User:FunnyPocketBook/Non-functional requirement: Difference between revisions
Content deleted Content added
Manouk Sirag (talk | contribs) start on definition section |
Add example |
||
| (30 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{Short description|Type of requirement in systems engineering}} |
{{Short description|Type of requirement in systems engineering}} |
||
{{Use American English|date=March 2019}} |
{{Use American English|date=March 2019}} |
||
In [[systems engineering]], '''non-functional requirements (NFR)''' make up [[software requirements]] together with [[functional requirements]]. |
In [[systems engineering]] and [[requirements engineering]], '''non-functional requirements (NFR)''' make up [[software requirements]] together with [[functional requirements]]. There have been discussions on what NFRs entail, and which types of requirements fall under the term. <ref name="Glinz">{{cite journal |last1=Glinz |first1=Martin |title=On Non-Functional Requirements |journal=15th IEEE International Requirements Engineering Conference (RE 2007) |date=October 2007 |pages=21–26 |doi=10.1109/RE.2007.45 |url=https://ieeexplore.ieee.org/abstract/document/4384163 |access-date=13 January 2023 |language=English |issn=2332-6441}}</ref> According to the [[IREB]] CPRE glossary, NFRs include both quality requirements and constraints. In contrast, functional requirements refer to requirements that concern results or behaviors provided by a function of a system.<ref name="Glossary">{{cite web |last1=IREB |first1=CPRE |title=IREB CPRE Glossary |url=https://www.ireb.org/en/cpre/cpre-glossary/ |website=CPRE Glossary - CPRE - IREB – International Requirements Engineering Board |publisher=IREB |access-date=13 January 2023}}</ref> |
||
NFRs play a vital role in software development since a system that is too slow, unsafe or unusable by certain people is more likely to be rejected. |
|||
The plan for implementing NFRs is usually provided in the [[system architecture]], since both quality requirements and constraints are usually [[architecturally significant requirements]]<ref name="ASR_Chen">{{Cite journal |doi = 10.1109/MS.2012.174|title = Characterizing Architecturally Significant Requirements|journal = IEEE Software|volume = 30|issue = 2|pages = 38–45|year = 2013|last1 = Chen|first1 = Lianping|last2 = Ali Babar|first2 = Muhammad|last3 = Nuseibeh|first3 = Bashar|hdl = 10344/3061| s2cid=17399565 |hdl-access = free}}</ref>. |
|||
The plan for implementing NFRs is usually provided in the [[system architecture]] since both quality requirements and constraints are usually [[architecturally significant requirements]]<ref name="ASR_Chen">{{Cite journal |doi = 10.1109/MS.2012.174|title = Characterizing Architecturally Significant Requirements|journal = IEEE Software|volume = 30|issue = 2|pages = 38–45|year = 2013|last1 = Chen|first1 = Lianping|last2 = Ali Babar|first2 = Muhammad|last3 = Nuseibeh|first3 = Bashar|hdl = 10344/3061| s2cid=17399565 |hdl-access = free}}</ref>. |
|||
== Definition == |
== Definition == |
||
There |
There have been many disagreements on the exact definition of non-functional requirements, and different researchers and groups have used many different definitions. The main difference is in which subcategories are part of non-functional requirements and which are functional requirements; for example, some studies use the term ''qualities'' for all NFRs, while others use quality requirements as a subsection of NFRs. |
||
There can also be confusion about definitions of components of formal definitions, like ''quality'', ''property'', and ''constraint''. Many different definitions use these terms, but not all of them use the same definitions for these terms, adding to the confusion <ref name="Glinz />. |
|||
Another study also shows that there's a split in definitions that offer two different broad perspectives about what NFRs should represent:<ref>{{cite journal |last1=Mairiza |first1=Dewi |last2=Zowghi |first2=Didar |last3=Nurmuliani |first3=Nurie |title=An investigation into the notion of non-functional requirements |journal=Proceedings of the 2010 ACM Symposium on Applied Computing |date=22 March 2010 |pages=311–317 |doi=10.1145/1774088.1774153 |url=https://dl.acm.org/doi/10.1145/1774088.1774153}}</ref> |
|||
<ref>{{cite journal |last1=Glinz |first1=Martin |title=On Non-Functional Requirements |journal=15th IEEE International Requirements Engineering Conference (RE 2007) |date=October 2007 |pages=21–26 |doi=10.1109/RE.2007.45 |url=https://ieeexplore.ieee.org/abstract/document/4384163 |access-date=13 January 2023 |language=English |issn=2332-6441}}</ref> |
|||
* NFRs are requirements that describe properties, characteristics or constraints that software must exhibit. |
|||
== Types of NFRs |
|||
* NFRs are requirements that indicate quality attributes that a software product must have. |
|||
The [[IREB]] (International Requirements Engineering Board), which is in charge of the internationally recognized ''Certified Professional for Requirements Engineering'' (CRPE) certification scheme, created a glossary used in the syllabi and exams for the certificates. This glossary includes the definition mentioned at the start, where a clear distinction is made within NFRs between constraints and quality attributes. |
|||
