Mastering Non-Functional Requirements E-Book

Title Page

       BIRMINGHAM - MUMBAI

Copyright

Mastering Non-Functional Requirements

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: May 2017

Production reference: 1150517

ISBN 978-1-78829-923-7

www.packtpub.com

Credits

Author 

Sameer Paradkar

Copy Editor  

Safis Editing

Reviewer

James D. Miller

Project Coordinator  

Shweta H Birwatkar 

Commissioning Editor

Merint Mathew

Proofreader  

Safis Editing

Acquisition Editor

Karan Sadawana

Indexer   

Tejal Daruwale Soni

Content Development Editor

 Amrita Noronha

Graphics  

Tania Dutta

Technical Editor  

Deepti Tuscano

Production Coordinator  

Deepika Naik

About the Author

Sameer Paradkar is an enterprise architect with 15+ years of solid experience in the ICT industry which spans across consulting, systems integration, and product development. He is an Open Group TOGAF, Oracle Master Java EA, TMForum NGOSS, IBM SOA Solutions, IBM Cloud Solutions, IBM MobileFirst, ITIL Foundation V3 and COBIT 5 certified enterprise architect. He serves as an advisory architect on enterprise architecture programs and continues to work as a subject matter expert. He has worked on multiple architecture transformations and modernization engagements in the USA, UK, Europe, Asia Pacific and the Middle East Regions that presented a phased roadmap to the transformation that maximized the business value while minimizing risks and costs.

Sameer is part of IT Strategy and Transformation Practice in AtoS. Prior to AtoS, he has worked in organizations such as EY - IT Advisory, IBM GBS, Wipro Consulting Services,  Tech Mahindra, and Infosys Technologies and specializes in IT strategies and enterprise transformation engagements.

I would like to dedicate this book to my wife, family members and friends for their encouragement, support and love.

Many people throughout my career have directly and indirectly contributed to this book. I would like to take this opportunity to acknowledge their contribution, influence, and inspiration. I believe I am lucky to have found opportunities to work with extremely talented and exceptions individuals who extended their wholehearted support throughout my career. My eternal thanks to them for believing in me and providing exciting opportunities. I would like to thank my team members, chief and lead architects, mentors, discussion partners, reviewers, and supporters, whose valuable comments and feedback have significantly contributed to this book. I look forward to your comments and valuable inputs on an on-going basis. I would like to recognize and thank my current and former colleagues who made my corporate journey exciting, enriching and fulfilling.

About the Reviewer

James D. Miller is an IBM certified expert, creative innovator and accomplished Director, Sr. Project Leader and Application/System Architect with +35 years of extensive applications and system design and development experience across multiple platforms and technologies. Experiences include introducing customers to new and sometimes disruptive technologies and platforms, integrating with IBM Watson Analytics, Cognos BI, TM1 and Web architecture design, systems analysis, GUI design and testing, Database modelling and systems analysis, design, and development of OLAP, client/server, web and mainframe applications and systems utilizing; IBM Watson Analytics, IBM Cognos BI and TM1 (TM1 rules, TI, TM1Web and Planning Manager), Cognos Framework Manager, dynaSight--ArcPlan, ASP, DHTML, XML, IIS, MS Visual Basic and VBA, Visual Studio, PERL, SPLUNK, WebSuite, MS SQL Server, ORACLE, SYBASE Server, and so on.

Responsibilities have also included all aspects of Windows and SQL solution development and design including: analysis; GUI (and Web site) design; data modelling; table, screen/form and script development; SQL (and remote stored procedures and triggers) development/testing; test preparation and management and training of programming staff. Other experience includes development of ETL infrastructure such as data transfer automation between mainframe (DB2, Lawson, Great Plains, and so on) systems and client/server SQL server and Web based applications and integration of enterprise applications and data sources.

