9

Unit 2: Requirement Concept

 Requirements are the functions and qualities we want of a product.

 What are stakeholders? Each interested parties in system such as developers; users, clients
 Ex: hotel reservation stakeholders: hotel owners, receptionists, customers and anyone access to make reservation

 What are categories of problems? Late delivery, expensive, does not deliver user needs, System is unreliable (error).

 What are reasons of problems in Software Products? A lack of understanding, a lack of clear agreement
 Why specification of requirements is not an easy task?
- It is not stable (keep changing within time) - Stakeholders do not have the same view or priorities.

Requirements need to be:

1. Necessary & traceable: fulfill a purpose, its source is clear. 2. Complete: all functionality should be described.

3. Consistent: should not contradict each other. 4. Verifiable: possible to check that is implemented.
5. Non-ambiguous & realistic 6.Independent of design.

Discuss requirements engineering process:

1. Input: for hotel system: Stakeholder needs - domain information (room's id)-regulations – an acknowledgement.
2. Output: (contract) Requirements document and models).

3. Activities:
a) Requirements elicitation: consulting stakeholders, reading documents, understanding domain.

What are techniques for elicitation? Interviewing, brainstorming, meetings.

b) Analysis & negotiation: categories, priorities, completeness and unambiguous.

c) Requirements documentation: records decisions, reference for what should be built.

d) Requirements validation: ensuring that the requirements are of sufficient quality.

Requirements dependencies: it conflict with each other (small screen size – scrolling text) portability conflicts usability
Requirement specification: translating information into a document that defines set of requirements;
It includes two types of requirements: User requirements software requirements.

What are categories of requirements? Functional requirements and non-functional requirements

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 10

Functional Requirements: (FR) describes the behavior of the system- (essential, core requirements)
 Not a quality – for example, ‘fast’ is quality so it not functional requirements (adjectives).
 Actions the product must take (check, calculate, record). "Verbs are functions"(fundamental purpose).

 FR help a developer to identify minimum cost & time that are needed, FR should be prioritized.
 Types of functional requirements:
a. Business requirement: (tasks that system should do, not how).
b. Technical solution requirements: a constraint on product due to technology of solution.

 Example of functional requirements:

1. X must check a user’s identity: Functional, business requirement (states what needs to be done, not how).

2. X must check a user’s password: Functional, technical solution requirement (access to the system can be
achieved in many ways: passwords are just one mechanism.

3. X must produce a statement of the user’s account: Functional, business.

What are needed steps to eliciting functional requirements?

1. Understand the domain. 2. Define system scope, and business events. 3. Draw up a set of use cases.
4. Describe each use case by scenarios (steps). 5. Work through each step to determine requirements.
6. Check for similar requirements. 7. Search out and remove ambiguity.

Natural language "NL" sources of ambiguity: Using pronouns (it, their, etc.) - a word may have multiple meanings
 How to solve ambiguity? Avoid pronouns, record abbreviations & definitions for technical meaning words

 In writing requirements document you should take care of the following:

1. Write clear statements, (constrained). 2. Write abstract statements for stakeholders (user requirements).
3. Do not write solutions, only requirements 4. Write functions details for designers (software requirements).

Non-Functional Requirements (NFR): is a requirement about a quality that product must have. Examples of NFR:
- X must validate user’s identity and password within 3 seconds.
- X must be usable by users with limited dexterity (expertise).

- X must operate in arctic climates. - X must work fast, secure, etc.

Important: NFR is associated with FR in requirements document, NFR is as constraints on FR requirements

"The system shall accept a credit card number from a client." This is a functional requirement.
"Need for the function to be done securely and within a given amount of time" Associated NFR.

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 11
NFR Types

1. Look-and-feel requirements –appearance, (Product match with the user-interface guidelines (user needs).

2. Usability requirements: ease of use, easy to learn (reservation websites, "nuclear control").
3. Performance requirements: how fast, safe and accurate, (speed, capacity, Accuracy, reliability).
4. Operational requirements: (factors external to the product) environment, Involves installation needs.

