Lecture 5

Requirement Analysis and Modelling

Introduction
When developing an application or software, the first important thing to consider is to specifically
understand the requirements of the software product. The purpose of knowing the requirements
is to develop high-quality software that will meet customer needs within its specification and
budget.
Software developers must provide the purpose of the outcome with the end-users. People
involved in developing the project must achieve a common understanding of what to expect in
the system and what should the system do on time.

What is Requirement?
A software requirement deals with establishing the needs of stakeholders that are to be solved
by software. The IEEE Standard Glossary of Software Engineering Terminology defines
requirement as:

•A condition or capability needed by the user to solve a problem or to achieve an objective.

•A software capability that must be met or possessed by a system or system component to
satisfy a contract, standard, specification, or other formally imposed documentation.

Software requirement is a functional or non-functional need to be implemented in the system.

Functional means providing a particular service to the user (Guru99, 2020).

Functional Requirements
Specify something that the application or system should do. Often, this is defined as a behavior
of the system that takes input and provides output.

Software requirement can also be a non-functional, it can be a performance requirement

(Guru99, 2020).

Non-functional Requirements
Define the quality attributes of a software system, describe how the system should be. Non-
functional requirements ensure the performance, maintainability, usability, and effectiveness of
the entire system.

Types of Requirements
Several requirements are needed for a business project to help define goals and establish a
scope for the work that will be carried out. Requirements also provide a framework and
objective ways to quantify the progress and success of a project. (Guru99, 2020)
1. Business Requirements
Business requirements are known as stakeholder requirements specifications. Describe the
characteristics of the proposed system from the perspective of the end-user and provide the
scope of a business problem that needs to be addressed through a specific project.

Good business requirements must:

▪ Clearly defined, concise, and understood at a very high level.
▪ Understand the organization's mandate, objectives, or goals, a
specific business need or problem that is being tackled.
▪ Ensure requirements are unambiguous and testable.
▪ Ensure each requirement is attainable and necessary.

2. Architectural and Design Requirements

A more detailed requirement that determines the overall design required to implement the
business requirements.

3. System and Integration Requirements

These requirements break-down the steps needed to meet the business requirement or
requirements. It is a detailed description of each and every requirement. It can be in the form of
user stories which is really describing everyday business language. The requirements are in
abundant detail so that developers can begin coding.
While a business requirement state the 'why' for a project, software requirements outline the
'what'.

Sources of Requirements
These are the list of common requirements sources for gathering information to be used as the
basis for software or test design:
•Interviews with the end-users and other stakeholders
• Knowledge transfer from colleagues or employees already working on that project
• Thoughts from business analyst, product manager, project lead and developers
•Analyze previous system version that is already implemented into the system
•Observations of users performing tasks
•Analyze the older requirement document of the project
• Enhancement request from previous error reports
• Analyze the domain or industry knowledge that the team is trying to implement

Requirement Analysis
Requirement analysis is the process of analyzing the users’ and customers’ needs to obtain a
definition of the software requirements. It helps organizations to determine the actual needs of
stakeholders. At the same time, it enables the development team to communicate with the
stakeholders in a language they understand (like charts, models, flowcharts) instead of complex
text (Guru99, 2020).
A requirement analysis has a:
• Specific Goal
• Specific Input
• Specific Output
•Uses resources
•Has several activities to be performed in some order
• May affect more than one organization unit
• Creates value of some kind for the customer

Requirement Analysis Process

Requirements analysis is critical to the success or failure of a systems or software project. The
requirements should be documented, actionable, measurable, testable, traceable, related to
identified business needs or opportunities, and defined to a level of detail sufficient for system
design. Conceptually, the requirements analysis process involves the following steps (Visual
Paradigm, 2020):
1. Eliciting requirements
2. Analyzing requirements
3. Requirements modeling
4. Review and retrospective

Eliciting Requirements
The process of gathering requirements by communicating with the customers is known as
eliciting requirements. The task of communicating with customers and users to determine what
their requirements are. This is sometimes also called requirements gathering.

Analyzing Requirements
This step helps to determine the quality of the requirements. It involves identifying whether the
requirements are unclear, incomplete, ambiguous, and contradictory. These issues were
resolved before moving to the next step. Determining whether the stated requirements are
unclear, incomplete, ambiguous, or contradictory, and then resolving these issues.

Requirement Modeling
In Requirements modeling, the requirements are usually documented in different formats such
as use cases, user stories, natural-language documents, or process specifications.