Mr. Miller has acted as Internet Applications Development manager responsible for the design, development, QA and delivery of multiple Web Sites including online trading applications, warehouse process control and scheduling systems, administrative and control applications. Mr. Miller also was responsible for the design, development and administration of a Web based financial reporting system for a 450 million dollar organization, reporting directly to the CFO and his executive team.

Mr. Miller has also been responsible for managing and directing multiple resources in various management roles including project and team leader, lead developer and applications development director.

Jim has authored Cognos TM1 Developers Certification Guide, Mastering Splunk, Learning IBM Watson Analytics and a number of whitepapers on best practices such as Establishing a Center of Excellence and continues to post blogs on a number of relevant topics based upon personal experiences and industry best practices. 

Jim is a perpetual learner continuing to pursue experiences and certifications, currently holding the following current technical certifications:

IBM Certified Business Analyst - Cognos TM1

IBM Cognos TM1 Master 385 Certification (perfect score 100% on exam)

IBM Certified Advanced Solution Expert - Cognos TM1

IBM Cognos TM1 10.1 Administrator Certification C2020-703 (perfect score 100% on exam)

IBM OpenPages Developer Fundamentals C2020-001-ENU (98% on exam)

IBM Cognos 10 BI Administrator C2020-622 (98% on exam)

IBM Cognos 10 BI Professional C2020-180

Specialties: The evaluation and introduction of innovative and disruptive technologies, Cloud migration, IBM Watson Analytics, Big Data, Data Visualizations, Cognos BI and TM1 application Design and Development, OLAP, Visual Basic, SQL Server, Forecasting and Planning; International Application Development, Business Intelligence, Project Development and Delivery and process improvement.

I would like to thank Nanette L. Miller who is always on my mind and always in my heart…

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www.packtpub.com/mapt

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at https://www.amazon.com/dp/178829923X.

If you'd like to join our team of regular reviewers, you can e-mail us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!

