REG: DIT/2013/41255

NAME: AKUEI KUOL JOSEPH

UNIT CODE: DIT 2211
UNIT TITLE: SOFTWARE ENGEENIRING

CAT 2
1. The university Library is considering the implementation of a computer based system
to help administrator books loan at the library.
a) Identify at least four stakeholders in such a project.
Librarian
Library Staff
Administrator/ Technical Board
Book Suppliers/ Volunteers
Friends of the Library (Providing funds and assistance to Library)
Educators/ Trainers (train the usage of the system)
Software House or company developing the computer based system
Library Users (those who lend the books)
b) Explain any four areas that must be included in a project proposal for this project.
i. Components of the project in terms of needs to achieve the vision
ii. Specifications for system requirements
iii. Financial estimates
iv. Action plan and Timetable for the project
2. Briefly explain the activities of a typical project management life cycle
Initiationinvolves starting up the project, by documenting a business case,
feasibility study, and terms of reference, appointing the team and setting up a
Project Office.
Planning involves setting out the roadmap for the project by creating the
following plans: project plan, resource plan, financial plan, quality plan,
acceptance plan and communications plan.
Execution involves building the deliverables and controlling the project delivery,
scope, costs, quality, risks and issues.
Closureinvolves winding-down the project by releasing staff, handing over
deliverables to the customer and completing a post implementation review.

3. Give two disadvantages for each of the following software development process
models. (2marks)
a) Waterfall approach
Disadvantages
You cannot go back a step; if the design phase has gonewrong, things can get very
complicated in the implementation phase.
High amounts of risk and uncertainty.
Not a good model for complex and object-oriented projects.
Poor model for long and on-going projects.
Not suitable for the projects where requirements are at amoderate to high risk of
changing.
b) Evolutionary development
Disadvantages
Because the project is open-ended, no time frame can be set.
Project monitoring is difficult.
Less visibility as compared to waterfall model.
4. Briefly explain the following software quality assurance attributes (4 marks)
Correctness: The correctness of a software system refers to:
Agreement of program code with specifications
- Independence of the actual application of the software system.
The correctness of a program becomes especially critical when it is
embedded in a complex software system.
Reliability: Reliability of a software system derives from
- Correctness
- Availability
The behavior over time for the fulfillment of a given specification depends on the
reliability of the software system.
-Reliabilityof a software system is defined as the probability that this system fulfills a
function (determined by the specifications) for a specified number of input trials
under specified input conditions in a specified time interval (assuming that hardware
and input are free of errors).
-A software system can be seen as reliable if this test produces a low error rate (i.e.,
the probability that an error will occur in a specified time interval.)
The error rate depends on the frequency of inputs and on the probability that an
individual input will lead to an error.
Maintainability: Maintainability = suitability for debugging (localization and
correction of errors) and for modification and extension of functionality.
The maintainability of a software system depends on its:
- Readability
- Extensibility
- Testability
5. Briefly explain 5 major attributes of a good interface for a computer System (4
marks)
ClarityThe interface avoids ambiguity by making everything clear through language,
flow, hierarchy and metaphors for visual elements.
Concision- Its easy to make the interface clear by over-clarifying and labeling
everything, but this leads to interface bloat, where there is just too much stuff on the
screen at the same time. If too many things are on the screen, finding what youre
looking for is difficult, and so the interface becomes tedious to use. The real challenge
in making a great interface is to make it concise and clear at the same time.
Familiarity- Even if someone uses an interface for the first time, certain elements can
still be familiar. Real-life metaphors can be used to communicate meaning.
Responsiveness-A good interface should not feel sluggish. Secondly, the interface
should provide good feedback to the user about whats happening and whether the
users input is being successfully processed.
Consistency-Keeping your interface consistent across your application is important
because it allows users to recognize usage patterns.
6. What are the 3 requirements standards of security(2 marks)
Data confidentiality - controlling who gets to read information in order to keep sensitive
Information from being disclosed to unauthorized recipients - e.g., preventing the disclosure
ofClassified information to an adversary
Data integrity - assuring that information and programs are changed, altered, or modified
only in aSpecified and authorized manner
System availability - assuring that authorized users have continued and timely access to
information
and resources - e.g., preventing an adversary from flooding a network with bogus traffic that
delayslegitimate traffic such as that containing new orders from being transmitted

7. State and briefly explain five major logical security mechanisms one can do to
ensure information systems are secure (5 marks)
a) Digital signature - assurance that a message or file was sent or created by a given person,
based onthe capabilities provided by mechanisms for authentication and integrity checks
b) Authenticate
-To verify the identity of a person (or other agent external to the protection system)
making a request.
-verifying the identity of a prospective user by demanding a password,
c) Authorization
To grant a principal access to certain information.
d) Auditing - recording each operation that is invoked along with the identity of the subject
performingit and the object acted upon (as well as later examining these records)
e) Non-repudiation- the use of a digital signature procedure affirming both the integrity of a
givenmessage and the identity of its creator to protect against a subsequent attempt to deny
authenticity.
8. Define risk management and explain its importance in software engineering(2)
Risk management is a series of steps whose objectives are to identify,address, and
eliminate software risk items before they become either threats to successful
software operation or a major source of expensive rework.
The main objective of Risk Management is to identify potential problems
before they occur so that risk handling activities can be planned and
invoked as needed across the life of the product or project to mitigate
adverse impacts on achieving objectives.






References
1. N.R. Mead, E.D. Hough, and T.R. Stehney II, "Security Quality Requirements
(SQUARE) Methodology" (CMU/SEI-2005-TR-009), Software Engineering Institute,
Carnegie Mellon University, Pittsburgh, PA, 2005.
2. NIST Risk Management Guide for Information Systems Special Publication
800-30. July, 2002