software development process
DESCRIPTION
This presentation is about a lecture I gave within the "Software systems and services" immigration course at the Gran Sasso Science Institute, L'Aquila (Italy): http://cs.gssi.infn.it/. http://www.ivanomalavolta.comTRANSCRIPT
Ivano Malavolta
Software development
PROCESS
Roadmap
Introduction
Classical software development processes
Agile
Open-source software development
Software development process research
Discussion
If you need to develop a system with 10M LOCS,
• How many people do you need? • How much time? • How do they synchronize? • How do you know that you are performing well?
Software development process
Design
System Test
Unit Test
Developing software without a defined process is
chaotic and inefficient
Following a defined process makes software
development more orderly, predictable and repeatable
. . . . . .
Slide by Cesar Augusto Nogueira, IBM
Life cycle
From inception of an idea for a product through: • requirements gathering and analysis • architecture design and specification • coding and testing • delivery and deployment • maintenance and evolution • retirement
Software process model
Attempt to organize the software life cycle by defining – activities involved in software production – order of activities and their relationships
Goals of a software process
– standardization, predictability, productivity, high product quality, ability to plan time and budget requirements
The role of standards
They are needed to achieve quality in both software products and processes They may be imposed internally or externally
– e.g., MIL-STD 2167A imposed to contractors for military applications
Other examples: ISO series, IEEE
Main benefits
From the developers' viewpoint – standards enforce a uniform behavior within an organization – they facilitate communication among people, stabilizes the
production process, and makes it easier to add new people to ongoing projects
From the customers' viewpoint – they make it easier to assess the progress and quality of results – they reduce the strict dependency of customers on specific
contractors
Code & Fix: the naïve process model
• Write code • Fix it to eliminate any errors that have been detected,
to enhance existing functionality, or to add new features
• Source of difficulties and deficiencies – impossible to predict – impossible to manage
Models are needed
Symptoms of inadequacy: the software crisis – scheduled time and cost exceeded – user expectations not met – poor quality
The size and economic value of software applications required appropriate “process models”
VS
Process model goals (B. Boehm 1988)
“determine the order of stages involved in software development and evolution, and to establish the transition criteria for progressing from one stage to the next. These include completion criteria for the current stage plus choice criteria and entrance criteria for the next stage. Thus a process model addresses the following software project questions:
What shall we do next? How long shall we continue to do it?”
Process as a "black box"
Product
Process
Informal Requirements
Problems
The assumption is that requirements can be fully understood prior to development Interaction with the customer occurs only at the beginning (requirements) and end (after delivery) Unfortunately the assumption almost never holds
Process as a "white box"
Product
Process
Informal Requirements
feedback
Advantages
Reduce risks by improving visibility Allow project changes as the project progresses
– based on feedback from the customer
Why a project may change?
The main activities
They must be performed independently of the model The model simply affects the flow among activities
Requirements engineering
Feasibility study
Architecture and detailed design
Implementation and testing
Delivery, deployment, and maintenance
Example from an EU project
ConstRaint and Application driven Framework for Tailoring Embedded Real-time Systems
http://www.crafters-project.org
Why CRAFTERS?
PROBLEMS poorly interoperable proprietary technologies à poor time to market + high costs
SOLUTION Seamless connectivity and middleware
– by realizing a common middleware layer that is designed to support new wireless communication standards
– portable across different platforms
Ability to develop powerful design time solutions with notably shorter cycles
– thanks to the unique tool chain delivered with reference middleware and hardware
Feasibility study
Why a new project? • cost/benefits tradeoffs • buy vs make
– Requires to perform preliminary requirements analysis – Produces a feasibility study document
1. Definition of the problem 2. Alternative solutions and their expected benefits 3. Required resources, costs, and delivery dates in each proposed
alternative solution
CRAFTERS feasibility study
Project proposal submitted to the ARTEMIS Call 2011 Project
Requirements engineering
Involves – eliciting – understanding – analyzing – specifying
Feasibilitystudy
Requirementselicitation and
analysisRequirementsspecification
Requirementsvalidation
Feasibilityreport
Systemmodels
