The System Life Cycle

1
The System Life Cycle

• Week 14
• LBSC 690
• Information Technology

2
Agenda

• Privacy integrity
• Systems analysis
• Building complex systems
• Managing complex systems
• Final exam review

3
Privacy Concerns

• 74 concerned about divulging personal info
  online
• 77 concerned about being tracked
• 41 left Web sites requiring registration
• 40 entered fake registration information
• 54 avoid shopping online for privacy concerns
• 81 want sites to ask for permission to use
  personal data
• 31 will give out personal data for valuable
  return

A. Kobsa Tailoring Privacy to Users Needs
4
Privacy Protection

• Privacy Act of 1974
• Applies only to government records
• TrustE certification guidelines
• Site-specific privacy policies
• Federal Trade Commission enforcement
• Organizational monitoring

5
Integrity

• Information accuracy
• How do you know whats there is correct?
• Attribution is invalid if the contents can change
• Access control would be one solution
• No system with people has perfect access control
• Risks digest provides plenty of examples!
• Encryption offers an alternative

6
Encryption

• Secret-key systems (e.g., DES)
• Use the same key to encrypt and decrypt
• Public-key systems (e.g., PGP)
• Public key open, for encryption
• Private key secret, for decryption
• Digital signatures
• Encrypt with private key, decrypt with public key

7
Mailing List Nettiquite

• Send private replies unless a public one is
  needed
• Dont send unsubscribe requests to the list
• Read the FAQ before asking one
• Avoid things that start flames, unless you intend
  to

8
The System Life Cycle

• Systems analysis
• How do we know what kind of system to build?
• User-centered design
• How do we discern and satisfy user needs?
• Implementation
• How do we build it?
• Management
• How do we use it?

9
Systems Analysis

• First steps
• Understand the task
• Limitations of existing approaches
• Understand the environment
• Structure of the industry, feasibility study
• Then identify the information flows
• e.g., Serials use impacts cancellation policy
• Only then can you design a solution

10
Analyze the Information Flows

• Where does information originate?
• Might come from multiple sources
• Feedback loops may have no identifiable source
• Which parts should be automated?
• Some things are easier to do without computers
• Which automated parts should be integrated?
• What other systems are involved?
• And what information do they contain?

11
Analyzing Information Flows

• Process Modeling
• Structured analysis and design
• Entity-relationship diagrams
• Data-flow diagrams
• Object Modeling
• Object-oriented analysis and design
• Unified Modeling Language (UML)

12
Some Library Activities

• Acquisition
• Cataloging
• Reference
• Online Public Access Catalog (OPAC)
• Circulation
• Weeding
• Reserve, recall, fines, interlibrary loan,
• Budget, facilities schedules, payroll, ...

13
Discussion PointIntegrated Library System

• What functions should be integrated?
• What are the key data flows?
• Which of those should be automated?

14
User-Centered Design

• Start with user needs
• Who are the present and future users?
• How can you understand their needs?
• Evaluate available technology
• Off-the-shelf solutions
• Custom-developed applications
• Implement something
• Evaluate it with real users

15
The Waterfall Model

• Key insight invest in the design stage
• An hour of design can save a week of debugging!
• The motivation behind DoD Standard 2167
• Requirements
• Specifies what the software is supposed to do
• Specification
• Specifies the design of the software
• Test plan
• Specifies how you will know that it did it

16
The Waterfall Model
Requirements
Specification
Software
Test Plan
17
The Spiral Model

• Build what you think you need
• Perhaps using the waterfall model
• Get a few users to help you debug it
• First an alpha release, then a beta release
• Release it as a product (version 1.0)
• Make small changes as needed (1.1, 1.2, .)
• Save big changes for a major new release
• Often based on a total redesign (2.0, 3.0, )

18
The Spiral Model
2.3
1.2
0.5
1.1
2.2
1.0
2.1
2.0
3.0
19
Some Unpleasant Realities

• The waterfall model doesnt work well
• Requirements usually incomplete or incorrect
• The spiral model is expensive
• Redesign leads to recoding and retesting

20
The Rapid Prototyping Model

• Goal explore requirements
• Without building the complete product
• Start with part of the functionality
• That will (hopefully) yield significant insight
• Build a prototype
• Focus on core functionality, not in efficiency
• Use the prototype to refine the requirements
• Repeat the process, expanding functionality

