software requirements_se lect8 btech
DESCRIPTION
TRANSCRIPT
– Software Requirements – Descriptions and specifications of a system
Objectives:l To introduce the concepts of user and system
requirementsl To describe functional / non-functional requirementsl To explain two techniques for describing system
requirementsl To explain how software requirements may be
organised in a requirements document
Key Points
Functional and non-functional requirementsUser requirementsSystem requirementsThe software requirements document
What is Requirement Engineering
Requirements engineeringRequirements engineering is the process of establishing l the services that the customer requires from a system l the constraints under which it operates and is developed
RequirementsThe descriptions of the system services and constraints
that are generated during the requirements engineering process
Definition of RE
What are Requirements?
What is a requirement?
• It may range from a high-level abstract statement of a service or of a system constraint to a detailed mathematical functional specification
• This is inevitable as requirements may serve a dual function– May be the basis for a bid for a contract - therefore must be
open to interpretation– May be the basis for the contract itself - therefore must be
defined in detail– Both these statements may be called requirements
Application Domain Machine Domain
D - domain properties
R - requirements
C - computers
P - programs
What are requirements?
• Domain Properties:– things in the application domain that are true whether or not we ever
build the proposed system• Requirements:
– things in the application domain that we wish to be made true by delivering the proposed system
•Many of which will involve phenomena the machine has no access to
• A Specification:– is a description of the behaviours that the program must have in order to
meet the requirements
What are Requirements?
• Two basic principles of requirements engineering:– Separate the problem from the solution– Problems and solutions intertwine with one another
• Describing problems:– Application Domains vs. Machine Domains– Verification vs. Validation
• Systems Engineering– Systems vs. software
• Patterns and Types of Problem– Requirements patterns– Problem Frames
Separate the problem from the solution
• A separate problem description is useful:
– Most obvious problem might not the right one to solve
– Problem statement can be discussed with stakeholders
– Problem statement can be used to evaluate design choices
– Problem statement is a source of good test cases
• Still need to check:– Solution correctly solves
the stated problem– Problem statement
corresponds to the needs of the stakeholders
ProblemStatement
ImplementationStatement
System
Co
rres
po
nd
ence
Co
rrec
tnes
s
Val
idat
ion
Ver
ific
atio
n
ProblemSituation
Fitness for purpose?
• Two correctness (verification) criteria:– The Program running on a particular Computer
satisfies the Specification– The Specification, in the context of the given domain
properties, satisfies the requirements
• Two completeness (validation) criteria:– We discovered all the important requirements– We discovered all the relevant domain properties
Example
• Requirement R– “The database shall only be accessible by authorized
personnel”
• Domain Properties D:– Authorized personnel have passwords– Passwords are never shared with non-authorized
personnel
• Specification S:– Access to the database shall only be granted after the user
types an authorized password.
• S + D entail R
But we can also move the boundaries…• E.g. Elevator control system:
people waiting
people in the elevator
people wanting to go toa particular floor
Elevator motors
Elevator call buttons
Floor request buttons
Current floor indicators
Scheduling algorithm
Safety rules
Motor on/off
Door open/close
Control programbutton lights
We can shift things around:E.g. Add some sensors to detect when people are waitingThis changes the nature of the problem to be solved
What do Requirements Engineers do?
What do Requirements Engineers do?
• Some notion that there is a “problem” that needs solving– dissatisfaction with the current state of affairs– a new business opportunity– a potential saving of cost, time, resource usage,
etc.
• Requirements Engineer is an agent of change
The requirements engineer must:
The requirements engineer must:
• Identify the “problem”/”opportunity”• Which problem needs to be solved? (identify problem Boundaries)• Where is the problem? (understand the Context/Problem Domain)• Whose problem is it? (identify Stakeholders)• Why does it need solving? (identify the stakeholders’ Goals)• How might a software system help? (collect some Scenarios)• When does it need solving? (identify Development Constraints)• What might prevent us solving it? (identify Feasibility and Risk)• And become an expert in the problem domain
Types of requirement
Types of requirement
• User requirements
• System requirements
• Domain requirements
• Functional requirements
• Non-functional requirements
Types of requirement
• User requirements– Statements in natural language plus diagrams of the
services the system provides and its operational constraints. Written for customers
• System requirements– A structured document setting out detailed descriptions of
the system services. Written as a contract between client and contractor
• Software specification– A detailed software description which can serve as a basis
for a design or implementation. Written for developers
Functional and non-functional requirements
• Domain requirements– Requirements that come from the application domain of
the system and that reflect characteristics of that domain
• Functional requirements– Statements of services the system should provide, how
the system should react to particular inputs and how the system should behave in particular situations.
