lOMoARcPSD|14955855

ASM1-SDLC-Anhdvhbhaf 190004

Procedural Programing (FPT University)

StuDocu is not sponsored or endorsed by any college or university

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)
 lOMoARcPSD|14955855

Assignment name: Software Development Life-cycle

Student name: Do Vu Hoang Anh

Student ID: BHAF190004

Tutor: Nguyen Thai Cuong

Contents
Introduction ................................................................................................................................2
I. Software Development Life-cycle .........................................................................................3
1. Waterfall Model ..................................................................................................................4
1.1 Advantages................................................................................................................5
1.2 Disadvantages ...........................................................................................................5
2. Iterative SDLC Model ...........................................................................................................6
2.1 Advantages................................................................................................................6
2.2 Disadvantages ...........................................................................................................6
3. Spiral SDLC Model ...............................................................................................................7
3.1 Advantages ....................................................................................................................7

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

3.2 Disadvantages ...............................................................................................................8

4. V-shaped SDLC Model .........................................................................................................8
4.1 Advantages ....................................................................................................................8
4.2 Disadvantages ...............................................................................................................8
5. Agile SDLC Model ................................................................................................................9
5.1 Advantages ....................................................................................................................9
5.2 Disadvantages ...................................................................................................................9
II. Risk management in Spiral lifecycle model ............................................................................10
1. Important of risk management ..........................................................................................10
2. Risk Assessment ................................................................................................................11
2.1 Calculating Inherent Risk .............................................................................................11
3. Risk Assessment Report .....................................................................................................12
4. Risk Mitigation...................................................................................................................13
III. The purpose of a feasibility report ........................................................................................13
1. Definition ..........................................................................................................................13
2. Important Features of a Basic Feasibility Report ................................................................14
3. Purpose of Feasibility Report .............................................................................................14
IV. How technical solutions can be compared........................................................................15
Conclusion ................................................................................................................................16

Introduction
The software development life cycle (SDLC) is a process which is used to develop software.
SDLC is a step by step procedure need to be followed by the organization to design and develop
a high quality product. The phases of software development life cycle are which describes that
how to develop, maintain particular software. In this assignment I am going to talk about four
main issues: Describe two iterative and two sequential software lifecycle models, explain how
risk is managed in the Spiral lifecycle model, explain the purpose of a feasibility report and
describe how technical solutions can be compared.

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

I. Software Development Life-cycle

SDLC is a step by step procedure or systematic approach to develop software and it is followed
within a software organization. It consists of various phases which describe how to design,
develop, enhance and maintain particular software.
It consists of various phases like requirement, feasibility study, design, coding, testing,
installation and maintenance.
Phase 1: Requirement collection and analysis:
In this phase mainly focus on gathering the business needs from the customer. Business Analyst
collects the requirement from the customer and prepares the BRS (Business requirement
Specification) which has the requirement in the business form. Then a group (BA, Project
managers and customers) of people sits together and determines the requirements like; what
should be input data to the system? Who is going to use the system? What should be output
data by the system? These questions are getting answered during this phase. After this, a
Requirement Specification document is created which gives the guideline for the upcoming
phase of the model.
Phase 2: Feasibility study:
Once the BRS document is completed, a set of people like Human Resource department,
Finance department, Business analyst, Architect and Project manager are sit together and
analyze if the project is do able or not. This decision is taken based on the cost, time, resources
and etc.
Phase 3: Design:
In this phase system design specification is prepared from the requirement document once the
project is feasible, this design specification give input for the next phase of the model. Design is
a blue print of the application and it helps in specifying hardware and requirements of the
system and helps in defining architecture of the system.
Phase 4: Coding:
Once the system design document is ready, in this phase developer’s starts writing the code
using any programming language i.e., they start developing the software. Generally task is
divided in units or modules and assigned to the developers and this coding phase is the longest
phase of SDLC.
Phase 5: Testing:
Once the software is ready and is deployed in the testing environment, test engineers starts
testing, if the functionality of an application is working according to requirement or not. During
this phase test engineers may encounter some bugs/defects which need to be sent to

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

developers, the developers fix the bug and sent back to test engineers for testing. This process
continuous until the software is bug free/stable/working according to the requirement.
Phase 6: Installation/Deployment:
Once the product developed, tested and works according to the requirement it is installed /
deployed at customer place for their use.

Phase 7: Maintenance:
When the customers starts using the software they may face some issues and needs to be
solved from time to time means need to fix those issue, tested and handed over back to the
customer as soon as possible, which is done in the maintenance phase.
SDLC Models:
- Waterfall Model
- Spiral Model
- Prototype Model
- V-Model
- Iterative model
- Agile Model
Reference : “https://www.subjectcoach.com/tutorials/detail/contents/introduction-to-
software-development-life-cycle-sdlc”

1. Waterfall Model
Waterfall – is a cascade SDLC model, in which development process looks like the flow, moving
step by step through the phases of analysis, projecting, realization, testing, implementation,
and support. This SDLC model includes gradual execution of every stage completely. This
process is strictly documented and predefined with features expected to every phase of this
software development life cycle model.

