional requirements
SAQ 10
Exercise 2
Here is a list of requirements that apply to a product X. For each requirement
say whether it is a functional or non-functional requirement and, if it is a
functional requirement, whether it is a business requirement or a technical
solution requirement.
. X must check a user’s identity
. X must check a user’s password
. X must produce a statement of the user’s account
. X must validate the user’s identity and password within three seconds
. X must be usable by users with limited dexterity
. X must employ the company’s proprietary password maintenance system
. X must operate in arctic climates.
Solution
X must check a user’s identity functional, business requirement (the requirement states
what needs to be done, not how to do it)
X must check a user’s password functional, technical solution requirement (access to the
system can be achieved in many ways – passwords are just
one mechanism, biometrics may be more appropriate to
this product)
X must produce a statement of the user’s account functional, business requirement (the requirement states
what needs to be done, not how to do it)
X must validate the user’s identity and password within non-functional
three seconds
X must be usable by users with limited dexterity non-functional
X must employ the company’s proprietary password functional, technical solution requirement (a specific
maintenance system technology is mandated)
X must operate in arctic climates non-functional
89
Unit 2 Requirements concepts
Exercise 3
Derive some functional requirements for the step of a scenario in a hotel
management system stated as, ‘The system shall allocate an available cleaner
to each occupied room’. Confine yourself to what must be done, not how it is
to be done.
Solution
Here are some suggestions:
. the system shall identify occupied rooms
. the system shall identify available cleaners
. the system shall allocate occupied rooms among the available cleaners
while balancing their workloads.
Exercise 4
Imagine that you have been commissioned to produce a requirements-
recording tool. The purpose of the tool is to allow a requirements analyst to
record information about each requirement for a product. An important
requirement for the tool is that it should give its users the impression that they
are dealing with a stack of cards, each recording a requirement.
Without considering the detail of the information to be kept about each
requirement, identify four functional requirements for managing a collection of
such records. That is, what would you want the tool to do that would help
you record the requirements you have elicited so far and maintain those
requirements as you learn more about the required product? If the tool is to be
used on different projects what additional functionality should it possess?
Solution
Here are some of the functional requirements that relate to the management of
a set of requirements. Yours may differ.
. the product shall enable a new requirement to be entered
. the user shall be able to view each requirement in the set
. the product shall enable a user to amend (edit) an individual requirement
. the product shall enable the user to delete a selected requirement from the
set of requirements
. the product shall enable the user to view the summary of all requirements
. the product shall show all requirements that conflict with each requirement
. the product shall perform a range of checks on the set of requirements
. the user shall be able to view all requirements satisfying given criteria
. the product shall show a list of all requirements associated with a selected
business event
. the product shall enable the user to create and amend a set of requirements
for a new product.
90
3 Functional requirements
Exercise 5
From the following list of user stories indicate which ones are good stories
and why.
(a) As a user I can select the language for the pages of the website because I
am not a native speaker.
(b) As a user I can learn how to use the system easily so that I do not spend
too much time.
(c) As a chief information officer (CIO) I want the software to be written in
C++.
(d) As a user I want to be able to run the system on an Android phone.
Solution
As a user I can select the language for Good, but may be too small
the pages of the website because I am
not a native speaker
As a user I can learn how to use the Not a good story because it is not
system easily so that I do not spend too measurable
much time
As a CIO I want the software to be Not a good story because it is a
written in C++ constraint on development. It could be a
good story if the users were
programmers wanting some library to be
developed, or if there was a good reason
for it. (Notice that the reason part of the
story is missing in ‘as a [role] I want
[feature] so that [reason]’.)
As a user I want to be able to run the Good story. Notice that you can write a
system on an Android phone user story for a non-functional
requirement.
91
Unit 2 Requirements concepts
92
4 Non-functional requirements
Non-functional requirements 4
Functional requirements state what a product must do. In contrast, non-
functional requirements are qualities that the system should have: such as
being secure, fast, usable or maintainable. So, for example, while there may
be a requirement that a banking system should compute and display a client’s
balance, there may be non-functional requirements attached to this, such as it
should be done securely and within, say, five seconds.
Non-functional requirements may be associated with a particular piece of
functionality – a use case or group of use cases – or with the overall system.
If they are associated with the overall system it may well be necessary to
break down what is meant. For example, given a non-functional requirement
that ‘The system shall be secure’ it would probably be necessary to know
what this means in terms of individual use cases as well as for the overall
system. However, a non-functional requirement such as ‘All responses from
the machine shall complete in one second’ can be applied globally with little
further clarification.
One useful way to think of non-functional requirements is as constraints on
the functional requirements. From this perspective, functional requirements tell
you what the system should do, and non-functional requirements constrain the
ways in which those things are done – securely, quickly, and so on.
This means that, in effect, non-functional requirements make sense only in
relation to what they say about functional requirements. Functional
requirements are more standalone in that they can be understood in isolation,
but they by no means give the full picture of what needs to be developed.
Requirements engineers have begun to change their terminology from non-
functional requirements to quality requirements simply because the new term
is more suggestive and less confusing than the original. However, both terms
as well as some others are in common usage.
Non-functional requirements (sometimes called NFRs for short) are elicited by
working from a list of categories, deciding whether they apply to each
requirement and use case and, if so, in what way. We will explore such
categories in this section, and a list of them is used in the requirements
template introduced in Section 6.
When working with user stories, non-functional requirements that are
associated with a piece of functionality, a user story, can be annotated as
constraints in the back of a user story card. However, as you saw in
Exercise 5, user stories can also be written for non-functional requirements.
Perhaps the most surprising aspect of non-functional requirements is that not
only do they enable the functionality of the product, but also they can add up
to a significant part of the specification. The significance can be in terms of
size (the proportion of the specification dealing with non-functional
requirements) and perception (how the users perceive the product – its
usability and appearance, for example). No matter how well a product does its
93
Unit 2 Requirements concepts
work, whether or not people will use it can depend crucially on its quality
aspects.
At one time, it was generally felt that non-functional requirements were
difficult to deal with because they were felt to be ‘nebulous’. Today,
developers view non-functional requirements in the same light as functional
requirements – in order to be useful, requirements must be testable, which
We are using the terminology of means that they must be measurable. Precisely how to make non-functional
fit criteria from Robertson and requirements measurable is dealt with in Section 5, but the idea of fit criteria
Robertson (2012). is used.
In Unit 1 we mentioned the role of architecture. Non-functional requirements
constrain the choice of architecture in that the chosen architecture must allow
the required qualities such as speed or maintainability to be achieved.
Robertson and Robertson (2012) identify the following eight classes of non-
functional requirements:
. Look-and-feel requirements. The spirit of the product’s appearance.
. Usability and humanity requirements. The product’s ease of use and any
special usability considerations.
. Performance requirements. How fast, how safe, how accurate, how
reliable, and how available the functionality must be.
. Operational and environmental requirements. The environment on
which the product will have to work (under water, for example), and what
considerations must be made for this environment.
. Maintainability and support requirements. Expected changes, and the
time allowed to make them.
. Cultural requirements. Special requirements that come about because of
the people involved in the product’s development and operation.
. Legal requirements. The laws and standards that apply to the product.
. Security requirements. The security and confidentiality of the product.
While the above list represents a useful way of categorising non-functional
requirements, you should not think of it as exhaustive. Depending on context
other ways of categorising requirements may be more appropriate.
We will now consider each of the above categories in varying amounts of
detail, considering how each can be recorded. We will give particular attention
to security requirements, as at the time of writing (2013) this area is attracting
a lot of attention and they constitute a particularly interesting example of how
to deal with non-functional requirements.
94
4 Non-functional requirements
These requirements are not about the specifics of the user interface, so they
are often described in quite general terms. An exception to this is when the
product will run on an operating system and the decision is made to conform
to the quite detailed user interface guidelines provided by the manufacturers of
the operating system.
Some examples of look-and-feel requirements are:
. the product shall comply with the iOS human interface guidelines
. the product shall use only two colours
. the product should use a lot of animation
. the product shall use a large range of exciting sounds.
SAQ 11
(a) What does the phrase ‘look and feel’ refer to?
(b) When identifying non-functional requirements for the look and feel
of a product, why should you avoid the temptation to provide a
design for the user interface?
(c) The description of a look-and-feel requirement is often loosely
worded and therefore difficult to turn into a good design. What
should be done to rectify this situation?
(d) What general characteristics should the look and feel of a consumer
product have?
Answer
95
Unit 2 Requirements concepts
and humanity requirements can be split into the two issues of how ‘easy to
learn’ is the software and how ‘easy to use’ is it?
The requirement that a product be easy to learn is contextual. An easy-to-learn
website for buying books might require zero training. An easy-to-learn
accounts package might require a two-hour tutorial rather than a week of on-
site training. An easy-to-learn nuclear reactor control system might require
several months of training but not several years of experience.
Easy-to-use products are designed to facilitate efficiency and users may
require training to be done before the product can be used effectively. Such a
product might be complex and take some time to learn, but the cost of
training is outweighed by the resulting efficiency gain.
Easy-to-learn products are often aimed at tasks that are performed infrequently
and that therefore have to be relearned from time to time, and are often aimed
at the public market. When training is infeasible the products have to be easy
to learn and are not normally complex.
Another aspect of usability and humanity relates to the way a user feels
treated by a software system. A typical example of poor treatment is when a
website discards all the data you had previously filled in because the wrong
password is entered. This is not acceptable. Aspects of accessibility and
personalisation should also be considered as usability and humanity
requirements.
Some examples of usability and humanity requirements are:
. a university graduate should be able to learn to use 50 per cent of the
functionality of the product in 2 hours
. ninety per cent of the general population should be able to place an order
from a web interface within 5 minutes – 90 per cent of elderly users
should be able to place an order from a web interface within 10 minutes
. it should be possible to use the system to pay in different currencies
. the system should comply with the Disability Discrimination Act.
SAQ 12
Answer
(a) They describe how easy to use the product should be for its intended
users under specified circumstances, and how satisfied they are with
it. This includes how easy it is to learn to use the product.
(b) Usability and humanity impacts on productivity, error rates, stress
levels and acceptance. It determines how well the human part of the
system can perform.
96
4 Non-functional requirements
SAQ 13
Answer
(a) Normally the main performance requirements involve speed (the time
to do something), capacity, safety, accuracy, reliability and
availability.
(b) You should look for requirements that specify the speed and
efficiency in ways that can be measured objectively. Take into
account the possible effects of throughput and volume.
(c) It is hard to specify performance of web-based systems because there
are too many unknowns, for example the speed of connection.
97
Unit 2 Requirements concepts
SAQ 14
98
4 Non-functional requirements
to be supported that may affect the design, for example is there going to be a
help desk?
Some examples of maintainability and support requirements are:
. the product shall be able to be modified to cope with a new class of user
. the product shall be able to be modified to cope with minor changes to
European law that occur every six months on average
. the product shall be portable to all the operating systems currently used in
our Slough office.
SAQ 15
Answer
99
Unit 2 Requirements concepts
SAQ 16
(a) What is the most pressing reason for considering legal requirements?
(b) How should you determine the appropriate law that affects the
product?
Answer
(a) The cost of litigation is a risk for commercial software and can be
expensive for other software. There are penalties for non-
conformance with the law – fines, imprisonment, and loss of
reputation.
(b) Obtain help from the company’s lawyers.
100
4 Non-functional requirements
4.8 Security
This subsection provides a general introduction to issues of security and
protection. It covers some of the threats that face computer systems.
There are many definitions of security but in this module we define computer
security as being concerned with the detection and prevention of unauthorised
actions by users of a computer system. For example, you might allow
(authorise) everybody in the world to read pages on your website but only a
limited number of users would be allowed (authorised) to change or delete
those pages.
With a standalone computer it is possible to achieve security by physical
means. For example the computer could be placed in a room to which only
certain people have access. In a simple version of this scheme, those who
have access to the machine would have the power to perform any action on
the machine.
You may wish to restrict the actions of individual users and you could do this
by having a mechanism whereby the user has to provide a name and a
password for identification, then rely on the operating system to restrict
individuals to certain actions – access to data, running particular applications,
and so on. These approaches are, of course, solutions to the problem of
security, not requirements.
For a distributed computing system, which involves a number of
interconnected computers, security becomes an issue. Although
communication and sharing are the motivations for forming a distributed
computer system, you may not want to share your resources with everyone.
The same is true for communication – you may not want other people to be
able to intercept users’ communications. This interception might be passive
(just listening to the communications) or active (listening and retransmitting
the messages with or without changes).
On an external network, such as the internet, communications pass via a
number of computer systems over which the user has no control. In particular,
the user does not know what security mechanisms these systems have in
place. Therefore security goes beyond the basic protection of resources to
considering the computing system in its surroundings or environment.
A particular example where security is a major issue is that of ecommerce. We
define ecommerce as a system where commercial transactions take place
through the use of a distributed computing system, often using the internet.
Such transactions might be the sale of goods or services or banking services.
Mechanisms can be devised to stop casual attacks from pranksters or
disaffected employees, but they will not deter everyone. Also audit logs can
be kept to help identify the presence of an intrusion. Ultimately no computer
system can be completely secure from attacks, but it can be made difficult for
attacks to succeed by making the cost of mounting a successful attack high in
terms of time, money, equipment and people.
101
Unit 2 Requirements concepts
SAQ 17
Answer
(c) One useful focal point is at the boundary of the security domain for
which the administrator is responsible. In practice, this is likely to be
a firewall for a protected network.
Security requirements
Security is a good illustration of conflicting requirements. It is possible to
make a system secure to deter unauthorised access but at the cost of making
access by legitimate users extremely difficult.
Security requirements cover access, privacy, integrity, audit and immunity:
. access addresses uninterrupted or continual access to data and functionality
by authorised users
. privacy addresses the protection of data from unauthorised access and
disclosure
. integrity addresses consistency of data, the ability to prevent unauthorised
modification or deletion of data
. audit addresses both how the correctness of product and data can be
verified, and how to help detection of inappropriate access and intrusion
. immunity addresses the protection of a system against threats and attacks.
As well as costs incurred from losing data if its integrity is compromised,
there may be costs if data is unavailable because work cannot then be
completed and contractual arrangements may not be met. Important costs are
also associated with loss of privacy, as commercial secrets may be exposed,
individuals may sue, and the organisation’s reputation may be harmed in a
way that loses it future business. For example, a bank’s reputation for privacy
is critical to its ability to attract and retain customers.
