Dr. Hyunju Kim, Jackson State University 08/2012 2 Requirements Engineering (RE) The process of establishing the services that the customer requires and the constraints under which it operates and is developed. The requirements themselves are the descriptions of the system services and constraints. Dr. Hyunju Kim, Jackson State University 08/2012 3 Types of Requirements User requirements Statements in natural language plus diagrams of the services the system provides and its operational constraints Written for customers System requirements A structured document setting out detailed descriptions of the systems functions, services and operational constraints Defines what should be implemented so may be part of a contract between client and contractor Dr. Hyunju Kim, Jackson State University 08/2012 4 User and System Requirements Dr. Hyunju Kim, Jackson State University 08/2012 5 Functional and Non-functional Requirements Functional requirements Statements of services the system should provide, how the system should react to particular inputs and how the system should behave in particular situations Non-functional requirements Constraints on the services or functions offered by the system such as timing constraints, constraints on the development process, standards, etc. Domain requirements Requirements that come from the application domain of the system and that reflect characteristics of that domain Dr. Hyunju Kim, Jackson State University 08/2012 6 Functional Requirements Describe functionality or system services Depend on the type of software, expected users and the type of system where the software is used Functional user requirements may be high-level statements of what the system should do. Functional system requirements should describe the system services in detail. Dr. Hyunju Kim, Jackson State University 08/2012 7 Functional Requirements for the MHC-PMS A user shall be able to search the appointments lists for all clinics. The system shall generate each day, for each clinic, a list of patients who are expected to attend appointments that day. Each staff member using the system shall be uniquely identified by his or her 8-digit employee number. Dr. Hyunju Kim, Jackson State University 08/2012 8 Requirements Imprecision Problems arise when requirements are not precisely stated. In Requirement #1, User intention: search for a patient name across all appointments in all clinics Developer interpretation: search for a patient name in an individual clinic. User chooses clinic then search. Dr. Hyunju Kim, Jackson State University 08/2012 9 Requirements Completeness and Consistency In principle, requirements should be both complete and consistent. Complete: should include descriptions of all facilities required. Consistent: should be no conflicts or contradictions in the descriptions of the system facilities. In practice, it is impossible to produce a complete and consistent requirements document. Dr. Hyunju Kim, Jackson State University 08/2012 10 Non-functional Requirements Define system properties and constraints: Properties Reliability, response time, and storage requirements Constraints I/O device capability, system representations, etc. May include process constraints: A particular CASE system, programming language or development method. Non-functional requirements may be more critical than functional requirements. If these are not met, the system is useless. Dr. Hyunju Kim, Jackson State University 08/2012 11 Types of Non-functional Requirements Product requirements Specify that the delivered product must behave in a particular way Examples: execution speed, reliability, etc. Organizational requirements A consequence of organizational policies and procedures Examples: process standards used, implementation requirements, etc. External requirements Arise from factors which are external to the system and its development process Examples: interoperability requirements, legislative requirements, etc. Dr. Hyunju Kim, Jackson State University 08/2012 12 Types of Non-functional Requirements (cont.) Dr. Hyunju Kim, Jackson State University 08/2012 13 Examples of Non-functional Requirements (MHC-PMS) Product requirement The MHC-PMS shall be available to all clinics during normal working hours (MonFri, 083017.30). Downtime within normal working hours shall not exceed five seconds in any one day. Organizational requirement Users of the MHC-PMS system shall authenticate themselves using their health authority identity card. External requirement The system shall implement patient privacy provisions as set out in HStan-03- 2006-priv. Dr. Hyunju Kim, Jackson State University 08/2012 14 Goals and Requirements Non-functional requirements may be very difficult to state precisely. Imprecise requirements may be difficult to verify. Goal A general intention of the user, such as ease of use. Verifiable non-functional requirement A statement using some measure that can be objectively tested. Dr. Hyunju Kim, Jackson State University 