Software configuration management, Web engineering

Unit 5 Software Configuration Management 1

2 The “First Law” No matter where you are in the system life cycle, the system will change, and the desire to change it will persist throughout the life cycle. Bersoff, et al, 1980

3 Configuration Management Definition: The set of activities that have been developed to manage change throughout the software life cycle. Purpose: Systematically control changes to the configuration and maintain the integrity and traceability of the configuration throughout the system’s life cycle.

6  A configuration of the product refers not only to the product's constituent but also to a particular version of the component.  Therefore, SCM is the discipline which • Identify change • Monitor and control change • Ensure the proper implementation of change made to the item. • Auditing and reporting on the change made.  Configuration Management (CM) is a technique of identifying, organizing, and controlling modification to software being built by a programming team.  The objective is to maximize productivity by minimizing

7 Baseline  Definition: Specification or product that  has been formally reviewed and agreed upon,  serves as the basis for further development, and  can be changed only through formal change control procedures.  One “official version” at any point in time  Signals a point of departure from one activity to the start of another activity.  Helps control change without impeding justifiable change.

8 Baseline (Cont.)  Central repository of reviewed and approved artifacts that represent a given stable point.  Shared DB for project and kept in consistent state.  Policies allow the team to achieve consistent state and manage the project.

9 What Are These Changes? data other documents code Test Project Plan changes in technical requirements changes in business requirements changes in user requirements software models

10 The Software Configuration programs documents data The pieces

11 Software Configuration Item (SCI)  Definition: Information that is created as part of the software engineering process.  Examples:  Software Project Plan  Software Requirements Specification • Models, Prototypes, Requirements  Design document  Source code  Test suite  Software tools (e.g., compilers)

12 Software Configuration Item Design specification data design architectural design module design interface design Component N interface description algorithm description PDL Data model Test specification test plan test procedure test cases Source code

13 SCM Repository  The SCM repository is the set of mechanisms and data structures that allow a software team to manage change in an effective manner  The repository performs or precipitates the following functions :  Data integrity  Information sharing  Tool integration  Data integration  Methodology enforcement  Document standardization

14 Repository Features  Versioning.  saves all of these versions to enable effective management of product releases and to permit developers to go back to previous versions  Dependency tracking and change management.  The repository manages a wide variety of relationships among the data elements stored in it.  Requirements tracing.  Provides the ability to track all the design and construction components and deliverables that result from a specific requirement specification  Configuration management.  Keeps track of a series of configurations representing specific project milestones or production releases. Version management provides the needed versions, and link management keeps track of interdependencies.  Audit trails.  establishes additional information about when, why, and by whom changes are made.

15 The SCM Process  How does a software team identify the discrete elements of a software configuration?  How does an organization manage the many existing versions of a program (and its documentation) in a manner that will enable change to be accommodated efficiently?  How does an organization control changes before and after software is released to a customer?  Who has responsibility for approving and ranking changes?  How can we ensure that changes have been made properly?  What mechanism is used to appraise others of changes that are made? Addresses the following questions …

16 The SCM Process identification change control version control configuration auditing reporting SCIs Software Vm.n

17 Version Control  Version control combines procedures and tools to manage different versions of configuration objects that are created during the software process  A version control system implements or is directly integrated with four major capabilities:  a project database (repository) that stores all relevant configuration objects  a version management capability that stores all versions of a configuration object (or enables any version to be constructed using differences from past versions);  a make facility that enables the software engineer to collect all relevant configuration objects and construct a specific version of the software.  an issues tracking (also called bug tracking) capability that enables the team to record and track the status of all outstanding issues associated with each configuration object.