102
4 Non-functional requirements
SAQ 18
Answer
103
Unit 2 Requirements concepts
Example 2
Suppose that a university uses a distributed computing system for all its
students to support distance learning. If all module and assessment material is
held within such a system, you could envisage the following security
problems:
1 disclosure of personal information
2 disclosure of educational materials to people who have not paid for them
3 disclosure of students’ assignment solutions to other students
4 unauthorised modification or alteration of data
5 unauthorised changes to educational materials
6 unauthorised alteration to students’ marks
7 denial of use or service
8 inability to access material by students
9 slow replies to service requests
10 (non-)repudiation
11 inability to verify that a student has submitted a particular assignment.
104
4 Non-functional requirements
set of rules, would govern the choice of mechanisms for use in response to
particular threats.
In a well-defined network, which contains a known set of access points, a
security policy may be straightforward. However, a single policy may not be
possible in an interconnected network where there can be multiple ownerships
of resources and the number of potential access points increases the security
threat.
In general terms, a distributed computing system may consist of a number of
domains, each one separately managed, operating different security policies
and diverse security mechanisms.
Exercise 6
Consider a patient-monitoring system in a hospital. What do you think would
be a suitable user requirement for the access of such a system? Does this
requirement imply any others? How might you measure the system’s
availability and reliability?
Solution
The first thing to discover about a patient-monitoring system is ‘who are the
users?’ Inside a hospital, the doctors and nurses will be responsible for
monitoring the patients’ health. So they will be the users, not the patients,
although patients certainly have an interest in the reliability of such systems.
A suitable requirement might be, ‘The system should be unavailable for no
more than six hours per year’.
Perhaps this also indicates another requirement, namely, ‘It must be obvious
when there is any fault’. Notice that we didn’t write something like ‘When the
system fails it should sound an audible warning’ as this would be an
unnecessary constraint which is not actually part of the requirements, even
though it might well form part of the eventual solution.
You might measure availability and reliability by the following:
. the proportion of time that the system is operating satisfactorily
. the number of false alarms.
Exercise 7
A company sells computer accessories – paper, printer ink, modems, and so
on. It wishes to introduce an ecommerce system to enable customers who
have credit accounts to use the internet for their purchases. Some customers
pay cash with order and some order on credit. Goods that are ordered on
credit are sent with an invoice to the customers, and payment is required later.
Not all the customers have credit accounts and for those that do there is a
limit to the amount of credit they can have. Customers have a customer
account number to identify themselves.
What security issues are involved in the proposed ecommerce system?
105
Unit 2 Requirements concepts
Solution
The main security issues are as follows:
106
5 Conformance testing and fit criteria
107
Unit 2 Requirements concepts
usability requirement of ‘Time taken to complete a task’ has the scale of time
– microseconds, seconds, minutes, and so on.
To find an appropriate scale of measurement, the description and rationale of
the requirement are analysed to derive a fit criterion and the scale of
measurement is the unit that is specified as a part of the fit criterion.
For example, consider the following non-functional requirement associated
with the above functional requirement:
the credit card number should be accepted securely.
The following fit criterion might be appropriate:
the credit card number should be revealed to a third party in fewer than
0.0001 per cent of cases.
Here the scale is implicitly the number of cases when the credit card number
is used.
The following non-functional requirement contains its own fit criterion, as it is
already expressed in terms of the quantity time:
the credit card number should be accepted within five seconds.
As well as fit criteria for requirements, it is also useful to have fit criteria for
groups of related requirements, for example all the requirements associated
with one use case. (Recall that a use case is a description of how a system is
to be used for a specific goal.) The fit criteria of a use case specify the
measurable goal or outcome of the use case.
It is good practice for the requirements analysts to specify fit criteria by
involving testers early in the development life cycle. In fact, the fit criteria can
be specified as the requirements are discovered and clarified. The testers act as
consultants to specify the fit criteria. From their experience, testers can help to
identify whether or not something needs to be tested and/or can be tested, and
whether the fit criteria being specified is an appropriate measure of the
requirement.
However, it may not be possible to specify the fit criteria when first eliciting a
requirement. The clarification of requirements and fit criteria may involve
visiting users and observing their current work practices, or interviewing
users, or meeting up with domain experts, determining business and resource
constraints, trade-offs between requirements, and so on.
The fit criteria are useful for developers as they develop the product to meet
the standard set by the fit criteria. Fit criteria are also acceptance criteria by
which the client can judge the product against the requirements and then
accept or reject it. Therefore fit criteria may form part of the contract between
the client and the developers.
Sometimes a requirement turns out to consist of several requirements and in
this case each requirement will have to have its own fit criterion. Sometimes
also a requirement has not been properly thought through and, while
determining the fit criterion and clarifying it with the users or client, it
108
5 Conformance testing and fit criteria
becomes clear that it is not a requirement after all and should be deleted from
the specification.
5.1 Examples
We now look at some further examples drawn from a range of systems such
as an ATM machine, websites and the OU TMA/EMA system. These illustrate
that a range of ways of tackling fit criteria are appropriate and that there is
some scope here for creativity.
109
Unit 2 Requirements concepts
110
5 Conformance testing and fit criteria
Fit criterion. The rights department has obtained clearance for all copyright
material on the site.
(a) What is the first step towards finding whether a solution fits a
requirement?
(b) What is a fit criterion?
Answer
(a) The first step towards finding whether a solution fits a requirement is
to attach a quantifiable measure to the requirement so that it is
testable.
(b) A fit criterion is a quantification or measurement of a requirement,
such that the design solution can be measured to find if it
unambiguously meets the requirement.
SAQ 20
Answer
(a) The developers of the product use the fit criteria to develop the
product to meet those criteria. The testers use the fit criteria to
determine whether the delivered product meets the original
requirements. The clients for whom the product is being developed
use the fit criteria as acceptance criteria for the product.
(b) The fit criteria can be written or elicited as the requirements are
elicited, for example once use cases have been drawn up and the
requirements for each task in each use case have been determined.
SAQ 21
Answer
111
Unit 2 Requirements concepts
tutor, then the fit criterion for this requirement is that an email has
indeed been sent to the student and reflected in the receiving
mailbox.
(b) No, the fit criteria of functional requirements do not have scales of
measurement. Success is tested in terms of a yes/no answer that
implies whether the required function is achieved or not.
(c) No, a fit criterion provides some target which, when the solution is
tested, reveals whether the solution conforms to the requirement. The
fit criterion does not indicate how the product will be tested. It
merely states that the tester should ensure that the product complies
with that fit criterion.
SAQ 22
Exercise 8
How might you determine the fit criterion for the performance requirement,
‘The customer services personnel should be able to respond rapidly to
customer queries’?
Solution
Talking to the users about their own expectations and those of their customers
might reveal that the preferred task time is one minute and currently it takes
three minutes to answer a customer query because of a cumbersome search
facility on the existing system. So the fit criterion for this requirement might
be something like, ‘The customer services personnel must be able to find an
answer to a customer’s query in not more than one minute of a customer’s
call.’
This example shows that the fit criterion is backed by empirical data of the
current situation.
Exercise 9
Here is an example of a situation and a possible fit criterion for a requirement
to address it.
Situation. Customers send letters to the customer services department
complaining about unsatisfactory experiences with a particular product.
Fit criterion. To determine customer satisfaction, a possible fit criterion would
be the number of letters complaining about the product within a defined time
period.
112
5 Conformance testing and fit criteria
Exercise 10
Listed below are some requirements and their fit criteria from the requirements
tool in Exercise 4. Assess the suitability and clarity of the fit criteria.
(a) Requirement. The product shall enable the user to view the summary of all
requirements.
Fit criterion. The product should show a summary of all requirements.
(b) Requirement. The product shall show all requirements that conflict with
each requirement.
Fit criterion. The product should show all conflicts with each
requirement.
(c) Requirement. The product shall perform a range of checks on the set of
requirements.
Fit criterion. The product should display the results of a range of
checks.
Solution
(a) The fit criterion doesn’t make it clear what the ‘summary’ consists of.
Also, it doesn’t make it clear whether it is the summary of each
requirement or a composite summary of all the requirements.
A better fit criterion might be that a list will be produced giving a one-
line summary for each requirement. This might mean that you need to
enter a name for each requirement such as ‘Accept a reservation’ at an
earlier stage.
(b) It’s not clear from the fit criterion whether the requirements that conflict
with one requirement need to be shown or whether it’s the nature of the
conflicts that needs to be shown.
113
Unit 2 Requirements concepts
Exercise 11
Are fit criteria always attainable?
Solution
No. Fit criteria should specify realistic values, but even then they are not
always attainable. Whether they are actually attainable or not depends on what
happens during the development cycle. Constraints can arise when attempting
to achieve the fit criteria because of, for example, the product’s operating
environment, the client’s budget, or time. Measurements of fit criteria can only
be made in reasonable ways and in reasonable times.
114
6 Representing the requirements
Volere template
Project drivers
These are the reasons and motivators of the project.
1 The purpose of the project. This is the reason for building the
product, and the business advantage if it is done. It describes the
problem faced by a customer, or a business opportunity a customer
wants to exploit, and it explains how the product is going to help.
For instance:
We are expanding our business internationally; our current
billing system is based on pounds sterling; we need a new
system that can deal with foreign currency.
2 The stakeholders. These are the people and organisations, other than
the users, with a vested interest in the product. They include the
client, the customer, other stakeholders and the intended end-users of
the product. Their description should also include how they affect the
product’s usability requirements. For instance:
115
Unit 2 Requirements concepts
or
No more than 100 users will be connected to the system at any one
time.
or
116
6 Representing the requirements
Non-functional requirements
These are the properties the product must have. They include the
following.
10 Look-and-feel requirements. The intended appearance and style of the
product.
11 Usability and humanity requirements. These are based on the intended
users and ergonomic acceptance of the product.
12 Performance requirements. How fast, safe, accurate, reliable,
available, and so on the product must be.
13 Operational and environmental requirements. The product’s intended
operating environment.
14 Maintainability and support requirements. How easily the product can
change and what support is needed.
15 Security requirements. The access, integrity, privacy, audit, and
immunity of the product.
16 Cultural requirements. Human factors that may affect the product.
17 Legal requirements. Conformance of the product to applicable laws
and standards.
Project issues
These are not requirements, but concerns that are brought to light by the
requirements activities. They appear in the requirements document
because they help to clarify the requirements further.
117
Unit 2 Requirements concepts
18 Open issues. These are issues that have arisen from the requirements
activities, but are not yet resolved. These issues may have to do with
changes that have occurred in the business, the requirements or the
project.
19 Off-the-shelf solutions. This is a record of ready-made components
that might be used in the project and their impact on the product
requirements.
20 New problems. This category is used to highlight possible problems
caused by the introduction of the product, for instance changes that
are required in current working practices or the need for special
training.
21 Tasks. This category highlights the effort required to deliver the
product, whether it is a complete build or the acquisition of existing
off-the-shelf solutions.
22 Migration to the new product. These are things that need to be done
after the product has been installed but before it can work
successfully. Typically, they include tasks to convert data or processes
from existing systems.
23 Risks. These are the risks the project is likely to face, together with
strategies for coping, should they become problems at some point
during the project.
24 Costs. This is an estimate of the cost or effort needed to build the
product.
25 User documentation and training. The plan for writing the user
instructions and documentation.
26 Waiting room. This covers requirements that for some reason cannot
be included in the current release of the product, but might be
included in future releases.
27 Ideas for solutions. These are design ideas that may become useful.
118
6 Representing the requirements
119
Unit 2 Requirements concepts
SAQ 23
The template is divided into a fixed set of categories, which means you are
less likely to forget some types of requirements. It also saves having to
work out what categories of requirements to deal with each time you start a
new document. It helps to communicate requirements to other developers
because if there is a standard template then everyone will know what
information to expect and in what order. It might also allow projects to be
compared and even requirements to be reused more easily.
120
6 Representing the requirements
121
Unit 2 Requirements concepts
7 Summary
In this unit you read about the importance of understanding the different types
of requirements and other relevant information. You identified the differences
between functional and non-functional requirements and the ways in which
each of these can be recorded. The importance of attaching measurable fit
criteria to each requirement was established. Finally, you saw how to make
use of the Volere template to help ensure that all the categories of
requirements are covered, and you briefly considered an alternative agile
approach with different demands on documentation.
After studying this unit you should be able to:
. understand the nature and importance of requirements
. describe the activities of a requirements engineering process
. be aware of an agile approach to requirements
. define and distinguish between functional and non-functional requirements
. describe the various types of non-functional requirements
. discuss the relation between requirements and testing
. produce clear functional and non-functional requirements
. produce measurable, and hence testable, functional and non-functional
requirements
. discuss the relation between requirements and testing
. use a requirements template to write a requirements document in a
structured way.
122
References
Alexander, I. F. and Stevens, R. (2002) Writing Better Requirements, Harlow,
Pearson Education.
Atlantic Systems Guild (2010) Atlantic Systems Guild [online]. Available at
www.systemsguild.com (Accessed 6 November 2013).
Beck, K. and West, D. (2004) ‘User stories in agile software development’, in
Alexander, I. and Maiden, N. (eds) Scenarios, Stories, Use Cases: Through
the Systems Development Life-Cycle, [Online] Chichester, Wiley, pp. 265–79.
Available at http://libezproxy.open.ac.uk/login?url=http://proquestcombo.
safaribooksonline.com/9780470861943?uicode=open (Accessed 13
February 2014).
Boehm, B. and In, H. (1996) ‘Identifying quality-requirement conflicts’, IEEE
Software, vol. 13, no. 2, pp. 25–36.
Cohn, M. (2004) User Stories Applied: For Agile Software Development,
[Online] Boston, MA, Addison Wesley. Available at http://libezproxy.open.ac.
uk/login?url=http://proquestcombo.safaribooksonline.com.libezproxy.open.ac.
uk/0321205685?uicode=open (Accessed 13 February 2014).
Eveleens, J. L. and Verhoef, C. (2010) ‘The rise and fall of the chaos report
figures’, IEEE Software, vol. 27, no. 1, pp. 30-36.
Robertson, S. and Robertson, J. C. (2012) Mastering the Requirements
Process: Getting Requirements Right, 3rd edn, [Online] Boston, MA, Addison
Wesley. Available at http://libezproxy.open.ac.uk/login?url=http://
proquestcombo.safaribooksonline.com/book/software-engineering-and-
development/software-requirements/9780132942850 (Accessed 13
February 2014).