• Non-functional requirements– constraints on the services or functions offered by the
system such as timing constraints, constraints on the development process, standards, etc.
What are User requirements
User requirements
• Should describe functional and non-functional requirements so that they are understandable by system users who don’t have detailed technical knowledge
• User requirements are defined using natural language, tables and diagrams
What are System requirements
System requirements
– More detailed specifications of user requirements
• Serve as a basis for designing the system
• May be used as part of the system contract
• System requirements may be expressed using system models
What are Domain requirements
Domain requirements
• Derived from the application domain and describe system characteristics and features that reflect the domain
• May be new functional requirements, constraints on existing requirements or define specific computations
• If domain requirements are not satisfied, the system may be unworkable
What are Domain requirements problems
Domain requirements problems
• Understandability– Requirements are expressed in the language of the
application domain– This is often not understood by software engineers
developing the system
• Implicitness– Domain specialists understand the area so well that they
do not think of making the domain requirements explicit
What is Functional Requirement
Functional Requirements
Describe functionality or system services• Depend on the type of software, expected users
and the type of system where the software is used• Functional user requirements may be high-
level statements of what the system should do BUT functional system requirements should describe the system services in detail
The LIBSYS system
• A library system that provides a single interface to a number of databases of articles in different libraries.
• Users can search for, download and print these articles for personal study.
Examples of functional requirements
Examples of functional requirements
• The user shall be able to search either all of the initial set of databases or select a subset from it.
• The system shall provide appropriate viewers for the user to read documents in the document store.
• Every order shall be allocated a unique identifier (ORDER_ID) which the user shall be able to copy to the account’s permanent storage area.
Requirements imprecision
• Problems arise when requirements are not precisely stated
• Ambiguous requirements may be interpreted in different ways by developers and users
• Consider the term ‘appropriate viewers’– User intention - special purpose viewer for each
different document type– Developer interpretation - Provide a text viewer that
shows the contents of the document
Requirements completeness and consistency
• In principle requirements should be both complete and consistentComplete– They should include descriptions of all facilities
requiredConsistent– There should be no conflicts or contradictions in the
descriptions of the system facilities• In practice, it is very difficult or impossible to
produce a complete and consistent requirements document
Types of Non-functional requirement
Non-functional requirement types
Performancerequirements
Spacerequirements
Usabilityrequirements
Efficiencyrequirements
Reliabilityrequirements
Portabilityrequirements
Interoperabilityrequirements
Ethicalrequirements
Legislativerequirements
Implementationrequirements
Standardsrequirements
Deliveryrequirements
Safetyrequirements
Privacyrequirements
Productrequirements
Organizationalrequirements
Externalrequirements
Non-functionalrequirements
Non-functional requirements
• Define system properties and constraints e.g. reliability, response time and storage requirements. Constraints are I/O device capability, system representations, etc.
• Non-functional requirements may be more critical than functional requirements. If these are not met, the system is useless
Non-functional classifications• Product requirements
– Requirements which specify that the delivered product must behave in a particular way e.g. execution speed, reliability, etc.
• Organisational requirements– Requirements which are a consequence of organisational
policies and procedures e.g. process standards used, implementation requirements, etc.
• External requirements– Requirements which arise from factors which are external
to the system and its development process e.g. interoperability requirements, legislative requirements, etc.
Non-functional requirements examples
• Product requirement– 4.C.8 It shall be possible for all necessary communication
between the APSE and the user to be expressed in the standard Ada character set
• Organisational requirement– 9.3.2 The system development process and deliverable
documents shall conform to the process and deliverables defined in XYZCo-SP-STAN-95
• External requirement– 7.6.5 The system shall not disclose any personal
information about customers apart from their name and reference number to the operators of the system
Goals and requirements
• Non-functional requirements may be very difficult to state precisely and imprecise requirements may be difficult to verify.