Below is a selection of different definitions found in literature to give an impression of how diverse these can be: |
|||
{| class="wikitable" |
|||
|- |
|||
! NFR definition |
|||
|- |
|||
| A description of a property or characteristic that a software system must exhibit or a constraint that it must respect, other than an observable system behavior. <ref name="Glinz" /><ref name="NFR in systems analysis & design">{{cite book |last1=Adams |first1=Kevin MacG |title=Nonfunctional requirements in systems analysis and design |date=2015 |publisher=Springer Cham |location=Cham |isbn=978-3-319-18344-2 |pages=46-51 |edition=1 |url=https://link.springer.com/book/10.1007/978-3-319-18344-2 |access-date=24 January 2023}}</ref> |
|||
|- |
|||
| The behavioral properties that the specified functions must have, such as performance, usability. <ref name="Glinz" /> |
|||
|- |
|||
| A requirement on a service that does not have a bearing on its functionality, but describes attributes, constraints, performance considerations, design, quality of service, environmental considerations, failure and recovery. <ref name="Glinz" /> |
|||
|- |
|||
| A requirement that describes not what the software will do, but how the software will do it is called a nonfunctional requirement (NFR)<ref name="NFR in systems analysis & design" /> |
|||
|- |
|||
| Describes a restriction on the system that limits our choices for constructing a solution to the problem. <ref name="NFR in systems analysis & design" /> |
|||
|- |
|||
| Properties or qualities the product must have to facilitate its functionality. <ref name="NFR in systems analysis & design" /> |
|||
|} |
|||
Overall, no definition, or RE standard in general, has been widely accepted by the RE community. In a study performed with individuals with experience working in the RE field, a survey showed that a low number of people knew more than two RE-related standards (42.2%). Even fewer individuals used the standards they did know consistently (14.3%). This same study also identified that contributing factors to these low numbers include that universities don't communicate the existence of these standards and that the standards themselves don't provide adequate support for [[requirements eliciation]] or compliance with regulations. <ref>{{cite journal |last1=Franch |first1=Xavier |last2=Glinz |first2=Martin |last3=Mendez |first3=Daniel |last4=Seyff |first4=Norbert |title=A Study About the Knowledge and Use of Requirements Engineering Standards in Industry |journal=IEEE Transactions on Software Engineering |date=1 September 2022 |volume=48 |issue=9 |pages=3310–3325 |doi=10.1109/TSE.2021.3087792 |url=https://ieeexplore.ieee.org/document/9449943 |access-date=24 January 2023}}</ref> |
|||
== Functional vs non-functional requirements == |
|||
While NFRs deal with qualities and constraints, [[functional requirements]] instead focus on functions that the system or system components must be able to perform<ref name="NFR in systems analysis & design" />, or according to the IREB: "A requirement concerning a result or behavior that shall be provided by a function of a system.".<ref name="Glossary" /> They capture the intended behavior of the system. |
|||
Some relations between FRs and NFRs are shown in the table below.<ref>{{cite web |title=Functional vs Non Functional Requirements |url=https://www.geeksforgeeks.org/functional-vs-non-functional-requirements/ |website=GeeksforGeeks |access-date=24 January 2023 |language=en-us |date=28 April 2020}}</ref><ref>{{cite web |title=Functional vs Non-Functional Requirements [Updated 2021] |url=https://enkonix.com/blog/functional-requirements-vs-non-functional/ |website=enkonix.com |access-date=24 January 2023 |language=en}}</ref> |
|||
{| class="wikitable" |
|||
|+ Comparisons |
|||
|- |
|||
! Functional requirements !! Non-functional requirements |
|||
|- |
|||
| Helps in understanding the functions in the system || Helps in understanding the performance of the system |
|||
|- |
|||
| Identify what the system must or must not do|| Identify how the system should do it |
|||
|- |
|||
| System will generally still work with only these requirements|| System won't work at all with only these requirements. |
|||
|- |
|||
| Ensures the system meets user requirements || Ensures the system meets user expectations |
|||
|- |
|||
| Defines the system or a component of it || Outlines quality attributes of the system |
|||
|- |
|||
| Specified what the software system should do || Places constraints on how the software system fulfills the functional requirements |
|||
|- |
|||
| Generally defined at a component level || Applied to a system as a whole |
|||
|} |
|||
== Types of NFRs == |
|||
The types of NFRs typically consists of [[List of system quality attributes|quality attributes]] and constraints.<ref name="Glinz" /><ref name="Glossary" /><ref>{{Cite journal |last=Habibullah |first=Khan Mohammad |last2=Horkoff |first2=Jennifer |date=September 2021 |title=Non-functional Requirements for Machine Learning: Understanding Current Use and Challenges in Industry |url=http://dx.doi.org/10.1109/re51729.2021.00009 |journal=2021 IEEE 29th International Requirements Engineering Conference (RE) |publisher=IEEE |doi=10.1109/re51729.2021.00009}}</ref> Quality attributes describe how well a functional requirement has to be met and constraints apply restrictions regarding the implementation of a requirement, such as by requiring to adhere to [[List of ISO standards|ISO standards]]. |