19 Change Control Process—I change request from user developer evaluates change report is generated change control authority decides request is queued for action change request is denied user is informed need for change is recognized change control process—II

20 Change Control Process-II assign people to SCIs check-out SCIs make the change review/audit the change establish a “baseline” for testing change control process—III

21 Change Control Process-III perform SQA and testing activities promote SCI for inclusion in next release rebuild appropriate version review/audit the change include all changes in release check-in the changed SCIs

22 Auditing SCIs Change Requests SQA Plan SCM Audit

23 Status Accounting SCIs Change Requests Change Reports ECOs Status Accounting Reporting

CASE  CASE stands for Computer Aided Software Engineering  CASE tools are set of software application programs, which are used to automate SDLC activities.  There are number of CASE tools available to simplify various stages of Software Development Life Cycle such as Analysis tools, Design tools, Project management tools, Database Management tools, Documentation tools are to name a few.  Use of CASE tools accelerates the development of project to produce desired result and helps to uncover flaws before moving ahead with next stage in software development. 24

Components of CASE Tools  Central Repository - CASE tools require a central repository, which can serve as a source of common, integrated and consistent information.  Upper Case Tools - Upper CASE tools are used in planning, analysis and design stages of SDLC.  Lower Case Tools - Lower CASE tools are used in implementation, testing and maintenance.  Integrated Case Tools - Integrated CASE tools are helpful in all the stages of SDLC, from Requirement gathering to Testing and documentation. 25

Features  Documentation support:  Project management support:  External interface:  Reverse engineering:  Data dictionary interface: 27

29 SCM for Web Engineering-I  Content.  A typical WebApp contains a vast array of content—text, graphics, applets, scripts, audio/video files, forms, active page elements, tables, streaming data, and many others.  The challenge is to organize this sea of content into a rational set of configuration objects (Section 27.1.4) and then establish appropriate configuration control mechanisms for these objects.  People.  Because a significant percentage of WebApp development continues to be conducted in an ad hoc manner, any person involved in the WebApp can (and often does) create content.

30 SCM for Web Engineering-II  Scalability.  As size and complexity grow, small changes can have far- reaching and unintended affects that can be problematic. Therefore, the rigor of configuration control mechanisms should be directly proportional to application scale.  Politics.  Who ‘owns’ a WebApp?  Who assumes responsibility for the accuracy of the information on the Web site?  Who assures that quality control processes have been followed before information is published to the site?  Who is responsible for making changes?  Who assumes the cost of change?

31 Content Management-I  The collection subsystem encompasses all actions required to create and/or acquire content, and the technical functions that are necessary to  convert content into a form that can be represented by a mark-up language (e.g., HTML, XML  organize content into packets that can be displayed effectively on the client-side.  The management subsystem implements a repository that encompasses the following elements:  Content database—the information structure that has been established to store all content objects  Database capabilities—functions that enable the CMS to search for specific content objects (or categories of objects), store and retrieve objects, and manage the file structure that has been established for the content  Configuration management functions—the functional elements and associated workflow that support content object identification, version control, change management, change auditing, and reporting.

32 Content Management-II  The publishing subsystem extracts from the repository, converts it to a form that is amenable to publication, and formats it so that it can be transmitted to client-side browsers. The publishing subsystem accomplishes these tasks using a series of templates.  Each template is a function that builds a publication using one of three different components [BOI02]:  Static elements—text, graphics, media, and scripts that require no further processing are transmitted directly to the client-side  Publication services—function calls to specific retrieval and formatting services that personalize content (using predefined rules), perform data conversion, and build appropriate navigation links.  External services—provide access to external corporate information infrastructure such as enterprise data or “back- room” applications.

33 Content Management database configuration objects templates Content Management System HTML code + scripts server-side client-side browser

34 Change Management for WebApps-I classify t he request ed change acquire relat ed object s assess impact of change OK t o make class 1 change class 2 change develop brief writ t en descript ion of change develop brief writ t en descript ion of change t ransmit t o all t eam members for review changes required in relat ed object s class 3 change furt her evaluat ion is required class 4 change OK t o make t ransmit t o allst ake- holders for review furt her evaluat ion is required

35 Change Management for WebApps-II check out object(s) to be changed make changes design, construct, test check in object(s) that were changed publish to WebApp

Secure coding  Secure coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities.  Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities.  software developed or engineered in such a way that its operations and functionalities continue as normal even when subjected to malicious attacks. 36

Check list  Authentication with secured password  Session Management with complete user details  Access Control and manage with proper verification of user. 37

Why it is needed  protects against secrets and business data from leaking into the public domain. This includes passwords, API keys, Tokens, Credentials,etc. 38

Software configuration management, Web engineering

More Related Content

What's hot

Similar to Software configuration management, Web engineering

More from divyammo

Recently uploaded

Software configuration management, Web engineering

Editor's Notes