Notes on the RE Course - Requirements Engineering Methodologies -
*while Angelo projected the Day4 slides
The Spiral Model (Boehm 86, 88) is a very well-known iterative model. The interesting thing he wants to highlight is Risk Analysis.
We talked about some examples regarding data protection. For instance, many emails are coming now asking us to click a link in the email (a well-known major source of problem!) to confirm the new policies of different sources, complying with the new European Policy for data protection. So in the end, such policy is inducing a strange behavior on companies and end users. It seems that nobody has performed risk analysis.
He also mentioned the fact that such model inaugurated the software evolution concept connected to software maintenance.
Relying on a risk assessment expert for knowing how to proceed is a good practice.
The Rational Unified Process has been proposed by the Rational company in an attempt to start with business analysis (Inception phase).
I reminded the students that this process was actually empowered by this very popular case tool in the 90s, called Rational Rose. This was a UML modeling tool, which also generated Java code. Angelo complemented saying that besides the emphasis on business modeling, for the first time, somebody allowed software production from start to end (including code automatic generation).
"RUP is a process framework, but unlike ISO 12207, it comes not empty, but prepopulated with a wealth of guidance, methods, techniques, templates, and examples, out of which a concrete process can be instantiated. RUP can actually support an organization that is trying to achieve CMM Level-2 and Level-3" (from the slides)
RUP's emphasized the development of a standard development process.
---
There was an interesting discussion regarding Open Source.
Student A said "Open means that you have open access to knowledge, not that you have unrestricted use of the artifact (i.e. code)."
Angelo reminded us that there are different Open Source models. The problem with OS models is attributing responsibility. Who is liable if something goes wrong?
RISK ANALYSIS IS ESSENTIAL HERE!
Student B said Red Hat, the biggest Linux distributor, gives you the license to contribute, and you can even earn money for producing some enhancements. However, regarding the kernel, this license does not allowed you to publish any enhancements. This company is worth billions in the marked, so you can trust it.
This is what a lot of CEOs of big organizations take into account to hire OS services.
*I do not agree that you can trust it based on the market value! : ) At least for end users, we must be aware that we give lots of access to big companies, but I am willing to give the same access to small companies, provided that they provide me with useful service that eases my life. It is not a solution for the problem, of course. It is just awareness
Student A joked: for a solution, please read the books by Mauro Corona, who lives in the mountains, with no technology whatsoever!
Angelo: sometimes governments go into OS community to influence them to add new requirements to the software so that it accounts for some ethical issues that allow such government to use the developed software in hospitals or other sensitive environments.
Interesting reference on OS licenses: Roberto di Cosmo.
---
*back to the slides - still on Open Source:
Walter Scacchi (U California, 2003) is one of the most important researchers in OS Communities.
There are several communication tools that support OS communities (threaded discussions, newsgroups, email etc.) and .
There is a high degree of informality: to-do-lists, FAQs, communities' website, bug reports, bug database tracking (E.g. Bugzilla) etc.
Agile Methodologies
*interesting slide comparing agile vs. standard approaches.
Scrum
Requirements are expressed like user stories, following simple templates such as:
As a <role>, I can <activity> so that <business value>
Dynamic System Development Method is an agile method, a bit heavier than Scrum, but that tries to improve Scrum in some points. It may work for some domains.
Such methodologies may completely change the company's power structure. The new roles agile methods propose prevents some people to be recognized as, for instance, analyst (or another kind of) expert in the common sense. This may lead to some resistance from the personnel.
*interesting slide on a REFSQ paper that presents examples of how companies use agile methodologies.
Microservices inaugurate a different perspective on software development. For one micro service, there are different experts involved AT THE SAME TIME, thus there is no division of roles by development phase or activity, as before. See the work of Luciano Baresi, already referenced in the previous post.
The Spiral Model (Boehm 86, 88) is a very well-known iterative model. The interesting thing he wants to highlight is Risk Analysis.
We talked about some examples regarding data protection. For instance, many emails are coming now asking us to click a link in the email (a well-known major source of problem!) to confirm the new policies of different sources, complying with the new European Policy for data protection. So in the end, such policy is inducing a strange behavior on companies and end users. It seems that nobody has performed risk analysis.
He also mentioned the fact that such model inaugurated the software evolution concept connected to software maintenance.
Relying on a risk assessment expert for knowing how to proceed is a good practice.
The Rational Unified Process has been proposed by the Rational company in an attempt to start with business analysis (Inception phase).
I reminded the students that this process was actually empowered by this very popular case tool in the 90s, called Rational Rose. This was a UML modeling tool, which also generated Java code. Angelo complemented saying that besides the emphasis on business modeling, for the first time, somebody allowed software production from start to end (including code automatic generation).
"RUP is a process framework, but unlike ISO 12207, it comes not empty, but prepopulated with a wealth of guidance, methods, techniques, templates, and examples, out of which a concrete process can be instantiated. RUP can actually support an organization that is trying to achieve CMM Level-2 and Level-3" (from the slides)
RUP's emphasized the development of a standard development process.
---
There was an interesting discussion regarding Open Source.
Student A said "Open means that you have open access to knowledge, not that you have unrestricted use of the artifact (i.e. code)."
Angelo reminded us that there are different Open Source models. The problem with OS models is attributing responsibility. Who is liable if something goes wrong?
RISK ANALYSIS IS ESSENTIAL HERE!
Student B said Red Hat, the biggest Linux distributor, gives you the license to contribute, and you can even earn money for producing some enhancements. However, regarding the kernel, this license does not allowed you to publish any enhancements. This company is worth billions in the marked, so you can trust it.
This is what a lot of CEOs of big organizations take into account to hire OS services.
*I do not agree that you can trust it based on the market value! : ) At least for end users, we must be aware that we give lots of access to big companies, but I am willing to give the same access to small companies, provided that they provide me with useful service that eases my life. It is not a solution for the problem, of course. It is just awareness
Student A joked: for a solution, please read the books by Mauro Corona, who lives in the mountains, with no technology whatsoever!
Angelo: sometimes governments go into OS community to influence them to add new requirements to the software so that it accounts for some ethical issues that allow such government to use the developed software in hospitals or other sensitive environments.
Interesting reference on OS licenses: Roberto di Cosmo.
---
*back to the slides - still on Open Source:
Walter Scacchi (U California, 2003) is one of the most important researchers in OS Communities.
There are several communication tools that support OS communities (threaded discussions, newsgroups, email etc.) and .
There is a high degree of informality: to-do-lists, FAQs, communities' website, bug reports, bug database tracking (E.g. Bugzilla) etc.
Agile Methodologies
*interesting slide comparing agile vs. standard approaches.
Scrum
Requirements are expressed like user stories, following simple templates such as:
As a <role>, I can <activity> so that <business value>
Dynamic System Development Method is an agile method, a bit heavier than Scrum, but that tries to improve Scrum in some points. It may work for some domains.
Such methodologies may completely change the company's power structure. The new roles agile methods propose prevents some people to be recognized as, for instance, analyst (or another kind of) expert in the common sense. This may lead to some resistance from the personnel.
*interesting slide on a REFSQ paper that presents examples of how companies use agile methodologies.
Microservices inaugurate a different perspective on software development. For one micro service, there are different experts involved AT THE SAME TIME, thus there is no division of roles by development phase or activity, as before. See the work of Luciano Baresi, already referenced in the previous post.