|||
[[File:Requirements taxonomy.png|thumb|Simplified example of a requirements taxonomy]] |
|||
=== Quality Attributes === |
|||
Quality attributes or quality requirements are measurable properties of a system that describe how well the system meets its functional requirements and are not part of the functional requirements.<ref name="Glossary" /><ref name=":0">{{Cite journal |last=Wiegers |first=Karl E. |date=1999 |title=Writing Quality Requirements |url=http://www.uml.org.cn/rjzl/pdf/1113/qualreqs.pdf |journal=Software Development |volume=7 |issue=5 |pages=44-48}}</ref> These attributes are characteristics that describe the system's behavior, performance, or other aspects that are not directly related to the functionality of the system. Quality attributes are critical in requirements engineering as they can affect the overall performance, dependability, usability, and security of the entire system rather than single components within the system.<ref name=":2">{{Cite book |last=Sommerville |first=Ian |url=https://www.worldcat.org/oclc/907941065 |title=Software engineering |date=2016 |isbn=0-13-394303-8 |edition=10th |location=Boston |oclc=907941065}}</ref> |
|||
Examples of quality attributes include reliability, availability, maintainability, scalability, security and usability.<ref>{{Cite journal |last=Barbacci |first=Mario |last2=Klein |first2=Mark H. |last3=Longstaff |first3=Thomas A. |last4=Weinstock |first4=Charles B. |date=1995-12-01 |title=Quality Attributes. |url=http://dx.doi.org/10.21236/ada307888 |location=Fort Belvoir, VA}}</ref><ref>{{Cite journal |last=Offutt |first=J. |date=2002 |title=Quality attributes of Web software applications |url=http://dx.doi.org/10.1109/52.991329 |journal=IEEE Software |volume=19 |issue=2 |pages=25–32 |doi=10.1109/52.991329 |issn=0740-7459}}</ref> These terms fall under the "-ilities", which are used to describe the desired system properties.<ref name="Glinz" /><ref>{{Cite journal |last=Sunday |first=D.A. |title=Software maintainability-a new 'ility' |url=http://dx.doi.org/10.1109/arms.1989.49572 |journal=Proceedings., Annual Reliability and Maintainability Symposium |publisher=IEEE |doi=10.1109/arms.1989.49572}}</ref> |
|||
* '''[[Reliability engineering|Reliability]]''' refers to the ability of a system to perform its intended functions without failure. It is often measured by the system's availability, which is the percentage of time that the system is operational and able to meet its service requirements. |
|||
* '''[[Availability]]''' refers to the ability of a system to perform its intended functions when called upon to do so. It is often measured by the system's uptime, which is the percentage of time that the system is operational and able to meet its service requirements. |
|||
* '''[[Maintainability]]''' refers to the ease with which a system can be modified or maintained over time. This includes aspects such as the ability to diagnose and fix errors, make changes to the system without introducing new errors, and understand and modify the system's code. |
|||
* '''[[Scalability]]''' refers to the ability of a system to handle an increasing number of users or transactions without a decrease in performance. This includes aspects such as the ability to handle increased load without crashing, add new hardware to the system, and distribute the load across multiple servers. |
|||
* '''[[Computer security|Security]]''' refers to the ability of a system to protect against unauthorized access or attack. This includes aspects such as the ability to encrypt data and communications, authenticate users, and prevent or detect and respond to attacks. |
|||
* '''[[Usability]]''' refers to the ease with which a system can be used by its intended users. This includes aspects such as the clarity of the user interface, the simplicity of the system's navigation, and the ability of the system to meet the needs of its intended users |
|||
=== Constraints === |
|||
Constraints are limitations or restrictions that are placed on the design or implementation of a system. They are requirements that limit the solution space beyond what is needed to fulfill the functional and quality requirements.<ref name="Glossary" /> Constraints do not have an impact on the external behavior of the system. They can be used to determine the feasibility of functional or quality requirements.<ref name=":1">{{Cite journal |last=Rashwan |first=Abderahman |last2=Ormandjieva |first2=Olga |last3=Witte |first3=Rene |date=July 2013 |title=Ontology-Based Classification of Non-functional Requirements in Software Specifications: A New Corpus and SVM-Based Classifier |url=http://dx.doi.org/10.1109/compsac.2013.64 |journal=2013 IEEE 37th Annual Computer Software and Applications Conference |publisher=IEEE |doi=10.1109/compsac.2013.64}}</ref> Since any requirement could be classified as a constraint, as they limit the solution space, making constraints the last option when classifying a requirement can be a way to distinguish them. This way constraints are limited to requirements that are neither functional nor quality requirements. Examples of constraints are industry standards, laws or organizational processes. |
|||
== Managing NFRs == |
|||