Sommerville, I. (2011) Software Engineering, 9th edn, Boston, Pearson.
Standish Group (2010, 2012) Standish Group Blog [Online]. Available at
http://blog.standishgroup.com (Accessed 9 September 2013).
123
Unit 3 From domain modelling to
requirements
Contents
1 Introduction 129
2 Business rules and business processes 130
2.1 Business rules 130
2.2 Business processes 132
2.3 Summary of section 144
3 Simple use case models 145
3.1 Use cases 145
3.2 Emphasis on the user 146
3.3 Stepping from the problem to its solution 148
3.4 Actors 150
3.5 Describing use cases 151
3.6 Use cases in development activities 156
3.7 Use cases and agile development 160
3.8 Summary of section 165
4 More details on use case models 166
4.1 More about actors 166
4.2 Modelling the relationships between use cases 167
4.3 Problems with use cases 175
4.4 Summary of section 183
5 Getting users involved 184
5.1 Prototyping for and with the user 184
5.2 Linking activities to user interfaces 186
5.3 Summary of section 190
6 Summary 191
References 192
1 Introduction
Introduction 1
In this unit, we study some well established techniques for capturing and
documenting user requirements and system behaviour.
We start by looking at the business domain as the context in which a software
solution may be applied. The main concepts in a business domain are its
resources (people, products, information and materials), processes (the
activities that manipulate, transform and use these resources), rules that
constrain the processes and goals that define the purpose of the business
(Eriksson and Penker, 2001). Understanding the business that it is meant to
support is an essential step in developing any software solution. The Unified
Process (UP) calls this the business modelling discipline; we use the term
domain modelling. In this module we will discuss enough of the business to
understand the context and the requirements for a system within that context.
In-depth discussion of business modelling is outside the scope of this module.
Section 2 introduces the concepts of business rules and business processes,
together with activity diagrams as the technique for modelling these processes.
Once a decision has been taken to develop a software system to solve a
specific problem within a particular business, the initial set of user
requirements can be modelled. Understanding and modelling requirements for
a software solution, an activity that UP calls requirements discipline requires
understanding the business domain of the solution. Sections 3 and 4 of this
unit introduce use cases as a tool for requirements. Use cases record chunks of
functionality that users want from a system. You will study relationships
between different use cases and how they represent interaction of the users
with the intended system.
Finally, in Section 5, we consider how prototyping can help with requirements
engineering. At the end we bring all these ideas together and look at how
activity diagrams can help us identify where user interfaces will be needed.
129
Unit 3 From domain modelling to requirements
Example 1
Consider the following extract from a business description.
A typical lending library keeps a stock of books for the use of its members.
Each member can take out a number of books, up to a certain limit. After a
given period of time, the library expects members to return the books that
they have on loan.
When borrowing books, a member scans their card in the library self-service
scanning machine and then scans the barcodes of their chosen books. Each
new loan is recorded in the system for that member. When a book is on loan
to a member, it is associated with that member – possession of the book
passes from the library to the member for a defined period. The normal loan
period for each book is two weeks. If the member fails to bring the book
back on or before the due date, the library imposes a fine.
We can identify two business processes in this domain: issue a book and
return a book.
The following business rules could characterise the way this business operates.
. There is a limit to the number of books a member can take out.
. A loan is for a period that is normally two weeks.
. A loan can be renewed only three times.
. Late returns incur a fine.
130
2 Business rules and business processes
Ideally, a record of the business rules should be kept, to provide quick and
easy access whenever there is a change.
Business rules need to be correctly represented and they should support the
business processes and strategy. Their understanding is important for assessing
the quality of any solution, i.e. the verification and validation activities:
. Verification is the set of activities that ensure that a solution is being
correctly developed, in this case that it is taking into account the business
rules.
. Validation ensures that what is being built satisfies the business, i.e. that
the business rules implemented are the ones that the business wants.
Verification can be done automatically if the rules are well specified – the
models in development should be checked to ensure that they comply with
these rules. Validation of the rules is not an easy process and can only be
done through review by the stakeholders – are the rules the ones intended for
what the business wants to achieve? There is an argument for expressing
business rules in natural language, as they need to be read and understood by
business people. The language used should be well defined and structured, so
that verification can be made easier if not automatic. In Unit 2, we saw that
user stories can be annotated with constraints to express non-functional
requirements – these annotations can also be used for business rules. A simple
annotation may be a sufficient record of a business rule that is specific to a
project. A user story such as ‘As a library member I want to be able to renew
a book over the phone’ can be annotated with the business rule that constrains
the number of renewals. It is important however that traceability can be
established between the implementation and the business rules.
UML and Object Constraint Language (OCL) can also be used to represent OCL is a formal language used to
constraints. Some of the rules identified for the lending library can be represent constraints in UML 2
represented in a UML model either as annotations or using the features of the models.
model. We will look later at how each model represents the constraints
imposed. There are benefits in using OCL to represent business rules more
formally, in particular enabling automated verification. However the
representation of constraints in UML and OCL is always done in conjunction
with other models. Business rules are not first class citizens in UML – there is
no UML notation to model them explicitly and independently of other models,
so they are more difficult to manage. Ideally you should be able to analyse
and validate business rules and change them as the business evolves.
Traceability should be established between the rules of the business and their
representation throughout the development process and implementation.
SAQ 1
131
Unit 3 From domain modelling to requirements
Answer
132
2 Business rules and business processes
Example 2
Suppose, after a hard day’s work, you decide to make yourself a hot drink.
What do you do to achieve that goal? What are the actions and how do you
organise them?
We start with a process called make hot drink. At the centre of this task is
boiling water in a kettle. Usually, there are two steps.
1 Fill the kettle with water.
2 Boil the water.
There are also some decisions to be made, such as the choice of beverage. We
will consider instant coffee (as a particular scenario) to begin with. Finally,
you need a cup to drink from. Figure 1 shows an activity diagram that models
the process of making a hot drink of instant coffee with milk. It shows one
way of preparing a cup of coffee. ‘… Pour boiled water into a cup containing
coffee. Add milk. Drink coffee.’ Of course, there are other ways of achieving
the same result, and this will be true of problems in other domains.
initial
state
enter
kitchen
synchronisation
bar (a fork)
activity
fill kettle get cup
transition
boil add
water coffee
synchronisation
bar (a join)
pour drink
water add milk coffee
final
state
133
Unit 3 From domain modelling to requirements
The basic elements of an activity diagram are activities and transitions. The
completion of an activity triggers an outgoing transition. Similarly, once the
Strictly, the term used in UML 2 incoming transition has been triggered an activity may commence.
for a unit of behaviour is action,
while an activity comprises a In an activity diagram, activities are shown as rounded boxes, while
series of actions and is transitions are shown as lines with arrows. There are two predefined activities,
represented by a whole activity start and stop, which are represented as filled circles (see Figure 1). A diagram
diagram. In this module however may include more than one stop node if it makes it clearer.
we will use the term activity for
each unit of behaviour. The order of the activities of boiling the water and adding coffee to a cup is
immaterial and so we show them as two concurrent flows in the diagram. The
model shows that we expect some boiled water in the kettle and some coffee
A transition may involve the
execution of actions and these in a cup before we pour the water into the cup. Figure 1 shows two
need to be completed (even if synchronisation bars, denoted by thick horizontal lines. The upper one
they take negligible time) before denotes a fork and the lower one a join. The upper bar allows for separate
the destination activity can activities to be carried out in parallel, so between the two synchronisation bars
commence. the two separate strands can be performed concurrently. You could, for
instance, get a cup and then add some instant coffee to it before filling the
kettle with water and turning it on. Alternatively you might start boiling the
water before getting the cup and coffee. Or you could invite a friend to add
the coffee to the cup while you fill the kettle! The lower bar prevents you
from carrying on until both strands that lead into it are completed. You cannot
add the water until it has boiled and there is coffee in the cup.
The diagram is annotated with notes to indicate the features of the activity
diagram. In UML, a note is shown as a rectangle with the top right-hand
corner folded down. A dashed line is used to attach the note to the model
element to which it refers.
Example 2 showed one way of making coffee. You can model alternative
ways of making coffee in different activity diagrams. The ability to model
alternatives allows you to investigate different ways of working. For example,
you might model alternative ways to process the lending and returning of
books in order to provide a gain in efficiency.
In an activity diagram the transition from one activity to the next is denoted
by a stick arrow. It signifies that one activity has been completed and that it is
time to move on to the next one. For example, in Figure 1, once you have
filled the kettle you can boil the water by turning it on. We have assumed that
most people use hot rather than cold water when making coffee. So you wait
until the water has boiled before you add it to the cup containing the coffee.
When there are two or more alternative ways out of an activity, it is essential
to indicate under which circumstances each transition is taken. Since the flow
in an activity diagram is intended to proceed from one activity to the next, it
would not be sensible to have two or more possible outflows without giving
some idea of how the individual who is carrying out the activities might
choose between them. UML provides decision nodes to represent alternative
mutually exclusive, ways out of an activity. A decision node is drawn as a
diamond. Figure 2 shows how decision nodes are used to deal with the
possibility that the coffee cup is dirty.
134
2 Business rules and business processes
enter
kitchen
[dirty]
fill kettle get cup wash cup
[clean]
boil add
water coffee
pour drink
water add milk coffee
135
Unit 3 From domain modelling to requirements
SAQ 2
Answer
Example 3
Consider the library described in Example 1
Book issue
Figure 3 illustrates the process of issuing a copy of a book in a library. The
activity diagram has two swimlanes separated by a vertical line. The left-hand
136
2 Business rules and business processes
Member LibrarySelfServiceSystem
find a book
[more books]
[more books]
record loan
leave with
books
The diagram shows that a member looks for books on the library shelves and
selects one or more to borrow. The library needs a record of each book that
has been borrowed. So the member must first scan their library card and then
scan the selected books in the library scanning machine for the loans to be
recorded.
Figure 3 shows that transitions may cross swimlanes. The diagram shows the
repetitive business activity being performed by the member for several copies.
137
Unit 3 From domain modelling to requirements
Member LibrarySelfServiceSystem
bring books
[more books]
record return
drop books
in postbox
138
2 Business rules and business processes
SAQ 3
Answer
Exercise 1
Figure 1 shows one way to model the preparation of a cup of coffee with
milk. Redraw the figure to allow the choice between coffee with milk and
coffee without milk.
Solution
We can add a decision node to control the addition of milk to the coffee, as
shown in Figure 5.
139
Unit 3 From domain modelling to requirements
enter
kitchen
boil add
water coffee
pour drink
water coffee
[no milk]
[milk]
add milk
We can choose either to add milk or not to add milk. This choice gives rise to
alternative paths to the final activity of drinking the coffee. In contrast, the
joining synchronisation point requires that the water has boiled and that there
is coffee in a cup.
Note that with synchronisation bars, both paths are taken and execute
concurrently. With decision and merger nodes, exactly one path is taken and
there is no concurrency.
Exercise 2
Draw an activity diagram to illustrate the preparation of a pot of tea, replacing
the activities relating to coffee shown in Figure 1. The new diagram should
allow the choice of both milk and sugar when the tea is poured.
Solution
There are a number of concurrent activities that allow a fairly efficient
workflow. The activity diagram in Figure 6 shows one of the ways of making
a pot of tea. There are a number of possible ways of modelling this, and your
diagram could be slightly different but still ‘correct’. For example, ‘get cup’
could be concurrent with ‘pour water into teapot’, and some people put the
sugar and milk before pouring the tea in the cup. Note that we have not
represented all possibilities, such as warming the teapot before use or the use
140
2 Business rules and business processes
of a spoon when milk and sugar are involved. The activities of choosing
whether or not to add milk and sugar to a cup end with a diamond that joins
together the paths representing the different choices. The convention is that
the paths out of a decision node should be brought together at some stage at a
merge node or activity. For example, the high-level activity of deciding
between sugar and no sugar has been expanded in such a way that there is
only one path into the decision node and one way out from the merge node.
enter
kitchen
fill kettle
get
get tea teapot
boil
water
add tea
to teapot
pour water
into teapot
get cup
pour tea
[milk] [sugar]
drink tea
141
Unit 3 From domain modelling to requirements
Example 4
In Example 3, you saw one way to represent the borrowing and returning of
books in a library. Here we use Figures 3 and 4 to produce a single activity
diagram that models the borrowing and returning of books. When two
processes have some commonality you may want to show this by representing
them in a single diagram. But you need to be aware that diagrams may
become too complex and combining them may not be such a good idea.
To combine processes we show you a simplification of notation. We said
above that a merge node has only one outgoing node and that a decision node
has only one single input. The UML allows the combination of a merge node
with a decision node using the same symbol as shown below. We show this
here as you may encounter similar examples of combined nodes, but we
suggest that you avoid using these as they make diagrams complex.
decision
node
merge
node
142
2 Business rules and business processes
Member LibrarySelfServiceSystem
[returner]
bring books
[borrower]
[borrower looking
for more books] [no more
books or returner]
[returner]
Figure 8 An activity diagram for borrowing and returning books to the library
Although we have made several assumptions here, in reality we would ask the
librarian what happens in practice.
143
Unit 3 From domain modelling to requirements
Exercise 3
In Example 4, there are several assumptions that have been made about what
a member can and cannot do. Can you identify one such assumption?
Solution
The main assumption is that a member cannot be a borrower and a returner at
the same time. This is illustrated in the decision node at the bottom where the
member leaves with books or drops books off. The decision node at the top
also makes that assumption.
144
3 Simple use case models
145
Unit 3 From domain modelling to requirements
is something that a guest can do with the new hotel system, the phrase make
reservation would be a reasonable name for the use case for the actor Guest.
The phrase that describes a use case can, of course, hide quite complex
behaviour.
There are a number of possible things that can happen when a guest makes a
reservation. For example, a guest may or may not want to take up the hotel’s
offer. In practice, the name of a use case reflects the task’s goal. A typical
Guest, for example, expects that make reservation is going to succeed.
A use case diagram in UML is one way to record and communicate your
understanding of the use case view of a system. These diagrams may be
helpful in giving a quick overview of all use cases, but it is often the case that
a textual description of use cases (as will be seen in Section 3.5) is enough.
Figure 9 is a simplified use case diagram for the hotel reservation subsystem.
The main elements in the diagram are:
. the actors, represented by stick figures
. the use cases, represented by ovals
An association is a relationship . the relationships between actors and use cases – their associations –
between two types, in this case represented by lines.
between actor and use case,
which represents all the links
between instances of those types.