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

1.1 Advantages
- Simple to use and understand
- Management simplicity thanks to its rigidity: every phase has a defined result and
process review
- Development stages go one by one
- Perfect for the small or mid-sized projects where requirements are clear and not
equivocal
- Easy to determine the key points in the development cycle
- Easy to classify and prioritize tasks

1.2 Disadvantages
- The software is ready only after the last stage is over
- High risks and uncertainty
- Not the best choice for complex and object-oriented projects
- Inappropriate for the long-term projects
- The progress of the stage is hard to measure while it is still in the development
- Integration is done at the very end, which does not give the option of identifying the
problem in advance

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

2. Iterative SDLC Model

The Iterative SDLC model does not need the full list of requirements before the project starts.
The development process may start with the requirements to the functional part, which can be
expanded later. The process is repetitive, allowing to make new versions of the product for
every cycle. Every iteration (which last from two to six weeks) includes the development of a
separate component of the system, and after that, this component is added to the functional
developed earlier. Speaking with math terminology, the iterative model is a realization of the
sequential approximation method; that means a gradual closeness to the planned final product
shape.

2.1 Advantages
- Some functions can be quickly developed at the beginning of the development lifecycle
- The paralleled development can be applied
- The progress is easy measurable
- The shorter iteration is - the easier testing and debugging stages are
- It is easier to control the risks as high-risk tasks are completed first
- Problems and risks defined within one iteration can be prevented in the next sprints
- Flexibility and readiness to the changes in the requirements

2.2 Disadvantages
- Iterative model requires more resources than the waterfall model
- Constant management is required
- Issues with architecture or design may occur because not all the requirements are
foreseen during the short planning stage
- Bad choice for the small projects
- The process is difficult to manage

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

- The risks may not be completely determined even at the final stage of the project
- Risks analysis requires involvement of the highly-qualified specialists

3. Spiral SDLC Model

Spiral model – is SDLC model, which combines architecture and prototyping by stages. It is a
combination of the Iterative and Waterfall SDLC models with the significant accent on the risk
analysis. The main issue of the spiral model – is defining the right moment to make a step into
the next stage. The preliminary set time frames are recommended as the solution to this issue.
The shift to the next stage is done according to the plan, even if the work on the previous stage
isn’t done yet. The plan is introduced basing on the statistic data, received during the previous
projects even from the personal developer’s experience.

3.1 Advantages
- Lifecycle is divided into small parts, and if the risk concentration is higher, the phase can
be finished earlier to address the treats
- The development process is precisely documented yet scalable to the changes
- The scalability allows to make changes and add new functionality even at the relatively
late stages
- The earlier working prototype is done - sooner users can point out the flaws

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

3.2 Disadvantages
- Can be quite expensive
- The risk control demands involvement of the highly-skilled professionals
- Can be ineffective for the small projects
- Big number of the intermediate stages requires excessive documentation

4. V-shaped SDLC Model

V-shaped SDLC model is an expansion of classic waterfall model and it’s based on associated
test stage for the every development stage. This is a very strict model and the next stage is
started only after the previous phase. This is also called “Validation and verification” model.
Every stage has the current process control, to make sure that the conversion to the next stage
is possible.

4.1 Advantages
- Every stage of V-shaped model has strict results so it’s easy to control
- Testing and verification take place in the early stages
- Good for the small projects, where requirements are static and clear

4.2 Disadvantages
- Lack of the flexibility
- Relatively big risks

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

5. Agile SDLC Model

In the agile methodology after every development iteration, the customer is able to see the
result and understand if he is satisfied with it or he is not. This is one of the advantages of the
agile software development life cycle model. One of its disadvantages is that with the absence
of defined requirements it is difficult to estimate the resources and development cost. Extreme
programming is one of the practical use of the agile model. The basis of such model consists of
short weekly meetings – Sprints which are the part of the Scrum approach.