21
Rapid Prototyping Waterfall
Update Requirements
Write Specification
Choose Functionality
Initial Requirements
Create Software
Build Prototype
Write Test Plan
22
Implementation Requirements

• Availability
• Mean Time Between Failures (MTBF)
• Mean Time To Repair (MTTR)
• Capacity
• Number of users for each application
• Response time
• Flexibility
• Upgrade path

23
Alternative Architectures

• Batch processing (e.g., recall notices)
• Save it up and do it all at once
• Timesharing (e.g., OPAC)
• Everyone uses the same machine
• Client-Server (e.g., Web)
• Some functions done centrally, others locally
• Peer-to-Peer (e.g., Kazaa)
• All data and computation is distributed

24
Management Issues

• Retrospective conversion
• Even converting electronic information is
  expensive
• Management information
• Peak capacity evaluation, audit trails, etc.
• Sometimes costs more to collect than it is worth!
• Training
• Staff, end-users
• Privacy

25
Discussion PointsManaging Complex Systems

• Critical system availability
• Why cant we live without these systems?
• Understandability
• Why cant we predict what systems will do?
• Nature of bugs
• Why cant we get rid of them?
• Auditability
• How can we learn to do better in the future?

26
Critical Infrastructure Protection

• Telecommunications
• Banking and finance
• Energy
• Transportation
• Emergency services

• Food and agriculture
• Water
• Public health
• Postal and shipping
• Defense industrial base
• Chemical industry and hazardous materials

SCADA Supervisory Control and Data Acquisition
27
National Cyberspace Strategy

• Response system
• Analysis, warning, response, recovery
• Threat and vulnerability reduction
• Awareness and training program
• Return on investment, best practices
• Securing government systems
• International cooperation

28
Summary

• Systems analysis
• Required for complex multi-person tasks
• User-centered design
• Multiple stakeholders complicate the process
• Implementation
• Architecture, open standards,
• Management
• Typically the biggest cost driver

29
Team Project

• Report
• Convey information (beyond presentation)
• No style guideline (5 single-spaced pages)
• Content (see project page)
• Presentation
• 20 minutes per team
• Presentation demo?
• Grading
• One project grade
• Slight plus/minus for individuals

30
Final Exam

• About 45 questions
• Same question styles as the midterm
• Some may require use of the computer
• Comprehensive - covers the entire course
• Emphasis and structure from the second half
• Two hours

31
The Grand Plan
Quiz
Midterm
32
Computer Systems

• Hardware
• Types of hardware
• Storage hierarchy
• Software
• Types of software
• Types of interfaces

33
Networks

• Types of Networks
• LAN, WAN, Internet, Wireless
• Packet Switching
• Routers and routing
• Layered Architecture and protocols
• TCP, FTP, and Telnet
• IP address/domain name
• Encryption
• DES and PGP

34
Structured Documents

• The Web
• HTTP, HTML, URL
• XML

My Browser
35
Multimedia

• Compression, compression, compression
• Image lossy vs loseless
• Video frames are alike
• Speech voice predictable
• Music masking
• Streaming

Media Sever
Buffer
Internet
36
Programming

• Programming languages
• Machines require low-level specific instructions
• Humans require high-level abstraction
• Can create any behavior from 3 control structures
• Sequential execution
• Conditional
• Iteration
• Javascript interpreters are in Web browsers

37
Databases

• Structured information
• Field-gtrecord-gttable-gtdatabase
• Primary key
• Normalized tables (relations)
• Remove redundancy, inconsistency, error
• Easy update, search
• Join links tables together
• Through foreign key
• Access provides visual operations

38
Web-Database Integration

• Web pages from databases
• SQL
• PHP

39
The Web

• Huge, dynamic, redundant, and diverse
• Multimedia, multilingual, multicultural
• Deep Web
• Internet Archive

40
Human-Computer Interaction

• Human-machine synergy
• Mental models
• Input and output devices
• Interaction styles
• Direct manipulation, menu, language based

41
Computer-Mediated Communication

• Synchronous / Asynchronous
• Remote / local
• One-to-one / many-to-many
• Computer-Supported Cooperative Work

42
Search

• Exact match
• Term-based ranked retrieval
• Web search
• Links and anchor text
• Evaluation

43
Social Policy

• Ownership
• Equitable access
• Controlled access
• Identity
• Choosing good passwords
• Privacy
• Government / commercial
• Integrity

44
Life Cycle

• Systems analysis
• Software development models
• Managing complex systems