Table of Contents

About the Reviewer

Preface

What this book covers

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

Understanding NFRs

Introducing NFRs

Performance

Scalability

Availability

Capacity

Security

Maintainability

Manageability

Reliability

Extensibility

Recovery

Interoperability

Usability

Summary

Taxonomy and Framework for NFRs

Taxonomy of non-functional requirements

Non-functional requirements framework

NFR life cycle

Analysis and planning for NFRs

Architecture for NFR

Engineering for NFRs

Monitoring and improvements - NFRs

NFRs KPI and KRA examples

Performance

Scalability

Availability

Capacity

Security

Maintainability

Manageability

Reliability

Extensibility

Recovery

Interoperability

Usability

Summary

Methodology Eliciting - Non Functional Requirements

Methodology discovering non-functional requirements

Stakeholder goals

Legacy system restraints

Market scan of software qualities

Domain trends

Requirements templates and catalogues

Summary

Solutions Addressing NFRs

NFR modeling methodology

Performance

Key drivers

Methodology

Solution options

Checklist

KPIs

Scalability

Key drivers

Methodology

Solution options

Checklist

KPIs

Availability

Key drivers

Methodology

Solution options

Checklist

KPIs

Capacity

Key drivers

Methodology

Solution options

Checklist

KPIs

Security

Key drivers

Methodology

Solution options

Checklist

KPIs

Maintainability

Key drivers

Methodology

Solution options

Checklist

KPIs

Manageability

Key drivers

Methodology

Solution options

Checklist

KPIs

Reliability

Key drivers

Methodology

Solution options

Checklist

KPIs

Extensibility

Key drivers

Methodology

Solution options

Checklist

KPIs

Recovery

Key drivers

Methodology

Solution options

Checklist

KPIs

Interoperability

Key drivers

Methodology

Solution options

Checklist

KPIs

Usability

Key drivers

Methodology

Solution options

Checklist

KPIs

Summary

Architectural Patterns and its Impact on NFRs

Core architecture patterns

Component-based architecture

Context

Drivers

Solution

Impact on NFR's

N-tier architecture

Context

Drivers

Solution

Impact on NFRs

Message Bus

Context

Drivers

Solution

Impact on NFRs

Service-oriented architecture

Context

Drivers

Solution

Impact on NFRs

Business tier patterns

Active/Passive clustering

Context

Drivers

Solution

Impact on NFRs

Load-balancing architecture

Context

Drivers

Solution

Impact on NFRs

Session failover

Context

Drivers

Solution

Impact on NFRs

Resource pooling

Context

Drivers

Solution

Impact on NFRs

Caching

Context

Drivers

Solution

Impact on NFRs

Database tier patterns

Data replication

Context

Drivers

Solution

Impact on NFRs

Connection pooling

Context

Drivers

Solution

Impact on NFRs

Reporting

Context

Drivers

Solution

Impact on NFRs

Information security

Context

Drivers

Solution

Impact on NFRs

Integration tier patterns

Logging and exception management

Context

Drivers

Solution

Impact on NFRs

Enterprise Monitoring and Management

Context

Drivers

Solution

Impact on NFRs

Demilitarized zone

Context

Drivers

Solution

Impact on NFRs

Summary

Sizing, Measurement and Monitoring

NFR - Sizing

NFR - Analytical modeling

NFR - Simulation

Enterprise Monitoring and Management - EMM

Challenges faced by the ASM teams:

Monitoring landscape

Functionality - dimensions

End-user experience monitoring

Real user monitoring:

Synthetic

Discovery, modeling, and display

User defined transactions

Component deep dive monitoring

Application performance analytics

Monitoring tools - managing the problem

APM dashboard

APM future roadmap

Summary

Understanding Pivotal NFRs and Closing Thoughts

Pivotal NFRs

Pivotal NFRs KPI and framework

Pivotal NFR classification

Integrity

Infrastructure domain

Business domain

Application domain

Data domain

Infrastructure domain

Business continuity

Business domain

Application domain

Data domain

Infrastructure domain

Resilience

Business domain

Application domain

Data domain

Infrastructure domain

Confidentiality

Business domain

Application domain

Data domain

Integratability

Business domain

Application domain

Data domain

Infrastructure domain

Robustness

Business domain

Application domain

Data domain

Infrastructure domain

Auditability

Business domain

Application domain

Data domain

Flexibility

Business domain

Application domain

Data domain

Infrastructure domain

Portability

Application domain

Data domain

Infrastructure domain

Reusability

Business domain

Application domain

Data domain

Infrastructure domain

Testability

Business domain

Application domain

Data domain

Infrastructure domain

Accessibility

Business domain

Application domain

Closing thoughts

Audit and accountability

Architecture reviews and risks

Audit and business objectives

Summary

Preface

Maintaining software is hard and therefore expensive and IT departments are often under funded. However, if they are in a just do it mode then non-functional requirements are easy to be forgotten. The consequences of leaving these NFRs lead directly to the aforementioned maintenance problems and increased technical debt.

NFRs are necessary to completing the story of the IT application. While you might consider two or three important NFRs (like performance and security), you’ll probably not cover the others extensively enough, or you might miss out on them all together. And if you do allocate time to deal with them, when the project schedule slips, the NFRs may be the first thing to get drop. So, whether you plan for NFRs or not, chances are high you won’t cover them 100% of the time. You should try to avoid adding technical debt and maintenance nightmares to your future portfolio.

NFRs are key to any software/IT program. They cannot be overlooked or ignored. The book provides a comprehensive approach from analysis, architecture and measurement of non-functional requirements. The book outlines the methodology for capturing the NFRs and also describes a taxonomy framework that can leveraged by analyst and architects for tackling NFRs on engagements.

To summarize, the key differentiators for the book are:

Covers all the three stages of non-functional requirements that is, analysis, architecture and measurement.

NFR framework and taxonomy provides guidance around the modelling phase for the NFRs

Describes the process for capturing and analyzing the KPI and KRAs. These are the key metrics that are required by different stakeholders.

Trade-offs between various NFRs are covered as part of the title

Describes the application performance management domain which is a key practice for managing and monitoring of enterprise applications that helps monitor and analyze NFR KPIs and KRAs as part of the ongoing process.