5.1 Advantages
- Corrections of functional requirements are implemented into the development process
to provide the competitiveness
- Project is divided by short and transparent iterations
- Risks are minimized thanks to the flexible change process
- Fast release of the first product version

5.2 Disadvantages
- Difficulties with measuring the final cost because of permanent changes
- The team should be highly professional and client-oriented
- New requirements may conflict with the existing architecture
- With all the corrections and changes there is possibility that the project will exceed
expected time
References: “https://existek.com/blog/sdlc-models/”

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

II. Risk management in Spiral lifecycle model

1. Important of risk management
Risk management encompasses three processes: risk assessment, risk evaluation and. risk
mitigation Risk management is the process that allows IT managers to balance the operational
and economic costs of protective measures. This process is not unique to the IT environment;
indeed it pervades decision-making in all areas of daily routine work. Minimizing negative
impact on an organization and need for sound basis in decision making are the fundamental
reasons organizations implement a risk management process for their IT systems. sible for the
final Effective risk management must be totally integrated into the System Development Life
Cycle. Risk management can be performed in support of each system development life cycle
phase.
Phase 1—Initiation
• Identified risks are used to support the development of the system requirements,
including security requirements, and a security concept.
Phase 2—Development or Acquisition
• The risks identified during this phase can be used to support the security analyses of the
IT system that may lead to architecture and design tradeoffs during system development of
operations (strategy) decision
Phase 3— The risk management process supports the assessment of the system
implementation against its requirements and within its modeled operational environment.
Decisions regarding risks identified must be made prior to system operation
Phase 4—Operation or Maintenance
• Risk management activities are performed for periodic system reauthorization (or
reaccreditations) or whenever major changes are made to an IT system in its operational,
production environment (e.g., new system interfaces)

Phase 5—Disposal
• Risk management activities are performed for system components that will be disposed
of or replaced to ensure that the hardware and software are properly disposed of, that residual
data is appropriately handled, and that system migration is conducted in a secure and
systematic manner
The conceptual model using UML class diagram notation

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

IT system throughout its SDLC. The conceptual model may be explained as follows: stakeholders
are those people and organizations who may affect, be affected by, or perceive themselves to
be affected by, a decision or activity regarding the target of analysis An asset is something to
which a stakeholder directly assigns value, and hence for which the stakeholder requires
protection Assets are subject to vulnerabilities, which are weaknesses which can be exploited
by one or more threats A threat is a potential cause of an unwanted incident

2. Risk Assessment
Risk assessment is the first process in the risk management methodology. Organizations use risk
assessment to determine the extent of the potential threat and the risk associated with an Risk
is a function of the likelihood of a given threat-source’s exercising a particular vulnerability, and
the resulting impact of that adverse event on the organization. Consequence is the level of
impact that the potential risk event can have on the achievement of business objectives.
Consequence will be measured on a 5 level rating Probability is the likelihood of occurrence of
the potential risk event which may lead to the assessed consequences. Probability will be
measured on a 5 level rating scale in the risk survey (25-Almost Certain, 20-likely, 15-Possible,
10-Unlikely, 5-Rare)

2.1 Calculating Inherent Risk

Inherent risk signifies the exposure arising from a specific risk event before any action has been
taken to manage it. Inherent Risk = Consequence X Probability Inherent risk rating will be
exhibited on a 4 level rating scale (Extreme Risk, High Risk, Moderate Risk, Low Risk)

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

3. Risk Assessment Report

There are different kinds of risk assessment reports. As risk assessment follows risk
identification, a lot of these documents will be based on the risk identification reports.
Documentation is done in a systematic way and can be from different inputs. Some of
stakeholder Analysis - Risk Report: This identifies probable risks posed by stakeholders and the
impact the risk might have on other stakeholders or the project at large. WBS - Risk Report: The
work breakdown structure, broken down to work packages can be assessed for risks. It may
detail risks at different stages based on cost, schedule, resource and manpower factors. Scope -
Risk Report: The scope statement or mission statement may be assessed for risks at the
beginning of a project. For example, it could be the impact of a particular project on the
community. Cost Evaluation Risk Report: Cost or funds are at constant risk in a project. It has to
be maintained and controlled with as little deviation as possible from the forecasted values.
Risks related to cost are in the cost evaluation risk reports. Schedule Evaluation Risk Report:
Time is luxury that a project cannot afford. It is imperative that time schedules are met with as
little delay as possible. Time delays can impact the progress of a project and put it at risk. Such
risks are documented in the schedule evaluation risk report. Technical Evaluation Risk Report:
Risks related to resources, manpower and departments fall under this category. Risks arising
due to quality constraints and those which are due to design errors and poor planning also fall
under this group.

