vault backup: 2022-10-10 10:57:45

content/notes/20-SE-in-IA.md

@@ -4,6 +4,9 @@ aliases:
 tags: 
 - comp210
 - lecture
+sr-due: 2022-10-13
+sr-interval: 3
+sr-ease: 250
 ---
 
 # why
@@ -42,30 +45,64 @@ timeline
 - agile
 
 # stages
-- design
+## design
-	- feasability
+- feasability
-		- ![slide](https://i.imgur.com/KD8J4Dr.png)
+	- ![slide](https://i.imgur.com/KD8J4Dr.png)
-		- financial, legal, time, etc
+	- financial, legal, time, etc
-	- requirements specification
+- requirements specification
-		- stakeholders
+	- stakeholders
-			- anyone affected by the system
+		- anyone affected by the system
-			- ![slide](https://i.imgur.com/NkMt4q7.png)
+		- ![slide](https://i.imgur.com/NkMt4q7.png)
-		- features, requirements
+	- features, requirements
-			- ![slide](https://i.imgur.com/ghNmRhj.png)
+		- ![slide](https://i.imgur.com/ghNmRhj.png)
-			- ![use vs system reqs](https://i.imgur.com/DWSNrSu.png)
+		- ![use vs system reqs](https://i.imgur.com/DWSNrSu.png)
-			- ![functional vs non functional](https://i.imgur.com/gWwAWBV.png)
+		- ![functional vs non functional](https://i.imgur.com/gWwAWBV.png)
-	- system design
+- system design
-		- ![slide](https://i.imgur.com/mMBkSp1.png)
+	- ![slide](https://i.imgur.com/mMBkSp1.png)
-		- databse design
+	- databse design
-			- er model etc
+		- er model etc
-		- architectural design
+	- architectural design
-			- structure of application
+		- structure of application
-			- 
+		- ![mvc](https://i.imgur.com/V3FvokX.png)
-- develop
+			- view model controller
-- validaion
+	- security
-- evolution
+		- during development not after
 		
-may go by different names
+## develop
+- ![slide](https://i.imgur.com/P852JEc.png)
+- version control
+	- ![version control](https://i.imgur.com/G6iExvO.png)
+	- ![centralised](https://i.imgur.com/gExIZRq.png)
+- issue tracking
+	- keep track of tasks, bugs, feature requests etc
+- unit testing
+- code reviewing
 
+## validation
+- checking if system conforms to specs
+	- unit testing
+	- component testing
+	- system testing
+	- user acceptance testing (UAT)
+		- ![UAT](https://i.imgur.com/ksLDRP0.png)
+		- finds issues that devs dont see
+- ![hehaviour driven development](https://i.imgur.com/M8pxgcO.png)
+- code reviews
+	- better than one single person
+	- different perspectives
+	
+## evolution
+- new requirements derived through software use
+- change in business processes occur as a result of new business opportunities
+- errors in software surface later
+- upgrade to new hardware, 
+- need for improved system performance
 
 # for Information assurance
+- security should be central
+- think of security every step of the way
+- code resure and (SDKs) should be critically evaluated
+	- often flaws are inherited from reused llibraries or copied online code
+- where are the security knowledge gaps
+	- use tools to detect vulnerabilities
+	- 

content/notes/21-SE-in-IA-2.md

@@ -0,0 +1,14 @@
+---
+title: "21-SE-in-IA-2"
+aliases: 
+tags: 
+- comp210
+- lecture
+---
+
+# need in all phases
+- often overlooked in feasability stages
+- security requirements not defined
+- built without thinking about security
+- tests do not take security into account
+- without security evolution can become cumbersome

content/notes/comp-210.md

@@ -40,3 +40,5 @@ No final exam
 - [17-ML-in-IA-1](notes/17-ML-in-IA-1.md)
 - [18-ML-in-IA-2](notes/18-ML-in-IA-2.md)
 - [19-deepfakes](notes/19-deepfakes.md)
+- [20-SE-in-IA](notes/20-SE-in-IA.md)
+-