software engineering

What is the difference between computer science and software engineering?

Computer science is about theory, software engineering is about developing software

What software engineering fundamentals apply to all types of software systems?

Dependability and managing, effective use of existing resources, developed using a managed and understood development processes. D-E-M

what are the two fundamental types of software product?

generic and customized software

What are the identified levels in the SEI'S Capability maturity model?

initial, managed, defined, quantitatively managed, optimizing (I Made Donuts, Quick Order!)

List 3 generic process models that are used in software engineering?

Waterfall model, incremental development model, and integration and configuration model (WII)

What are the two different approaches to process improvement and change that have been proposed?

The agile approach and the process maturity approach

What is a scrum sprint?

A scrum sprint is a development iteration that lasts a few weeks

What is test-first development?

It is when developers write automated unit tests for a new feature before actually implementing the feature

Why has the scrum agile method been widely adopted in preference to methods such as XP?

A. The product is broken down into a set of manageable and understandable chunks that stakeholders can relate to.

B. Unstable requirements do not hold up progress.

C. The whole team has visibility of everything, and consequently team communication and morale are improved.

D. Customers see on-time delivery of increments and gain feedback on how the product works. They are not faced with last-minute surprises when a team announces that software will not be delivered as expected.

E. Trust between customers and developer is established, and a positive culture is created in which everyone expects the project to succeed. (Many Unstable Teams Deliver Trust)

List 3 basic types of non-functional requirements?

Organizational requirements, product requirements, and external requirements. (non- functional=ope like oops because it non fucntional)

What is the distinction between the terms' shall' and 'should' in a user requirements document, which is written in natural language?

'Shall' is for mandatory requirements, 'Should' is for desirable requirements that aren't as important

What is a use-case?

Use cases describe how users interact with a system by combining diagrams and structured text.

How are activity diagrams used in describing the context of use of a system?

Activity diagrams show the sequence of user and system activities, explain how the system fits into its environment and how users interact with the system.

What are the claimed benefits of model driven engineering?

The benefits are that engineers can think about systems at a high level of abstraction. It reduces errors, allows for creation of reusable independent application models, it speeds up the design and implementation process

What are the principle components of a textual use-case description?

The actors, the systems response, the sequence of interactions between then, the trigger, normal flow and exception

What are the advantage of explicitly designing and documenting a software architecture?

The advantage is that it helps everyone understand the systems' structure which makes development, future changes and communication easier, it easier to evaluate design options and patterns and to reuse them

Briefly describe pipe and filter architecture?

This architectures is a design that organizes data processing into a sequence where each filter does one specific transformation. The data flows through pipes between filters until its fully processed.

List 4 fundamental questions that should be addressed in architectural design?

What Architectural patterns or styles might be used?

What strategy will be used to control the operation of the components in the system?

How should the architecture of the system be documented?

What will be the fundamental approach used to structure the system? (SSSS STYLE STRATGERY SHOW STRUCUTRE)

What are 5 key activites in an object-oriented design process?

The five key activities are defining the context and models of use, designing the systems architecture, identify the principal system objects, developing the design models, specifying object interface

Briefly describe the idea of open source development

Open source development is when the source code is made public and anyone can contribute to improving or fixing it. It is open for community collaboration.

What do you understand by the system context and interaction model?

The system context and interaction model show how the system fits into its environment and how it interacts with users and other systems. It helps define system boundaries and the flow of information. (BF THEY WORK TOGETHER LIKE A BF)

What are the advantages of inspections over testing?

1. In testing, one error can hide others because errors affect outputs, making it hard to tell if new problems are from new errors or earlier ones. Inspections don't run the system, so errors don't mask each other, letting you find many errors in one review.

2. Inspections can review incomplete systems without extra cost, unlike testing which needs special tools.

3. Inspections not only find defects but also check broader qualities like standards compliance, portability, maintainability, inefficiencies, bad algorithms, and poor coding style that affect future updates.

What are the three important classes of interface errors?

Interface misuse, interface misunderstanding, and timing error (TMM)

Briefly describe the three principal stages of testing for commercial software system

1. Development testing:Developers test for bugs.

2. Release testing: independent testing by seperate team before the software is launched to customers to check if it is stable

3. user testing: real users check software in real conditions (DRU- D COMES AFTER C)

Why is a software evolution important?

Program evolution is important because softwares need to keep up with changing business needs and environments. If they do not evolve, it becomes less useful.

What are three different types of software maintenance and how is effort distributed across these maintenance types?

1. Functionality addition, takes the most effort above 50%

2. Fault repairs, second in rank for effort, 24%

3. Environmental adaptation, last ranked in effort around 19% (EFF= EFFORT)

Why is it expensive and risky to replace legacy systems with new systems?

Legacy systems usually lack complete specifications.

Legacy systems are deeply tied to business processes.

Important business rules are hidden in the old software and not documented.

Developing new software is inherently risky and may cause unexpected problems.

What is the difference between redundancy and diversity?

Redundancy is when you add extra components to take over if something breaks, diversity is when you make all of those backups different so they do not fail the same way.

Suggest 4 reasons why formal specifications is not widely used?

1. The cost may not be worth it
2. Many developers do not know how to use them
3. They aren't good for big systems
4. Most people can not understand the math in formal specs

What are the types of error that can be discovered and eliminated by the use of formal methods

1. Mismatches between the code and the original specification

2. Specification and design errors and missing parts

What is a protection system?

A protection system is a fault-tolerant model designed to ensure safety by letting transitions happen only between safe states, even if a fault happens, it prevents dangerous failures and runs separately.

What are the four stages of reliability testing?

1. Study similar systems and identify operation profiles

2. Prepare test datasets based on those profiles

3. Apply the tests and record failures

4. Calculate reliability metrics after observing enough failures

Give examples of three policies that may be introduced with the aim of achieving software diversity

1. using different programming languages for different versions.

2. test versions with different testing methods

3. different documentation stytes for each version

Why do the use of formal specification and program verification not guarantee that a system is safe?

A) The specification may not reflect the real requirements of users and other system stakeholders.

(B) The proof may contain errors because they are complex.

(C) The proof may make incorrect assumptions about the way that the system is used. If the system is not used as anticipated, then the system's behavior lies outside the scope of the proof.

What are the three risk categories that are normally used in hazard assessment for safety critical systems?

1. intolerable risks

2.alarp risks

3.acceptable risks

What safety assurance activities might be included in a critical systems development process?

Formal specification and verification, hazard analysis, safety reviews, quality assurance (For High Safety, Question Quality)

What information should be included in a misuse case?

Attacker's goal

How the attack could be carried out

System vulnerabilities being exploited

Possible mitigations or security requirements to prevent misuse

What are the three controls may be put in place to enhance system security?

avoidance, recovery, and detection.

What is the distinction between application and infrastructure security

Application security focuses on protecting the software itself, such as preventing unauthorized access through user authentication or input validation. Infrastructure security protects the hardware and network systems such as operating systems and servers.