• Goal– A general intention of the user such as ease of use
• Verifiable non-functional requirement– A statement using some measure that can be
objectively tested• Goals are helpful to developers as they convey
the intentions of the system users
Examples
• A system goal– The system should be easy to use by experienced
controllers and should be organised in such a way that user errors are minimised.
• A verifiable non-functional requirement– Experienced controllers shall be able to use all the system
functions after a total of two hours training. After this training, the average number of errors made by experienced users shall not exceed two per day.
Features of Non-Functional Requirements
1. Non-Functional requirements mostly define the overall attributes of the “resulting” system
– Most of the time these turn out to be “constraints” on how the (functional) requirements are to be met.• (e.g.) Response time must be .xyz second per screen
– Sometimes the functional requirements may have to be “sacrificed or increased” in order to meet the non-functional requirements• (e.g.) in order to satisfy security requirements, we can
not let everyone access the system --- sacrificing some flexibility
• (e.g.) in order to satisfy the reliability requirements, we may add a duplicative functionality to provide another path to achieve the desired result
Features of Non-Functional Requirements
1. Some non-functional requirements may not address the attributes of the resulting system (product), but something else
– (e.g.) the system must be developed with a very risk averse process such as Spiral or the system must be developed with Visual Basic language
IEEE Standard 830 – 1993
• List of 13 non-functional requirements:
1. Performance 2. Interface3. Operational4. Resource5. Verification6. Acceptance7. Documentation8. Security9. Portability10. Quality11. Reliability12. Maintainability13. Safety
Examples?
Some of these also overlap - - - - - -
IEEE Standard 830 – 1993
• List of 13 non-functional requirements Examples:
– Performance: 100 transactions per minute– Interface: capable of importing data with EDI format– Operational: must not require more than 1 megabyte of main memory– Resource: will use wireless encryption algorithm that is “better” than WEP – Verification: all data updates must be traceable– Acceptance: must pass a user defined system test bucket – Documentation: user manual is needed for novice users only– Security: user request to access any data must be authorized first – Portability: the system must operate with “any” relational db systems– Quality: the system must install with zero defect– Reliability: the system must be accessible 99.9 % of the time– Maintainability: the system must be modifiable (e.g. designed with exits) – Safety: the system must not perform “chemical material discard” functions without
“explicit” user authorization.
There may be others that are important such as meeting legal standards thatIs not mentioned in this list
Sommerville’s Classification ofNon-Functional Requirements
ProcessOriented
ProductRelated
ExternalDirected
Delivery/Updates
Implementation
Process standards
Usability
Reliability
Safety
Efficiency
Performance
Capacity
Legal rules
Interoperability
Economics
ProcessOriented
Delivery/Updates
Implementation
Process standards
These are constraints placed on various activitiesrelated to the development and delivery of the software product.
For example:
1.The development organization must be CMM level 3 or above. 2. The system must use some specific tool.3. There must be a disaster recovery plan for the system 4. There must be an agreed to product delivery plan
Why do we have these requirements?
Large organizations such as fortune 500companies or government agencies areexperienced with quality, maintenance, anddelivery problems from past. These requirementsare meant to minimize those problems.
ProductRelated
Usability
Reliability
Safety
Efficiency
Performance
Capacity
These are constraints which specify the desired “attributes”that the system must possess.Note:- Some can be specified quantitatively and precisely; others are difficult to quantify and are informally specified. - Sometimes these requirements may be mutually conflicting (e.g. reliability versus efficiency)
Examples:
1.The system must process 100 transactions per minute2. The system must not require 1 meg of main memory3. The mean time between failure must be 3 months4. The average user learning time must be less than 1 day5. The system must be available 99.99% of time
Why do we have these requirements?
Many organizations have critical needs; Aviation or Health Systems may have safety, reliability, andperformance needs beyond the normal processingenvironment
ExternallyDirected
Legal rules
Interoperability
Economics
These are constraints which may be placed onboth the product and/or process.
For example:
1.The system must abide to HIPAA (Health Insurance Portability and Accountability Act) privacy rules2. The system must meet European Sales Tax laws3. The system must use Automotive EDI for B2B e-commerce
Why do we have these requirements?
Many countries have specific financial laws, privacyprotection laws, etc. that the system must abide to.
Some industries have their own business rules to conduct commerce.