146
3 Simple use case models
its focus on the user and the system from the user’s point of view. User-
centred design involves a rapid, iterative process with comprehensive user
evaluations. But, as with all approaches to developing software, there is no
one approach that is best for all problems.
User-centred design and use cases are more concerned with external
functionality than with how internal components of a software system interact.
In short, users are interested in what the proposed software system will do,
not in how the developers will produce the software, provided that it meets
their understanding of a ‘good software system’.
The main purpose of use cases is to help with the requirements phase. In
Unit 2, we described how detailed software requirements can follow from a
description of a use case. Use cases define the scope of a system, as they
represent the interaction of a system with its environment. They also help with
project planning and quality assurance, as you will see later in this and other
units. Furthermore, they act as a discussion tool between developer and user,
and offer a common language for agreeing on the functions of the software
system.
One use case represents one of the possible ways a system can be used. The
use cases for a software system are a record of the intended user-visible
behaviour of the system. This behaviour is what the software system is
required to do when responding to the events that arise from its interactions
with a set of actors, whether people or other software systems and devices. Do
not be misled by the stick-person notation for an actor, as used in Figure 9.
Representing other (sub)systems as actors lets you focus on your area of
concern, leaving the internal structure and behaviour of the other (sub)system
to someone else or for later on.
The contents of the use case represent some task – or coherent unit of
functionality, as UML defines it – which the software system is meant to
perform. The detailed description of each use case can be held inside a
modelling tool or a document. A use case diagram is a concise representation
of the main tasks and their relevant users.
The simple notations for the elements of a use case diagram, like those in
Figure 9, are intended to be intuitive, even for a layperson who is unfamiliar
with the notation and is unlikely to know anything about UML. It is possible
to exploit this simplicity to represent the main functions of a particular
business. In Block 2 Unit 5, you will see how UML is used to represent the
business objects that the business considers to be significant. For example, if
your business were a lending library, the main functions to be represented in a
use case diagram would be the borrowing of books, DVDs and CDs by its
members. Copies of books, films and music are the things handled or used by
people and are examples of business objects.
Use cases deal with functional requirements alone. In Unit 2 you encountered
non-functional requirements. Examples of non-functional requirements for the
lending library could include:
. the number of borrowing transactions that a new software system must be
able to deal with in a given period (say, one transaction per second)
147
Unit 3 From domain modelling to requirements
. the time within which the system has to respond to queries against the
library catalogue.
No matter what non-functional requirements are asked for, the developer’s
goal is to be confident that all the critical requirements are understood before
investing any substantial effort in the development. In order to ensure that
non-functional requirements are not ‘lost’, each one needs to be associated
with the use case it relates to. We adopt a template to document each
individual requirement and related information – examples of this template
will be shown in Unit 4.
SAQ 4
Answer
148
3 Simple use case models
the actors located outside it represents the system boundary. Figure 10 shows
a boundary for the hotel-chain use cases.
a guest or a receptionist
can make a reservation
Figure 10 A use case diagram for a hotel chain, showing the system boundary
The previous figure, Figure 9, illustrates a problem. From the diagram alone,
it is not clear which of the two actors, Guest or Receptionist, initiates the
make reservation use case. It may even be that both are needed to complete
the use case successfully. In fact, potential guests will be allowed to use the
internet to make a reservation, but in other cases the receptionist will perform
the task. UML provides several ways to deal with the problem. The simplest,
which is shown in Figure 10, is to use a textual note to record this
observation, and then refine the model when you know more about the use
case.
In simple use case diagrams, it is common to leave out the box showing the
system boundary, since it is not a compulsory model element. Unless we are
discussing a complex problem that might involve several subsystems, we will
not show the system boundary.
SAQ 5
149
Unit 3 From domain modelling to requirements
external components are the actors and the internal components are the use
cases. UML says that the system boundary is optional.
3.4 Actors
Iteration is a natural part of the modelling process. It does not matter whether
you start by looking for the actors or the use cases. We have chosen to begin
with the actors, since it is a way of expressing the system boundary implicitly
and identifying the different views that need to be taken into account. In
practice, you are likely to find that the actors are to be found in the roles that
people play as employees in the problem domain, such as the hotel’s
receptionist or manager. You have already encountered these roles in activity
diagrams for the business processes of the domain.
Actors are not intended to represent particular individuals. Rather they tell us
about a particular role that someone or something might adopt in order to
interact with a software system. For example, someone who works as a
receptionist in one hotel might want to stay in another hotel as part of their
holiday, ie. they will adopt the role of a guest.
If you have drawn activity diagrams for business processes you need to decide
which of the identified roles will correspond to actors and which will not. If
you have not drawn activity diagrams for the business processes you need to
know where to start to find the actors. Given the relationship to organisational
roles, you might identify the actors by looking for the groups of people who
are going to use the software system in order to do their work. It might be
easy to find those who perform the main tasks, such as the receptionists who
work on the front desk of a hotel, but harder to find those who need the
software system in support of their administrative or maintenance tasks. For
example, would the maintenance engineers and cleaners in the hotel interact
with your intended software system directly?
In the case of the hotel chain, it is likely that you will need to pass
information about a guest’s stay to an accounting system. At some later point,
you may be asked to provide an interface to the restaurant side of the hotel in
order to associate the costs of meals with the guests who ate them. When a
guest leaves the hotel, there may be a requirement to collect payment for the
guest’s stay from an external banking or credit card system. In each case, you
should consider whether or not there is some value in an exchange between
the use case in the software system, which you are to develop, and any
identified external system. For each one that you have chosen to include, treat
it as though it were an autonomous black box. You do not need to know how
it works. You only need to know about the interface of the external system.
It is important to distinguish between an actor and the way that actor
communicates with the software system. For example, when analysing a
system you should not be concerned with the mechanism used by the
receptionist to check guests in and out of the hotel system. It could involve
the use of a keyboard and a mouse to interact with a series of screens on a
PC. It might include a TCP/IP connection or voice recognition software. You
should concentrate on the meaning of the stimuli and responses for any given
150
3 Simple use case models
use case, not the communication mechanism that is used. That mechanism is
part of the solution you intend to provide.
In situations where two or more actors are associated with a use case, one of
them must initiate the actions. The other actors will play a passive role. For
example, when a guest checks into a hotel in person, the receptionist performs
the check in process, and the guest is passive. When it comes to describing a
use case, treat the software system as a black box, as in the case of an
external system. It will accept stimuli from the actors and generate responses.
SAQ 6
(a) Explain why the actors in a use case diagram do not represent actual
individuals.
(b) Suggest a guideline that will help you decide whether or not to
include an interaction with an external system on your use case
diagram.
(c) Are roles in business process models the same as actors in use cases?
Answer
151
Unit 3 From domain modelling to requirements
description of the use cases that you and the customer can agree upon. For
example, a description of the check in guest use case might be as follows (for
a particularly simple system).
Upon arrival, each guest provides the reference number for their reservation
to the hotel’s receptionist, who enters it into the software system. The
software system reveals the details of that reservation for the guest to
confirm. The software system allocates an appropriate room to that guest and
opens a bill for the duration of the stay. The receptionist issues a key for the
room.
Having read this description you are probably thinking of all the deficiencies
it contains. In real life, you would of course check with the customer to
clarify that the description contains all the necessary information. However,
for the sake of our imaginary example, we will assume the description given
is sufficient.
152
3 Simple use case models
Main scenario
The guest wants to reserve a double room at the Ritz Hotel for 14 July. A
double room is available for that date, and so the system makes a
reservation for the guest.
Unsuccessful scenario
The guest wants to reserve a single room at the Savoy Hotel for the first
week of August. There is no single room that is free for seven days in
August, but there is one room available for four days and another of the
same type for the following three days. The system presents that option to
the guest, who rejects it.
Both scenarios are possible instances of the make reservation use case. Their
interactions and outcomes are different. In the first, there is a description of
the use case leading to a successful outcome. In the second, there is an
exception to the main success scenario. Exceptions to the normal behaviour
for a use case are common, especially where actors decide to cancel a use
case without completing it. However the common theme among all the
scenarios is the intent of an actor to reach the goal defined by a use case. In
the unsuccessful scenario above, the guest was trying to make a reservation at
the Savoy Hotel but rejected the option of changing rooms during the stay.
This sort of situation is common and a use case must always cater for any
unusual or alternative courses of action that are likely, as you will see in
subsection 3.6.
153
Unit 3 From domain modelling to requirements
You could start with the simple identification of a use case and its main
success scenario, and refine or adapt it during the process of development.
You will need to decide the way in which you record the information for each
use case – not just for the main success scenario but for all the relevant
scenarios. At its simplest, you can record a textual description (narrative) that
details each scenario together with its outcome.
154
3 Simple use case models
The guest/receptionist selects the desired hotel, dates and type of room.
2
The hotel system provides the availability and price for the request. (An
3
offer is made.)
The guest/receptionist agrees to proceed with the offer.
4
The guest/receptionist provides identification and contact details for the
5
hotel system’s records.
The guest/receptionist provides payment details.
6
The hotel system creates a reservation and gives it an identifier.
7
The hotel system reveals the identifier to the guest/receptionist.
8
The hotel system creates a confirmation of the reservation and sends it to
9
the guest.
SAQ 7
(a) What is the relationship between a use case and a scenario? Give
examples to illustrate your answer.
(b) What is meant by a main success scenario?
155
Unit 3 From domain modelling to requirements
Answer
(a) For each use case there is a set of possible scenarios. A scenario is
an instance of a use case. A scenario describes a sequence of
interactions between the system and some actors.
Here are two examples of scenarios. A member of a lending library
wishes to borrow a book, and is allowed to do that as long as they have
no outstanding loans. Another member wishes to borrow a book, but
has exceeded the quota for the number of books that can be borrowed.
In each scenario the member wishes to borrow a book, but both the
circumstances and outcomes of events are different in each instance. So
a use case includes a complex set of requirements that the system must
meet in order to cope with every eventuality.
(b) The main success scenario shows the steps normally followed to
achieve the stated goal of the use case. But there can be other
scenarios for the same use case, each one having different outcomes
depending upon circumstances.
156
3 Simple use case models
157
Unit 3 From domain modelling to requirements
. coverage, which requires that the initial set of use cases should give an
overall view of the system
. criticality, measured in terms of business value – the main business
processes, for example. The main functions of the system should be
covered early.
In many cases, there will be one or more immovable deadlines that will affect
your choice. In some circumstances, you may be faced with the choice of
removing functionality from your use case model in order to meet such
deadlines.
158
3 Simple use case models
For example, you would design test cases to show that a guest can make a
reservation for a room in the hotel. In the same way, you could also show that
reservations are not possible when there are no rooms available for an
identified stay in the desired hotel.
SAQ 8
Answer
(a) Use cases help with requirements capture through the identification
of actors and tasks in the system. For each actor, the set of use cases
establishes what that actor requires from the software system. The
association between an actor and a use case is about communication.
(b) Detailed software requirements can be associated with each step in a
use case scenario. There may be more than one requirement for each
step.
(c) One of the difficulties that developers face is planning delivery
times. Often a customer can put pressure on the developer to meet a
particular deadline. It is part of the developer’s job to elicit from the
users the use cases that have the highest priority and to indicate what
functionality in the software system can be met under such
constraints. The use case descriptions help the developer to:
◦ understand the complexity of each use case
◦ determine which actors interact with each use case and to
what extent
◦ establish which use cases carry the most risk
◦ estimate how long each use case is likely to take to
implement.
Understanding these aspects of the system can help developers plan the
order in which the use cases should be developed, and provide an
appropriate time frame. Several criteria – such as risk, coverage and
criticality – can be used to help establish priorities of use cases.
(d) Use cases, as standalone chunks of system specification, dictate the
sorts of functionality that need to be provided by the system and
constitute an aid for identifying interfaces in an architecture. Use
cases can also be grouped in terms of similar functionality, therefore
influencing the architecture of the system. Scenarios can be used to
check how an architecture meets non-functional requirements, in
particular those that can be affected by the architecture, such as
security and safety requirements.
159
Unit 3 From domain modelling to requirements
160
3 Simple use case models
Exercise 4
A typical lending library (as the one in Example 1) keeps a stock of books for
the use of its members. Each member can take out a number of books up to a
certain limit. After a given period, the library expects members to return the
books that they have on loan.
When borrowing books, members are expected to scan a library card in the
library self-service scanning machine and then scan the barcodes of their
chosen books. Each new loan is recorded in the system for that member.
When a book is on loan to a member, it is associated with that member –
possession of the book passes from the library to the member for a defined
period. The normal loan period for each book is two weeks. If the member
fails to bring the book back on or before the due date, the library imposes a
fine.
The library wants to extend the existing system so that anyone should be able
to browse the stock of books held in the library, but only a member will be
able to reserve a book. The ability to browse and make reservations will be
provided through a web-browser interface.
In the extension to the existing system, the librarians should also be able to
enrol new library members.
Draw a simple use case diagram for the proposed extension to the library, and
identify the constraints or assumptions that you make. (Ignore the issue of
fines, because there is not enough information.)
Solution
A good first step is to establish the context for the proposed system by
identifying the actors that surround it. When you have identified the actors
you can investigate the behaviour that each one will expect from the proposed
system, which will eventually give rise to the use cases for your model.
Your task is to determine the roles that people will adopt in order to use the
proposed software system. In general the customer (the person who is buying
the software) will have some say in who is a legitimate user. In this problem
domain the library owns the books. Librarians are responsible for the
enrolment of new members.
Browsing through the library’s catalogue is a common activity performed by
both members and librarians. As a catalogue is only a kind of list that shows
what the library offers for loan, it can be read by anyone: non-members are
also to be allowed to browse the catalogue.
There appear to be two scenarios related to the activity of reservation. In the
first, a member might want to borrow a specific book but finds that all the
available copies are out on loan. In the second, a member might want to make
sure that at least one copy is available and reserve it in order to avoid a
wasted trip to the library.
There is already a library self-service system that deals with the borrowing
and returning of books. We would need to investigate what this system does,
but here we assume it deals with the updating of members’ and books’
161
Unit 3 From domain modelling to requirements
records. We can consider this system as an actor that will deal with this part
of the extended library system.
We conclude that there are four basic actors:
. Member
. Librarian
. Browser
. LibrarySelfServiceSystem
What is missing from the given description of the system is any indication of
how people join the library and become members. Is there a fee to join the
library? Do prospective members have to prove their identity? How do
members prove their membership? So this is a potential use case that requires
later elaboration.