Review and Retrospective

This step is conducted to reflect on the previous iterations of requirements gathering in a bid to
make improvements in the process going forward. Team members reflect on what happened in
the iteration and identify actions for improvement going forward.
Requirement Analysis Issues

Stakeholder Issues
1. Users do not understand what they want or users don't have a clear idea of their
requirements
2. Users will not commit to a set of written requirements
3. Users insist on new requirements after the cost and schedule have been fixed
4. Communication with users is slow
5. Users often do not participate in reviews or are incapable of doing so
6. Users are technically inexperienced
7. Users do not understand the development process
8. Users do not know about present technology

This may lead to a situation where user requirements keep changing even when the system or
product development has been started.

Engineer/developer issues
Possible problems caused by engineers and developers during requirements analysis are:
1. A natural inclination towards writing code can lead to implementation beginning before the
requirements analysis is complete, potentially resulting in code changes to meet actual
requirements once they are known.
2. Technical personnel and end-users may have different vocabularies. Consequently, they may
wrongly believe they are in perfect agreement until the finished product is supplied.
3. Engineers and developers may try to make the requirements fit an existing system or model,
rather than develop a system specific to the needs of the client.

Requirement Analysis Techniques

Requirement analysis techniques are mainly used to map the business workflow so that you can
analyze, understand and make required changes to that workflow or process. There are various
requirement analysis techniques that can be used for software development process (Guru99,
2020).

1. Business Process Modeling Notation (BPMN)

This technique is similar to creating process flowcharts, although BPMN has its symbols and
elements. Business process modeling and notation are used to create graphs for the business
process. These graphs simplify understanding the business process. BPMN is widely popular as
a process improvement methodology.

A well design BPMN model should be able to give the detail about the activities carried out
during the process like,
▪ Who is performing these activities?
▪ What data elements are required for these activities?
The biggest benefit of using BPMN is that it is easier to share, and most modeling tools support
BPMN.

2. UML (Unified Modeling Language)

UML consists of an integrated set of diagrams that are created to specify, visualize, construct,
and document the artifacts of a software system. UML is a useful technique while creating
object-oriented software and working with the software development process. In UML, graphical
notations are used to represent the design of a software project. UML also helps in validating
the architectural design of the software.

3. Flowchart Technique
A flowchart illustrates the sequential flow and control logic of a set of activities that are related.
Flowcharts are in different formats such as linear, cross-functional, and top-down. A flow chart
can be used for different activities like representing data flows, system interactions, etc. The
advantage of using Flowchart is that it can be easy to read and write for both the technical and
non-technical team members, and can show the parallel process by function, critical attributes
of a process, etc.

4. Data Flow Diagram

This technique is used to visually represent systems and processes that are complex and
difficult to describe in text. Data flow diagrams represent the flow of information through a
process or a system. It also includes the data inputs and outputs, data stores, and the various
sub process through which the data moves. DFD describes various entities and their
relationships with the help of standardized notations and symbols. By visualizing all the
elements of the system it is easier to identify any shortcomings. These shortcomings are then
eliminated in a bid to create a robust solution.

5. Role Activity Diagrams (RAD)

The Role-activity diagram (RAD) is a role-oriented process model that represents role-activity
diagrams. Role activity diagrams are a high-level view that captures the dynamics and role
structure of an organization. Roles are used to grouping together activities into units of
responsibilities. Activities are the basic parts of a role. An activity may be either carried out in
isolation or it may require coordination with other activities within the role.

6. Gantt Charts
Gantt charts are used in project planning as they provide a visual representation of tasks that
are scheduled along with the timelines. The Gantt charts help to know what is scheduled to be
completed by which date. The start and end dates of all the tasks in the project can be seen in a
single view.
7. IDEF (Integrated Definition for Function Modeling)
Integrated definition for function modeling (IDEFM) technique represents the functions of a
process and their relationships to child and parent systems with the help of a box. It provides a
blueprint to gain an understanding of an organization’s system. It is used for modeling activities
necessary to support system analysis, design or integration.

8. Workflow Technique
Workflow technique is a visual diagram that represent one or more business processes to clarify
understanding of the process or to make process improvement recommendations. Just like
other diagrams like flowcharting, UML activity and process map, the workflow technique is
the oldest and popular technique. It is even used by BA for taking notes during requirements
elicitation. The process comprises of four stages:
•Information Gathering
•Workflow Modeling
• Business process Modeling
•Implementation, Verification & Execution

9. Object Oriented Methods

Object-oriented modeling method uses object oriented paradigm and modeling language for
designing a system. It emphasis on finding and describing the object in the problem domain.
The purpose of object oriented method is:
• To help characterizing the system
• To know what are the different relevant objects
•How to specify or model a problem to create effective design
• To analyze requirements and their implications
10. Gap Analysis
Gap analysis is a technique that helps to analyze the gaps in the performance of a software
application to determine whether the business requirements are met or not. It also involves the
steps that are to be taken to ensure that all the business requirements are met successfully.
Gap denotes the difference between the present state and the target state. Gap analysis is also
known as need analysis, need assessment, or need-gap analysis.