Difficulties in Specifying Non-functional Requirements
Difficulties in Specifying Non-functional Requirements
• The difficulties in gathering Non-Functional Requirements may be attributed to many reasons - - - - - mostly because people tend to focus on the functions and services that they need:
– Certain non-functional requirements are sometimes hard to quantify and therefore hard to express without some “trial and error prototyping”.
• e.g. : usability – Certain non-functional requirements are hard to differentiate between
functional and non-functional• e.g. security
– Certain non-functional requirements are difficult to specify because they can not be well understood or validated until much later
• e.g. reliability or quality– Certain non-functional requirements may be conflicting
• e.g. performance .vs. security .vs. reliability – Certain non-functional requirements may be difficult to express and validate;
may require more refinements• e.g. when to stop prototyping usability if the users do not clearly signal satisfaction
similar
What are“Critical” Systems
“Critical” Systems
• Critical systems are systems whose failure causes significant economic, human or organizational damage:
– Business Critical System• e-commerce systems such as stock trading, reservations, etc.
– Mission Critical System• Aircraft control, manufacturing process control, etc.
– Safety (life) Critical system• Medical Device control, hazardous materials management, etc.
Requirements for System Criticality
Requirements for System Criticality
• Most of the requirements for these “business,” “mission,” and “safety” criticality deals with non-functional requirements of the a) “complete” system, not just software and b) may be expressed in general ways that need to be decomposed further:
– Performance– Reliability– Security– Usability– Safety
Again, these may be “conflicting” - - - - so what do you do?
Must prioritize the requirements, especially when there are conflicts
Performance Related Requirements
Performance Related Requirements
• These requirements mostly addresses the constraints of speed and sometimes capacity:
– System Response time to end-user such as 1 second response to user requests
– System throughput such as # of transactions per minute (time interval)
– System timing such as collection of data and responding to it within sub-second for real-time system.
– System capacity such as number of simultaneous users that may access an application (instantaneous time)
These should be specified quantitatively.
Reliability Related Requirements
Reliability Related Requirements
• These requirements addresses constraints on run-time behavior of the system:
– System Availability such as the system is up certain percentage of the time.
– System Failure rate such as average mean time between system failures to deliver the user service.
These should also be specified quantitatively.
Security Related Requirements
Security Related Requirements
• These requirements addresses the issues related to unauthorized access: to the system, to specific function, to data:
– System Access protection such as firewall requirement
– Application Functional Access & Usage protection such as authorization and authentication requirement
– Data Access and Usage protection such as authorization and encryption requirement
Security is also an important factor for other requirement suchas safety. A little hard to specify these quantitatively.
Usability Related Requirements
Usability Related Requirements
• These requirements addresses the user interface looks and user inter-actions with the system
– Entry and beginners-level knowledge assumption to use the system
– Learning time and experience needed such as hours or number of lessons to learn the system
– Handling and usage such as time to complete certain tasks or number of errors made before completing certain tasks
– Likeness and delight experienced from using the system such as availability of context sensitive help text or “re-do” capability
Some of these requirements can be and should be specified Quantitatively; delight and likeness are a bit hard to define.
Safety Critical System Requirements
Requirements measures
Safety Critical System Requirements
• These requirements addresses everything with the safety of the system and of the usage of the system.
• These requirements deal mostly with the “shall not” requirements such as:
– The system shall not allow - - - -– The system will not operate without - - -
Note that safety may be dependent on many of the other requirements:
- insecure system may be open to malicious danger - unreliable system may fail unpredictably and hurt someone - non-responsive system may miss critical data and damage something - difficult to use system may create a critical human error
Requirements measuresProperty MeasureSpeed Processed transactions/second
User/Event response timeScreen refresh time
Size K BytesNumber of RAM chips
Ease of use Training timeNumber of help frames
Reliability Mean time to failureProbability of unavailabilityRate of failure occurrenceAvailability
Robustness Time to restart after failurePercentage of events causing failureProbability of data corruption on failure
Portability Percentage of target dependent statementsNumber of target systems
Relationship Between Requirement and Design
Requirements and design• In principle, requirements should state what the
system should do and the design should describe how it does this
• In practice, requirements and design are inseparable– A system architecture may be designed to structure
the requirements– The system may inter-operate with other systems
that generate design requirements– The use of a specific design may be a domain
requirement
Non-functional Requirements
Objectives
• To introduce non-functional requirements• To explain the schemes used to classify non-
functional requirements• To illustrate various derivation techniques for
non-functional requirements• To demonstrate the importance of non-
functional requirements in critical systems
Non-functional requirements (NFR)
• Non-functional requirements define the overall qualities or attributes of the resulting system
• Non-functional requirements place restrictions on the product being developed, the development process, and specify external constraints that the product must meet.