User and systemrequirements
Requirementsdocument
Focus on – what qualities are needed, – NOT on how to achieve them
What is needed
Understand interface between the application and the external world Understand the application domain Identify the main stakeholders and understand expectations
– different stakeholders have different viewpoints – software engineer must integrate and reconcile them
The requirements specification document (1) Provides a specification for the interface between the application and the external world
– defines the qualities to be met
Has its own qualities
– understandable, precise, complete, consistent, unambiguous, easily modifiable
The requirements specification document (2) Must be analyzed and confirmed by the stakeholders
– may even include version 0 of user manual
May be accompanied by the system test plan document As any large document, it must be modular
– "vertical" modularity • the usual decomposition, which may be hierarchical
– "horizontal" modularity • different viewpoints
Defines both functional and non functional requirements
Requirements in CRAFTERS (1)
Set of relevant use cases first
Requirements in CRAFTERS (2)
Then, requirements collection and formulation
Software architecture and detailed design activity Usually follows a company standard, which may include a standard notation, such as UML The result of this activity is:
– the software architecture description – a design specification document
We will have a dedicated lecture on this activity
General model of the design process
Interfacedesign
Componentdesign
Systemarchitecture
Databasespecification
Interfacespecification
Requirementsspecification
Architecturaldesign
Componentspecification
Platforminformation
Datadescription
Design inputs
Design activities
Design outputs
Database design
Architecture in CRAFTERS (1)
Design in CRAFTERS (2)
Design in CRAFTERS (3)
Design in CRAFTERS (4)
Verification and validation
Verification and validation (V & V) is intended to show that a system conforms to its specification and meets the requirements of the customer Involves: checking and review processes AND system testing System testing involves executing the system with test cases that are derived from the specification of the real data to be processed by the system Testing is the most commonly used V & V activity
Coding and module testing activity
Company wide standards often followed for coding style
We will have a dedicated lecture on this activity
System testingComponent
testingAcceptance
testing
Testing stages
Development or component testing – Individual components are tested independently – Components may be functions or objects or coherent groupings of
these entities
System testing – Testing of the system as a whole. Testing of emergent properties
is particularly important
Acceptance testing – Testing with customer data to check that the system meets the
customer’s needs
Coding and testing in CRAFTERS
Prototype implementation based on 3 different HW platforms For example
Software evolution
Software is inherently flexible and can change Although there has been a demarcation between development and evolution (maintenance), this is increasingly irrelevant as fewer and fewer systems are completely new
Assess existingsystems
Define systemrequirements
Propose systemchanges
Modifysystems
Newsystem
Existingsystems
What you need to remember Requirements engineering create the software specification Design and implementation requirements à executable software Software verification and validation to check that the system conforms to its specification and that it meets the real needs of the users of the system Software evolution new requirements à the software must evolve to remain useful
Roadmap
Introduction
Classical software development process
Agile
Open-source software development
Classical software process models*
Waterfall model
Spiral model
Microsoft’s Synch-and-Stabilize
* these are the most known process models, it is not a complete list
Quality-oriented model
Waterfall model
Exist in many variants, all sharing sequential flow style It is document-driven
Requirementsdefinition
System andsoftware design
Implementationand unit testing
Integration andsystem testing
Operation andmaintenance
Waterfall model
Organizations adopting them standardize the outputs of the various phases (deliverables) May also prescribe methods to follow in each phase
– organization of methods in frameworks often called methodology
Example: Military Standard (MIL-STD-2167)
Alternative: the V model
Emphasis on V&V activities Acceptance tests written with requirements Unit/integration tests written during design
Critical evaluation of the waterfall model + sw process subject to discipline, planning, and
management à standard-oriented + postpone implementation to after understanding
objectives + good documentation
– difficult to gather all requirements once and for all – users may not know what they want
– linear, rigid, monolithic – no feedback from the customer – no parallelism, all phases are blocking – a single delivery date (at the end!)
