A model for planning the requirements capture and analysis process

Chatzoglou, Prodromos D.

January 1992

No description available.

519.5

Risk management in the application of the systems development life cycle

Cronje, Danie

28 September 2011

The purpose of this report is to make a contribution to the South African Post Office Technology division. This is achieved by starting with a number of fundamental theoretical principles in related disciplines. Risk management is proposed to the management in an attempt to increase the success rate of information technology projects. Concentrating on methodology is not the only answer. Management should accept that risks are part of the development process and should be managed. Even though risks appear throughout the development life cycle, management should realise that the starting phase of any systems development life cycle is one of the most crucial events. There is a saying in Afrikaans: "Goed begin is half gewin". Meaning that if a project starts on a healthy basis, the rest should be clean sailing. This report should provide a useful starting point for further empirical analysis since it provides an overall theoretical framework for the systems development life cycle. / Dissertation (MBA)--University of Pretoria, 2011. / Graduate School of Management / unrestricted

Development life cycle

Risk management

UCTD

Security Testing for Web Applications in SDLC / Security Testing for Web Applications in SDLC

Srilatha, Rondla, Someshwar, Gande

January 2011

Context: In Web applications, the Software vulnerability can be reduced by applying security testing in all phases of the software development life cycle (SDLC). Lot of vulnerabilities might occur if the security testing is applied in the last phase of SDLC. In order to mitigate these vulnerabilities, a lot of rework is required that involves reverse engineering in the development and design phases. To overcome this situation, organizations are shifting from security testing (performed in last phase) towards security testing in the early phases of SDLC. Objectives: The main objectives of this thesis are to gather the benefits and challenges of security testing in the last phase versus security testing in every phase of the SDLC. After gathering, authors want to compare both implementations because these days most organizations are shifting from last phase to every phase of SDLC. Justification to the reason can be achieved by this comparison. Methods: In order to satisfy the objectives of this thesis, a literature review and interviews were conducted. The literature review was conducted by gathering benefits and challenges of last phase and every phase of SDLC. Authors have applied coding technique to the data gathered from literature review. By using the results from literature review, a set of questions were framed. Based on these questions, interviews in various organizations were performed. To analyze the practitioner’s data we used Sorting and Coding technique. Then, we conducted a comparative analysis to compare both results. Results: Application of security testing in the last phase of the SDLC results in a lot of rework which in turn leads to instability in managing the cost, time and resources in an organisation. In order to overcome this, more and more organisations are introducing security testing at each and every phase of SDLC. Conclusions: It can be concluded that every phase of security testing in SDLC has more benefits than applying in last phase of SDLC. To evaluate this process more research is needed to acquire more knowledge of security testing in all phases of SDLC. Through literature review and interviews conducted, it is evident that security testing at early phases causes a reduction in rework which in turn leads to more efficient management of cost, time and resources of a project. / +91 8977404640

Software

Security

Software development life cycle

Secure software development life cycle

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

GDPRs påverkan vid utveckling av plattformar för tredjepartsapplikationer : En kvalitativ metod bestående av fallstudie, dokumentanalys och intervjuer. / GDPR and Third-party Applications : A qualitative method of case studie, documentation analysis and interviews.

Magnusson, Jonas, Olofsson, Mathias

January 2019

Problemet man stöter på när man utvecklar plattformar för tredjepartsapplikationer är att det finns en ny lag som ställer hårda krav för hur man ska göra. GDPR är fortfarande så pass nytt att många företag inte har kunskap om hur man ska förhålla sig till lagen eller hur den påverkar projektet. Vi har intervjuat tre olika informanter och analyserat en dom som föll mot ett tidigare projekt för att upplysa de olika problem som kan uppstå samt för att skapa en förståelse för hur man bör förändra utförandet av utvecklingsprojekt i företag. Informanterna som användes har samtliga haft olika professioner för att skapa en så bred problembild som möjligt. Detta bidrog också till att informanterna fick bemöta andras informanters problem. I studien nämns Sigma Technology som fallföretag eftersom ett av deras projekt, Front-VL, användes som referenspunkt. I slutet av studien ges förslag på vad Sigma behöver göra för att kunna uppnå de lagar och krav som ställs i och med GDPR. Studien visar att man i ett tidigt stadie behöver analysera och kartlägga för hur GDPR ska hanteras i projektet och se lagen som ett ramverk att förhålla sig mot samt att öka kunskapen om lagen hos utvecklare.