• Examples of NFR include safety, security, usability, reliability and performance requirements.
Functional and Non-functional requirements
• There is no a clear distinction between functional and non-functional requirements.
• Whether or not a requirement is expressed as a functional or a non-functional requirement may depend:– on the level of detail to be included in the
requirements document
– the degree of trust which exists between a system customer and a system developer.
Example
• The system shall ensure that data is protected from unauthorised access. – Conventionally, this would be considered as a non-functional
requirement because it does not specify specific system functionality which must be provided. However, it could have been specified in slightly more detail as follows:
The system shall include a user authorisation procedure where users must identify themselves using a login name and password. Only users who are authorised in this way may access the system data.
In this form, the requirement looks rather more like a functional requirement as it specifies a function (user login) which must be incorporated in the system.
Types of Non-functional requirements
• The ‘IEEE-Std 830 - 1993’ lists 13 non-functional requirements to be included in a Software Requirements Document. – Performance requirements
– Interface requirements
– Operational requirements
– Resource requirements
– Verification requirements
– Acceptance requirements
Types of NFRs (contd.)
– Documentation requirements
– Security requirements
– Portability requirements
– Quality requirements
– Reliability requirements
– Maintainability requirements
– Safety requirements
Classification of NFRs
• NFRs may be classified n terms of qualities that a software must exhibit (Boehm)
• A more general classification distinguishes between product, process and external requirements
Classification of NFRs (contd.)Non-functional
requirements
Processrequirements
Product requirements Externalrequirements
Deliveryrequirements
implementation
requirements
standards
requirements
Usability requirements
Reliability requirements
Safety requirements
Efficiency requirements
Performance requirements
Capacity requirements
Legalconstraints
Economicconstraints
Interoperability
requirements
Product requirements
• Specify the desired characteristics that a system or subsystem must possess.
• Most NFRs are concerned with specifying constraints on the behaviour of the executing system.
Specifying product requirements
• Some product requirements can be formulated precisely, and thus easily quantified– Performance
– Capacity
• Others are more difficult to quantify and, consequently, are often stated informally– Usability
Examples of product requirements
• The System service X shall have an availability of 999/1000 or 99%. This is a reliability requirement which means that out of every 1000 requests for this service, 999 must be satisfied.
• System Y shall process a minimum of 8 transactions per second. This is a performance requirement.
• The executable code of System Z shall be limited to 512Kbytes. This is a space requirement which specifies the maximum memory size of the system.
Source code requirements
• There are product requirements which relate to the source code of the system
• Examples– The system shall be developed for PC and Macintosh
platforms. This is a portability requirement which affects the way in which the system may be designed
– The system must encrypt all external communications using the RSA algorithm. This is a security requirement which specifies that a specific algorithm must be used in the product
Conflicts in product requirements
• Product requirements are often conflict. For example:– A requirement for a certain level of performance may be contradicted
by reliability and security requirements which use processor capacity to carry out dynamic system checking
– A requirement on the space utilisation of the system may be contradicted by another requirement which specifies that a standard compiler which does not generate compact code must be used
• The process of arriving at a trade-off in these conflicts depends on:– The level importance attached to the requirement
– The consequence of the change on the other requirements and,
– The wider business goals
Process requirements
• Process requirements are constraints placed upon the development process of the system
• Process requirements include: – Requirements on development standards and
methods which must be followed
– CASE tools which should be used
– The management reports which must be provided
Examples of process requirements
• The development process to be used must be explicitly defined and must be conformant with ISO 9000 standards
• The system must be developed using the XYZ suite of CASE tools
• Management reports setting out the effort expended on each identified system component must be produced every two weeks
• A disaster recovery plan for the system development must be specified
External requirements
• May be placed on both the product and the process
• Derived from the environment in which the system is developed
• External requirements are based on: – application domain information
– organisational considerations
– the need for the system to work with other systems
– health and safety or data protection regulations
– or even basic natural laws such as the laws of physics
Examples of external requirements
• Medical data system The organisation’s data protection officer must certify that all data is maintained according to data protection legislation before the system is put into operation.