Spiral model
Risks are explicitly assessed and resolved
Riskanalysis
Riskanalysis
Riskanalysis
Riskanalysis Proto-
type 1
Prototype 2
Prototype 3Opera-tionalprotoype
Concept ofOperation
Simulations, models, benchmarks
S/Wrequirements
Requirementvalidation
DesignV&V
Productdesign Detailed
design
CodeUnit test
IntegrationtestAcceptance
testService Develop, verifynext-level product
Evaluate alternatives,identify, resolve risks
Determine objectives,alternatives and
constraints
Plan next phase
Integrationand test plan
Developmentplan
Requirements planLife-cycle plan
REVIEW
Spiral model sectors
Objective setting – Specific objectives for the phase are identified
Risk assessment and reduction – Risks are assessed and activities put in place to reduce the
key risks
Development and validation – A development model for the system is chosen which can
be any of the generic models + implementation & validation
Planning – postmortem of previous loop, planification of next loop
Critical evaluation of the spiral model
+ a good fit if requirements are not stable + flexible, but still with a plan + risks are assessed clearly + customer involvement + good documentation
– difficult to assess risks – difficult to assess objectives and constraints
Quality-oriented model
Mathematical formalism to express requirements Model checking to prove correctness + automatic transformations to code = preserve correctness
Critical evaluation of the quality-oriented model + a good fit for to safety/security critical parts + if requirements are correct, risks are totally controlled + verification is implicit à potentially, less testing needed
– math languages require specific skills, rarely available – some parts (ex user interface) cannot be specified formally – validation of requirements still an issue – customer does not understand math language – specifier may misunderstand requirements
Microsoft’s Synch-and-Stabilize
CONTEXT Time to market essential Requirements cant be fixed early on Complex products (Mlocs) with several interacting components Design hard to devise and freeze early on
Michael A. Cusumano and Richard W. Selby. 1997. How Microsoft builds software. Commun. ACM 40, 6 (June 1997), 53-61. DOI=10.1145/255656.255698
Microsoft’s S-and-S phases
Planning – vision of the product – Specification – Teamwork schedule
Development
– team composed of 2 groups • developers and testers (continuous testing)
Stabilization
– internal testing – external testing – release
Planning phase
Vision Statement - Product Managers – Define goals for the new product – Priority-order user activities that need to be supported by
product features
Deliverables: – Specification document – Schedule and “feature team” formation
• 1 program manager • 3-8 developers • 3-8 testers (1:1 ratio with developers)
Development phase
Plan 3-4 sequential subprojects (lasting 2-4 months each) Buffer time between iterations (20%-50%) Subprojects -- design, code, debug
– starting with most critical features and shared components – feature set may change by 30% or more – each developer is committed only to his assigned tasks
Subproject development
Feature teams go through the complete cycle of development, feature integration, testing and fixing problems Testers are paired with developers Feature teams synchronize work by building the product, finding and fixing errors on a daily and weekly basis Code that breaks a build must be fixed immediately At the end of a subproject, the product is stabilized
Stabilization
Internal testing of complete product
External testing – beta sites – ISVs (Independent SE vendors) – OEMs (Original Equipment Manufacturers) – end users
Release preparation
Critical evaluation of Microsoft’s method + Responsiveness to marketplace: they always have a
release to ship + allows to ship preliminary versions early + allows to add features in subsequent releases + continuous customer feedback + breaks down large projects into manageable pieces (with
priorities) – poor focus on product architecture – no rigorous approach to design & code reviews
– e.g., Video on demand components have real-time constraints that require precise mathematical models
– no focus on defect prevention
Roadmap
Introduction
Classical software development process
Agile
Open-source software development
Software development process research
Agile
Waterfall vs agile: poor visibility
Waterfall vs agile: poor quality
Waterfall vs agile: too risky
Waterfall vs agile: can’t handle change
The agile approach
Risks and features
http://www.testingthefuture.net/wp-content/uploads/2011/12/waterfall_versus_agile_development.png
Agile manifesto
We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value:
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan
That is, while there is value in the items on
the right, we value the items on the left more.
http://www.agilemanifesto.org
Anti-methodology?
The Agile movement is not anti-methodology, in fact, many of us want to restore credibility to the word methodology. We want to restore a balance. We embrace modeling, but not in order to file some diagram in a dusty corporate repository. We embrace documentation, but not hundreds of pages of never-maintained and rarely-used tomes. We plan, but recognize the limits of planning in a turbulent environment.
Jim Highsmith, History: The Agile Manifesto
Agile principles (extract)
Agile methods are iterative development processes with:
• frequent releases of the product
• continuous interaction between dev. team and customer
• reduce product documentation
• continuous and systematic assessment of produced value and risks
Agile official principles
A more critical evaluation of agile principles
http://www.cs.york.ac.uk/staf/images/meyer-agile-forprint.pdf
How does it work in practice?
You make a list You start executing You estimate You update the plan
“@run-time” You set priorities
Agile iterations
Technical tools: unit tests
Snippet of test code for exercising some functionality of the product à codified requirements
We will have two lectures on testing
Technical tools: test-driven development Write tests first Refactoring is less risky now
Technical tools: continuous integration Merging all the developers’ working copies many times a day à it allows to make sure that all the code integrates, all the unit tests pass, and a warning if anything goes wrong
image from http://newmedialabs.com/
An implementation: SCRUM
AAA
An implementation: SCRUM
http://www.flickr.com/photos/magia3e/6233729753/
An implementation: SCRUM
An implementation: SCRUM
Burndown chart = how much work is left
Critical evaluation of the agile method + Acceptance of change à less risky + Frequent and short iterations + Emphasis on working code + Associating a test with every piece of functionality
+ tests are a key resource within the project
+ Continuous integration (and delivery) + Planned – no upfront tasks, e.g. requirements – Tests as a replacement for specifications – feature-based development & ignorance of dependencies – no quality plan – dismissal of a priori architecture work
– actually, dismissal of everything which is non-shippable
Roadmap
Introduction
Classical software development process
Agile
Open-source software development
Software development process research
Open-source software development process
Open source development process
As applied in successful projects: – Apache – Mozilla – …
Tools • GitHub (config management system) • Mailing lists • Bugzilla (Bug tracking)
Products • Source code, test suites • all related information, like mails, bugs, comments, etc.