08/2012 15 An Example of Testable Non- functional Requirements The system should be easy to use by medical staff and should be organized in such a way that user errors are minimized. (Goal) Medical staff shall be able to use all the system functions after four hours of training. After this training, the average number of errors made by experienced users shall not exceed two per hour of system use. (Testable non-functional requirement) Dr. Hyunju Kim, Jackson State University 08/2012 16 Metrics for Specifying Non- functional Requirements Property Measure Speed Processed transactions/second User/event response time Screen refresh time Size Mbytes Number of ROM chips Ease of use Training time Number of help frames Reliability Mean time to failure Probability of unavailability Rate of failure occurrence Availability Robustness Time to restart after failure Percentage of events causing failure Probability of data corruption on failure Portability Percentage of target dependent statements Number of target systems Dr. Hyunju Kim, Jackson State University 08/2012 17 Domain Requirements Derived from the application domain and describe system characteristics and features that reflect the domain Domain requirements may be new functional requirements, constraints on existing requirements or define specific computations. If domain requirements are not satisfied, the system may be unworkable. Dr. Hyunju Kim, Jackson State University 08/2012 18 An Example of Domain Requirements The deceleration of the train shall be computed as: D train = D control + D gradient where D gradient is 9.81ms 2 * compensated gradient/alpha and where the values of 9.81ms 2 /alpha are known for different types of train. Dr. Hyunju Kim, Jackson State University 08/2012 19 Problems with Domain Requirements Understandability Requirements are expressed in the domain language. This is often not understood by software engineers developing the system. Implicitness Domain specialists understand the area so well. They do not think of making the domain requirements explicit. Dr. Hyunju Kim, Jackson State University 08/2012 20 The Software Requirements Document The software requirements document is the official statement of what is required of the system developers. Should include both a definition of user requirements and a specification of the system requirements. It is NOT a design document. It should set of WHAT the system should do rather than HOW it should do it. Dr. Hyunju Kim, Jackson State University 08/2012 21 Requirements Specification The process of writing the user and system requirements in a requirements document. The requirements may be part of a contract for the system development. It is therefore important that these are as complete as possible. Dr. Hyunju Kim, Jackson State University 08/2012 22 System Requirements Specifications Notation Description Natural language The requirements are written using numbered sentences in natural language. Each sentence should express one requirement. Structured natural language The requirements are written in natural language on a standard form or template. Each field provides information about an aspect of the requirement. Design description languages This approach uses a language like a programming language, but with more abstract features to specify the requirements by defining an operational model of the system. This approach is now rarely used although it can be useful for interface specifications. Graphical notations Graphical models, supplemented by text annotations, are used to define the functional requirements for the system; UML use case and sequence diagrams are commonly used. Mathematical specifications These notations are based on mathematical concepts such as finite-state machines or sets. Although these unambiguous specifications can reduce the ambiguity in a requirements document, most customers dont understand a formal specification. They cannot check that it represents what they want and are reluctant to accept it as a system contract Dr. Hyunju Kim, Jackson State University 08/2012 23 Guidelines for Writing User Requirements Invent a standard format and use it for all requirements. Use language in a consistent way. Use shall for mandatory requirements, should for desirable requirements. Use text highlighting to identify key parts of the requirement. Avoid the use of computer jargon. Dr. Hyunju Kim, Jackson State University 08/2012 24 Structured Specifications A predefined template for requirements is provided. Thus, all requirements are written in a standard way. The terminology used in the description may be limited. Advantages Most of the expressiveness of natural language is maintained. A degree of uniformity is imposed on the specification. Dr. Hyunju Kim, Jackson State University 08/2012 25 Examples of Structured Specifications Dr. Hyunju Kim, Jackson State University 08/2012 26 Examples of Structured Specifications (cont.) Insulin Pump/Control Software/SRS/3.3.2 Function Compute insulin