All system requirements should be unambiguous and clear in their wording as well as easy to understand, complete and consistent across the entire [[software requirements specification]] (SRS). NFRs can be more critical than functional requirements, as users can find a workaround for functionalities that the system has not implemented. On the other hand, unfulfilled or missing FRs can render an entire system unusable. An example of that is inadequate or absent reliability requirements, which can lead to failing necessary safety certifications.<ref name=":2" /> |
|||
Ideally, the [[Requirements elicitation|elicitation]] of NFRs already provides the complete picture of NFRs. However, in practice, that is not always the case. During the writing of NFRs, new information, research, or insights can lead to modified requirements. It is therefore important that revisions of NFRs check for inconsistencies.<ref>{{Cite book |last=Pohl |first=Klaus |url=https://www.worldcat.org/oclc/642291082 |title=Requirements engineering : fundamentals, principles, and techniques |date=2010 |isbn=978-3-642-12577-5 |location=Heidelberg |oclc=642291082}}</ref> The following lists provide an example of which key points need to be considered during such a revision. |
|||
Karl Wiegers<ref name=":0" /> describes six characteristics that individual requirements should have: |
|||
* '''Correctness:''' Each requirement must correctly describe the desired result. The correctness can be referred to the requirement's source, such as another (functional) requirement. |
|||
* '''Feasibility:''' The implementation of each requirement must be possible within the capabilities and limitations of the system's environment. |
|||
* '''Necessity:''' Each requirement should describe a necessity of a stakeholder or adherence of external requirements or standards. One viewpoint of "necessity" is that the source of each requirement should be identifiable as an authority to specify requirements. |
|||
* '''[[Requirement prioritization|Priority]]:''' Each requirement should be assigned a priority to describe how important it is to be implemented for the product release. Should all requirements be identified as essential, it could lead to budget and schedule overruns and newly identified requirements during development cannot be added without complications. |
|||
* '''Unambiguity:''' Each requirement should be unambiguous in its meaning and allow for only one interpretation. Terms such as user-friendly, easy, fast or efficient should be avoided, as they do not specify a clear instruction. The used language to write the requirement should be appropriate to the reader's domain. |
|||
* '''Verifiability:''' Each requirement needs to be verifiable, which can be done by writing test cases. Failure of meeting a requirement is reflected in not being able to be verified. Additionally, requirements that are ambiguous or not feasible are also not verifiable. This also calls for each requirement statement to only include one requirement, such that each requirement can be separately verified. |
|||
Across all NFRs, there are four characteristics that should be true:<ref name=":0" /> |
|||
* '''Completeness:''' All requirements or necessary information should be covered by the NFRs. Completeness also applies to individual requirements, as it is difficult to find missing requirements. |
|||
* '''Consistency:''' All requirements must be consistent and may not be in conflict with each other. While disagreements between requirements have to be resolved, it can be that it is not explicitly known which requirements are correct until research has been conducted. Consistency also requires that when changed requirements affect other requirements, these will also be modified accordingly |
|||
* '''Modifiability:''' In most cases, modifications have to be made to requirements during the revision of the SRS. To facilitate this, each requirement should be labeled with a unique identifier, and a history of changes should be kept. |
|||
* '''Traceability:''' Each requirement should be linked to its source. The source could be another NFR, a functional requirement or a statement from a stakeholder. |
|||
In order to keep the above characteristics for each NFR, groups of NFRs can be created:<ref name=":2" /> |
|||
* '''Product requirements:''' Product requirements define the behavior of the developed system itself, such as reliability, security or usability requirements. |
|||
* '''Organizational requirements:''' Organizational requirements can be derived from policies and procedures of the client's or developer's organization. Examples include any environmental or development requirements, such as the supported operating system or how the system will be used. |
|||
* '''External requirements:''' External requirements are imposed from external factors, such as regulatory, legislative and ethical requirements. Examples include laws, industry standards and cultural aspects. |
|||
The following is an example of revising a bad requirement. <ref name=":0" /> |
|||
''"The product shall provide status messages at regular intervals not less than every 60 seconds.”'' |
|||
The issues in this requirement are: |
|||
* What are status messages? |
|||
* How should the status messages be displayed to the user? |
|||
* Which part of the product should display the status message? |