In addition, someone – a librarian, we presume – will be expected to make
sure that the catalogue reflects the actual stock held at the library. A
corresponding use case is needed for this.
Our solution includes six basic use cases for the library software system:
. borrow copy of book
. return copy of book
. reserve book
. browse catalogue
. update catalogue
. enrol new member
Figure 11 shows a possible use case diagram for the proposed system. You
may have used different names on your diagram, and you may have identified
a different number of use cases – there is no one correct solution. You may
have defined use cases that combine two or more of our use cases, but in
doing this it is likely that you assumed knowledge of the internal structure of
the proposed system. In a use case diagram, you should identify only the
behaviour that will bring some discernible value to at least one actor.
In reaching your solution, you might have gone through several iterations.
This is to be expected. Your first guess could have been done in your
notebook, as opposed to using a tool. In practice, you might alternate between
pencil and paper and a tool. Whatever your chosen means of recording, focus
on getting a useful result. A rough diagram that is useful is better than a
pretty one that is not!
Finally, you should have included some notes with both the diagram and the
elements in it. For example, in Figure 11, the borrow copy of book use case
has a note associated with it indicating the loan period. Notes are an excellent
way to record constraints on the behavioural requirements.
162
3 Simple use case models
two-week
loan period
reserve book
update catalogue
Librarian
new use case that
requires further elaboration
Exercise 5
Suggest a precondition and a postcondition for a check out guest use case that
appears in Figure 10. The goal of this use case is for the guest’s bill to be
paid and the room made available.
Solution
Precondition: the guest must be currently allocated to a room.
163
Unit 3 From domain modelling to requirements
Postcondition: the room will have been made available (either designated as
free to be reserved by another guest or assigned to a pending reservation) and
the guest’s bill will have been paid.
Exercise 6
Prepare a textual description of the check in guest use case that appears in
Figure 10. Follow the example of Table 1, which shows the main success
scenario and other criteria for the make reservation use case. As part of your
working, identify any exceptions to the main success scenario (you will learn
how to record these formally in Section 4). You will need to make some
reasonable assumptions that need to be recorded.
Solution
The actor for the check in guest use case is the Receptionist, as shown in
Figure 10. You need to consider the exchanges that take place between a guest
and the hotel’s receptionist. This is an assumption, as there are some hotels
with automatic check-in and no receptionists; we are not considering that type
of hotel.
The main success scenario describes the simplest path for checking a guest
into a room in a hotel. Our solution is shown in Table 2.
164
3 Simple use case models
The hotel system opens a bill for the guest. (It could be that there is a
6
separate billing package, which must be notified upon check in.)
The receptionist issues a key to the guest.
7
Even at this early stage in the development, it is possible to see that a further
partitioning can be performed on the check in guest use case. The main
business of hotels is to provide rooms for guests, receiving payment in return.
However a typical hotel is likely to provide more than just the rental of
rooms. For example, the hotel’s restaurant could be available to the general
public, and in larger hotels there could be function rooms for meetings and
wedding receptions. As a result, we might decide to have a separate use case
that deals with payment.
The following exceptions could be considered: a guest does not have a
reservation, a guest has a reservation but lost the reservation number, or a
guest has a reservation but decides to change the type of room. We will
explore ways of recording such exceptions in Section 4.
165
Unit 3 From domain modelling to requirements
166
4 More details on use case models
SAQ 9
167
Unit 3 From domain modelling to requirements
In both situations, the new tasks become new use cases and, as you will see
below, UML provides a suitable notation to represent the relationship between
the original use cases and the new ones.
The main disadvantage of this approach is the additional complexity it brings
to a model, in contrast to the simple use cases considered in the previous
section. The simplest advice for you as the developer is to remember why you
are creating the model and who it is for. We consider the problems of use case
modelling later in this section.
Stereotypes
UML is extensible – it is possible to add to its basic language. One way this
can be done is by adding stereotypes. A stereotype can be used to specialise
a UML model element of any kind. For example, a class can be given the
stereotype «abstract», to show that it is a class of a special sort.
The convention is that a UML stereotype name is always enclosed between
double angle brackets «…» called guillemets.
UML predefines a number of stereotypes and we can also add our own. For
instance, we could add a stereotype «tm354» but we would need to agree on
its meaning. Stereotypes that are most often used in practice are the ones
already defined in UML, because they are generally accepted and understood.
The two predefined stereotypes we are concerned with here are «include» and
«extend».
168
4 More details on use case models
«include»
extend loan
Librarian
check reservation
«include»
Members of a lending library can borrow a certain number of books and, for
any book borrowed, renew the loan up to three times. A loan can only be
renewed if there are no existing reservations for that book by other members,
when all other copies are on loan. Let us assume that when a member returns
a book there must be a check to see whether there are outstanding reservations
for that book by other members. In this case the book will not be returned to
the shelf, but will instead be assigned to the highest priority reservation. This
same check needs to be carried out when a member extends a loan. The
reservation check is a shared piece of behaviour, a common scenario, which
can be developed separately as the check reservation use case. Note that this
is unconditional behaviour – the reservation check must be performed
whenever a loan is extended or a book is returned.
A dependency arrow has a source (where it comes from) and a target (where
it goes to). In Figure 13, check reservation is the target use case for both
dependency arrows. extend loan and return copy of book are the source use
cases. If the target use case changes during development, the source use case
will also be affected. In practice the source use case will need to be reviewed
if the scenarios in the target use case change. Note that the dependency is
unidirectional. The target use case is not affected by changes in the source use
case. (In the worst case, it simply becomes irrelevant and the dependency is
broken.)
The arrows for stereotyped associations point in the direction indicated by the
verb – for «include» the arrow points to the use case that is included.
By taking out any common or shared behaviour, you can benefit from a
simplification of the original use cases and make them easier to understand.
There is a further benefit in terms of the internal consistency of the final
requirements. Instead of having two or more different scenarios for a
reservation check, for example, there will be just one main success scenario
for the new check reservation use case.
In addition, there is a chance to consider the reuse of existing components and
the potential identification of new components. You also need to keep in mind
that a use case is only useful to the extent that it helps as a communication
169
Unit 3 From domain modelling to requirements
tool, and you should therefore only use «include» if it helps understanding of
the model.
«extend»
refuse loan
UML provides a number of ways to record the event that triggers the
subsidiary use case. In Figure 14, we have used the general purpose notation
for a note to indicate that refuse loan is performed when a member already
has the maximum number of books on loan.
The new use case should record a description of the corresponding scenario.
There are two key points that it should contain:
. the condition that triggers the subsidiary use case
170
4 More details on use case models
. the places in the main success scenario where the condition is tested –
called extension points.
Extensions can be treated more formally than a simple UML note on a use Not all UML tools support the
case diagram. Figure 15 shows an example taken from the description of the representation of extension
make reservation use case in the hotel-chain system. The make reservation use points inside a use case.
case has an extension point called alternatives, and is extended at that
extension point by the use case select alternatives; select alternatives is only
executed when the extension point alternatives (in the main scenario of make
reservation) is reached and the condition room not available is true. The
condition and the reference to the extension point are shown in a note
attached to the corresponding extend relationship (in UML 2).
«extend»
extension points
alternatives
Reserver select alternatives
make reservation
Guest Receptionist
171
Unit 3 From domain modelling to requirements
172
4 More details on use case models
To extend or include?
Decisions between these two options frequently present system developers and
modellers with a dilemma. Analogously to natural languages, UML allows a
number of ‘grammatically correct’ options, each of which will make more or
less sense depending on the context. This is well illustrated with the example
below of a log on use case.
Whatever kind of software system you intend to develop, you need to
consider its security. Usually only trustworthy people are allowed to use the
new software system. We can therefore envisage a log on use case, which
describes how a user gains access through a unique identifier and a password.
How should such a requirement be included in the example of the hotel chain
shown in Figure 9?
For example, we could show the log on use case as a component of every use
case that is associated with an actor, as shown in Figure 16.
«include»
check in guest log on
Guest
«include»
Receptionist
You can also redraw Figure 16, as in Figure 17, showing the three original
use cases as variations of the log on use case. It would be ‘grammatically
correct’, although it would be difficult for the reader to see the intended
purpose of the system because we have shifted the emphasis to the action of
logging on and away from the primary functions. So although this is
grammatically correct in UML it probably makes less sense than the first
diagram. Note that although the use cases are placed differently in the two
figures, there is no implication of ordering – time ordering is not shown in use
case diagrams.
173
Unit 3 From domain modelling to requirements
«extend»
«extend»
Receptionist
SAQ 10
174
4 More details on use case models
(e) How would you modify a use case model to show that you intend to
employ a component that already exists?
Answer
175
Unit 3 From domain modelling to requirements
A good project manager will make some assessment of this risk and review it
upon each iteration of the life cycle.
Another common problem with use case modelling is deciding the size and
scope of each use case. There is no consensus on this issue, because of the
wide variety of contexts and viewpoints. However we can say that a use case
should be larger than a single method of a class but smaller than a business
process. In the hotel chain, for example, the handling of reservations would be
treated as a business process separate from checking in and out. That is to say,
make reservation is only one of the tasks in the process of handling
reservations.
No single technique can guarantee that you will collect and identify all the
users’ requirements. If you spend too much time modelling use cases you can
become distracted by the process of modelling and lose track of the main aim,
which is to capture the behavioural requirements for a software system.
Modelling should always be done with a purpose and only so far as it aids in
communication. There is also a danger of missing some of the requirements,
especially if emphasis is placed on actors and their tasks, because some
requirements may not emerge in this process. A developer should use more
than just one technique to understand a proposed system. For example, class
modelling (discussed in Block 2 Unit 5) should be performed alongside use
case modelling, since one informs the other. Scott Ambler’s (2002) agile
modelling practices of iterative and incremental modelling, as mentioned in
Section 3, reinforce the need of:
. applying the right modelling technique(s), and
. using different models in parallel.
We may set off to produce use cases that are intelligible to customers, but
allow them to get so elaborate that the customer can no longer understand
them. Having decided to represent requirements in one or more use case
models, the most important thing to consider is their intended audience. You
need use cases that can be read and understood by the domain experts as well
as the team of developers. The domain experts usually come from the
customer’s area. If you cannot demonstrate the benefits of your proposed
solution to them, there is little chance that it will be acceptable to the
customer.
Similarly use case models must be useful to the rest of your development
team. For example, those who will be testing the software system must be
able to generate their test scripts from the use cases and the subsequent design
artefacts. In the approach followed in this module, by detailing software
requirements for each step of a use case and defining a fit criterion for each of
these requirements, the path is well defined for the development team.
In terms of the content of each use case diagram, you should avoid the use of
the «include» and «extend» stereotypes for an audience that is less familiar
with UML than your team members. The simple notation for actors and their
associations with use cases has been a factor in their favour.
176
4 More details on use case models
SAQ 11
What problems may arise when developing a software system from a set of
use cases?
Answer
One problem is that the focus may end up being top-down and function-
oriented, resulting in an inflexible and difficult-to-maintain system.
Focusing on use cases may cause the developer to sacrifice the object-
oriented nature of the system, thus losing any advantage that UML offers.
Another danger lies in mistaking design for requirements, where a design
decision is mistaken for a constraint. Focusing on the requirements in a use
case may cause the developer to view the system too operationally, where a
sequence of events is assumed to be the only answer. Developers need to
distinguish between requirements and preferred designs.
Use cases need to be used in a way that is understandable to the customer
but also useful to the developer.
Exercise 7
What are the tasks involved in preparing a use case model (for a moderately
large system) intended for the development team?
Solution
The tasks comprise:
. defining the context for the model by identifying the actors involved in the
aspect of the system in question
. analysing the behaviour that each actor expects from the proposed system,
and identifying the use cases (as units of functionality within the overall
requirements)
. identifying the common behaviour that may be reused by other actors, and
the variations on common behaviour (the stereotypes «include» and
«extend»)
. drawing a model that shows the use cases, the actors and the relationships
between them
. annotating the use cases as you learn more about the requirements.
For large projects, you will need to record separately any constraints that
affect more than one use case diagram. One way is to produce a use case
model at a higher level of abstraction.
177
Unit 3 From domain modelling to requirements
Exercise 8
Recall the hotel example, which was introduced in Section 3 (see Figures 9
and 10). Redraw Figure 9, taking into account the information contained in
Tables 1, 2 and 3 to show common tasks and any extensions to the main
success scenarios.
(Do not show the log on use case from Figure 16.)
Solution
Our solution is given in Figure 18.
When a Guest checks in, we can identify two components: identify reservation
and check for available rooms.
When a Guest checks out, we can identify at least one component: prepare
bill. A bill is assumed to exist because the check in guest use case includes
open new bill for the guest. This is something for the developer to check in
discussions with the users. We will also assume that the records of payments
made by guests are held separately, which is a typical accounting procedure.
Hence we have identified a new actor called AccountsSystem that
communicates with open new bill and prepare bill.
Since a room must be cleaned after a guest has checked out we have identified
a use case named request room cleaning. This is the kind of detail that you
are likely to discover as you find out more about the problem domain.
Finally, there may be an early design decision to change the way that
reservations are created. The difficulty arises because there is a subsidiary goal
to create a new guest record if the person identified during reservation is not
known to the hotel system. For example, you may decide to have a software
component that identifies those who have already been entered into the hotel
system (in a use case called identify guest, say). Such a component is very
likely to be reused in other use cases. As a consequence, creating a new guest
could be seen as an extension of identify guest, whenever a condition such as
guest not found is encountered.
178
4 More details on use case models
«extend»
«include»
Receptionist check in guest
«include» confirm details
Undoubtedly, your diagram will differ in some aspects from Figure 18, but
you should be able to justify your choices. You should have used «extend» to
show variant behaviour and «include» to show the potential use of
components. We have deliberately added enough new use cases to show how
easy it is for use case diagrams to become quite complicated. Such complex
use case diagrams are unlikely to be shown to the intended users – they are
intended for the development team.
179
Unit 3 From domain modelling to requirements
Exercise 9
An online bookshop wants to extend its operation to films by mail order or
online downloads. Anyone will be allowed to browse through its titles but it
will require customers to register as members to order films by post or to
watch them online.
Anyone can join the scheme online by providing credit card details as well as
their postcode, which allows the company to perform a credit check and locate
the prospective member’s home address while they wait. The payment is a
monthly fee and membership can be cancelled at any time.
