Software configuration management, Web engineering
364 views
38 slides
Apr 28, 2024
Slide 1 of 38
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
About This Presentation
Software configuration management, Web engineering
Slide Content
Unit 5
Software Configuration
Management
1
Software Configuration
Management
1
2
The “First Law”
No matter where you are in the system
life cycle, the system will change,and the
desire to change it will persist throughout
the life cycle.
Bersoff, et al, 1980
The “First Law”
No matter where you are in the system
life cycle, the system will change,and the
desire to change it will persist throughout
the life cycle.
Bersoff, et al, 1980
3
Configuration Management
Definition:
The set of activities that have been developed to
manage changethroughout the software life cycle.
Purpose:
Systematically controlchangesto the configuration
and maintaintheintegrityandtraceabilityof the
configuration throughout the system’s life cycle.
Configuration Management
Definition:
The set of activities that have been developed to
manage changethroughout the software life cycle.
Purpose:
Systematically controlchangesto the configuration
and maintaintheintegrityandtraceabilityof the
configuration throughout the system’s life cycle.
Important activities
4
4
5
6
Aconfigurationoftheproductrefersnotonlytotheproduct's
constituentbutalsotoaparticularversionofthecomponent.
Therefore,SCMisthedisciplinewhich
•Identifychange
•Monitorandcontrolchange
•Ensuretheproperimplementationofchangemadeto
theitem.
•Auditingandreportingonthechangemade.
ConfigurationManagement(CM)isatechniqueof
identifying,organizing,andcontrollingmodificationto
softwarebeingbuiltbyaprogrammingteam.
Theobjectiveistomaximizeproductivitybyminimizing
mistakes(errors).
Aconfigurationoftheproductrefersnotonlytotheproduct's
constituentbutalsotoaparticularversionofthecomponent.
Therefore,SCMisthedisciplinewhich
•Identifychange
•Monitorandcontrolchange
•Ensuretheproperimplementationofchangemadeto
theitem.
•Auditingandreportingonthechangemade.
ConfigurationManagement(CM)isatechniqueof
identifying,organizing,andcontrollingmodificationto
softwarebeingbuiltbyaprogrammingteam.
Theobjectiveistomaximizeproductivitybyminimizing
mistakes(errors).
7
Baseline
Definition: Specification or product that
has been formally reviewed and agreed upon,
serves as the basis for further development, and
can be changed only through formal change
control procedures.
One “official version” at any point in time
Signals a point of departure from one activity to
the start of another activity.
Helps control change without impeding
justifiable change.
Baseline
Definition: Specification or product that
has been formally reviewed and agreed upon,
serves as the basis for further development, and
can be changed only through formal change
control procedures.
One “official version” at any point in time
Signals a point of departure from one activity to
the start of another activity.
Helps control change without impeding
justifiable change.
8
Baseline (Cont.)
Central repository of reviewed and
approved artifacts that represent a given
stable point.
Shared DB for project and kept in
consistent state.
Policies allow the team to achieve
consistent state and manage the
project.
Baseline (Cont.)
Central repository of reviewed and
approved artifacts that represent a given
stable point.
Shared DB for project and kept in
consistent state.
Policies allow the team to achieve
consistent state and manage the
project.
9
What Are These Changes?
data
other
documents
code
Test
Project
Plan
changes in
technical requirements
changes in
business requirements
changes in
user requirements
software models
What Are These Changes?
data
other
documents
code
Test
Project
Plan
changes in
technical requirements
changes in
business requirements
changes in
user requirements
software models
10
The Software Configuration
programs documents
data
The pieces
The Software Configuration
programs documents
data
The pieces
11
Software Configuration Item (SCI)
Definition: Information that is created as part
of the software engineering process.
Examples:
Software Project Plan
Software Requirements Specification
•Models, Prototypes, Requirements
Design document
Source code
Test suite
Software tools (e.g., compilers)
Software Configuration Item (SCI)
Definition: Information that is created as part
of the software engineering process.
Examples:
Software Project Plan
Software Requirements Specification
•Models, Prototypes, Requirements
Design document
Source code
Test suite
Software tools (e.g., compilers)
12
Software Configuration ItemDesign specification
data design
architectural design
module design
interface design
Component N
interface description
algorithm description
PDL
Data model
Test specification
test plan
test procedure
test cases
Source code
Software Configuration ItemDesign specification
data design
architectural design
module design
interface design
Component N
interface description
algorithm description
PDL
Data model
Test specification
test plan
test procedure
test cases
Source code
13
SCM Repository
The SCM repository is the set of mechanisms
and data structures that allow a software team
to manage change in an effective manner
The repository performs or precipitates the
following functions :
Data integrity
Information sharing
Tool integration
Data integration
Methodology enforcement
Document standardization
SCM Repository
The SCM repository is the set of mechanisms
and data structures that allow a software team
to manage change in an effective manner
The repository performs or precipitates the
following functions :
Data integrity
Information sharing
Tool integration
Data integration
Methodology enforcement
Document standardization
14
Repository Features
Versioning.
saves all of these versions to enable effective management of product
releases and to permit developers to go back to previous versions
Dependency tracking and change management.
