8.2.1 User Requirements



		8.2 Products of Submodel SD
		8.2.1 User Requirements (UReq)

Anwenderforderungen

Contents
Introduction
Document Index
Document Structure
Product Flow
Links to the V-Model Mailinglist

Contents		Introduction Document Index Document Structure Product Flow Links to the V-Model Mailinglist

Introduction

The User Requirements describe the user-level aspects of the System. These aspects have to be documented with regard to the application environment. The User Requirements are the basis for the acceptance of the System by the customer.

The User Requirements contain the documentation of the recording of actual status and current analysis as well as the threat and risk analysis, the documentation of the IT security objectives and the IT security measures, the definition of user-level requirements, and the marginal conditions.

To mark requirements a formalism is needed which allows each requirement to be identified in a unique way; so a unique reference will be possible from the architecture and design documents (acknowledgment principle).

When stating requirements care must be taken to describe only "WHAT" a task is to accomplish, not "HOW" it is going to be accomplished. Furthermore, what must be taken into consideration is that requirements have to be assessable, unique, consistent, and free of hidden design decisions.

The term "System" also comprises the term "procedure".

Document Index

1. General Information
2. Actual Status and Current Analysis
3. IT Security Objective
4. Threat and Risk Analysis
5. IT Security
6. User-level Requirements
6.1. Preliminary System Description
6.2. Organizational Embedding
6.3. Utilization
6.4. Criticality of the System
6.5. External Interfaces
6.6. Description of the Functionality
6.7. Quality Requirements
7. Marginal Conditions
7.1. Technical Marginal Conditions
7.2. Organizational Marginal Conditions
7.3. Other Marginal Conditions

Document Structure

1. General Information

See schema 1. General Information.

2. Actual Status and Current Analysis

This section becomes relevant in the cases when

a System like this already exists and is to be replaced by a new one (in exceptional cases also for extensive SWMM measures), or
System to be developed is to be integrated into existing conditions with respect to process organization or conditions of a technical nature.

If necessary, the organizational and technical application environment is described on the basis of the actual status, the way it is required for the documentation of weak points of the present System.

In detail, the following items are relevant within the scope of the actual status and current analysis, for example:

recording of the user environment (structure and process organization, official regulations, decrees, laws, rules, and the like)
integration of existing data stocks, programs
recording of available IT equipment
recording of time and quantity listing (present processing times, throughput times, response times, waiting times, amount of data)
recording of user-level and technical factors that cannot be influenced
presentation of the threat and equipment gap
detection of weak points
finding out what caused the detected weak points

3. IT Security Objective

In this chapter, it might be specified which requirements with regard to Availability, integrity or confidentiality exist for certain functions or information.

4. Threat and Risk Analysis

The threats relevant for the System have to be identified, and, by taking into consideration the probability factors of damages to be expected, the connected risks to be evaluated.

5. IT Security

The IT security of a System is guaranteed by measures in the system environment (access control, radiation protection, safe handling of data media, etc.) or by measures in the System itself (password protection, protocol logging, etc.).

The total effects expected of all those measures are specified in the requirements for IT security. The threats from the threat analysis and risk analysis must be allocated to the requirements. It must be made clear that IT security measures counteract those threats.

6. User-level Requirements

6. 1. Preliminary System Description

In this case, the preliminary system description must fulfill the following criteria in the form of an overall horizon:

It is necessary to define which user-level tasks are to be supported by the System. Therefore, the integration of the System into the organization or the integration environment must be described.

The description must point out which overall functionality is to be covered in the final version, and, in this connection, which priorities are expected in the course of the following development.

The description must include the application concept in order to derive the technical and organizational application environment and the marginal conditions (within the scope of SD1.4 - Definition of Marginal Conditions).

The description must include quantitative estimations that can be used to make basic technical decisions with the correct order of magnitude (network organization, computing power, etc.).

The description must be very exact in order to make it possible in future to decide when this overall horizon should or can be left and technical decisions might be reconsidered accordingly.

The use of predefined user-level items (standard topics) must be taken into consideration. Possible candidates for the reuse on the level of the User Requirements within the scope of the planned development must be named.