dose: Safe sugar level Description Computes the dose of insulin to be delivered when the current measured sugar level is in the safe zone between 3 and 7 units. Inputs Current sugar reading (r2), the previous two readings (r0 and r1) Source Current sugar reading from sensor. Other readings from memory. Outputs CompDose the dose in insulin to be delivered Destination Main control loop Action: CompDose is zero if the sugar level is stable or falling or if the level is increasing but the rate of increase is decreasing. If the level is increasing and the rate of increase is increasing, then CompDose is computed by dividing the difference between the current sugar level and the previous level by 4 and rounding the result. If the result, is rounded to zero then CompDose is set to the minimum dose that can be delivered. Requires Two previous readings so that the rate of change of sugar level can be computed. Pre-condition The insulin reservoir contains at least the maximum allowed single dose of insulin.. Post-condition r0 is replaced by r1 then r1 is replaced by r2 Side-effects None Dr. Hyunju Kim, Jackson State University 08/2012 27 Examples of Structured Specifications (cont.) Dr. Hyunju Kim, Jackson State University 08/2012 28 Requirements Engineering (RE) Processes The processes used for RE vary widely depending on the application domain, the people involved and the organization developing the requirements. However, there are a number of generic activities common to all processes. Requirements elicitation Requirements analysis Requirements validation Requirements management Dr. Hyunju Kim, Jackson State University 08/2012 29 A Spiral View of the RE Process Dr. Hyunju Kim, Jackson State University 08/2012 30 Elicitation and Analysis Sometimes called requirements elicitation or requirements discovery Involves technical staff working with customers to find out about the application domain, the services that the system should provide and the systems operational constraints. May involve end-users, managers, engineers involved in maintenance, domain experts, trade unions, etc. These are called stakeholders. Dr. Hyunju Kim, Jackson State University 08/2012 31 Problems of Requirements Analysis Stakeholders dont know what they really want. Stakeholders express requirements in their own terms. Different stakeholders may have conflicting requirements. Organizational and political factors may influence the system requirements. The requirements change during the analysis process. New stakeholders may emerge, and the business environment changes. Dr. Hyunju Kim, Jackson State University 08/2012 32 Requirements Elicitation and Analysis Activities Requirements discovery Interacting with stakeholders to discover their requirements Domain requirements are also discovered at this stage. Requirements classification and organization Groups related requirements and organizes them into coherent clusters Prioritization and negotiation Prioritizing requirements and resolving requirements conflicts Requirements specification Requirements are documented and input into the next round of the spiral. Dr. Hyunju Kim, Jackson State University 08/2012 33 Requirements Discovery The process of Gathering information about the proposed and existing systems Distilling the user and system requirements from this information Interactions with system stakeholders from managers to external regulator Systems normally have a range of stakeholders. Dr. Hyunju Kim, Jackson State University 08/2012 34 Stakeholders in the MHC-PMS Patients whose information is recorded in the system. Doctors who are responsible for assessing and treating patients. Nurses who coordinate the consultations with doctors and administer some treatments. Medical receptionists who manage patients appointments. IT staff who are responsible for installing and maintaining the system. A medical ethics manager who must ensure that the system meets current ethical guidelines for patient care. Health care managers who obtain management information from the system. Medical records staff who are responsible for ensuring that system information can be maintained and preserved, and that record keeping procedures have been properly implemented. Dr. Hyunju Kim, Jackson State University 08/2012 35 Interviewing Formal or informal interviews with stakeholders are part of most RE processes. There are two types of interview: Closed interviews where a pre-defined set of questions are answered. Open interviews where there is no pre-defined agenda and a range of issues are explored with stakeholders. Effective interviewing Be open-minded, avoid pre-conceived ideas, and listen to stakeholders. Prompt the interviewee to get discussions going using a springboard question, a requirements proposal, or by working together on a prototype system. Dr. Hyunju Kim, Jackson State University 08/2012 36 Scenarios Real-life examples of how a system can be used They should include A description of the starting situation A