|||
* "not less than every 60 seconds" could also mean two years |
|||
* The wording "not less than every" is confusing and can be improved on |
|||
One way of rewriting the requirement is to split it into multiple requirements. |
|||
# Status Messages |
|||
## The Background Task Manager shall display status messages in a designated area of the user interface at intervals of 60 plus or minus 10 seconds. |
|||
## If background task processing is progressing normally, the percentage of the background task processing that has been completed shall be displayed. |
|||
## A message shall be displayed when the background task is completed. |
|||
## An error message shall be displayed if the background task has stalled.” |
|||
== Implementing NFRs == |
|||
Planning the implementation of an NFR isn't always straightforward. Quality attributes and constraints are not requirements that can be placed in a normal [[product backlog]], as seen in [[agile software development]]. Instead, NFRs represent limits placed on parts of the system or the entire system. They, therefore, have to be considered in the implementation of one or multiple other (functional) requirements<ref name="Scaled framework">{{cite web |title=Nonfunctional Requirements |url=https://www.scaledagileframework.com/nonfunctional-requirements/ |website=Scaled Agile Framework |access-date=22 January 2023}}</ref>. NFRs must be constantly considered throughout the implementation of other requirements, and they pose a severe risk since errors in NFRs are considered the most complex and expensive to correct. <ref name="Lit rev NFR">{{cite journal |last1=Jarzębowicz |first1=Aleksander |last2=Weichbroth |first2=Paweł |title=A Systematic Literature Review on Implementing Non-functional Requirements in Agile Software Development: Issues and Facilitating Practices |journal=Lean and Agile Software Development |date=2021 |volume=408 |pages=91–110 |doi=10.1007/978-3-030-67084-9_6 |url=https://link.springer.com/chapter/10.1007/978-3-030-67084-9_6#citeas}}</ref> |
|||
Quite a few factors can contribute to problems in the final system related to NFRs. Some of these can be attributed to simplified documentation techniques, which can cause misunderstandings regarding NFRs, like [[user stories]] and story cards. This is sometimes resolved by keeping a separate document with NFRs, but in practice this makes it more likely that NFRs are neglected in favor of implementing more functionalities. Finally, there's the problem of vagueness when it comes to NFRs. It can be difficult to determine exactly how expensive (in time and cost) an NFR will be; therefore NFRs might be determined at a late stage in development to be infeasible. <ref name="Lit rev NFR" /> |
|||
There are also methods to make the process of implementing NFRs easier and reduce the risks mentioned above. These include: |
|||
* A modified or additional specification technique for NFRs to ensure they don't get forgotten or lost. |
|||
* Ensuring an early start on NFRs so that finished code sections don't have to get rewritten later on to ensure NFRs are fulfilled. |
|||
* Using an automated monitoring tool like [[SonarQube]] to monitor the quality of the software continuously. |
|||
* Involve NFR specialists who will focus on ensuring the proper implementation of NFRs. |
|||
== Examples == |
|||
Many examples exist for NFRs, both general and domain-specific. A few of the more common and general NFRs include: |
|||
* '''Performance:''' The landing page when supporting 8.000 users per hour must provide a 4 seconds or less load time from the moment the request is made. |
|||
* '''Scalability:''' The system must be scalable enough to support 10.000 visits at the same time while mainaining all other requirements. |
|||
* '''Reliability:''' The system must have no more than 1 hour of downtime in a 3 month period. |
|||
* '''Usability:''' The system must meet [[Web Content Accessibility Guidelines]] WCAG 3.0. |
|||
* '''Security: ''' The database security must meet all HIPAA requirements. |
|||
== See also == |
== See also == |
||
* [[Software requirement]] |
|||
* [[Functional requirement]] |
|||
* [[Requirements engineering]] |
|||
* [[Requirements management]] |
|||
* [[Requirement analysis]] |
|||
* [[Requirements specification]] |
|||
* [[Use case diagram]] |
|||
* [[Requirements elicitation]] |
|||
* [[Software requirements specification]] |
|||
== References == |
== References == |
||
== External links == |
|||
Latest revision as of 22:58, 24 January 2023
In systems engineering and requirements engineering, non-functional requirements (NFR) make up software requirements together with functional requirements. There have been discussions on what NFRs entail, and which types of requirements fall under the term. [1] According to the IREB CPRE glossary, NFRs include both quality requirements and constraints. In contrast, functional requirements refer to requirements that concern results or behaviors provided by a function of a system.[2] NFRs play a vital role in software development since a system that is too slow, unsafe or unusable by certain people is more likely to be rejected. The plan for implementing NFRs is usually provided in the system architecture since both quality requirements and constraints are usually architecturally significant requirements[3].