GDPR

Third-party Application

Privacy by Design

System development life cycle

Software development

GDPR

Tredjepartsapplikation

Privacy by Design

System development life cycle

Mjukvaruutveckling

Information Systems

Constructing a Community Response Grid (CRG): The Dublin, Ohio Case Study

Freund, John

01 January 2012

During an emergency, information availability is critical to preserving life and minimizing damages. During the emergency response, however, information may not be available to those who need it. A community response grid (CRG) can help ameliorate this lack of availability by allowing people to document and distribute emergency information to professional emergency responders (PERs). A CRG combines mobile communications services, Internet technologies, e-government applications, and social network concepts with traditional emergency response systems. The problem that this case study investigated was how to construct a CRG for the City of Dublin, Ohio, Division of Police that works in conjunction with an in-place emergency management system (EMS). The goal was to create a process that is replicable by similarly sized cities that wished to implement a CRG. In this investigation, the author examined CRG design and implementation issues such as message origin, training needs, policy design, security issues, and funding. The results of this investigation were organized in terms of Systems Development Lifecycle (SDLC) phases. Throughout these phases, the author identified information that can aid PERs in to better implement a CRG. Based on the results, the author developed a paradigm for constructing a CRG that meets the requirements of residents of the City of Dublin, Ohio, Division of Police and of similarly sized municipalities.

community response grids

emergency management

social media

systems development life cycle

user acceptance

Computer Sciences

Study on a Architecture_Oriented System Analysis Methodology

Liu, Yu-Tse

24 January 2007

There is a wide gap between the users and the developers in terms of understanding an information system. The most important job scope of a system analyzer is to interview the users to fulfill the requirements and to produce the documentation in layman terms. Chaos theory, system dynamics, project management theory, etc. all tell the initial stage playing an important role during system development. If the users¡¦ requirements are not clearly understood, it will have a bitter consequence when the information system is online. Therefore, system analysis is the essential stage for changes and to understand the requirements of the users. Currently, approaches of system analysis are related to either database management or structured methodology. As for the acquisition of users¡¦ requirements, there are no clear steps and procedures. This has made the understanding of users¡¦ requirement more difficult. We hope that by using a tool of architecture, system analyzers can better comprehend users¡¦ requirements. Hence, we come up with the Architecture-Oriented-System-Analysis-Model (AOSAM) for analysis, design, implementation and testing of an information system. For this research, there are three portions: (1) the fundamental theory of the AOSAM, (2) the build up of the AOSAM, and (3) procedures of using the AOSAM. In this study, we find out AOSAM is able to combine structure with process during the system analysis stage. Furthermore, AOSAM also reaches three significant accomplishments: (1) system analysts grasp users¡¦ requirements firmly, (2) system designers easier to transform users¡¦ requirements to design documents, and (3) to reduce repeating System Development Life Cycle. In the future, we would like to advance the AOSAM to the area of user acceptability, integrated business information system, system design, etc.

Architecture Modeling

System Analysis

System Development Life Cycle

Architecture-Oriented

Architecture

The use of developmental stages as a model for addressing and assessing spiritual formation and maturity

McKechnie, Allan

January 2008

Thesis (D. Min.)--Bethel Seminary, St. Paul, MN, 2008. / Abstract. Includes bibliographical references (leaves 153-158).

The use of developmental stages as a model for addressing and assessing spiritual formation and maturity

McKechnie, Allan D.

January 2008

Thesis (D. Min.)--Bethel Seminary, St. Paul, MN, 2008. / Description based on Print version record. Includes bibliographical references (leaves 153-158).

Implementácia nástroja JIRA v konkrétnej spoločnosti / Implementation of JIRA in a selected company

Štalmach, Tomáš

January 2015

This diploma thesis deals with implementation of JIRA in a selected company. The aim of the thesis is to propose solution design for implementation of JIRA in order to support the processes of the company and also eliminate the problems occuring at present. The thesis is divided into three parts. The introduction of section provides a theoretical basis for the thesis, which consists of a description of the essential characteristics ADLM tools, analysis of the current competitors of the company Atlassian, which develops JIRA, and also description of the functionality of JIRA and plugins integrable with JIRA. The beginning of the second part consists of basic information about selected company, the defined processes and problems which new solution should eliminate. The core of practical part includes solution design for implementation of JIRA within the defined processes. The last part deals with the evaluation of implementation, proposal of possible improvements and generalization of experience gained in the implementation.

Integrating secure programming concepts in introductory programming courses

Jama, Fartun

January 2020

The number of vulnerable systems with exploitable security defects has increased. This led to an increase in the demand for secure software systems. Software developers lack security experiences to design and build secure software, some even believe security is not their responsibility. Despite the increased need for teaching security and secure programming, security is not well integrated into the undergraduate computing curriculum and is only offered as part of a program or as an elective course. The aim of this project is to outline the importance of incorporating security and secure programming concepts in programming courses starting from the introductory courses. By evaluating the students' security consideration and knowledge regarding software security. As a result, based on the knowledge students lack regarding software security, security and secure programming concepts are identified which need to be integrated into the programming courses.

Secure programming

software security

software vulnerabilities

Software Development Life Cycle (SDLC)

Computer Sciences

Datavetenskap (datalogi)