The new software system should enable a member to browse films, add films
to a rental queue and prioritise the films in the rental queue by the order they
should be posted. The films will be sent in the order of the rental queue (if
possible), either one or three at a time, depending on the scheme joined.
Films can be kept by members as long as they want except that more films are
only sent when those rented out are received back.
Members can also watch films instantly online. At most three films can be
watched simultaneously for one membership.
Draw a use case diagram for the proposed system, and identify the constraints
or assumptions that you make.
Solution
The notion of renting films is similar to that of lending books, which you saw
in Example 1, i.e. the two domains are similar, which should help you identify
the actors. (We need to take care, of course, that we do not make unjustified
assumptions.) This example is more complex due to rental queues and instant
downloading of films.
A good first step is to establish the context for the proposed system by
identifying the actors that surround it. When you have identified the actors,
you can investigate the behaviour that each one will expect from the proposed
system, which will eventually form the use cases for your model.
Working with the analogy to the library case study, the two basic actors are:
. Member
. FilmLibrarian
Two other actors are the person who just wants to browse the films available
and the person who wants to become a new member. We distinguish between
the two (CreditCardHolder and Browser) as there is a constraint restricting the
kind of people who can join. This raises the need for a connection to an
external system that can perform credit checks. Thus there are three more
actors:
. Browser
. CreditCardHolder
. CreditAgency
180
4 More details on use case models
Thinking about what a Member can do we have the following use cases:
. browse films
. add to rental queue
. prioritise queue
. online watching
. cancel membership
. upgrade/downgrade scheme
The use cases for the FilmLibrarian are:
. update catalogue
. receive DVD
. issue DVD
And the use case for a Browser:
. browse films
As both CreditCardHolder and Browser can also browse films, Browser is a
generalisation of these two actors.
There is an additional use case that is shared by more than one actor, which
we will call join scheme, since it links credit card holders with the
CreditAgency authorisation service.
Note that there is a use case for the FilmLibrarian to receive a DVD but no
use case for a Member to return a DVD. This is because to return a DVD the
member does not use the system, just the postal service, while receiving a
DVD requires updating the system.
181
Unit 3 From domain modelling to requirements
FilmLibrarian
join scheme receive DVD
CreditCardHolder
«include»
CreditAgency
number of DVDs
sent depends on
prioritise queue membership
«include»
«include»
check rental queue
Member
«include»
upgrade scheme
The diagram in Figure 19 is one possible use case diagram for the proposed
system. You may have used slightly different names on your diagram and you
may have identified alternative use cases to those we have shown. There are
many possible solutions. You might have tried to share some of the use cases,
but this would assume knowledge of the internal structure of the proposed
182
4 More details on use case models
system. You should check that in your use case diagram you have included
the behaviour that will bring some discernible value to the actors.
Finally, you should have included some notes with both the diagram and the
elements in it. For example, the diagram shows a note with the refuse instant
watching use case indicating the maximum number of simultaneous watches
for a member. This is an excellent way to record constraints on the
requirements.
183
Unit 3 From domain modelling to requirements
184
5 Getting users involved
and this helps the customer overcome any resistance to change that can
undermine the investment made in the software system.
The activity diagram in Figure 20 illustrates the general process of
prototyping. There are two important guidelines that should be followed. First,
the developer and the user must know what the particular prototype is to be
used for and they need to agree on a goal that must be achieved. This will
include an agreed schedule for building the prototype.
Second, the prototype should be evaluated against its goal.
discuss purpose
and scope
185
Unit 3 From domain modelling to requirements
It is often the case that a very light prototype may be sufficient. For example,
prototypes for user interfaces comprising a series of sketches that will
illustrate different screens may be sufficient to get users’ feedback.
SAQ 12
Answer
(a) The developers would normally start the prototyping process because
they have detected or identified a particular problem in their
requirements analysis. (But note that the project manager would need
to get approval from the customer for the additional effort.)
(b) The intended users should test it. For example, if you developed a
series of interfaces as part of a prototype for the borrowing and
returning of books, the library members would be the testers.
186
5 Getting users involved
request
request enrolment
enrolment information
provide
enrolment
information
issue issue
receive membership membership
card card number
Consider the activity diagram in Figure 21 illustrating the enrol new member
use case for the lending library of Exercise 4. It shows the interactions
involved in enrolling a new member and the activities carried out. A non-
member of the library interacts with a librarian. The non-member requests to
be enrolled and provides information when requested by the librarian. The
librarian then uses the system to record the enrolment information. Therefore
the librarian needs an interface with the software system for recording the
information. This interface will be needed when a non-member request to
enrol is dealt with by a librarian. This transaction is complete when the library
system:
. checks the information entered
. generates a membership number
. creates a new member record with the information entered and the
membership number
. informs the librarian of the membership number
Thus the user interface for the use case enrol new member must be available
to the librarian when dealing with the enrolment request.
Hence the developer can record the association between activities and
interfaces, as shown in Table 4.
187
Unit 3 From domain modelling to requirements
Activity Interface
record enrolment information enrol new member
This is a very simple illustration of how to identify a user interface from the
activities carried out in a use case. We would need to consider the other use
cases within the library.
One of the goals for a prototype would be to design and/or construct an
interface for the library’s system to enable all the use cases. Members and
The developer can also gain a librarians would test the prototype to find out what is good or bad about it.
greater understanding of the Both librarian and developer should ensure that nothing is ‘missing’. The
domain through the prototyping librarian can see whether or not each requirement has been addressed, thereby
process
relating requirements to implementation (i.e. there is traceability in the design
of the prototype).
Finally we must stress that software development involves a variety of
modelling activities, which we will continue to investigate in the following
units. For example, we must look for the real-world objects that go into our
conceptual model, which means that we must also look at a class model.
Use case and activity diagrams are only a starting point. They are an
incomplete representation of a software system, and you may have to return to
them for modification in a later iteration of the project.
SAQ 13
Answer
(a) The main benefit of recording user (or any other) interfaces in an
activity diagram is traceability. To the users, the interface is the
software system: an unacceptable interface can lead to failure. The
user interface is the link between what the users want and what the
developer produces in response.
Also, the developer can identify the relative importance of each user
interface for the project plan, particularly when resources are needed for
a prototype.
(b) This was the example we thought of, but you may have thought of
others. Librarians may find it essential that the system makes it very
easy to switch between different tasks. They will expect the
prototype to provide evidence that the eventual system will meet this
criterion.
188
5 Getting users involved
Exercise 10
Draw an activity diagram to show the separate responsibilities of the
receptionist and the hotel system for the check in guest use case. Your
diagram should contain the main success scenario. You do not need to show
any extensions.
Solution
We can use the textual description of the check in guest use case from
Exercise 6 of this unit. Figure 22 shows an activity diagram showing the
exchange of information that takes place at the user interface.
[guest has
no reservation]
enter reservation
reference number
look up
reservation
confirm guest’s
details
request allocate
room room
189
Unit 3 From domain modelling to requirements
The receptionist initiates the use case, as shown in the diagram. Some of the
activities show the conscious acts that a receptionist needs to undertake in
order to make progress in the main success scenario for checking in a guest.
This helps to identify the interfaces that would need to be included in a
prototype.
190
6 Summary
Summary 6
In this unit, you have learnt how modelling can help with the process of
requirements engineering in a variety of situations. In particular, you studied
the roles of activity diagrams and use cases. We used activity diagrams to
understand business processes of the domain. We also used them to help
developers identify when users would need to have an interface available in
order to complete their activities in different scenarios. Prototyping plays a
important role in this task. Use cases help with the identification of the
requirements for a software system. You have explored how use case and
activity modelling can be used to help in consultations with the users and
have also seen some of the limitations of these techniques.
On completion of this unit you should be able to:
. discuss the connection between users’ activities and the interface to a
software system
. use techniques such as activity diagrams that allow you to understand a
business domain and model the context of a proposed software system
. use modelling techniques such as use cases to help with the elicitation and
detailed representation of requirements
. apply use cases confidently and discuss their use throughout software
development
. carry out a detailed analysis of users’ activities.
191
Unit 3 From domain modelling to requirements
References
Alexander, I. and Maiden, N. (2004) ‘Negative Scenarios and Misuse Cases’,
inAlexander, I. and Maiden, N. (eds) Scenarios, Stories, Use Cases through
the Systems Development Life-Cycle [Online], Chichester, John Wiley & Sons.
Available at http://www.open.ac.uk/libraryservices/resource/
ebook:0470861940/provider/ProQuest_Safari_Tech_Books_Online (Accessed
10 January 2014).
Ambler, S. (2002) Agile Modelling [Online], New York, John Wiley & Sons.
Available at http://www.open.ac.uk/libraryservices/resource/512396 (Accessed
10 January 2014).
Cockburn, A. (2002) Use Cases, Ten years Later [Online]. Available at http://
alistair.cockburn.us/Use+cases%2c+ten+years+later (Accessed 28
January 2014).
Cockburn, A. (2003) Agile Use Cases [Online]. Available at http://alistair.
cockburn.us/get/2231 (Accessed 23 January 2014).
Cockburn, A. (2006) Agile Software Development, 2ndedition [Online],
Addison Wesley. Available at http://www.open.ac.uk/libraryservices/resource/
ebook:0321482751/provider/ProQuest_Safari_Tech_Books_Online (Accessed
10 January 2014).
Eriksson, H.E. and Penker, M. (2001) Business Modeling with UML: Business
Patterns at Work, New York, John Wiley & Sons.
Krutchen, P. (2003) The Rational Unified Process: An Introduction, 3rd
edition [Online], Reading, MA, Addison Wesley. Available at http://www.
open.ac.uk/libraryservices/resource/ebook:0321197704/provider/
ProQuest_Safari_Tech_Books_Online (Accessed 9 January 2014).
Leffingwell, P. (2011) Agile Software Requirements, Reading, MA, Addison
Wesley.
192
Unit 4 The case study: part 1
Contents
1 Introduction 197
2 The UP in practice 200
2.1 What happens in inception 200
2.2 What happens in elaboration 201
2.3 An agile UP 202
2.4 Approach followed in the case study 202
3 Initial problem statement: the hotel chain 203
3.1 One iteration of the case study 203
4 Understanding the domain 205
4.1 Business rules 205
4.2 Business processes 205
4.3 Summary of section 211
5 Scope of the new system 212
5.1 Use cases 212
5.2 User stories 215
5.3 Summary of section 216
6 Volere template 217
7 Detailed software requirements 220
7.1 Elaborating the use cases 221
7.2 Software requirements 224
7.3 Initial architecture 232
7.4 Summary of section 233
8 Testing 234
8.1 Testing with scenarios 234
8.2 Testing with fit criteria 235
8.3 Testing with user stories 236
9 Summary 237
References 238
1 Introduction
Introduction 1
In this unit, we investigate the requirements for a reservations system for a
chain of hotels. We start from an initial problem statement and work through a
range of activities, to arrive at sufficiently detailed requirements to support the
analysis, design and implementation of the system. Our goal in this unit, then,
is to arrive at a set of use cases for the proposed system, along with a set of
software requirements.
We also illustrate an agile approach to this stage of development. Agile
development relies heavily on the work of a team and on conversations
between developers and customers; we illustrate some of the techniques used
to generate these conversations.
In later units, we will continue with the development of the system, based on
the work carried out here. The overall development process we use will be
loosely based on the UP (Unified Process) (Jacobson et al., 1999) introduced
in Unit 1 and further discussed in Section 2.
An initial problem statement contains information on the current business
processes of a hotel in the chain, as described in Section 3. To elaborate on
this information, we need to understand the domain well and to document the
business rules and current business processes, as described in Section 4; we
will be using activity diagrams to represent the business processes. Domain
modelling allows us to check that we understand the way the current business
works. This is particularly important if we start with a poor conception of how
the hotel operates its business. Another reason that domain modelling is useful
is that some of the business rules and processes will carry through to the new
system; therefore we need to understand them to be able to implement them in
the new system. In practice, of course, domain modelling would be done in
consultation with the stakeholders. The same is true of eliciting the initial
problem statement. Indeed, these tasks would probably be carried out
iteratively and would perhaps be intertwined.
From the initial problem statement and the domain modelling, in Section 5 we
draw up a use case model, show an alternative approach based on user stories,
and define the scope of the system to be developed. Again, in practice, this
would involve eliciting information from the stakeholders to elaborate on any
details that are unclear or unspecified. We can, at this stage, start sketching a
high-level architecture for the solution which separates the main parts to be
developed.
Having scoped the system, in Section 6 we record the user requirements using
the Volere template (introduced in Unit 2). Once again, in practice, this would
generally involve consultation with stakeholders. In fact, such consultation is
likely to occur throughout requirements engineering.
The next phase of the requirements process is to draw up the software
requirements (Section 7). This work will draw on the artefacts produced
previously. We begin by providing detailed scenarios for each of the use
cases. We then extract from the use cases the detailed functional software
197
Unit 4 The case study: part 1
requirements, refining them to the stage where they have clear fit criteria. We
also need to ensure that the non-functional requirements are similarly refined,
and indicate the use cases and/or individual functional requirements to which
each non-functional requirement applies. In principle, the resulting functional
and non-functional software requirements can be added to the Volere template.
We use the same headings as the ones in the template without duplicating the
whole template. In a large development it would be sensible to use a tool to
manage the requirements; this might also save on duplication when a
requirement gets updated.
With a set of use cases and a list of requirements with associated fit criteria,
in Section 8 we discuss the tests that can be defined, at this stage, to validate
the final product.
The use cases we develop in this unit will be used later during analysis and
design, to indicate what functionality needs to be supported. The software
requirements play a number of roles:
. providing extra details during design, where a step in a use case scenario
needs clarification
. drawing up system tests – here we exploit the fit criteria of the functional
and non-functional requirements
. indicating, from non-functional requirements, how suitable our choice of
architecture is
. checking the design and implementation elements that support each use
case.
In this unit, we develop a case study and present an approach to a given
problem based on a number of decisions that could have been made
differently. We are not claiming that the approach here is the best possible –
only that it illustrates a plausible, practical application of the material in the
preceding three units.
198
1 Introduction
business business
glossary problem rules
statement processes
Identifier and Name Industry copy
of rules
Initiator
modelling Post-condition
Industry copy
of rules
Industry copy
requirements Initiator
Cancel a reservation Initiator
SF12: UC_1, Step 7
Goal Description: The system shall assign a unique number for a reservation
Goal
Check-in guest
Pre-condition
Pre-condition
Receptionist
Post-condition Check-out guest
Post-condition
glossary
*
Initiator
Context
analysis Goal Pre: ...