Definition
[edit]There have been many disagreements on the exact definition of non-functional requirements, and different researchers and groups have used many different definitions. The main difference is in which subcategories are part of non-functional requirements and which are functional requirements; for example, some studies use the term qualities for all NFRs, while others use quality requirements as a subsection of NFRs. There can also be confusion about definitions of components of formal definitions, like quality, property, and constraint. Many different definitions use these terms, but not all of them use the same definitions for these terms, adding to the confusion [1].
Another study also shows that there's a split in definitions that offer two different broad perspectives about what NFRs should represent:[4]
- NFRs are requirements that describe properties, characteristics or constraints that software must exhibit.
- NFRs are requirements that indicate quality attributes that a software product must have.
The IREB (International Requirements Engineering Board), which is in charge of the internationally recognized Certified Professional for Requirements Engineering (CRPE) certification scheme, created a glossary used in the syllabi and exams for the certificates. This glossary includes the definition mentioned at the start, where a clear distinction is made within NFRs between constraints and quality attributes.
Below is a selection of different definitions found in literature to give an impression of how diverse these can be:
| NFR definition |
|---|
| A description of a property or characteristic that a software system must exhibit or a constraint that it must respect, other than an observable system behavior. [1][5] |
| The behavioral properties that the specified functions must have, such as performance, usability. [1] |
| A requirement on a service that does not have a bearing on its functionality, but describes attributes, constraints, performance considerations, design, quality of service, environmental considerations, failure and recovery. [1] |
| A requirement that describes not what the software will do, but how the software will do it is called a nonfunctional requirement (NFR)[5] |
| Describes a restriction on the system that limits our choices for constructing a solution to the problem. [5] |
| Properties or qualities the product must have to facilitate its functionality. [5] |
Overall, no definition, or RE standard in general, has been widely accepted by the RE community. In a study performed with individuals with experience working in the RE field, a survey showed that a low number of people knew more than two RE-related standards (42.2%). Even fewer individuals used the standards they did know consistently (14.3%). This same study also identified that contributing factors to these low numbers include that universities don't communicate the existence of these standards and that the standards themselves don't provide adequate support for requirements eliciation or compliance with regulations. [6]
Functional vs non-functional requirements
[edit]While NFRs deal with qualities and constraints, functional requirements instead focus on functions that the system or system components must be able to perform[5], or according to the IREB: "A requirement concerning a result or behavior that shall be provided by a function of a system.".[2] They capture the intended behavior of the system.
Some relations between FRs and NFRs are shown in the table below.[7][8]
| Functional requirements | Non-functional requirements |
|---|---|
| Helps in understanding the functions in the system | Helps in understanding the performance of the system |
| Identify what the system must or must not do | Identify how the system should do it |
| System will generally still work with only these requirements | System won't work at all with only these requirements. |
| Ensures the system meets user requirements | Ensures the system meets user expectations |
| Defines the system or a component of it | Outlines quality attributes of the system |
| Specified what the software system should do | Places constraints on how the software system fulfills the functional requirements |
| Generally defined at a component level | Applied to a system as a whole |
Types of NFRs
[edit]The types of NFRs typically consists of quality attributes and constraints.[1][2][9] Quality attributes describe how well a functional requirement has to be met and constraints apply restrictions regarding the implementation of a requirement, such as by requiring to adhere to ISO standards.
Quality Attributes
[edit]Quality attributes or quality requirements are measurable properties of a system that describe how well the system meets its functional requirements and are not part of the functional requirements.[2][10] These attributes are characteristics that describe the system's behavior, performance, or other aspects that are not directly related to the functionality of the system. Quality attributes are critical in requirements engineering as they can affect the overall performance, dependability, usability, and security of the entire system rather than single components within the system.[11]
Examples of quality attributes include reliability, availability, maintainability, scalability, security and usability.[12][13] These terms fall under the "-ilities", which are used to describe the desired system properties.[1][14]
- Reliability refers to the ability of a system to perform its intended functions without failure. It is often measured by the system's availability, which is the percentage of time that the system is operational and able to meet its service requirements.