• Train protection system The time required to bring the train to a complete halt is computed using the following function:
The deceleration of the train shall be taken as:
train = control + gradient
where:
External requirement example (contd.)
gradient = 9.81 ms-2 * compensated gradient / alpha and where the values of 9.81 ms-2/ alpha are known for the different types of train.
control is initialised at 0.8 ms-2 - this value being parameterised in order to remain adjustable. The illustrates an example of the train’s deceleration by using the parabolas derived from the above formula where there is a change in gradient before the (predicted) stopping point of the train.
External requirement example (contd.)
control gradient1
control gradient2
V
DistanceFront of train Change of gradient
Speed of train on application of brakes
Speed of rain at change of gradient
External requirement example (contd.)
• The first of the the requirements described comes from the need for the system to conform to data protection legislation
• The second comes from the application domain and is a specification of the physical braking characteristics of a train.
• External requirements rarely have the form “the system shall...” or ‘the system shall not...”. Rather, they are descriptions of the system’s environment which must be taken into account.
Deriving NFRs• NFRs are difficult to express • A number of important issues contribute to the problem of expressing
non-functional requirements:
– Certain constraints are related to the design solution that is unknown at the requirements stage
– Certain constraints, are highly subjective and can only be determined through complex empirical evaluations
– Non-functional requirements tend to be related to one or more functional requirements
– Non-functional requirements tend to conflict and contradict
– There are no ‘universal’ rules and guidelines for determining when non-functional requirements are optimally met.
Stakeholder concerns
• Stakeholders normally have a number of ‘concerns’
• Concerns are typically non-functional• Examples include:
– Critical business objectives– Essential system characteristics (e.g. security)– Safety, performance, functionality and maintainability
• Vaguely defined user concerns may be related to NFRs
Relationships between user needs, concerns and NFRs
User’s need User’s concern Non-functionalrequirement
Function 1. Ease of use2. Unauthorised access3. Likelihood of failure
1. Usability2. Security3. Reliability
Performance 1. Resource utilisation2. Performance verification3. Ease of interfacing
1. Efficiency2. Verifiability3. Interoperability
Change 1. Ease of repair2. Ease of change3. Ease of transport ?4. Ease of expanding or upgrading capacity
or performance ?
1. Maintainability2. Flexibility3. Portability4. Expandability
Concerns
• A way of expressing critical ‘holistic’ requirements
• Concerns may be broken down into sub-concerns and finally into specific questions
• Questions act as a check list to ensure that specific requirements do not conflict with global priorities
Concern decompositionCompatibilitySafety
Collision DerailmentPersonalaccident
Hardware Software Physical
Excess speed for track conditions
Track damage
System must be able todetect and avoid excessspeed
Under what conditions can excess speed cause derailment?
What information about track damage is required by the system? How is this provided?
InterfaceExecutionEnvironment
Timing
Will a requirement affectthe performance of theexisting software?
Does a requirement needdata that isn't availablethrough the HST interface?
System must execute in the trustedAda execution environment
Can this function beprovided on the existngexecution environment?
What does 'excess speed' mean in reality?
Goal-based derivation
• Relates non-functional requirements to the goals of the enterprise
• Goal-based NFR derivation is a 3 step approach:– Identify the enterprise goal
– Decompose of the goal into sub-goals
– Identify non-functional requirements.
Example of goal-based derivationGoalVisualise air traffic scenarios
OM
IS-g o alThe system should perform inreal-time
motivates
motivates
IS-NFRThe display must accommodateall data from the scenario
IS-NFRDisplay radar datain real-time
IS-NFRAircraft position should be displayed in lessthan 3/16 sec of the radar sweep period
motivates
IS-NFRDisplay 500 tablesymbols
IS-NFRDisplay 200 vectors
motivates
IS-NFRDisplay 100meteorological plots
IS-NFRDisplay 100 tracks
Testable NFRs
• Stakeholders may have vague goals which cannot be expressed precisely
• Vague and imprecise ‘requirements’ are problematic
• NFRs should satisfy two attributes– Must be objective
– Must be testable (Use measurable metrics)
• It is not always possible to express NFRs objectively
Examples of measurable metrics for NFRs
Property MetricPerformance 1. Processed transactions per second
2. Response time to user inputReliability 1. Rate of occurrence of failure
2. Mean time to failureAvailability Probability of failure on demandSize KbytesUsability 1. Time taken to learn 80% of the facilities
2. Number of errors made by users in a given timeperiod
Robustness Time to restart after system failurePortability Number of target systems
Requirements for critical systems
• Systems whose ‘failure’ causes significant economic, physical or human damage to organisations or people.