The repository manages a wide variety of relationships among the data
elements stored in it.
Requirements tracing.
Provides the ability to track all the design and construction components and
deliverables that result from a specific requirement specification
Configuration management.
Keeps track of a series of configurations representing specific project
milestones or production releases. Version management provides the
needed versions, and link management keeps track of interdependencies.
Audit trails.
establishes additional information about when, why, and by whom changes
are made.
Repository Features
Versioning.
saves all of these versions to enable effective management of product
releases and to permit developers to go back to previous versions
Dependency tracking and change management.
The repository manages a wide variety of relationships among the data
elements stored in it.
Requirements tracing.
Provides the ability to track all the design and construction components and
deliverables that result from a specific requirement specification
Configuration management.
Keeps track of a series of configurations representing specific project
milestones or production releases. Version management provides the
needed versions, and link management keeps track of interdependencies.
Audit trails.
establishes additional information about when, why, and by whom changes
are made.
15
The SCM Process
How does a software team identify the discrete elements of
a software configuration?
How does an organization manage the many existing
versions of a program (and its documentation) in a manner
that will enable change to be accommodated efficiently?
How does an organization control changes before and after
software is released to a customer?
Who has responsibility for approving and ranking changes?
How can we ensure that changes have been made
properly?
What mechanism is used to appraise others of changes that
are made?
Addresses the following questions …
The SCM Process
How does a software team identify the discrete elements of
a software configuration?
How does an organization manage the many existing
versions of a program (and its documentation) in a manner
that will enable change to be accommodated efficiently?
How does an organization control changes before and after
software is released to a customer?
Who has responsibility for approving and ranking changes?
How can we ensure that changes have been made
properly?
What mechanism is used to appraise others of changes that
are made?
Addresses the following questions …
16
The SCM Processidentification
change control
version control
configuration auditing
reporting
SCIs
Software
Vm.n
The SCM Processidentification
change control
version control
configuration auditing
reporting
SCIs
Software
Vm.n
17
Version Control
Version control combines procedures and tools to manage
different versions of configuration objects that are created
during the software process
A version control system implements or is directly integrated
with four major capabilities:
a project database (repository)that stores all relevant
configuration objects
a version managementcapability that stores all versions of a
configuration object (or enables any version to be constructed
using differences from past versions);
amake facilitythat enables the software engineer to collect all
relevant configuration objects and construct a specific version of
the software.
anissues tracking(also called bug tracking) capability that
enables the team to record and track the status of all outstanding
issues associated with each configuration object.
Version Control
Version control combines procedures and tools to manage
different versions of configuration objects that are created
during the software process
A version control system implements or is directly integrated
with four major capabilities:
a project database (repository)that stores all relevant
configuration objects
a version managementcapability that stores all versions of a
configuration object (or enables any version to be constructed
using differences from past versions);
amake facilitythat enables the software engineer to collect all
relevant configuration objects and construct a specific version of
the software.
anissues tracking(also called bug tracking) capability that
enables the team to record and track the status of all outstanding
issues associated with each configuration object.
18
Change Control
STOP
Change Control
STOP
19
Change Control Process—I
change request from user
developer evaluates
change report is generated
change control authority decides
request is queued for action
change request is denied
user is informed
need for change is recognized
change control process—II
Change Control Process—I
change request from user
developer evaluates
change report is generated
change control authority decides
request is queued for action
change request is denied
user is informed
need for change is recognized
change control process—II
20
Change Control Process-II
assign people to SCIs
check-out SCIs
make the change
review/audit the change
establish a “baseline” for testing
change control process—III
Change Control Process-II
assign people to SCIs
check-out SCIs
make the change
review/audit the change
establish a “baseline” for testing
change control process—III
21
Change Control Process-III
perform SQA and testing activities
promote SCI for inclusion in next release
rebuild appropriate version
review/audit the change
include all changes in release
check-in the changed SCIs
Change Control Process-III
perform SQA and testing activities
promote SCI for inclusion in next release
rebuild appropriate version
review/audit the change
include all changes in release
check-in the changed SCIs
22
Auditing
SCIs
Change
RequestsSQA
Plan
SCM Audit
Auditing
SCIs
Change
RequestsSQA
Plan
SCM Audit
23
Status Accounting
SCIs
Change
Requests
Change
ReportsECOs
Status Accounting
Reporting
Status Accounting
SCIs
Change
Requests
Change
ReportsECOs
Status Accounting
Reporting
CASE
CASE stands forComputerAidedSoftwareEngineering
CASE tools are set of software application programs, which
are used to automate SDLC activities.