- Availability refers to the ability of a system to perform its intended functions when called upon to do so. It is often measured by the system's uptime, which is the percentage of time that the system is operational and able to meet its service requirements.
- Maintainability refers to the ease with which a system can be modified or maintained over time. This includes aspects such as the ability to diagnose and fix errors, make changes to the system without introducing new errors, and understand and modify the system's code.
- Scalability refers to the ability of a system to handle an increasing number of users or transactions without a decrease in performance. This includes aspects such as the ability to handle increased load without crashing, add new hardware to the system, and distribute the load across multiple servers.
- Security refers to the ability of a system to protect against unauthorized access or attack. This includes aspects such as the ability to encrypt data and communications, authenticate users, and prevent or detect and respond to attacks.
- Usability refers to the ease with which a system can be used by its intended users. This includes aspects such as the clarity of the user interface, the simplicity of the system's navigation, and the ability of the system to meet the needs of its intended users
Constraints
[edit]Constraints are limitations or restrictions that are placed on the design or implementation of a system. They are requirements that limit the solution space beyond what is needed to fulfill the functional and quality requirements.[2] Constraints do not have an impact on the external behavior of the system. They can be used to determine the feasibility of functional or quality requirements.[15] Since any requirement could be classified as a constraint, as they limit the solution space, making constraints the last option when classifying a requirement can be a way to distinguish them. This way constraints are limited to requirements that are neither functional nor quality requirements. Examples of constraints are industry standards, laws or organizational processes.
Managing NFRs
[edit]All system requirements should be unambiguous and clear in their wording as well as easy to understand, complete and consistent across the entire software requirements specification (SRS). NFRs can be more critical than functional requirements, as users can find a workaround for functionalities that the system has not implemented. On the other hand, unfulfilled or missing FRs can render an entire system unusable. An example of that is inadequate or absent reliability requirements, which can lead to failing necessary safety certifications.[11]
Ideally, the elicitation of NFRs already provides the complete picture of NFRs. However, in practice, that is not always the case. During the writing of NFRs, new information, research, or insights can lead to modified requirements. It is therefore important that revisions of NFRs check for inconsistencies.[16] The following lists provide an example of which key points need to be considered during such a revision.
Karl Wiegers[10] describes six characteristics that individual requirements should have:
- Correctness: Each requirement must correctly describe the desired result. The correctness can be referred to the requirement's source, such as another (functional) requirement.
- Feasibility: The implementation of each requirement must be possible within the capabilities and limitations of the system's environment.
- Necessity: Each requirement should describe a necessity of a stakeholder or adherence of external requirements or standards. One viewpoint of "necessity" is that the source of each requirement should be identifiable as an authority to specify requirements.
- Priority: Each requirement should be assigned a priority to describe how important it is to be implemented for the product release. Should all requirements be identified as essential, it could lead to budget and schedule overruns and newly identified requirements during development cannot be added without complications.
- Unambiguity: Each requirement should be unambiguous in its meaning and allow for only one interpretation. Terms such as user-friendly, easy, fast or efficient should be avoided, as they do not specify a clear instruction. The used language to write the requirement should be appropriate to the reader's domain.
- Verifiability: Each requirement needs to be verifiable, which can be done by writing test cases. Failure of meeting a requirement is reflected in not being able to be verified. Additionally, requirements that are ambiguous or not feasible are also not verifiable. This also calls for each requirement statement to only include one requirement, such that each requirement can be separately verified.
Across all NFRs, there are four characteristics that should be true:[10]
- Completeness: All requirements or necessary information should be covered by the NFRs. Completeness also applies to individual requirements, as it is difficult to find missing requirements.
- Consistency: All requirements must be consistent and may not be in conflict with each other. While disagreements between requirements have to be resolved, it can be that it is not explicitly known which requirements are correct until research has been conducted. Consistency also requires that when changed requirements affect other requirements, these will also be modified accordingly
- Modifiability: In most cases, modifications have to be made to requirements during the revision of the SRS. To facilitate this, each requirement should be labeled with a unique identifier, and a history of changes should be kept.
- Traceability: Each requirement should be linked to its source. The source could be another NFR, a functional requirement or a statement from a stakeholder.
In order to keep the above characteristics for each NFR, groups of NFRs can be created:[11]
- Product requirements: Product requirements define the behavior of the developed system itself, such as reliability, security or usability requirements.