6. 2. Organizational Embedding

This chapter contains a description of the organizational sphere of the System: the structure and process organization of the user, user classes, responsibilities and competence during operation, and the additional equipment of the user.

6. 3. Utilization

This contains a description of the requirements for operation and use of the System, e. g. for mobile or stationary operation, operation times, communication between user and System, the extent of the services to be automatically made available by the System.

6. 4. Criticality of the System

The criticality of the System is specified (possibly also defined) and justified on the basis of the criticality definition in the QA Plan

6. 5. External Interfaces

Requirements for the external interfaces to neighboring systems and, in particular, for the man-machine interface have to be documented.

Requirements with regard to ergonomics must also be taken into consideration. The technical design of the user interface is defined within the scope of the Technical Requirements.

6. 6. Description of the Functionality

This chapter describes the user-level structure of the System functionality from a user's point of view:

The functionality of the System is described by taking into consideration the tasks to be fulfilled by the System.

Business processes are defined for the determination of the required System functionality. They have to be considered in its entirety, i. e. completely, even when the required System only supports certain sections of this functionality. The users will become an integral part of the description. The System is seen as a whole, together with its environment (man, connected systems).

A user-level structure of the functionality into fields is carried out. This structure is used
- as a basis for the decision about the use of fields already defined earlier (standard topics),
- as a basis for the separation of system parts to generate and investigate solution proposals,
- as a criterion for the placing of development orders,
- as the basis for an incremental development strategy for a fast availability of Systems to be applied operationally (by an early feedback from the application it is possible to minimize the development risk considerably),
- as the planning basis and as a guideline for the upgrade of the System on a step-by-step basis,
- as initial information for the setting up or optimizing the organization at the user.

Examples for standard topics are
- mailing and communication,
- storage of data and documents,
- IT security,
- man-machine interface (like representation of the actual situation, generation and processing of messages),
- office functions.

Classifications of criticality levels are set up within the scope of the functionality description. Criticality levels are allocated to the fields and the structure elements they are based on.

The information needs of the user have to be defined in a clear and distinct way, but independently of the technical specifications. If necessary, the data will be described here as well, i. e. if they are known on this level already.

Notes:

The order of the user-level requirements for the functionality is not specified as a regulation element beyond the demanded field structure. However, the user-level order must always be described as independent of the technical architecture.

The reference to possibly predefined fields is an essential element of the user-level description.

If structure and process organization for information systems are optimized for the user as a result of the recording of actual status and analysis in parallel to system development, then it is necessary to refer to the results of these optimizations while the planned business processes are specified and the System is structured at user-level into fields.

Developments in the field of information technology may result in new application fields which always have an impact on the organizational structure. On the other hand, structure and process organization impose primary marginal conditions for IT system support. Therefore, organization development and system generation interact closely. As a result, they have to be closely coordinated with each other.

6. 7. Quality Requirements

Quality requirements with regard to

reliability,
user friendliness,
efficiency,
maintainability,
portability,
reusability,
static and dynamic performance data, etc.

are documented as quality characteristics. The basis is /DIN ISO IEC 9126/.

7. Marginal Conditions

7. 1. Technical Marginal Conditions

Based on a consideration of the technical application environment, marginal conditions may be fixed with regard to the following aspects:

Technical Requirements for interfaces,
specifications for the technical realization of interfaces,
notes and specifications for the technical operation,
specification of off-the-shelf products,
adhering to technical standards,
specifications from the technical development environment, SWMM environment or application environment.

In addition, technical requirements for the environment may also be documented here (e. g. for hardware: required air-conditioning, vibration reducers.).

7. 2. Organizational Marginal Conditions

Based on a consideration of the organizational application environment, marginal conditions may be fixed with regard to the following aspects:

Distribution of user-level tasks (functions) within the scope of the organizational structure,
required communication, cooperation and coordination among instances in the user's process organization,
information requirements for handling business processes,
execution rhythm and repetitiveness of business processes,
geographical distribution of users in application area,
specifications from organization development for staff size, job plans, job descriptions,
specifications from personnel laws (Civil Service Act, regulations governing industrial relations, worker participation, tariff contracts),
cooperation with external instances and authorities (inter-authority cooperation, cooperation between authorities),
placement of user-level tasks (functions) to external contractors, i. e. by outsourcing.