Coverage of the book:

This book covers areas pertaining to analysis, architecture and measurement of non-functional requirements. A topic with-out which software systems cannot be build or deployed. NFRs are a life-line of any software application and capturing and addressing them is a critical activity in any IT project. The topic in itself is very critical and applicable for IT systems/applications for various industry verticals. The book provides a comprehensive approach from analysis, architecture and measurement of non-functional requirements.

Part I - Analysis:

The books provides and introduction of NFRs and why NFRs are a critical for building software systems. The next section describes the taxonomy of NFRs that is, scalability, availability, reliability and so on. The books outlines various methodology for capturing the NFRs, The books also outlines and describes a framework that can leveraged by analyst and architects for tackling NFRs for various engagements. The framework will focus on the KPIs and KRA for each of the NFRs which will be the key input for solution design phase. The NRF framework will focus on the most critical NFRs applicable for any given situation and any industry.

 Part II - Architecture:

This section focus on the solution part of the NFRs providing insights into how they will be addressed in the solution design phase. The book covers key NFRs that are most critical for any project and for each NFR provides the various alternatives pertaining to the solution, the design principle that needs to be applied to achieve the desired outcome for example, high availability or scalability or reliability as covered. The book includes considerations for bespoke (Java, .NET) and COTS applications and are applicable to any IT applications/systems in different domains.

 Part III - Assessment:

This part deals with the measurement of NFRs. This outlines the methodology for NFRs measurement. This sections also describes the trade-offs between various NFRs and the best practices to be applied on engagements.

What this book covers

Chapter 1, Understanding NFRs, the chapter provides and introduction of NFRs and why NFRs are a critical for building software systems. The chapter also explains the various KPI for each of the key of NFRs that is, scalability, availability, reliability and so on. The book covers the most critical 24 NFRs that are applicable for IT applications and systems.

Chapter 2, Taxonomy and Framework for NFRs, this chapter describes the taxonomy of NFRs that is, scalability, availability, reliability and so on. The chapter outlines entire life cycle of NFRs, The chapter describes a framework that can leveraged by business analyst and architects for discovering NFRs on various engagements. The framework will focus on the KPIs and KRA for each of the NFRs which will be the critical input for the solution design phase.

Chapter 3, Methodology Eliciting - Non Functional Requirements, this chapter outlines methodology for discovering (elicitations) NFRs. The chapter describes a framework that can be leveraged by business analyst for elicitations of NFRs. The chapter also outlines a framework for prioritization of NFRs. The output of this stage will be the critical input for the solution architecture phase.

 Chapter 4, Solutions Addressing NFRs, this chapter outlines the solutioning part of the NFRs providing insights, guidance and principles for architecting NFRs. The book covers all the key NFRs that are critical for any project and for each NFR provides the various alternatives pertaining to the solutioning and the design principles that need to be applied to achieve the desired outcome for example, high availability or scalability or reliability and so on. The book includes considerations for bespoke (Java, .Net) and COTS applications and are applicable to any IT applications/systems in different domains.

Chapter 5, Architectural Patterns and its Impact on NFRs, this chapter outlines the patterns for NFRs providing insights into architecting NFRs. The chapter covers all the key tiers / layers that are critical for any project and describes various patterns pertaining to the business, database and integration tiers. This also covers impact on various NFRs. This chapter describes the trade-offs between various NFRs and the best practices to be applied on engagements.

Chapter 6, Sizing, Measurement and Monitoring, this chapter deals with the measurement of NFRs. This outlines four methodologies for NFRs monitoring and measurement. These include sizing, analytical modelling, quality assurance and monitoring and management. This chapter also describes the approach in depth for monitoring and measuring NFRs.

Chapter 7, Understanding Pivotal NFRs and Closing Thoughts, this chapter provides an introduction to the pivotal NFRs. The chapter explains the various KPI for each of the pivotal NFRs. This is the final chapter of the book and provides summary and trends for the NFR domain. This also outlines architecture assessment and NFR measurement methodology.