description of the normal flow of events A description of what can go wrong Information about other concurrent activities A description of the state when the scenario finishes Dr. Hyunju Kim, Jackson State University 08/2012 37 Use Cases Use cases are a scenario based technique in the UML (Unified Modelling Language) which identify the actors in an interaction and which describe the interaction itself. A set of use cases should describe all possible interactions with the system. Sequence diagrams and/or written specifications may be used to add detail to use cases by showing the sequence of event processing in the system. Dr. Hyunju Kim, Jackson State University 08/2012 38 Use Cases for the MHC-PMS Dr. Hyunju Kim, Jackson State University 08/2012 39 Security Requirements Non-functional security requirements Related to security constraints or properties from technical environment Availability Functional security requirements Related to input and output of a system and also the functions to be performed for a specific input Encryption Sources of security requirements Scenarios; user stories; use cases; misuse cases Dr. Hyunju Kim, Jackson State University 08/2012 40 Misuse Cases Use cases from an attackers point of view Describe scenarios of malicious acts against a system Identify negative scenarios or threats May lead to new requirements, which can be expressed in new use cases mitigating misuse cases Misuse cases are presented along with use cases. Misuse case: a sequence of actions that can be performed by any person/entity in order to harm the system Misuser: an actor that initiates the misuse cases Threatens relation: A misuse case can threaten a use case by exploiting it or hindering it. Mitigates relation: A use case can mitigate the chance of a misuse case. Dr. Hyunju Kim, Jackson State University 08/2012 41 Examples of Misuse Cases Steal the car Short the ignition Source: M. Imran Daud, Secure Software Development Model: A Guide for Secure Software Life Cycle, Proceedings of the International Multi Conference on Engineers and Computer Scientists, vol. I, March 2010. Dr. Hyunju Kim, Jackson State University 08/2012 42 The attacker has to now do a Steganalysis to detect the presence of secretly hidden Information (ciphertext) and then do a Cryptanalysis on the extracted ciphertext to extract the plaintext. Dr. Hyunju Kim, Jackson State University 08/2012 43 Requirements Validation Concerned with demonstrating that the requirements define the system that the customer really wants. Validation is very important. Fixing a requirements error after delivery may cost up to 100 times the cost of fixing an implementation error. Dr. Hyunju Kim, Jackson State University 08/2012 44 Requirements Checking Validity Does the system provide the functions which best support the customers needs? Consistency Are there any requirements conflicts? Completeness Are all functions required by the customer included? Realism Can the requirements be implemented given available budget and technology? Verifiability Can the requirements be checked? Dr. Hyunju Kim, Jackson State University 08/2012 45 Requirements Validation Techniques Requirements reviews Systematic manual analysis of the requirements Prototyping Using an executable model of the system to check requirements Test-case generation Developing tests for requirements to check testability Dr. Hyunju Kim, Jackson State University 08/2012 46 Requirements Reviews Regular reviews should be held while the requirements definition is being formulated. Both client and contractor staff should be involved in reviews. Reviews may be formal (with completed documents) or informal. Good communications between developers, customers and users can resolve problems at an early stage. Questions Is the requirement realistically testable? Is the requirement properly understood? Is the origin of the requirement clearly stated? Can the requirement be changed without a large impact on other requirements? Dr. Hyunju Kim, Jackson State University 08/2012 47 Requirements Management The process of managing changing requirements during the RE process and system development Why requirements management? New requirements emerge. Sources: business and technical environments; diverse user communities Need to keep track of individual requirements and maintain links between dependent requirements so that the impact of requirements changes can be assessed. Dr. Hyunju Kim, Jackson State University 08/2012 48 Requirements Evolution Dr. Hyunju Kim, Jackson State University 08/2012 49 Requirements Management Planning Needs to consider the followings: Requirements identification How requirements are individually identified A change management process The process followed when analysing a requirements change Traceability policies The information about requirements relationships that is maintained CASE tool support The tool support required to help manage requirements change Dr. Hyunju Kim, Jackson State University 08/2012