 To find operational requirements Investigate product boundary, consider the needs of adjacent system
Computer security is detection and prevention of unauthorized actions by users of a system
5. Maintainability & portability requirements: expected changes, time allowed making them.
 Intruders: People, who try to read, change or delete the data that is stored in. They may:
 Maintainability A. Keeping
o Hackers who product
test theirupdated B. fixing product when it fails.
skills against.
 Portabilityoconcern need to try
porttosoftware to new hardware environments at some later stage.
Competitors: gain access to commercially secret information.
6. Cultural andopolitical–due
Fraudsters to
trypeople involved
to obtain in development,
financial gain. operation usually arise when:
 Company sells a product in a different country with different culture & language.
 How to protect your own PC by physical means?
7. Legal requirements –It concern
o Providing withtothe
authority law and the
individuals standards
to do that apply to the product.
specific tasks
8. Security requirements:
o Providingcovers confidentiality,
user name integrity,
and password concerned
for accessing with threats against assets
system.
a. Confidentiality protection
o Placing of data
computer in from unauthorized
a room access
to which only andpeople
certain disclosure.
have (physical) access.
b. Integrity refers to consistency of data. c. Availability refers to access by authorized users.

Performance requirements deal with internal factors related to a product such as: security, speed, and size.
Operational requirements concern about external factors related to product "environment of operation".

1. The product use only two colors, lots of animation, large range of exciting sounds.
2. University graduate should be able to learn to use 50% of functionality of product in 2 hours. (Usability)

3. 90% of population should be able to place an order from a web interface within 5 minutes. (Usability)
4. The product shall calculate a guest’s bill in 2 seconds. (performance)
5. The product shall handle up to 10 users simultaneously. (performance)

6. The product shall report wind speeds within 5 miles per hour of the actual speed. (performance)
7. The product shall, on average, operate without failure for 20 days. (performance)

8. Product usable at altitudes up to 1500 m, in icy and wet conditions, and in darkness. (operational)
9. Product used in a standard office environment, except high levels of background noise. (operational)

10. Product needs to be installed at 58 locations of race in 2 days by 3 semi-skilled workers. (operational)
11. Product able to be modified to deal with a new class of a user, with minor changes to European law.
(Maintainability & portability)

12. Product shall be portable to all of operating systems currently used in our Slough office. (Cultural and political)
13. Language used in the interface should be formal polite. (Cultural and political)

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 12

Example for security: the university used a distributed computing LMS, we have following security problems:
14. Disclosure of personal information, educational materials not paid for, assignment solutions.

15. Unauthorized modification of data, alteration to students’ marks.

16. Denial of use or service.

17. Very slow replies to service requests.

Computer security is detection and prevention of unauthorized actions by users of a system

 Intruders: People, who try to read, change or delete the data that is stored in. They may:
o Hackers who test their skills against.
o Competitors: try to gain access to commercially secret information.
o Fraudsters try to obtain financial gain.

 How to protect your own PC by physical means?

o Providing authority to individuals to do specific tasks
o Providing user name and password for accessing system.
o Placing computer in a room to which only certain people have (physical) access.

 What are types of interception: Passive (just listening to the communications)

Active (listening and retransmitting with changes).

 What are Security problems arise with a distributed system?
a. Communication medium is insecure.

b. In an external network, communications will pass through third-party with unknown security measures.

 What are forms of attack?

1. Disclosure (of confidential information), read messages, steal credit card information.
2. Modification unauthorized alteration of data. (change messages), loss of integrity
3. Denial of use or service, denial of network service to its authorized (legitimate) users.

4. Repudiation, user claims that they did not send or receive a message that was sent or received

 Ecommerce: distributed system where commercial transactions take place (online), sale of goods or
services or banking services, so that security is a major issue.
 Firewall is a software used to protect networks (may be hardware).

 Threats and attacks against assets: to ensure that all resources (assets) are accessed and used as
intended, if you can prevent misuse, the computing system is secure.

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 13
Fit Criteria: a quantification or measurement of a requirement that fits the requirement
Criteria added to FR and NFR to make it measurable and testable, if they meet users’ need. Known as fir-criteria.

 A fit criterion is a precise and testable statement of a requirement. It may specify:

 A quantitative measure for some aspect of the system’s behavior or performance.

 Define some other quality that the system must possess if it is to meet the requirement.
What are benefits of attaching fit-criteria to requirements?

o Helps to clarify the requirement.

o Helpful communication or negotiation tool for interacting with different stakeholders.
The parties that need fit criteria are:

 Developers use the fit criteria to develop the product to meet those criteria.
 Testers use fit criteria to determine if the delivered product meets original requirements.