There are number of CASE tools available to simplify
various stages of Software Development Life Cycle such as
Analysis tools, Design tools, Project management tools,
Database Management tools, Documentation tools are to
name a few.
Use of CASE tools accelerates the development of project
to produce desired result and helps to uncover flaws before
moving ahead with next stage in software development.
24
CASE stands forComputerAidedSoftwareEngineering
CASE tools are set of software application programs, which
are used to automate SDLC activities.
There are number of CASE tools available to simplify
various stages of Software Development Life Cycle such as
Analysis tools, Design tools, Project management tools,
Database Management tools, Documentation tools are to
name a few.
Use of CASE tools accelerates the development of project
to produce desired result and helps to uncover flaws before
moving ahead with next stage in software development.
24
Components of CASE Tools
Central Repository-CASE tools require a central
repository, which can serve as a source of common,
integrated and consistent information.
Upper Case Tools-Upper CASE tools are used in
planning, analysis and design stages of SDLC.
Lower Case Tools-Lower CASE tools are used in
implementation, testing and maintenance.
Integrated Case Tools-Integrated CASE tools are
helpful in all the stages of SDLC, from Requirement
gathering to Testing and documentation.
25
Central Repository-CASE tools require a central
repository, which can serve as a source of common,
integrated and consistent information.
Upper Case Tools-Upper CASE tools are used in
planning, analysis and design stages of SDLC.
Lower Case Tools-Lower CASE tools are used in
implementation, testing and maintenance.
Integrated Case Tools-Integrated CASE tools are
helpful in all the stages of SDLC, from Requirement
gathering to Testing and documentation.
25
26
Features
Documentation support:
Project management support:
External interface:
Reverse engineering:
Data dictionary interface:
27
Documentation support:
Project management support:
External interface:
Reverse engineering:
Data dictionary interface:
27
A CASE Environment
28
28
29
SCM for Web Engineering-I
Content.
A typical WebApp contains a vast array of content—text,
graphics, applets, scripts, audio/video files, forms, active
page elements, tables, streaming data, and many others.
The challenge is to organize this sea of content into a
rational set of configuration objects (Section 27.1.4) and
then establish appropriate configuration control
mechanisms for these objects.
People.
Because a significant percentage of WebApp development
continues to be conducted in an ad hoc manner, any
person involved in the WebApp can (and often does)
create content.
SCM for Web Engineering-I
Content.
A typical WebApp contains a vast array of content—text,
graphics, applets, scripts, audio/video files, forms, active
page elements, tables, streaming data, and many others.
The challenge is to organize this sea of content into a
rational set of configuration objects (Section 27.1.4) and
then establish appropriate configuration control
mechanisms for these objects.
People.
Because a significant percentage of WebApp development
continues to be conducted in an ad hoc manner, any
person involved in the WebApp can (and often does)
create content.
30
SCM for Web Engineering-II
Scalability.
As size and complexity grow, small changes can have far-
reaching and unintended affects that can be problematic.
Therefore, the rigor of configuration control mechanisms
should be directly proportional to application scale.
Politics.
Who ‘owns’ a WebApp?
Who assumes responsibility for the accuracy of the
information on the Web site?
Who assures that quality control processes have been
followed before information is published to the site?
Who is responsible for making changes?
Who assumes the cost of change?
SCM for Web Engineering-II
Scalability.
As size and complexity grow, small changes can have far-
reaching and unintended affects that can be problematic.
Therefore, the rigor of configuration control mechanisms
should be directly proportional to application scale.
Politics.
Who ‘owns’ a WebApp?
Who assumes responsibility for the accuracy of the
information on the Web site?
Who assures that quality control processes have been
followed before information is published to the site?
Who is responsible for making changes?
Who assumes the cost of change?
31
Content Management-I
The collection subsystem encompasses all actions required
to create and/or acquire content, and the technical functions
that are necessary to
convert content into a form that can be represented by a mark-up
language (e.g., HTML, XML
organize content into packets that can be displayed effectively on
the client-side.
