What is SDLC?
Streamlined development relies on two things. One is a reliable methodology; second is a detailed process from getting from point A to point B. Are you getting your feet wet in the extensive world of software development for the first time? Then the first step for you is to understand the Software Development Life Cycle (SDLC).
A systematic approach that generates a structure for the developer to design, create and deliver high-quality software based on customer requirements and needs. The primary goal of the SDLC process is to produce cost-efficient and high-quality products. The process comprises a detailed plan that describes how to develop, maintain, and replace the software.
The 7 Phases Of SDLC (Software Development Life Cycle)
We are looking at how different threats could actualize. Which phase of the Software Development Life Cycle (SDLC) are we in?
System initiation phase
System implementation phase
System operations phase
System development phase(Correct)
Stage 1: Project PlanningThe first stage of SDLC is all about “What do we want?” Project planning is a vital role in the software delivery lifecycle since this is the part where the team estimates the cost and defines the requirements of the new software.
Stage 2: Gathering Requirements & AnalysisThe second step of SDLC is gathering maximum information from the client requirements for the product. Discuss each detail and specification of the product with the customer. The development team will then analyze the requirements keeping the design and code of the software in mind. Further, investigating the validity and possibility of incorporating these requirements into the software system. The main goal of this stage is that everyone understands even the minute detail of the requirement. Hardware, operating systems, programming, and security are to name the few requirements.
Stage 3: Design
In the design phase (3rd step of SDLC), the program developer scrutinizes whether the prepared software suffices all the requirements of the end-user. Additionally, if the project is feasible for the customer technologically, practically, and financially. Once the developer decides on the best design approach, he then selects the program languages like Oracle, Java, etc., that will suit the software.
Once the design specification is prepared, all the stakeholders will review this plan and provide their feedback and suggestions. It is absolutely mandatory to collect and incorporate stakeholder’s input in the document, as a small mistake can lead to cost overrun.
Stage 4: Coding or Implementation
Time to code! It means translating the design to a computer-legible language. In this fourth stage of SDLC, the tasks are divided into modules or units and assigned to various developers. The developers will then start building the entire system by writing code using the programming languages they chose. This stage is considered to be one of the longest in SDLC. The developers need certain predefined coding guidelines, and programming tools like interpreters, compilers, debugger to implement the code.
The developers can show the work done to the business analysts in case if any modifications or enhancements required.
Stage 5: Testing
Once the developers build the software, then it is deployed in the testing environment. Then the testing team tests the functionality of the entire system. In this fifth phase of SDLC, the testing is done to ensure that the entire application works according to the customer requirements.
After testing, the QA and testing team might find some bugs or defects and communicate the same with the developers. The development team then fixes the bugs and send it to QA for a re-test. This process goes on until the software is stable, bug-free and working according to the business requirements of that system.
Stage 6: Deployment
The sixth phase of SDLC: Once the testing is done, and the product is ready for deployment, it is released for customers to use. The size of the project determines the complexity of the deployment. The users are then provided with the training or documentation that will help them to operate the software. Again, a small round of testing is performed on production to ensure environmental issues or any impact of the new release.
Stage 7: Maintenance
The actual problem starts when the customer actually starts using the developed system and those needs to be solved from time to time. Maintenance is the seventh phase of SDLC where the developed product is taken care of. According to the changing user end environment or technology, the software is updated timely.
Predominant Models of SDLC (Software Development Life Cycle)
Waterfall Model: This SDLC model is considered to be the oldest and most forthright. We finish with one phase and then start with the next, with the help of this methodology. Why the name waterfall? Because each of the phases in this model has its own mini-plan and each stage waterfalls into the next. A drawback that holds back this model is that even the small details left incomplete can hold an entire process.
Agile Model: Agile is the new normal; It is one of the most utilized models, as it approaches software development in incremental but rapid cycles, commonly referred to as “sprints”. With new changes in scope and direction being implemented in each sprint, the project can be completed quickly with higher flexibility. Agile means spending less time in the planning phases, and a project can diverge from original specifications.
Iterative Model: This SDLC model stresses on repetition. Developers create a version rapidly for relatively less cost, then test and improve it through successive versions. One big disadvantage of this model is that if left unchecked, it can eat up resources fast.
V-Shaped Model: This model can be considered as an extension of the waterfall model, as it includes tests at each stage of development. Just like the case with waterfall, this process can run into obstructions.
Big Bang Model: This SDLC model is considered best for small projects as it throws most of its resources at development. It lacks the detailed requirements definition stage when compared to the other methods.
Spiral Model: One of the most flexible of the SDLC models is the spiral model. It resembles the iterative model in its emphasis on repetition. Even this model goes through the planning, design, build and test phases again and again, with gradual improvements at each stage.
SDLC can be a great tool that can help us with the highest level of documentation and management control. But failure to consider customer’s requirements, users or stakeholders can lead to project failure.
More CISSP Questions
The System Development Life Cycle (SDLC) is a structure for system development. Its purpose is to manage the development process and implement security at each stage of the development process. The principal elements of the SDLC are listed in “Generally Accepted Principles and Practices for Securing Information Technology Systems” (SP 800-14, National Institute of Standards and Technology, September 1996) and “Security Considerations in the Information System Development Life Cycle” (SP 800-64, National Institute of Standards and Technology, September, October 2003). The five stages of the SDLC are listed in NIST SP 800-14 as follows:
- Initiation – the beginning process that determines the need for the system and documenting its purpose and includes measuring the sensitivity of the system and data to be processed. This is called a sensitivity assessment.
- Development/Acquisition – involves the design, development, programming and acquisition of the system. In this stage programmers develop the application code while concentrating on security measures to make certain that input and output controls, audit mechanisms, and file-protection schemes are used.
- Implementation – this phase runs testing, security testing, accreditation, and installation of the system. This occurs once application coding has been completed. The testing should be handled by auditors or quality assurance engineers, not the programmers. If the code is written and verified by the same individuals, errors can go unnoticed and security functions can be bypassed. Thus assigning specific duties is important.
- Operation/Maintenance – identifying processes the system is designed to inform which include: security operations, modification/addition of hardware and/or software, administration, operational assurance, monitoring, and audits.
- Disposal – this phase overviews the state of the system or system components and products, such as hardware, software, and information; disk sanitization; archiving files; and moving equipment. This stage is usually reached when the system is no longer required.
<p>The post Security & Software Development Life Cycle Demystified – CISSP Questions & 7 Stages Of SDLC www.dotifi.com first appeared on SWP.NG.</p>