• There are three principal types of critical system:– Business critical systems
– Mission critical systems
– Safety critical systems
NFRs for critical systems
• The principal non-functional constraints which are relevant to critical systems:– Reliability
– Performance
– Security
– Usability
– Safety
Reliability
• Constraints on the run-time behaviour of the system
• Can be considered under two separate headings: Availability - is the system available for service
when requested by end-users.
Failure rate - how often does the system fail to deliver the service expected by end-users.
Performance
• Constrain the speed of operation of a system
• Types of performance requirements: Response requirements
Throughput requirements
Timing requirements
Security• Security requirements are included in a system to ensure:
– Unauthorised access to the system and its data is not allowed
– Ensure the integrity of the system from accidental or malicious damage
• Examples of security requirements are:
– The access permissions for system data may only be changed by the system’s data administrator
– All system data must be backed up every 24 hours and the backup copies stored in a secure location which is not in the same building as the system
– All external communications between the system’s data server and clients must be encrypted
Usability
• Concerned with specifying the user interface and end-user interactions with the system
• Well structured user manuals, informative error messages, help facilities and consistent interfaces enhance usability
Usability metrics• Measurable attributes of usability requirements include:
– Entry requirements Measured in terms of years of experience with class of applications or simply age
– Learning requirements Denotes the time needed to learn the facilities of the system. This could be measured in terms of speed of learning, say hours of training required before independent use is possible
– Handling requirements Denotes the error rate of the end-users of the system. This could be measured in terms of the errors made when working at normal speed
– Likeability Denotes ‘niceness’ to use. The most direct to measure user satisfaction is to survey actual users and record the proportion who ‘like to work with the product’
COQUAMO approach to measuring usability
• Provides an automated support facility for setting and measuring usability
• Provides a set of ‘templates’ which have to be filled in
COQUAMO usability template
Classification General quality - application dependentLevel required HighAssociated qualities
synonyms learnability, operability, user friendlinessrelated concepts understandability
Definition 1 ease with which users can learn to use systemExplosion 1.1 average time for specific classes of user to achieve level of competence with
systemMeasurement unites daysmeasuring too/data source survey forms and results of surveyMeasurement conditions new graduate intake
number required for test is 20Worst case 8Planned level 4Best case 2Current level 10Justification improvement specifically requested by XYZConsequence of failure cost
Safety
• No consensus in the system’s engineering community about what is meant by the term ‘safety requirement’ – Sometimes considered to be all requirements (functional
and non-functional) on safety-related systems
– Sometimes the sub-set of these requirements which are directly related to ensuring safe operation and sometimes requirements on protection systems which are designed to protect against accident
• Usage of the term often depends on the culture and practice of the organisation
Safety requirement definition
• Informal definition:Safety requirements are the ‘shall not’ requirements which exclude unsafe situations from the possible solution space of the system
Examples of safety requirements
• The system shall not permit operation unless the operator guard is in place
• The system shall not allow the sedative dose delivered to the patient to be greater than the maximum value which is determined by the patient’s physician
• The system shall not operate if the external temperature is below 4 degrees Celsius
Requirements engineering for safety-related systems
• The requirements engineering process for safety-related systems should incorporate a specific safety-analysis activity
• The widely accepted model of the system critical systems life cycle (BCS and IEE 1989) identifies two stages in the safety analysis process:– Safety requirements discovery
– Safety validation
Hazard analysis
• As part of the process of safety analysis, there are various activities such as hazard identification and analysis
• Various methods such as fault-tree analysis and Petri net analysis have been developed for safety validation
Integrating safety analysis with RE
• We illustrate in the following sections a simple technique for integrating safety analysis with a requirements engineering method
• The technique is intended to support the process of requirements discovery (safety requirements) and validation
Integrating safety analysis with RE (contd.)