The management subsystem implements a repository that
encompasses the following elements:
Content database—the information structure that has been
established to store all content objects
Database capabilities—functions that enable the CMS to search
for specific content objects (or categories of objects), store and
retrieve objects, and manage the file structure that has been
established for the content
Configuration management functions—the functional elements
and associated workflow that support content object identification,
version control, change management, change auditing, and
reporting.
Content Management-I
The collection subsystem encompasses all actions required
to create and/or acquire content, and the technical functions
that are necessary to
convert content into a form that can be represented by a mark-up
language (e.g., HTML, XML
organize content into packets that can be displayed effectively on
the client-side.
The management subsystem implements a repository that
encompasses the following elements:
Content database—the information structure that has been
established to store all content objects
Database capabilities—functions that enable the CMS to search
for specific content objects (or categories of objects), store and
retrieve objects, and manage the file structure that has been
established for the content
Configuration management functions—the functional elements
and associated workflow that support content object identification,
version control, change management, change auditing, and
reporting.
32
Content Management-II
Thepublishing subsystem extracts from the repository,
converts it to a form that is amenable to publication, and
formats it so that it can be transmitted to client-side
browsers. The publishing subsystem accomplishes these
tasks using a series of templates.
Each templateis a function that builds a publication using
one of three different components [BOI02]:
Static elements—text, graphics, media, and scripts that require
no further processing are transmitted directly to the client-side
Publication services—function calls to specific retrieval and
formatting services that personalize content (using predefined
rules), perform data conversion, and build appropriate
navigation links.
External services—provide access to external corporate
information infrastructure such as enterprise data or “back-
room” applications.
Content Management-II
Thepublishing subsystem extracts from the repository,
converts it to a form that is amenable to publication, and
formats it so that it can be transmitted to client-side
browsers. The publishing subsystem accomplishes these
tasks using a series of templates.
Each templateis a function that builds a publication using
one of three different components [BOI02]:
Static elements—text, graphics, media, and scripts that require
no further processing are transmitted directly to the client-side
Publication services—function calls to specific retrieval and
formatting services that personalize content (using predefined
rules), perform data conversion, and build appropriate
navigation links.
External services—provide access to external corporate
information infrastructure such as enterprise data or “back-
room” applications.
33
Content Managementdatabase
configuration objects
templates
Content
Management
System
HTML code
+ scripts
server-side
client-side browser
Content Managementdatabase
configuration objects
templates
Content
Management
System
HTML code
+ scripts
server-side
client-side browser
34
Change Management for WebApps-Iclassify the
requested change
acquire related objects
assess impact of change
OK to make
class 1 change
class 2 change
develop brief written
description of change
develop brief written
description of change
transmit to all team
members for review
changes
required
in related
objects
class 3 change
further
evaluation
is required
class 4 change
OK to make
transmit to all stake-
holders for review
further
evaluation
is required
Change Management for WebApps-Iclassify the
requested change
acquire related objects
assess impact of change
OK to make
class 1 change
class 2 change
develop brief written
description of change
develop brief written
description of change
transmit to all team
members for review
changes
required
in related
objects
class 3 change
further
evaluation
is required
class 4 change
OK to make
transmit to all stake-
holders for review
further
evaluation
is required
35
Change Management for WebApps-IIcheck out object(s)
to be changed
make changes
design, construct, test
check in object(s)
that were changed
publish to WebApp
Change Management for WebApps-IIcheck out object(s)
to be changed
make changes
design, construct, test
check in object(s)
that were changed
publish to WebApp
Secure coding
Secure coding is the practice of developing computer
software in a way that guards against the accidental
introduction of security vulnerabilities.
Defects, bugs and logic flaws are consistently the
primary cause of commonly exploited software
vulnerabilities.
software developed or engineered in such a way
that its operations and functionalities continue as
normal even when subjected to malicious attacks.
36
Secure coding is the practice of developing computer
software in a way that guards against the accidental
introduction of security vulnerabilities.
Defects, bugs and logic flaws are consistently the
primary cause of commonly exploited software
vulnerabilities.
software developed or engineered in such a way
that its operations and functionalities continue as
normal even when subjected to malicious attacks.
36
Check list
Authentication with secured password
Session Management with complete user
details
Access Control and manage with proper
verification of user.
37
Authentication with secured password
Session Management with complete user
details
Access Control and manage with proper
verification of user.
37
Why it is needed
protects against secrets and business data
from leaking into the public domain. This
includes passwords, API keys, Tokens,
Credentials,etc.
38
protects against secrets and business data
from leaking into the public domain. This
includes passwords, API keys, Tokens,
Credentials,etc.
38
Tags
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 364
- Slides 38
- Age 583 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
22 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views