Software Engineering

Key agile development principles

- customer involvement

- Embrace change

- incremental delivery

- maintain simplicity

- people, not process

customer involvement

- closely involved in development

- provide & prioritise new system requirements.

Embrace change

expect system requirements to change - design to accommodate.

incremental delivery

developed in increments—customer specifies requirements for each

maintain simplicity

both in software and process - Eliminate complexity where possible

people, not process

Team members are left to develop in own way - Use people's advantages.

agile contractual problems

less defined requirements, less clarity - cause friction

non-incremental when life at risk

All requirements established. at gathering stage - agile delivered in phases

imperative programming

program statements and maintain state - to achive results - most common

declarative programming

Focuses on output by expressing logic & constraints - doesn't say how to achieve

Functional programming

making use of pure functions

why use functional programming?

- no side effects - output is based on the input

- more reliable software - no hidden dependencies

Event-driven programming

- responds to user/event interactions

- more responsive code

Object oriented programming

reusable objects (more modular and easier to maintain)

- Encapsulation

- Abstraction

- Inheritance

- Polymorphism

Encapsulation

- all data is stored within the object

- Only select data externally viewable

Inheritance

classes based on existing parent classes - inherit properties and no redefining

Polymorphism

allows objects to take on different forms or behaviors

Abstraction

focuses on a system's essential elements - construct more understandable programs

Development life cycle key elements?

- Software Specification

- Software Development

- Software Verification

- Software Validation

- Software Maintenance

Software Specification

Define functionality/user requirements (use a requirements-gathering exercise)

Software Development

Design and production of the system

Software Verification

testing and check the program does what it is designed to do

Software Validation

Ensure that the system meets the required specification

Software Maintenance

Ensure that the software is maintained and can be evolved

Two types of verification

- Unit testing (done by developer team programmers - not author)

- System testing (done by program teams within developers)

Ways to mitigate errors in code

- Code Review

- Pair Programming

-Test driven Development

Unit Testing advantages

- Early bug detection

- improved code quality - modular approach

- enforces clarity - expected purpose documented

Unit Testing Disadvantages

More work/effort (every component needs a test)

customer development

conducted by actual users - onsite hardware

Integrated or systems testing

Bring together systems to see how they interact. Ensure data is correctly transferred.

edge case

test for a component with extreme boundaries or limits - inputs just inside/outside valid range

How to complete unit testing

- call function with test case (arguments)

- compare to result expected

- report result

corner case

test scenarios for exceptional or multiple edge cases

Key points of waterfall approach (x6)

- Sequential and linear

- Fixed requirements

- Minimal customer involvement

- Detailed Specification

- Limited Flexibility

- Late Defect Detection

Waterfall—sequential and linear

each phase is completed before moving on - flows downwards like waterfall

Waterfall - fixed requirements

Defined at the start— hard to change

Waterfall—Minimal customer Involvemnt

Customer limited to the gathering phase. Fewer oppertunities for feedback

Waterfall - Detailed documentation

extensive documentation for each phase. Serves as reference for each completed stage

Waterfall - Limited Flexibility

Linear means less adapdability - once a phase is complete is hard to make changes

Waterfall - Late defect detection

As testing is completed right at the end - high risk bugs are found late - costly

Key points of the incremental approach (x6)

- Iterative and incremental

- Evolving requirements

- Large customer involvement

- Working prototypes

- fleciibility and adapability

- early detecion of defects

Incremental - iterative

divided up into multiple iterations. each iteration should be shippable

Incremental - Evolving requirements

- initial set of requirements is defined.

- Subsequent increment evolves - more requirements

- based on customer feedback

Incremental - Customer involvement

- involved throughout design process

- provide feedback and promotes collaberation

Incremental - Working prototypes

- focused on delivering working iterations

- customer can evaluate products' functionality.

Incremental - flexibility & adaptability

Greater flexibility - accommodate changes

- Each iteration builds upon previous

Incremental - Early defect detection

- Testing is performed at each iteration

- less risk of major issues - imporved quality

Types of external threats

- fishing

- malware

- DDOS & hacking

- supply chain attacks

Python vunrabilities

- Outdated dependencies

- Directory traversal

- Malicious packages

- Insecure temp files

C vunrabilities

- buffer overflows

- format string attacks

- integer overflows

- unsafe library functions