Various stages of Gap Analysis include:

• Review System
•Development Requirements
• Comparison
•Implications
• Recommendations

Lecture 6

Prototyping
It is a useful approach to requirement analysis and system development. It is highly considered
by Management Information System (MIS) managers as a suitable solution to numerous
executive problems and more useful in the development support of the
applications.
It refers to an initial stage of a software release in which developmental evolution and product
fixes may occur before a more significant release is initiated. These kinds of activities can also
sometimes be called a beta phase or beta testing, where an initial project gets evaluated by a
smaller class of users before full development.

Prototype
A prototype is a working model of software with some limited functionality. The prototype does
not always hold the exact logic used in the actual software application and is an extra effort to
be considered under effort estimation.
It is a draft version of a product that allows you to explore your ideas and show the purpose
beyond a feature or the overall design concept to users before investing time and money into
the development.

Benefits of Prototyping
Better Quality System Delivered
Sometimes a developer may not fully understand what the end-user is expecting. Prototyping
enables any misunderstandings to be identified and sorted out early on in the process.

Identify Problems Early On

A working system is available early on in the process. The user can identify possible
improvements that can be made before the system is completed.
End-User Involvement
The end-user feels more involved in the development of the system and will 'buy' into it.

Fulfill User Requirements

A system that has been through Prototyping will generally have an improved design quality and
will be far closer to what the user needs.

Cost Savings
It is far less expensive to rectify problems with the system in the early stages of development
than towards the end of the project.

Training
The prototype can eventually help train staff while the entire system is still being fully developed.
Best Practices of Prototype

Few things which you should know during the prototyping process:
•It would help if you used Prototyping when the requirements are unclear.
•It is essential to perform planned and controlled Prototyping.
• Regular meetings are vital to keep the project on time and avoid costly delays.
• The users and the designers should be aware of the prototyping issues and pitfalls.

Types of Prototype
There are two types of prototypes, the Type I prototype which eventually becomes the
operational system and the Type II prototype which is the throwaway model that serves as the
blueprint for the operational system.

Development of a Type I Prototype

1. Identify user needs.
2. Develop a prototype.
3. Determine if the prototype is acceptable.
4. Use the prototype. The prototype becomes the operational system.
Development of a Type II Prototype
5. Code the operational system.
6. Test the operational system.
7. Determine if the operational system is acceptable.
8. Use the operational system.

Prototypes can be both physical and virtual

Virtual Prototyping
as a technology involves the creation and use of virtual models for presentation, testing and
analyzing of particular details before creating the real physical models or optimizing parameters
in parallel with physical prototypes.

Physical Prototyping
involves the creation of element models including functional ones in small quantities compared
to the manufacturing ones. When a combination of the two technologies is possible, significant
reduction in costs and production time can be achieved with minimal risk of hidden deficiencies
occurring in series production.
Phases of the Prototyping Model

Prototyping follows the SDLC (System Development Life Cycle) Phases.

1. Requirement Analysis
A prototyping model starts with requirement analysis. In this phase, the requirements of the
system are defined in detail. In this phase, the client is interviewed to determine his expected
output in the system.

2. Quick Design
It is the initial design or short design. In this phase, a simple design of the system is created.
However, it is not a complete design. It gives a brief idea of the system to the user. The quick
design helps in developing the prototype.

3. Build a Prototype
In this phase, an actual prototype is designed based on the information gathered from a quick
design. It is a small working model of the required system.

4. User Evaluation
In this phase, the proposed system is presented to the client for an initial evaluation. At this
level, it identifies the strength and weaknesses of the working model. Comment and
suggestions are collected from the customer and provided to the developer.

5. Refining Prototype
If the client is not satisfied with the new prototype, refining is needed according to the user's
feedback and suggestions. When the client conforms to the developed prototype, a final system
is developed based on the approved final prototype.

6. Implement the Product and Maintain

When the final system is developed based on the final prototype, it is thoroughly tested and
deployed to production. The system undergoes routine maintenance for minimizing downtime
and prevent large-scale failures.

