Analyzing Requirements

Analyzing Requirements

In this article, I have attempted to bring together ideas on inspecting and analyzing requirements based on reading techniques as procedural approaches encompassing common checklist methods to achieve better defect detection rates as early as possible in the development lifecycle.

Introduction

Every software project arises out of a business problem. Requirements-gathering and analysis try to identify the business problem to be solved and probable characteristic a software product needs to have as a solution to the business problem. Requirements are the foundation on which software is built. Gathering and managing requirements is one of the biggest challenges faced in a project, and a robust requirement management process is one of the stepping-stones to a successful project.

From the perspective of a tester, requirements are used to determine whether the system exhibits proper behavior for each test case. Thus the quality of a requirements specification has a great impact on the quality of the finished software. Because of this, a requirements specification should be complete, correct, consistent, and unambiguous. Otherwise, defects may remain undetected, resulting in the delivery of a faulty software product to the users.

In this article, I have attempted to bring together ideas on inspecting and analyzing requirements based on reading techniques as procedural approaches encompassing common checklist methods to achieve better defect detection rates as early as possible in the development lifecycle.

Reading Techniques

A reading technique is a sequence of steps guiding the individual analysis of a text in order to achieve the goals of a particular inspection task (e.g., to identify defects in a requirements document).

Reading technique approaches can be identified under:

Checklist-Based Reading

  • Checklist-Based Reading

    A very common method is the checklist-based reading technique (CBR). The inspector is given a checklist consisting of several questions. These questions should be answered during the inspection. The checklist serves as a tracker of which parts are to be checked and what aspects the reader should think of. CBR provides more aid and advice to the inspectors than ad-hoc reading and is therefore a very common technique.

    Scenario-Based (Defect-Based and Perspective-Based) Reading

    The scenario-based reading technique provides guidance to the inspector by presenting him a scenario which he sticks to. Usually scenarios focus on certain details or parts and not the whole document. Therefore, to cover the whole document, different scenarios are provided to each inspector. The underlying theory is that a focused inspector finds more defects than one who inspects the whole document – thus the teams’ effectiveness should be increased. Scenario-based reading is rather a family of inspection techniques than a concrete one. Defect-based and perspective-based reading techniques are the most popular members of the scenario-based family.

    Through their work in the SEL, Victor R. Basili and Forrest Shull have evolved their understanding of reading technologies via experimentation. Their research efforts focus on the development of families of reading techniques, based on empirical evaluation.

    Reading for Analysis

    Reading for analysis is aimed at answering the following question: Given a document, how do I assess various qualities and characteristics? To emphasize defect detection, the researchers referenced above have focused on the requirements phase for this purpose. They have generated two families of reading techniques, by creating operational scenarios which require the reader to first create an abstraction of the product, and then answer questions based on analyzing the abstraction with a particular emphasis or role that the reader assumes. Each reading technique in a family can be based upon a different abstraction and question set. The choice of abstraction and the types of questions may depend on the document being read, the problem history of the organization, or the goals of the organization.

    Reading for Analysis: Defect-Based Reading (DBR)

    The goal of DBR is to detect defects in a requirements document with focus on defect classes: data type inconsistency, incorrect functions, and ambiguity or missing information.

    Reading for Analysis: Perspective-Based Reading (PBR)

    The goal of PBR is to detect defects in a requirements document with focus on product consumers or perspectives, e.g., reading from the perspective of the software designer, the tester, the end-user, the maintainer, the hardware engineer. The analysis questions are generated by focusing predominantly on various types of requirements errors (e.g., incorrect fact, omission, ambiguity, and inconsistency) by developing questions that can be used to discover those errors from the one perspective assumed by the reader of the document (e.g., the questions for the tester perspective lead the reader to discover those requirement errors that could be found by testing the final product).

    Perspective-based Scenarios

    The efficiency of PBR reading technique in detecting defects is determined by the scenarios. It could be argued that scenarios are another kind of checklist. A checklist is a set of questions or statements without any hint or procedural description of how to read a document.

    For a given perspective (designer, tester, or customer), an operational procedure is created by first identifying an abstraction of the document (Abstraction Procedure: answering the question of what information should be important to the inspector). This is followed by a model of how the information can be used to detect defects (Use Procedure: deciding which quality aspects are of interest in the document and understanding how the abstraction addresses those aspects). The abstraction procedure gives the user the right information; the use procedure should provide a step-by-step way to check that information for defects.

    Tailoring Abstraction Models/Generating good Scenarios

    There are several reasons why it is difficult to generate scenarios. There are several levels of abstraction in a requirement document (e.g. you can look at the whole system which is described by the requirement-document or you can only look at a function)

    There exists no standard for documenting requirements. A requirement document can contain:

    • Brief outline
    • Definitions (I/O)
    • Functional Requirements, Functions, Algorithms
    • Other aspects that are important for the system (Performance, Security, Technical Requirements)

    Within each role, several different methods or techniques for testing can be used.

    We have to find, on the one hand, a set of questions and activities that can be used for a broad range of requirements documents and that has, on the other hand, enough detail that the reader knows what to do.

    Tailoring the Defect Taxonomy

    The questions that the inspector is asked about the abstraction correspond directly to the types of defects being sought. This requires an analysis of what types of issues are of most concern to the project and organization. For a requirements inspection, defects can fit into one or more category or class:

    1. Omitted information: significant requirements relating to functionality, performance, design constraints or external interfaces are not included, or the response of the software to all realizable classes of input data in all realizable classes is not defined
    2. Incorrect Fact: requirement asserts a fact that cannot be true under the conditions specified for the system
    3. Extraneous Information: Information is provided that is not useful
    4. Inconsistent Information: A requirement has multiple interpretations due to multiple terms for the same characteristic or multiple meanings of a term.

    Conclusion

    The effectiveness of PBR & DBR in comparison to less procedural review techniques have been assessed in a number of studies conducted by researchers in the U.S. The results found improved rates of defect detection for both individual reviewers and review teams for unfamiliar application domains. Two experiments conducted at the University of Maryland compared defect-based reading to ad hoc reading and checklist-oriented reading. The conclusions were:

    1. The defect detection rate of individuals and teams using Defect-Based Reading is superior to that obtained with ad-hoc or checklist methods
    2. Scenarios really support reviewers’ focus on specific defect classes
    3. The checklist method (the current best practice in industry) was no more effective than the ad hoc detection method
    4. On the average, collection meetings contributed nothing to defect detection effectiveness.

    The results of the experiments carried out by Basili & Shull on Perspective Based Reading encouraged the hypothesis:

    1. Individual defect detection can be performed with a good level of effectiveness using this method
    2. Using Perspective-Based Reading makes defect detection independent of a number of factors such as experience. As the understanding of software reading as a technique evolves, other families of reading techniques parameterized for use in different contexts can be developed and tested for those contexts. The focus of research in future would continue to concentrate on answering two important questions:
      1. What perspectives are necessary to get complete coverage of a given document?
      2. How to tailor, from the perspective level, the technique to a given environment so that it is most effective?