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

4. Risk Mitigation
A systematic reduction in the extent of exposure to a risk and/or the likelihood of its occurrence
is called risk mitigation. It is also called risk reduction. A solution to mitigate the risk is
developed and modeled to determine the level of reduced risk versus the cost to implement. If
the solution provides an acceptable level of reduction in risk for the associated cost, then it is
considered successful and the process is complete.
The RMP can be thought of as a spiral model that allows a user to complete the process and
then review the results. If the risk mitigation process was successful, then the process stops at
the end of the post-mitigation task. If the risk or cost is not acceptable, then the entire process
is repeated to determine if it can be improved. Best practices require that the known and
perceived risk be analyzed according to the degree and likelihood of the adverse results that
are anticipated to take place. Thereafter, all such risks analyzed shall be documented according
to their levels of priority in a form known as the risk mitigation plan. After which, the
development and integration of the corresponding risk mitigation strategies follows, and shall
be referenced against the previously prepared risk management plan. A risk mitigation plan
shall serve as the checklist of the anticipated risks, accordance with degree of their probability,
as High, Medium or Low. Some project managers, however, deem it more appropriate to
categorize the risks as most Likely, Likely or Unlikely. There are different kinds of risk
assessment reports. As risk assessment follows risk identification, a lot of these documents will
be based on the risk identification reports. Documentation is done in a systematic way and can
be from different inputs. Some of them are discussed below.

Reference: Rejendra Ganpatrao Sabale, Dr. A.R Dani (2012), International Journal of Energy
Research and Applications Vol.2, Issue 4, p.712-716

III. The purpose of a feasibility report

1. Definition
A feasibility report is a testimony that attempts to create some sort of action. Feasibility reports
are created to persuade/help the decision makers to choose between available options.
Remember that your option is not the only one, the decision makers will probably have many to
choose from. A feasibility report also determines whether or not the investigated task can be
done with the amount of resources available OR how many resources will be necessary in order
to complete the task. A feasibility may be useful in a lot of different situations such as event
planning, finances, or even remodeling your home.

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

2. Important Features of a Basic Feasibility Report

Below are the seven elements of a feasibility report:
Introduction – You need to persuade the decision maker to even consider any sort of
alternative. You need to convince them to even read your report first. Tell them what they will
gain personally or as an organization by considering your work.
Criteria/Constraints – You must specifically map out the criteria of what the ideal outcomes
are. This will allow you to make practical and logical decisions. You can present the criteria in
your feasibility report in one of two ways. First, you can separate the criteria into its own
section. This is best when you have a extensive report and you need to go in-depth with the
explanation. Second, you can incorporate the criteria throughout your report as the criteria
become relevant. However, it is important to realize that whichever strategy you chose make
sure that the criteria is introduced early in the report. It is also very important to map out the
constraints of your suggested solutions. This will show the audience that you understand and
acknowledge the fact that no solution is perfect. This will also make sure that the audience
makes the decision in their best interest.
Method – It is very important to present facts that are accurate and relevant. You should state
the reliable sources you used and what method they came from (internet, interview, book,
etc.). Without a credible research method or credible sources your document itself will lack
credibility.
Overview of Alternative Options – You must underline the key features of each possible
option. Make sure they are easy to understand and presented in a friendly layout. Keep in mind
that the goal is to allow your audience to make the best decision.
Evaluation – This should be the bulk of your report, you must evaluate the options using the
criteria you created. Add graphs, charts, etc. to show that you have studied your options, and
have come up with statistics that back up your reasons as to why your alternative beats the
competition.
Conclusions – You need to state the conclusion you have came up with. How did you evaluate
the alternatives? And then from there, which alternative best fit your organization.
Recommendations – You need to use your experience and knowledge in order to state which
option you think should be adopted.

3. Purpose of Feasibility Report

 To answer the readers’ question: “Why do we need to look into these alternatives-do
they matter?”
In order to answer this question, it is necessary to identify the problem that your report will
help resolve or what your report is aimed at accomplishing.

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

 To talk about the other options that you have looked at and analyzed, as well as to tell
how you went about researching and analyzing them.
Reference: “https://courses.lumenlearning.com/alamo-
technicalandbusinesswriting/chapter/unit-4-b_feasibility-report_readings-2/”

IV. How technical solutions can be compared

The technical option to conduct a project is very important, the properties of different projects
must match each technique. There are 3 techniques:
- Custom development: Build a project without frames, which means start but nothing. In the
Tune Source project, other types of techniques cannot be better than custom development,
because the IT side from Tune Source is assigned a lot of experience. Tune Source can develop
the features they want to reach
- Packaged software: You can buy a package of certain company systems for technology, edit
the appropriate information for your company. Using existing systems will not replace all
features and easily overlap with other features
- Hire partners from outside: The company cannot build a system by itself, they can hire a
company on the other side (which is a good choice for the company), this method makes the
company save costs on IT facilities, Investment will be very expensive

(Dennis, 2012, pp. 265-268)

Based on (Dennis, 2012, p. 274) I have evaluated alternative custom application by C# and Java

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)

 lOMoARcPSD|14955855

Conclusion
In general, in this assignment, I have defined the definition and example of the four models
listed above. Risk management with spiral models. Analyze project feasibility assessments and
apply it in Tune Source. This exercise makes me have more prior knowledge about the practice
of building a project for the future

Downloaded by Huy Nguy?n (rudofu19062002@gmail.com)