• The starting point for specifying the system is a set of abstract organisational needs and constraints
• It is important that the approach used incorporates a systematic approach to dealing safety issues. These include:– Identifying hazards, risks and risk criteria
– Identifying the necessary risk reduction to meet the risk criteria
– Defining the overall safety requirements specification for the safeguards necessary to achieve the required risk reduction
Integrating safety analysis with RE (contd.)
• The requirements process, shown in , has been extended to incorporate an explicit safety analysis activity
• The safety analysis process is based on requirements information drawn from the requirements elicitation and documentation process
• A set of abstract safety requirements serves as a reference model for identifying initial safety considerations or concerns
Integrating safety analysis with RE (contd.)
• The safety analysis process includes:– The identification of safety considerations
– Hazard identification
– Hazard analysis
– Risk analysis and derivation of safety requirements
• Proposed safety requirements are analysed together with other system requirements to ensure that safety is not compromised
Integrating safety analysis with RE (contd.)
Abstract requirements
Elicit requirements
Analyse requirements
Document requirements
Validate requirements
Requirements document
Identify safety considerations
Identify hazards
Analyse hazards
Abstract safety requirements
Risk assessment
Suggested safety requirements Safety
analysis
Requirements process
Key points
• Non-functional requirements define the overall qualities or attributes of the resulting system
• Non-functional requirements may be classified into three main types; product, process and external requirements
• Product requirements specify the desired characteristics that the system or subsystem must posses
• Non-functional requirements tend to conflict and interact with other system requirements
• The principal non-functional constraints which are relevant to critical systems are reliability, performance, security, usability and safety
How to write requirements:
Guidelines for writing requirements
• Invent a standard format and use it for all requirements
• Use language in a consistent way. Use shall for mandatory requirements, should for desirable requirements
• Use text highlighting to identify key parts of the requirement
Avoid the use of computer jargon !!!
Problems with natural language
Problems with natural language
• Lack of clarity – Precision is difficult without making the document difficult
to read
• Requirements confusion– Functional and non-functional requirements tend to be
mixed-up
• Requirements combination– Several different requirements may be expressed together
Alternatives to NL specification
Alternatives to NL specificationNotation DescriptionStructurednaturallanguage
This approach depends on defining standard forms ortemplates to express the requirements specification.
Designdescriptionlanguages
This approach uses a language like a programminglanguage but with more abstract features to specify therequirements by defining an operational model of thesystem.
Graphicalnotations
A graphical language, supplemented by text annotations isused to define the functional requirements for the system.An early example of such a graphical language was SADT(Ross, 1977; Schoman and Ross, 1977). More recently,use-case descriptions (Jacobsen, Christerson et al., 1993)have been used. I discuss these in the following chapter.
Mathematicalspecifications
These are notations based on mathematical conceptssuch as finite-state machines or sets. These unambiguousspecifications reduce the arguments between customerand contractor about system functionality. However, mostcustomers don’t understand formal specifications and arereluctant to accept it as a system contract. I discuss formalspecification in Chapter 9.
What is Requirement Document
The requirements document
• The requirements document is the official statement of what is required of the system developers
• Should include both a definition and a specification of requirements
• It is NOT a design document. As far as possible, it should set of WHAT the system should do rather than HOW it should do it
Users of a requirements document
Users of a requirements
document
Use the requirements todevelop validation tests forthe system
Use the requirementsdocument to plan a bid forthe system and to plan thesystem development process
Use the requirements tounderstand what system is tobe developed
System testengineers
Managers
System engineers
Specify the requirements andread them to check that theymeet their needs. Theyspecify changes to therequirements
System customers
Use the requirements to helpunderstand the system andthe relationships between itsparts
Systemmaintenance
engineers
Requirements document requirements
Requirements document requirements
• Specify external system behaviour• Specify implementation constraints• Easy to change• Serve as reference tool for maintenance• Record forethought about the life cycle of the
system i.e. predict changes• Characterise responses to unexpected events
IEEE requirements standard
• Introduction• General description• Specific requirements• Appendices• Index• This is a generic structure that must be
instantiated for specific systems
Requirements document structure• Introduction• Glossary• User requirements definition• System architecture• System requirements specification• System models• System evolution• Appendices• Index