Who this book is for

The primary audiences for this title are the gamut of roles starting from IT consultant to Chief Architect who are responsible to deliver strategic, tactical and operational engagements for fortune 100 customers worldwide. Non-functional requirements are the key to any software/IT program. They cannot be overlooked or ignored. The book provides a comprehensive approach from analysis, architecture and measurement of non-functional requirements. The book includes considerations for bespoke (Java, .Net and COTS applications). These are applicable to IT applications from various domains. The book outlines the methodology for capturing the NFRs and also describes a framework that can leveraged by analyst and architects for tackling NFRs for various engagements. The audiences for this book include:

Business Analyst

Enterprise Architects

Business Architects

Solution Architects

Technical Architects/Designers

Domain/Security/Integration Architects

Software Developers, Support Engineers & Test Engineers

Technical Project Managers

Project Leads/Technical Leads/Technical Project Managers

Students - Computer Science/IT Stream

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

New terms and important words are shown in bold. 

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.

To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.

If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

Understanding NFRs

The non-functional requirements are those aspects of the IT system that, while not directly affecting the business functionality of the application but have a profound impact on the efficiency and effectiveness of business systems for end users, as well as the people responsible for supporting the program.

The definition of these requirements is an essential factor in developing a total customer solution that delivers business goals. The non-functional requirements (NFRs) are used primarily to drive the operational aspects of the architecture; in other words, to address major operational and technical areas of the system to ensure the robustness and ruggedness of the application.

Benchmark or proof of concept (POC) can be used to verify if the implementation meets these requirements or to indicate if a corrective action is necessary. Ideally, a series of tests should be planned that maps to the development schedule and grows in complexity.

The topics that are covered in this chapter are as follows:

Definition of NFRs

NFR KPI and metrics

Introducing NFRs

The following pointers state the definition of NFRs:

To define requirements and constraints on the IT system

As a basis for cost estimates and early system sizing

To assess the viability of the proposed IT system

As an important determining factor of the architecture and design of the operational models

As a guideline to design phase to meet NFRs such as performance, scalability, and availability

The NFRs for each of the domains, for example, scalability, availability, and so on, must be understood to facilitate the design and development of the target operating model. These include the servers, networks, and platforms including the application runtime environments. These are critical for the execution of benchmark tests. They also affect the design of technical and application components.

End users have expectations about the effectiveness of the application. These characteristics include ease of software use, speed, reliability, and recoverability when unexpected conditions arise. The NFRs define these aspects of the IT system.

The NFRs should be defined precisely and this involves quantifying them. NFRs should provide measurements which the application must meet. For example, the maximum number of time allowed to execute a process, the number of hours in a day an application must be available, the maximum size of a database on disk, and the number of concurrent users supported are typical NFRs the software must implement.

There are many kinds of non-functional requirements.

Performance

Performance is the responsiveness of the application to perform specific actions in a given time span. Performance is scored in terms of throughput or latency. Latency is the time taken by the application to respond to an event. Throughput is the number of events scored in a given time interval. An application's performance can directly impact its scalability. Enhancing an application's performance often enhances scalability by reducing contention for shared resources.

Performance attributes specify the timing characteristics of the application. Certain features are more time-sensitive than others; the NFRs should identify such software tasks that have constraints on their performance. Response time relates to the time needed to complete specific business processes, batch or interactive, within the target business system.

The system must be designed to fulfill the agreed upon response time requirements, while supporting the defined workload mapped against the given static baseline, on a system platform that does not exceed the stated utilization.

The following attributes are:

Throughput

: The ability of the system to execute a given number of transactions within a given unit of time

Response times

: The distribution of time which the system takes to respond to the request

Scalability

Scalability is the ability to handle an increase in the workload without impacting the performance, or the ability to quickly expand the architecture.