What is Quality?
Quality is tough to define, and it is stated: "Fit for use or purpose." It is all about gathering the
needs and expectations of customers concerning functionality, design, reliability, durability, &
price of the product.
Software quality refers to the degree a system, component, or process conforms to specific
requirements or expectations. In many cases, end-users know "quality" software when they see
it. This software is easy to use and error-free. It also enables users to perform tasks quickly and
effortlessly, on any device, and at any time.

What is Assurance?
Assurance is nothing but a constructive declaration on a product or service, which gives
confidence. It is the certainty of a product or a service that will work well. It provides a guarantee
that the product will work without any problems as per the expectations or requirements.

What is Quality Assurance (QA)?

is a procedure to safeguard the quality of software products or services provided to the clients
by an organization.
Quality assurance emphasizes on refining the software development process and making it
efficient and effective as per the quality standards defined for software products. Quality
Assurance is well known as QA Testing.

Process of Quality Assurance (QA)?

Quality Assurance (QA) starts and sustains set requirements for developing or manufacturing
reliable products. A quality assurance system is meant to increase customer confidence and a
company's credibility, while also improving work processes and efficiency, and it enables a
company to better compete with others.

Quality assurance has a defined cycle called the PDCA cycle or the Deming cycle. The phases
of this cycle are:

1. Plan
The organization must plan and establish the process related objectives and determine the
operations required to deliver a high-Quality end product.

2. Do
Development and testing of Processes and also "do" changes in the processes.

3. Check
Monitoring of processes, modify the processes and check whether it meets the predetermined
objectives

4. Act
Implement actions that are necessary to achieve improvements in the processes.
Quality Assurance Certifications
There are numerous certifications available in the industry to ensure that Organizations follow
Standards Quality Processes. Customers make this as qualifying criteria while selecting a
software vendor.

ISO 9000
The ISO (International Organization for Standardization) was first established in 1987, and it is
related to Quality Management Systems. This standard helps the organization ensure quality to
its customers and other stakeholders. An organization who wishes to be certified as ISO 9000 is
audited based on their functions, products, services, and their processes. The main objective is
to review and verify whether the organization follows the procedure as expected and check
whether existing processes need improvement.

Lecture 7

What is Privacy

It defines the personal information of an individual that are not exposing online or the data that
cannot be produce or share without the consent or permission of the owner. For example a lot
of website asks for name and birthday for registration.

For the well-skilled hackers those information are more than enough to hacked and reach our
privacy and create falls identity. Also they can access even the secured bank accounts. So
better be careful about when and where input data.

The 21st century generation or the computer era makes a huge change to the community and
individual, it means the more people expose to the internet the more privacy and security needs
to be implemented.

Four Types of Privacy Harms

1. Intrusion
•Unwanted email (Spam)
•Unwanted phone calls

2. Information Collection
• Surveillance
•Wiretapping

3. Information Processing
•Identification theft
•Data Mining
4. Information Dissemination
• Breach of confidentiality
•Appropriation (Pretending to be someone)

Different Type of Information at Risk

1. Mother and fathers name
2. Address
3. Phone and Cellphone number
4. Email address
5. Complete Name
6. School or job
7. Bank accounts

Different examples of Anti-Virus

1. ESET
2. KASPERSKY
3. AVAST
4. F-SECURE
5. NORTON
6. SMADAV

Different Internet Threats

Malware
• Stands for malicious software
•Originated in the Pandacan of Manila in th Philippines
• May 5, 2000

Virus
• Designed to replicate and transfer from one computer to another.

Worm
• Programs that transfer from one computer to another by any types of means. Ex. ILOVEYOU
VIRUS

ILOVEYOU VIRUS
•Also known as Love Bug or Love Letter
• Spreading as an email message with the subject line “ILOVEYOU” and the attachment
“LOVE-LETTER-FOR-YOU.txt.vbs” (‘ybs’, a type of interpreted file) was most often hidden by
default on Windows computers of the time.
Trojan
• Programs that disguises as a valuable programs but once downloaded or installed, leaves
your computer unsecured.

Spyware
• Runs in the Background without the user knowing and also known as spy its purpose is to
monitor what the user are currently doing and typing.

Adware
• Designed to send you advertisement as pop-ups.

Ransomware
• Its main purpose is to threaten to publish the user’s information or data block access to it
unless a ransom is paid.

Spam
• It is the unwanted email mostly form bots or advertisement the sends to your emails.

Phishing
• It is the unwanted acquisition of someone’s personal data like passwords and back accounts
and other credentials.