7. 3. Other Marginal Conditions

Marginal conditions that are neither of a technical nor of an organizational nature must be fixed (e. g. chronological and economical marginal conditions).

Product Flow

Chapter		Activity	From		to		Methods	Tool Req.	Ext. Norms
No.	Title	Activity	Activity	State	Activity	State	Methods	Tool Req.	Ext. Norms
2	Actual Status and Current Analysis	SD1.1	-	-	SD1.2 SD1.3 SD1.4 SD1.5 SD1.6	being proc.	COM DFM ER FCTD IAM PRODIAG STMO UCM	SSD05 SSD06 SSD07 SSD09 SSD22 SSD25 SSD26 SSD27 SSD28
3	IT Security Objective	SD1.2	-	-	SD1.3 SD1.4 SD1.5 SD1.6	being proc.		SSD01
4	Threat and Risk Analysis	SD1.6	-	-	SD1.7 SD1.8 SD2 SD3 SD4-SW SD5-SW	submitted		SSD01
5	IT Security	SD1.6	-	-	SD1.7 SD1.8 SD2 SD3 SD4 SD5	submitted		SSD01
6.1	Preliminary System Description	SD1.2	-	-	SD1.3 SD1.4 SD1.5 SD1.6	being proc.	COM CRC DFM IAM PRODIAG SSM STMO UCM	SSD01 SSD05 SSD07 SSD22 SSD23 SSD25 SSD26 SSD27 SSD28
6.2	Organizational Embedding	SD1.5	-	-	SD1.6	being proc.	SSM	SSD01
6.3	Utilization	SD1.5	-	-	SD1.6	being proc.	UCM	SSD01
6.4	Criticality of the System	SD1.3	-	-	SD1.4 SD1.5 SD1.6	being proc.	FMEA	SSD01
6.5	External Interfaces	SD1.5	-	-	SD1.6	being proc.		SSD01
6.6	Description of the Functionality	SD1.5	-	-	SD1.6	being proc.	COM CRC DFM ER EXPM FCTD FNET IAM SBM STMO	SSD01 SSD05 SSD06 SSD07 SSD08 SSD09 SSD21 SSD22 SSD23 SSD27 SSD28
6.7	Quality Requirements	SD1.3	-	-	SD1.4 SD1.5 SD1.6	being proc.	RELM	SSD01
7	Marginal Conditions	SD1.4	-	-	SD1.5 SD1.6	being proc.	COM CRC IAM PRODIAG STMO UCM	SSD01 SSD22 SSD25 SSD26 SSD27 SSD28
Existing		SD1.1	SD1.2	being proc.	-	-
Existing		SD1.1 SD1.2	SD1.3	being proc.	-	-
Existing		SD1.1 SD1.2 SD1.3	SD1.4	being proc.	-	-
Existing		SD1.1 SD1.2 SD1.3 SD1.4	SD1.5	being proc.	-	-
Existing		SD1.1 SD1.2 SD1.3 SD1.4 SD1.5	SD1.6	being proc.	-	-
Existing		SD1.6	SD1.7	being proc.	-	-
Existing		SD1.6	SD1.8	being proc.	-	-

Links to the V-Model Mailinglist

Mail 0716 - Abgrenzung zwischen Anwenderforderungen und Technischen Anforderungen (716)
Mail 0595 - Re: Unterst�tzung der Betriebseinf�hrung (595)
Mail 0484 - ISO 9126 = DIN 66272, s. Stahlknecht,P?
Mail 0435 - Abgrenzung zwischen Technischen und Nutzeranforderungen (435)
Mail 0428 - Produktmuster Anwenderforderungen (428)
Mail 0313 - Re: Anwenderforderung zur Datenhaltung (313)
Mail 0175 - Technische Anforderungen (175)
Mail 0141 - Bedrohungs- und Risikoanalyse (141)

This page online • GDPA Online • Last Updated 04.Mar.2004 by C. Freericks