It is the ability to expand the architecture to accommodate more users, more processes, more transactions, and additional systems and services as the business requirements change and the systems evolve to meet the future business demands. This permits existing systems to be extended without replacing them. This directly affects the architecture and the selection of software components and hardware.

The solution must allow the hardware and the deployed software services and components to be scaled horizontally as well as vertically. Horizontal scaling involves replicating the same functionality across additional nodes; vertical scaling involves the same functionality across bigger and more powerful nodes. Scalability definitions measure volumes of users and data which the system should support.

There are two key techniques for improving both vertical and horizontal scalability:

Vertical scaling is also known as

scaling up

 and includes adding more resources such as memory, CPU, and hard disk to a system

Horizontal scaling is also known as

scaling out

 and includes adding more nodes to a cluster for workload sharing

The following attributes are:

Throughput

: Number of maximum transactions your system needs to handle for example, a thousand a day or a million

Storage

: Amount of data you are going to need to store

Growth requirements

: Data growth in the next 3-5 years

Availability

Availability is the time frame in which the system functions normally and without failures. Availability is measured as the percentage of total application downtime over a defined time period. Availability is affected by failures, exceptions, infrastructure issues, malicious attacks, and maintenance and upgrades.

It is the uptime or the amount of time the system is operational and available for use. This is specified because some systems are architected with expected downtime for activities like database upgrades and backups.

Availability also conveys the number of hours or days per week or weeks per year the application will be available to its end customers, as well as how rapidly it can recover from faults. Since the architecture establishes software, hardware, and networking entities, this requirement extends to all of them. Hardware availability, recoverability, and reliability definitions measure system uptime.

For example, it is specified in terms of Mean Time Between Failures (MTBF).

The following attributes are:

Availability

: Application availability considering the weekends, holidays, and maintenance times and failures

Locations of operation

: Geographic location, connection requirements, and if the restrictions of the network prevail

Offline requirement

: Time available for offline operations including batch processing and system maintenance

Length of time between failures

: This

 is the predicted elapsed time between inherent

failures

of a system during operation

Recoverability

: Time required by the system to resume operation in the event of failure

Resilience

: The reliability characteristics of the system and sub-components

Capacity

This NFR defines the ways in which the system is expected to scale-up by increasing capacity, hardware, or adding machines based on business objectives.

Capacity is delivering enough functionality required for the end users. A request for a web service to provide 1,000 requests per second when the server is only capable of 100 requests a second, may not succeed. While this sounds like an availability issue, it occurs because the server is unable to handle the requisite capacity.

A single node may not be able to provide enough capacity, and one needs to deploy multiple nodes with a similar configuration to meet organizational capacity requirements. Capacity to identify a failing node and restart it on another machine or VM is a NFR.

The following attributes are:

Throughput is the number of peak transactions the system needs to handle

Storage is the volume of data the system can persist at runtime to disk and relates to the memory/disk

Year-on-year growth requirements (users, processing, and storage)

The e-channel growth projections

Different types of things (for example, activities or transactions supported, and so on)

For each type of transaction, volumes on an hourly, daily, weekly, monthly basis, and so on

During the specific time of the day (for example, at lunch), week, month, or year are volumes significantly higher

Transaction volume growth expected and additional volumes you will be able to handle

Security

Security is the ability of an application to avoid malicious incidences and events outside of the designed system usage, and prevent disclosure or loss of information. Improving security increases the reliability of an application by reducing the likelihood of an attack succeeding and impairing operations. Adding security controls protects assets and prevents unauthorized access and manipulation of critical information. The factors that affect an application security are confidentiality and integrity. The key security controls used to secure systems are authorization, authentication, encryption, auditing, and logging.

Definition and monitoring of effectiveness in meeting the security requirements of the system, for example, to avoid financial harm in accounting systems, is critical. Integrity requirements restrict access to functionality or data to certain users, and protect the privacy of data entered into the software.

The following attributes are:

Authentication

: Correct identification of parties attempting to access systems and protection of systems from unauthorized parties

Authorization