 Clients use the fit criteria as acceptance criteria for the product.
A fit criterion for FR: specifies completion of the function that is specified by functional requirement.

Example 1: FR fit criteria

 If FR is: Send an email to the student after a marked TMA has been uploaded by the tutor,
 Then fit criterion is: an email should indeed be sent to student and reflected in their mailbox.

Example 2: FR fit criteria

 If FR is: The system shall accept a credit card number from a client.

 Then fit criterion is: A valid credit card number has been stored in the system.
A fit criterion for NFR: specifies a value or values, on a particular scale of measurement, that must be attained by the
property or quality with which the requirement is concerned.

Example 1: NFR fit criteria

 If NFR is: The credit card number should be accepted securely.

 Then a fit criterion is: credit card number should be revealed to a third party in less than 0.0001% of cases.
Example 2: NFR fit criteria
If NFR is: the credit card number should be accepted within five seconds.
Then a fit criterion is: statement contains its own fit criterion, as it is already expressed in terms of the quantity time.
Example 3: Usability requirement

For a public information kiosk at a railway station, the usability requirement is as follows.
Description: The kiosk shall be usable by a member of the public who may not speak or read English.

One possible fit criterion is as follows. Fit criterion: 15 out of 20 non-English speakers able to use kiosk without either
referring to online help or walking away without the desired information.

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 14
Volere template is organized into five main sections, each including a number of requirements categories.
- Project drivers
- Project constraints
- Functional requirements
- Non-functional requirements
- Project issues

Advantage of capturing requirements using a template

- The template is divided into a fixed set of categories, which means you are less likely to forget some
types of requirements.
- It also saves having to work out what categories of requirements to deal with each time you start a new
document.
- It helps to communicate requirements to other developers because if there is a standard template then
everyone will know what information to expect and in what order.
- It might also allow projects to be compared and even requirements to be reused more easily.

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]
 15

Sommerville distinguishes two types of requirements as follows:

Requirements specification [is] the activity of translating the information gathered during the analysis
activity into a document that defines a set of requirements. Two types of requirements may be included in
this document. User requirements are abstract statements of the software requirements for the customer
and end-user of the system; system requirements are a more detailed description of the functionality to be
provided
NFR Important examples
1 the product shall comply with the iOS human interface guidelines
2 the product shall use only two colours
3 the product should use a lot of animation
4 The product shall use a large range of exciting sounds.
5 a university graduate should be able to learn to use 50 per cent of the functionality of the
product in 2 hours
6 ninety per cent of the general population should be able to place an order from a web interface
within 5 minutes – 90 per cent of elderly users should be able to place an order from a web
interface within 10 minutes
7 it should be possible to use the system to pay in different currencies
8 The system should comply with the Disability Discrimination Act.
9 the product shall calculate a guest’s bill in 2 seconds
10 the product shall handle up to 10 users simultaneously
11 the product shall report wind speeds within 5 miles per hour of the actual speed
12 The product shall, on average, operate without failure for 20 days.
13 the product shall be usable above an altitude of x, in icy and wet conditions, and both in the dark
and in bright sunshine
14 the product will be used in a standard office environment, except that high levels of background
noise may occur
15 the product will need to be installed at 58 locations around the proposed route of the race in 2
days by 3 semi-skilled workers
16 Keeping the product updated in the light of expected changes.
17 Fixing the product when it fails.
18 the product shall be able to be modified to cope with a new class of user
19 the product shall be able to be modified to cope with minor changes to European law that occur
every six months on average
20 The product shall be portable to all the operating systems currently used in our Slough office.
21 The language used in the interface should be formal and polite.
22 There are penalties for non-conformance with the law: fines, imprisonment and loss of
reputation.
23 ‘crackers’ who test their skills against the security measures of a system for their personal
pleasure
24 competitors who try to gain access to commercially secret information
25 Fraudsters who try to obtain financial gain from the owner of the system or some third party.

Kuwait – Salmiya – Salem Al-Mubarak St. North Salmiya Market Complex 2nd floor.
 (965) 2572 6686 - 2571 4343  (965) 2571 0775  [email protected]