It doesn't just mean access to the source code 1. Free redistribution 2. Source code 3. Derived works 4. Integrity of the author's source code 5. No discrimination against persons or groups 6. No discrimination against fields of endeavor 7. Distribution of license 8. License must not be specific to a product 9. License must not restrict other software 10. License must be technology-neutral
www.opensource.org/docs/definition.php
Roles
• Core team (2-8 people) – Architecture, requirements, integration/build, release
• Patch developers (10-100)
– Patch (evolutive + corrective)
• Bug providers (100 – 1000+) – Signal bugs, may perform pull requests, etc.
• Others (thousands) – Download and use
Overview of the process
The process is “public” • everyone can participate
Releases are checked by a revision board that tests proposed code from the community Very frequent builds Often quite frequent releases • once a month
Critical evaluation of the open-source model
+ simple and effective tools for bug/change tracking + continuous delivery + resiliency with respect to team members (openness) + “no maintainance”
– limited documentation (not always) – no project plan – no quality plan
Roadmap
Introduction
Classical software development process
Agile
Open-source software development
Software development process research
Software development process
RESEARCH
Major trends and challenges
• Software is rarely developed in isolation – it is more developed in teams, with even users involved
• see user-centered design
– radical change in the methods and techniques used to conceive, design, develop, deploy, and evolve software • e.g. our collaborative design platform for mobile apps
• Software is continuously changed and redeployed – new challenges for configuration management, deployment, etc.
• e.g., continuous integration, continuous delivery, etc.
• Existing quality standard and models need to be extended and adapted to very different situations – e.g., safety-critical systems VS mobile apps
The Internet is the development environment
Major trends and challenges
• Any software is directly or indirectly operating over the Internet – even control and SCADA systems
• The classical separation among different types of software is tending to disappear – Internet of things – Smart services
• e.g., a connected car
– Disappearing computers
• Internet as the infrastructure for the development and operation of modern software systems (cloud)
The Internet is the architecture and execution infrastructure
Major trends and challenges
• Need to integrate software design techniques and expertise with the true industrial designers’ skills and methods – it is not just a matter of “increasing usability”
• Designing software for mobile devices is not just a variation of classical development processes – it requires new and specific techniques, policies, and methods able
to effectively address challenges like mobile fragmentation, intermitted connection, power consumption
Users are mobile, nomadic, and “always on”
Major trends and challenges
• Today software can be easily distributed and configured over the Internet + users are always connected – software updates can be done much more frequently
• Users and customers actually expect this
– software is global now, it must operate coherently with requirements and constraints of each region/country
– e-commerce applied to software too (app stores) • Apple app store is the only legal means to install software on iDevices • new business models (e.g., in-app purchases)
– fragmentation problem (e.g., Android)
• Open APIs (very beyond the classical Open Data paradigm) – e.g., E015 = full, bidirectional and direct interoperability among
autonomous distributed open services
The Internet is the basic distribution and business infrastructure
What this lecture means to you?
No “silver bullet”
Linear processes: planned, not flexible Iterative processes: planned, flexible, less risky Quality-oriented processes: planned, not flexible, measured Agile: not planned, test-driven Many research challenges to be explored out there!
Suggested readings
1. Alfonso Fuggetta and Elisabetta Di Nitto. 2014. Software process. In Proceedings of the on Future of Software Engineering (FOSE 2014). ACM, New York, NY, USA, 1-12.
2. Striebeck, M., "Ssh! We are adding a process... [agile practices]," Agile Conference, 2006 , vol., no., pp.9 pp.,193, 23-28 July 2006
3. Nicolò Paternoster, Carmine Giardino, Michael Unterkalmsteiner, Tony Gorschek, Pekka Abrahamsson, Software development in startup companies: A systematic mapping study, Information and Software Technology, Volume 56, Issue 10, October 2014, Pages 1200-1218, ISSN 0950-5849
References
http://www.agilenutshell.com
Contact Ivano Malavolta |
Post-doc researcher Gran Sasso Science Institute
iivanoo
www.ivanomalavolta.com