Pre-condition
Post: ...
– navigability
Initiator
design Goal
*
– qualified associations
Pre-condition
– system class
Post-condition
and operations
Figure 1 Parts of the development process covered in this unit (in grey)
199
Unit 4 The case study: part 1
2 The UP in practice
The UP (Jacobson et al., 1999), which was introduced in Unit 1, is a popular
iterative and incremental development process for building enterprise systems
based on an object-oriented approach. Here we mention the two initial phases
of the UP, inception and elaboration, but will mostly focus on elaboration.
200
2 The UP in practice
iteration planning game which is a similar game that occurs at an even more
frequent rate; instead of story cards the pieces of the game are tasks.
In Scrum, planning is done also regularly for each sprint; a sprint is a
timeboxed period of a maximum of a month where usable software is
delivered. The sprint planning meeting, also timeboxed, lasts no more than
eight hours and plans the work for the sprint.
UP phases
business modelling
requirements
implementation
testing
project management
deployment
UP disciplines iterations
In this unit we explore both domain modelling and requirements. You will be
modelling to an extent that would probably not be fully carried out if you
were part of an agile team. As part of an agile team you would probably be
standing around a whiteboard and scribbling some diagrams to get a quick
shared understanding. In this module, you may, instead, be using a tool that
201
Unit 4 The case study: part 1
will help you with correct diagrams. These are not incompatible activities; by
understanding the details of the techniques used and their correct use you will
be in a better position to take decisions, in a real project, of how much
precision you will need in your models.
2.3 An agile UP
Agile approaches give more emphasis to testing and implementation than to
analysis and design. Analysis and design will still take place, not as fully
developed complete activities, but as support to communication and achieving
a shared understanding within a team and with the customer. In agile
development the unit tests (tests associated with a unit of functionality, such
as a class) are in reality the design, as they are developed before the code is
written.
The UP is a flexible process and most of the artefacts it proposes are not
mandatory. It is therefore easy to adapt. The culture of the organisation, the
ways of working of the development team, and the problem and its context
dictate which models, diagrams, and documents are useful and how they
should be used. Scott Ambler (2012) and Craig Larman (2005) propose an
agile UP where the initial disciplines of the UP (business or domain model,
requirements, analysis and design) are collapsed into a single ‘model’
discipline where iterations are short (weeks rather than months) and frequent;
product is delivered incrementally if at all possible; design and
implementation do not wait until all the requirements are found;
implementation of the core system is started while requirements and
architecture are still being refined. These are all possible in the UP as it
promotes timeboxed iterations and adaption.
The main principles behind an agile approach to the UP are those of the agile
manifesto (that you encountered in Unit 1), stressing simplicity, agility, and
focus on activities that return value and on a product that satisfies customers’
needs. However, agility should not be confused with a lack of process. On the
contrary, agile approaches such as Scrum or XP propose a well-defined
process that requires careful training.
202
3 Initial problem statement: the hotel chain
203
Unit 4 The case study: part 1
achieved a new increment can then be carried out to deal with block
bookings.
204
4 Understanding the domain
SAQ 1
Overlapping reservations made by the same person are allowed only if the
guests for each reservation are different.
205
Unit 4 The case study: part 1
For each process, we give an informal description of its normal behaviour and
describe the exchange of information between the different roles involved in
that process.
Make reservation
The reservation process begins when someone contacts the hotel chain’s
reservation system, normally by phone. The caller (also identified as reserver
or customer) will reserve a room in a particular hotel for one or more nights.
The caller may make reservations on behalf of more than one person. Each
hotel has more than one type of room. Therefore callers must identify the type
of room required by each potential guest and the dates that they wish to stay.
The existing system provides a price for each reservation of a given type of
room, or suggests alternatives when there is no availability. If the caller
accepts an offer, they must then provide the names and contact details for
each guest identified in the reservation. Reservers need to provide credit card
details (we use credit card, from now onwards, as a simplification for credit/
debit card) to keep the reservation. The existing system confirms the
reservation and provides a reservation number that identifies each reservation
for a room. In the simplified version for this first iteration, we are assuming
that a single room is booked in each transaction. Potential guests and hotel
staff can subsequently use the reservation number to speed up the process of
checking in.
There are three roles in the reservation process: the reserver who initiates the
process, the receptionist who deals with the request, and the existing hotel
system. These are represented in Figure 3 by each of the three swimlanes.
This activity diagram is only a first attempt at understanding the reservation
process and more discussion is needed to get the exact detail. It illustrates the
main participants and the main activities carried out, leaving out details such
as what information is provided; it also does not show what happens when
there is no availability and an alternative is suggested.
206
4 Understanding the domain
check
availability
[offers available]
look up dates, number
and types of rooms
[no availability]
make an
offer
provide
details
confirm
reservation
record reservation
and allocate a room to
the reservation
207
Unit 4 The case study: part 1
Cancel reservation
Exercise 1
Write an informal description for the process that cancels a reservation and
draw the corresponding activity diagram.
Solution
Your solution may diverge from the one proposed here; this is just a first
attempt at detailing the cancellation process.
Cancel reservation
The cancellation process begins when someone calls the hotel chain’s
reservation system. The caller will cancel a reservation, giving the reservation
number or the dates of the reservation and the name and address of the guest.
The existing system looks up the reservation, checks whether the cancellation
is being made less than 24 hours from the date of the reservation – in which
case it charges the credit card with the amount corresponding to one night’s
accommodation – closes the reservation and confirms the cancellation.
An activity diagram for this process is shown in Figure 4.
208
4 Understanding the domain
request a cancellation
for a reservation number
or the dates and name
and address of the guest
check reservation number
or the dates and name
and address of the guest
look up reservation
charge
credit card
close reservation
confirm
cancellation
Check in guest
On arrival, a guest gives the reservation number or the dates and name and
address for their reservation to the hotel’s receptionist, who enters it into the
current system. The system reveals the details for that reservation so that the A room is initially allocated to a
reservation; at check in the room
guest can confirm them. The software system allocates an appropriate room to
becomes allocated to the guest
that guest and opens up a bill for the duration of the stay. The receptionist staying in that room.
issues a key for the room.
209
Unit 4 The case study: part 1
present reservation
number or the dates enter reservation number
and name and address or the dates and name look up reservation
of the guest and address of the guest
request
confirm confirmation of
details details
enter
confirmation
allocate room
to guest
In the check in process, instead of the reserver there is now the guest, that is,
the person who is taking up the reservation. Notice that the activity diagram
of Figure 5 illustrates only the normal behaviour of the process, as we assume
that the reservation number or the dates and name and address presented have
a corresponding reservation. In understanding the current process, this is
probably sufficient. When it comes to the new system to be developed, we
need to detail how the system will react whenever the normal path is not
followed. We will look into this later in the unit.
210
4 Understanding the domain
record further
expenses
provide
itemised bill
check bill
[payment not
with reservation
credit card]
provide payment
[payment with
reservation
credit card] process payment
with credit card
accept
payment
close bill
Figure 6 Activity diagram for the check out guest business process
211
Unit 4 The case study: part 1
212
5 Scope of the new system
make reservation
cancel reservation
Receptionist
check in guest
Note that in Figure 7 there is a single main actor: only the Receptionist
interacts with the system. The new system will have other roles interacting
with it.
The new system will deal, in a first iteration, with the following use cases.
Add/remove hotel. A system administrator’s role will include adding and
removing hotels in the system.
Add/remove room type. A manager’s role will include adding and removing
room types in the system.
Add/remove room. A manager’s role will include adding and removing rooms
in the system.
Make reservation. A reservation can be made either directly by a receptionist
or on the internet by a reserver.
Cancel reservation. A reservation can be cancelled either directly by a
receptionist or on the internet by a reserver.
213
Unit 4 The case study: part 1
make reservation
Reserver
cancel reservation
Receptionist
check in guest
Manager
add/remove room
214
5 Scope of the new system
So far, all we have identified are the main use cases of the system. These use
cases give a good overview of the system, so fulfilling the criteria for a good
coverage (discussed in Unit 3). They correspond to the main business
processes that will be carried out with the new system. Taking these together
with the initial problem statement, in Section 6 we outline the main user
requirements of the system. In Section 7 we will detail the use cases to define
the software requirements for the new system.
An alternative approach to beginning the requirements process, based on a
lighter and more agile process, might be based on user stories.
215
Unit 4 The case study: part 1
SAQ 2
What are the main differences between a use case and a user story?
Answer
SAQ 3
216
6 Volere template
Volere template 6
We use the Volere template here to start outlining the user requirements of the
system. The use cases identified in subsection 5.1 for the new system serve as
the basis for the functional requirements in the template below. Later on, to
proceed with development, we will need detailed software requirements at a
level where each can be tested. We will derive these from the steps of the use
case scenarios as shown in Section 7.
We use a shortened version of the Volere template to list the initial set of
requirements in the box below. Given how vague these are, there would be
problems in verifying whether our system satisfies them. This vagueness is not
unrealistic: in a real project, you could certainly expect many of the initial
requirements to be ambiguous or unverifiable. However, they form a starting
point from which to generate more detailed use case scenarios and software
requirements.
Product constraints
1 The purpose of the project. A company runs a chain of hotels in
London and has decided to commission a new computer system to
manage reservations, checking in, and checking out across the whole
chain of hotels. Currently it has a software package that is able to
carry out these tasks for each individual hotel, but there is no way of
dealing with reservations across all the hotels. The company also
wants to introduce a frequent-guest programme to encourage repeat
custom. Guests who rebook will be given discounts and other
benefits, such as free newspapers.
The new system should provide some managers with the ability to
add/remove room types and rooms to the system. System
administrators should have the ability to add/remove hotels.
2 The stakeholders. The customer is the hotel chain that has
commissioned the new system. The main stakeholders are the
receptionists, managers, system administrators and guests.
The users of the system are potential reservers interested in making
reservations, front desk receptionists and managers. We cannot
assume they are in any way familiar with the technology; they
should be able to use the system with hardly any support.
3 Mandated constraints The system should be operational within
18 months.
217
Unit 4 The case study: part 1
Functional requirements
6 The scope of the work. The new system will be developed for a chain
of hotels.
7 Business data model and data dictionary. Not yet considered.
8 The scope of the product. The new system will deal with all the
hotels owned. The system’s interface will deal with the following:
◦ front desk staff in each hotel handling: reservations by email,
phone, post, or in person; cancellations of reservations; check
in and check out of guests
◦ anyone using a web browser to view information and make
reservations
◦ managers adding or removing a room type or a room
◦ system administrators adding or removing a hotel
◦ the external payment system to handle payments.
Non-functional requirements
10 Look-and-feel requirements
LF1: The system shall make use of a small number of bright
colours, to conform to the brand image of the hotel chain.
LF2: The system shall have uncluttered forms.
11 Usability and humanity requirements
218
6 Volere template
219
Unit 4 The case study: part 1
220
7 Detailed software requirements
221
Unit 4 The case study: part 1
Exercise 2
Write a description of the cancel reservation use case.
Solution
Table 2 A textual description of the cancel reservation use case
222
7 Detailed software requirements
Table 2 continued
Extensions
6.a.1 If the cancellation was initiated within 24 hours of the beginning of the
reservation, the hotel system charges the credit card whose details are kept in the
reservation.
223
Unit 4 The case study: part 1
Postcondition The guest will have paid the bill for the room, and
the room will have been freed.
Assumptions The guest had provided details of a valid credit
card, but may want to pay by different means.
Main success scenario
1 The guest requests a bill for a room.
2 The receptionist enters the room number to find the bill.
3 The hotel system provides the details of the bill so far.
4 The receptionist requests details from the guest about any further expenses.
5 The guest provides details.
6 The receptionist calculates the final bill.
7 The receptionist processes payment with the credit card details held for the
guest.
8 The hotel system closes the bill and frees the room.
Extensions
7.a.1 Guest wants to pay by different means. Payment is provided.
The following are the identifiers and names of the other use cases:
UC5 add hotel
UC6 remove hotel
UC7 add room type
UC8 remove room type
UC9 add room
UC10 remove room.
224
7 Detailed software requirements
requirement. Some of these requirements are still vague at this stage. Later on,
design and user interface decisions will require adjustment to some of the fit
criteria.
SFR1: UC1, Step 1 There may be decisions later that
require different interfaces for
Description: The system shall allow a reserver/receptionist to initiate a different users. Some steps in the
reservation. use case scenario will be
Fit criterion: The Reservation page shall be displayed. decomposed into several system
requirements, as is the case with
SFR2: UC1, Step 2 Step 2 (SFR2–SFR4).
Description: The system shall obtain a hotel name from the user.
Fit criterion: A valid hotel name shall be accepted. User interface decisions may
require changes to these fit
SFR3: UC1, Step 2 criteria, for example if dates are
picked up from a calendar. These
Description: The system shall accept a range of dates from the user. considerations apply to other
Fit criterion: A valid range of dates shall be accepted. functional requirements.
225
Unit 4 The case study: part 1
226
7 Detailed software requirements
Non-functional requirements
SAQ 4
Answer
227
Unit 4 The case study: part 1
Assume that the stakeholders have been consulted and have supplied
appropriate information.
(b) Consider each of the functional software requirements given above for
UC1, and consider whether any of the non-functional requirements can be
refined.
Solution
(a) The following non-functional requirements are suggested.
Look-and-feel requirements
LF1: The system shall make use of a small number of bright colours, to
conform to the brand image of the hotel chain.
On consultation with the stakeholders we arrive at the following.
Fit criterion: The system shall be designed with black-and-white forms
with a sky-blue title bar and a yellow motif in the bottom right-hand
corner copied from the company logo.
Applies: All use cases.
LF2: The system shall have uncluttered forms.
Fit criterion: Each form shall be limited to a maximum of 8 textual
input boxes; each box shall have an accompanying caption of up to
20 characters. Any preamble text shall be limited to 20 words.
Applies: All use cases.
Usability and humanity requirements
U1a: The system shall be easy for receptionists to use.
Fit criterion: Receptionists shall be able to learn how to use the
system in 1 hour. All current receptionists shall be able to complete a
reservation, check in or check out form in 2 minutes, assuming the
guest has no special requirements.
Applies: UC1, UC2, UC3, UC4.
U1b: The system shall be easy for reservers to use.
Fit criterion: No training shall be required for use of the system’s
online facilities. At least 90 per cent of reservers shall be able to make
a reservation in 5 minutes.