Intellectual Property Right

Intellectual Property Rights (IPRs) are the lawful rights that occur in particular types of inventive
works. There are works exist spontaneously and others need to be registered to be effective.
There are possibilities that a quantity of these rights may occur concurrently in one type of work

The Importance of Intellectual Property Rights

The purpose of intellectual property rights is to encourage new creations, including technology,
artwork, and inventions, that might increase economic growth. Intellectual property rights
increase the incentives for individuals to continue to produce things that further create job
opportunities and new technologies, while enabling our world to improve and evolve even faster.

Types of Intellectual Property

Intellectual property is a human intellectual property to legal protection of the product or value
that they made. It has distinct types of property: copyrights, patents, trademarks, trade secrets,
and (in some jurisdictions) certain types of ideas.

Trademark
Word or Figurative is a trademark which recognizes products or services of a particular source
from those of others. In the marketing advertisement it is a common occurrence to see new
signs launched in the communication. These signs are usually sub-brands which, together or
not with the main brand of the company, emerge as a brand-new communication to launch a
new product, service or advantage for the relevant public. Being distinctive signals and
respecting the principle of novelty for marks, they should be registered as trademarks.

Trade Secret
The word trade secret refers to a special intellectual property (IP) resource that is unique and
not reasonably noticeable by others. Businesses generally leverage trade secret protection to
attain a business advantage over their competitors. Some refer to trade secrets simply as
“confidential information.” Trade secret. (n.d).
Examples:
• Max Fried Chicken Ingredients
• Coco Cola Formula
•WD 40 Chemical Formula

Patent
Patents ( Types of Intellectual Property Rights. (n.d.)) protect inventions. Inventions relate either
to a product or a process to make a product. These products and processes should deal with
new functional and technical aspects and so mainly relate to:
a) How things work;
b) What they are made of;
c) How they are made;
d) What they do; or
e) How they do it.
An invention must be new and inventive to be protected by a patent. This means that the
invention must not have been made available to the public anywhere else in the world and must
not be an obvious product or process to have been invented. A patent gives an absolute
monopoly right. Protection is only available if registration is obtained and then lasts for 20 years
starting from the date the patent application was filed.

Copyright
Copyright protects a massive array of different works. Copyright only protects the form in which
ideas are expressed and not the idea or concept itself. Copyright can arise separately in each of
the following:
Policies And Procedures
The term policy from the middle English term “policie” which means “government” or “civil
administration” and that word was originated from the latin “politia” meaning “polity,” a politically
united by the group of any kind while a procedure, came from the French “procedure,” fact or
manner of proceeding.

Importance of Policies and Procedure in Information Technology

• Providing security due to the threats are on the rise for an organization. (Lorenzen & Follow,
n.d.)
• Fight threats such as ransomware, email phishing, and lack of security training. (Lorenzen &
Follow, n.d.)
•Guided on how an organization wishes to implement, operate, and manage technology in a
way that enables the organization to meet legal and ethical considerations. (Lorenzen & Follow,
n.d.)

What are the IT Policies?

IT policy describes the development, implementation and secures information technology of an
organization. IT policies regularly practiced, expectations must be defined clearly, and up-to-
date and appropriate to the organization (Lorenzen & Follow, n.d.).
Policy Makers
These personnel must be always present in making policy especially in the process of
consultation i.e. Management Committee, Board of Directors, Executives.

Steps in Developing a Policy

1. Determine the purpose.
2. Identify the person/s to coordinate the policy development process.
3. Gather information.
4. Draft Policy.
5. Consultation.
6. Approve Policy.
7. Implement.
8. Monitor, Review, Revise

Policy Template Structure

• Policy Statement
• Purpose
•Definition of Term
• Procedure
• Related Forms

IT Procedures
As stated by (Lorenzen & Follow, n.d.) a procedure outlines the implementing policy plan of
action. A well-defined procedure must be unambiguous, precise, and determine precise actions.
These specific actions should also detail when the actions should take place, alternative
actions, emergency procedures, warnings and cautions, and examples.

Procedure Writing Tips

A written procedure is a direct guide of the reader task which in an orderly manner. In which in
developing a procedure you have to read a lot about procedure before you begin in writing it
and always bare in mind the preparation, writing and follow up major steps.
Why is it Important to Follow Rules and Procedures at Work?
Policies and procedures are one thing that makes an organization a corporation. After the
employees, it is the policies that determine the form and culture of the organization. Therefore,
any employee in the company should obey the rules.
Employees must obey the policies and procedures when working with the company. By
involving certain policies in the workplace, there would be a sort of professionalism and
seriousness among workers that can contribute to improved efficiency.
If the rules and policies are broken, then it will have a strong negative impact on the
organization. Violation of laws will lead to a decline in corporate culture and ethics.