Applies: UC1, UC2.
U1c: The system shall be easy for managers and system administrators
to use.
Fit criterion: Managers and system administrators shall be able to
learn how to use the system in 2 hours. All of the current managers
shall be able to perform any of the management operations in 1 minute.
Applies: UC5, UC6, UC7, UC8, UC9, UC10.
Performance requirements
P1: The system shall be able to handle a range of large and small
hotels.
228
7 Detailed software requirements
229
Unit 4 The case study: part 1
230
7 Detailed software requirements
231
Unit 4 The case study: part 1
SAQ 5
Answer
232
7 Detailed software requirements
Finally, there will be the regular functioning of the system dealing with
reservations, bookings and cancellations, which was the main focus of the
case study in this unit. The part of the system dealing with this functionality
will be called here the application domain. This is also the part of the system
that may change more often, for example as new business rules are
implemented.
These three parts of the system can be organised in a three-layer architecture
that you have already encountered in Unit 1. Adjacent layers will
communicate with each other but they can be developed independently. This
architecture will evolve as architecture decisions are taken to satisfy the
system’s requirements. Later in the module we will discuss, in particular, how
the satisfaction of non-functional requirements will influence the architecture.
presentation
application
domain
infrastructure
(OS, databases, etc)
233
Unit 4 The case study: part 1
8 Testing
You saw in Unit 2 that requirements must be measurable and testable. In this
unit we developed two types of artefacts that will help in testing the system to
be developed: scenarios for use cases and fit criteria for requirements. In this
section we will look at some examples of how to derive tests from these
artefacts.
Exercise 4
Consider UC1 make reservation and suggest a set of test cases for this use
case.
Solution
You should suggest the following test cases:
Note that scenario-based testing covers only some aspects of testing; it does
not address, for example, the testing of non-functional requirements
234
8 Testing
Exercise 5
Consider the following requirement:
SFR12: UC1, Step 7
Description: The system shall assign a unique number for a reservation. If
the guest has stayed in one of the hotels before, the reservation code shall
begin with an R.
235
Unit 4 The case study: part 1
236
9 Summary
Summary 9
This is a practical unit, in which you had the chance to apply the concepts
learnt so far about software development.
We discussed the activities undertaken in the two initial phases of the UP, in
particular those carried out in the development followed in the case study
units.
You saw how to undertake domain analysis to understand a real-world
situation, identifying the main business processes and representing them. You
read how to decide on the scope of a software system to be developed to
address an initial set of user requirements. The unit then described how to
document the initial set of requirements using the Volere template, and how to
elicit detailed software functional and non-functional requirements and their fit
criteria. An initial architecture was outlined. You also saw how to start
deriving tests from both scenarios and fit criteria.
As you apply the techniques learnt in this module through this case study you
will also see that you do not need to create models in detail for every aspect
of the system; some judgement needs to be applied on how useful and
justified these activities are.
After studying this unit you should be able to:
. explain the main characteristics of the Unified Process
. analyse the description of a domain situation and identify business rules
and business processes
. represent processes with activity diagrams
. define the scope for a software system, and identify and describe its main
use cases
. outline a requirements document based on the Volere template
. elicit software functional requirements from use cases and scenarios, and
define their fit criteria
. elaborate on non-functional requirements and their fit criteria
. understand the role of user stories and how they are used in an agile
approach
. derive tests from requirements.
237
Unit 4 The case study: part 1
References
Alexander, I. (2004) ‘Use cases, test cases’ in Alexander, I. and Maiden, N.
(eds) Scenarios, Stories, Use Cases through the Systems Development Life-
Cycle, [Online] Chichester, John Wiley. Available at http://www.open.ac.uk/
libraryservices/resource/ebook:0470861940/provider/
ProQuest_Safari_Tech_Books_Online (Accessed 9 January 2013).
Ambler, S. W. (2012) The Agile Unified Process (AUP) [Online] Ambysoft,
Scott Ambler & Associates. Available at http://www.ambysoft.com/
unifiedprocess/agileUP.html (Accessed 17 November 2013).
Beck, K. (2004) Extreme Programming Explained: Embrace Change [Online],
Upper Saddle River, NJ, Addison Wesley. Available at http://www.open.ac.uk/
libraryservices/resource/ebook:0321278658/provider/
ProQuest_Safari_Tech_Books_Online (Accessed 2 December 2013).
Cohn, M. (2004) User Stories Applied: For Agile Software Development,
[Online] Boston, MA, Addison Wesley. Available at http://libezproxy.open.ac.
uk/login?url=http://proquestcombo.safaribooksonline.com.libezproxy.open.ac.
uk/0321205685?uicode=open (Accessed 4 December 2013).
Jacobson, I., Booch, G. and Rumbaugh, J. (1999) The Unified Software
Development Process, Upper Saddle River, NJ, Addison Wesley.
Larman, C. (2005) Applying UML and Patterns: An Introduction to Object-
Oriented Analysis and Design and iterative Development, [Online] Boston,
Pearson. Available at http://proquestcombo.safaribooksonline.com.libezproxy.
open.ac.uk/book/software-engineering-and-development/agile-development/
0131111558 (Accessed 2 December 2013).
238
Acknowledgements
Acknowledgements
Grateful acknowledgement is made to the following sources.
Every effort has been made to contact copyright holders. If any have been
inadvertently overlooked, the publishers will be pleased to make the necessary
arrangements at the first opportunity.
Unit 1
Text
Subsection 3.2. Manifesto for agile software development: © Ward
Cunningham, et al (2001) http://agilemanifesto.org.
Figures
Figure 6. Larman, C. (2004) Applying UML and Patterns, 3rd edn, Prentice
Hall Inc.
Unit 2
Text
Subsection 6.1, Volere template. We acknowledge that this document uses
material from the Volere Requirements Template. Copyright © Atlantic
Systems Guild Limited.
Figures
Figure 1. Copyright slug: © 2001 Scott Adams. Dist. by Universal Uclick.
Reproduced by permission via Knight Features.
Figure 3. Robertson, S. and Robertson, J. (2012) Mastering the Requirements
Process, Copyright © Atlantic Systems Guild Limited.
Figure 4. © Scott W. Ambler.
Unit 4
Text
Section 6, Volere template. We acknowledge that this document uses material
from the Volere Requirements Template. Copyright © Atlantic Systems Guild
Limited.
239
Index
241
coverage 158 disciplines (in UP) 54 attainability 114
‘crackers’ 103 disclosure 104, 106 case study 225–6, 227–32, 235–
criticality 158 divide and rule strategy 15 6
cultural requirements 94, 99, documentation testing with 107–14, 235–6
110, 117, 219, 230 business rules 130–2 fixture 235–6
customer 30, 34 requirements see requirements flexibility 11–12
customer satisfaction 112–13, 119, documentation fork 133, 134
120 traceability 41–4 formality 37–9
domain 9, 76 fraudsters 103
daily scrum 36, 38 problem domain 16, 132–3, functional decomposition 175–6
data dictionary 117 135–6 functional requirements 71, 82–
Data Protection Act 1998 100 domain modelling 30, 30–1, 54, 92, 93
databases 23, 232–3 129, 145, 199 case study 197–8, 218, 224–7,
date handling 18, 19 activities and artefacts 56–9 230
decision nodes 134, 135, 140, 141 business domain 129, 130–42 checking for completeness
combined with merge nodes case study 197, 205–11 231–2
142–3 DSDM (dynamic systems describing 85–91
decomposition 15, 15–21 development method) 84 documentation 116–17, 118–19
architecture 23–6 dynamic models see behaviour elicitation, analysis and
functional 175–6 models negotiation 82–5
deliverables 30 fit criteria 107, 111–12
delivery 31 easy-to-learn products 96
denial of use or service 104 easy-to-use products 96 generalised actors 166–7
dependencies ecommerce 101, 105–6, 110 glossary 57, 58, 59, 116
context 17, 21 elaborated use cases 58, 59, 171–2 goals 129
coupling and cohesion 18–20, case study 221–4 use cases 153–4, 155, 164
21 elaboration phase 54, 77, 201–2, Governance for Agile Delivery
requirements 74–5 212 (National Audit Office) 36
dependency arrows 168–9 encapsulation 17 guards 135
deployment 54, 56, 61 engineering 5 guillemets 168
deployment view 55 software development as an
design 30, 30–1, 32, 33, 46, 54, engineering activity 28–9 health and safety legislation 100
72, 74, 175, 199 Enterprise Java Beans (EJB) 24 heroic programming 15
activities and artefacts 56, 58, entities 25, 26 high cohesion 19–20, 21
60 errors 9–10 hospital systems 9, 73, 79, 105
test-driven 61 European Ariane 5 rocket 8 hotel systems 19–20, 159
user-centred 146–7 expected lifetime 38–9 actors 145–6, 149, 150–1, 166–7
detailed software requirements see exploration 200 cancel reservation
software requirements extension 167–8, 170–5, 178–9 business process 208–9
development processes 30, 30–6, extension points 171, 172 use case 213–14, 222–3
199 external networks 101, 102 case study see case study
activities and artefacts in 56–62 external systems, interaction with check in guest
agile development 34–6 150, 151 business process 209–10
choosing an appropriate process extreme programming (XP) 35–6, use case 146, 149, 151–2,
36–41 38, 78, 200–1 164–5, 189–90, 213–14, 223
formality 37–9 check out guest
overall process model 32–4 feedback 33 business process 210–11
risk management 39–41 film rental business 180–3 use case 146, 149, 163–4,
technical activities 30–2, 46 financial services 37–8, 38–9 213–14, 223–4
development team 176, 177 fit criteria 94, 107, 119, 120, 157
242
Index
243
pair programming 38 process 75–7, 79
partitioning 38 quality management 31, 32, 46 requirements-recording tool 90,
architecture 23, 26 quality requirements see non- 113–14
development teams 38, 45 functional requirements (NFRs) requirements shell/snowcard 118–
patient-monitoring system 105 19, 120
performance requirements 94, Rational Unified Process (RUP) 53 requirements specification 11,
97, 98, 117 regulatory framework 37, 100 41–2, 76
case study 219, 228–9, 230–1 relevant facts 116 requirements validation 74, 76
fit criteria 110, 112–13 reliability 11–12, 97, 105 reservations see cancel reservation;
plan-driven development 36, 41– replacement, problems of 13 make reservation
2, 75 repudiation 104, 106 resources 129
planning 200–1 requirements 28, 30, 54, 71, 72– reuse
use cases as a planning aid 157– 81, 184, 199 architecture 23–6
8, 159 activities and artefacts 56, 58, of use cases 169, 175
Planning game 200 59 risk 118, 157
postconditions 152, 154, 155, 164 agile perspective 77–8 risk management 39, 39–41
preconditions 152, 154, 155, 163, and architecture 78 road maps 48–9
164 case study 197–8, 220–33 roles 136, 145, 150, 151
presentation 23, 232–3 completeness 74, 231–2 swimlanes 136–7, 139
PRINCE (PRojects IN Controlled dependencies 74–5 see also actors
Environments) standard 37 development process 30–1, 32,
priority 119, 120 33 scenario-based testing 234
use cases as a planning aid 157– discipline (in UP) 54, 129 scenarios 75, 76, 83, 153
8, 159 functional see functional alternatives to the main success
privacy 102, 103 requirements scenario 170–1
problem, and solution 15–16, 175 nature of 73–4, 80 and architecture 158, 159
problem domain 16, 132–3, 135– non-functional see non- case study 221–4, 234
6 functional requirements (NFRs) descriptions of use cases 153–4,
problem statement, initial 56–7, 58, purposes of 87 156
59, 197, 203–4 representation with use case main success scenario 153–4,
process model (life cycle) 30, 32– diagrams 147, 156, 159 155, 156, 164–5, 221–4
4, 45, 132 and testing 79, 81 negative 158
process view 55 with fit criteria 107–14, 235– unsuccessful 153–4
processes 7, 25, 26 6 scope
business see business processes use cases 147–8 of new system 197, 212–16
development see development see also software requirements; of product 98, 117, 218
processes user requirements of work 116–17, 218
product backlog 77–8, 121 requirements analysis and Scrum 36, 38, 78, 121, 201
product boundaries 98, 117 negotiation 30, 76, 76–7 security 101, 101–2
product failure 109 functional requirements 82–5 security requirements 94, 101–6,
project constraints 116, 217–18 requirements documentation 76, 110, 117, 219, 229–30
project drivers 115–16 115–21 semantics 50, 51
project issues 117–18 agile approach 77–8, 80, 121 sequence and communication
project management 31, 32, 34, Volere template 59, 115–20, diagrams (interaction diagrams)
45, 46, 54, 200 197, 217–19, 231–2 58, 60
project notebook 43, 44 requirements elicitation 30, 76, sequential process model 32, 34
project size 38, 41, 45 76–7 service-oriented architecture
prototyping 184, 184–6, 188, functional requirements 82–5 (SOA) 24
189–90 use cases 147, 157, 159 services 24, 24–5, 26
purpose of a project 115, 217 requirements engineering 30, 72 shared behaviour 168–70, 175
244
Index
245
detailed software requirements viewpoints 8
157, 159 illustrated by models 52–3
determination of functional in the UP 55
requirements 83, 87, 88 Volere template 59, 115–20
in development activities 156– case study 197, 217–19
60 checking software requirements
difference from user stories 215, for completeness against 231–2
216 volume 97
elaborated 58, 59, 171–2, 221–4
emphasis on the user 146–8 waiting room 118
fit criteria 108 walk-through technique 158–9, 160
modelling relationships between waterfall model 32, 34
167–75 web browser reservations 203
as a planning aid 157–8, 159 work plan 200
problems with 175–83 workflows 132, 136, 136–44
requirements capture 147, 156,
159 XP (extreme programming) 35–6,
shared behaviour 168–70, 175 38, 78, 200–1
system boundary 148–50
tasks involved in preparing a use
case model 177
and testing 158–9, 160
user interfaces 187–90
usefulness 11–12
user-centred design 146, 146–7
user documentation and training
118
user interfaces 11, 184
linking activities to 186–90
user requirements 71, 86, 220
checking software requirements
for completeness against 231–2
user stories 42, 76, 160
annotation 121, 131
case study 215–16, 236
difference from use cases 215,
216
gathering requirements 84–5, 87,
89, 91, 93, 121
testing with 236
user story cards 121
users 29, 30, 34, 41, 220
involvement 184–90
use cases and emphasis on 146–
8
246