- Organizational requirements: Organizational requirements can be derived from policies and procedures of the client's or developer's organization. Examples include any environmental or development requirements, such as the supported operating system or how the system will be used.
- External requirements: External requirements are imposed from external factors, such as regulatory, legislative and ethical requirements. Examples include laws, industry standards and cultural aspects.
The following is an example of revising a bad requirement. [10]
"The product shall provide status messages at regular intervals not less than every 60 seconds.”
The issues in this requirement are:
- What are status messages?
- How should the status messages be displayed to the user?
- Which part of the product should display the status message?
- "not less than every 60 seconds" could also mean two years
- The wording "not less than every" is confusing and can be improved on
One way of rewriting the requirement is to split it into multiple requirements.
- Status Messages
- The Background Task Manager shall display status messages in a designated area of the user interface at intervals of 60 plus or minus 10 seconds.
- If background task processing is progressing normally, the percentage of the background task processing that has been completed shall be displayed.
- A message shall be displayed when the background task is completed.
- An error message shall be displayed if the background task has stalled.”
Implementing NFRs
[edit]Planning the implementation of an NFR isn't always straightforward. Quality attributes and constraints are not requirements that can be placed in a normal product backlog, as seen in agile software development. Instead, NFRs represent limits placed on parts of the system or the entire system. They, therefore, have to be considered in the implementation of one or multiple other (functional) requirements[17]. NFRs must be constantly considered throughout the implementation of other requirements, and they pose a severe risk since errors in NFRs are considered the most complex and expensive to correct. [18]
Quite a few factors can contribute to problems in the final system related to NFRs. Some of these can be attributed to simplified documentation techniques, which can cause misunderstandings regarding NFRs, like user stories and story cards. This is sometimes resolved by keeping a separate document with NFRs, but in practice this makes it more likely that NFRs are neglected in favor of implementing more functionalities. Finally, there's the problem of vagueness when it comes to NFRs. It can be difficult to determine exactly how expensive (in time and cost) an NFR will be; therefore NFRs might be determined at a late stage in development to be infeasible. [18]
There are also methods to make the process of implementing NFRs easier and reduce the risks mentioned above. These include:
- A modified or additional specification technique for NFRs to ensure they don't get forgotten or lost.
- Ensuring an early start on NFRs so that finished code sections don't have to get rewritten later on to ensure NFRs are fulfilled.
- Using an automated monitoring tool like SonarQube to monitor the quality of the software continuously.
- Involve NFR specialists who will focus on ensuring the proper implementation of NFRs.
Examples
[edit]Many examples exist for NFRs, both general and domain-specific. A few of the more common and general NFRs include:
- Performance: The landing page when supporting 8.000 users per hour must provide a 4 seconds or less load time from the moment the request is made.
- Scalability: The system must be scalable enough to support 10.000 visits at the same time while mainaining all other requirements.
- Reliability: The system must have no more than 1 hour of downtime in a 3 month period.
- Usability: The system must meet Web Content Accessibility Guidelines WCAG 3.0.
- Security: The database security must meet all HIPAA requirements.
See also
[edit]- Software requirement
- Functional requirement
- Requirements engineering
- Requirements management
- Requirement analysis
- Requirements specification
- Use case diagram
- Requirements elicitation
- Software requirements specification
References
[edit]- ^ a b c d e f g Glinz, Martin (October 2007). "On Non-Functional Requirements". 15th IEEE International Requirements Engineering Conference (RE 2007): 21–26. doi:10.1109/RE.2007.45. ISSN 2332-6441. Retrieved 13 January 2023.
- ^ a b c d e IREB, CPRE. "IREB CPRE Glossary". CPRE Glossary - CPRE - IREB – International Requirements Engineering Board. IREB. Retrieved 13 January 2023.
- ^ Chen, Lianping; Ali Babar, Muhammad; Nuseibeh, Bashar (2013). "Characterizing Architecturally Significant Requirements". IEEE Software. 30 (2): 38–45. doi:10.1109/MS.2012.174. hdl:10344/3061. S2CID 17399565.
- ^ Mairiza, Dewi; Zowghi, Didar; Nurmuliani, Nurie (22 March 2010). "An investigation into the notion of non-functional requirements". Proceedings of the 2010 ACM Symposium on Applied Computing: 311–317. doi:10.1145/1774088.1774153.
- ^ a b c d e Adams, Kevin MacG (2015). Nonfunctional requirements in systems analysis and design (1 ed.). Cham: Springer Cham. pp. 46–51. ISBN 978-3-319-18344-2. Retrieved 24 January 2023.
- ^ Franch, Xavier; Glinz, Martin; Mendez, Daniel; Seyff, Norbert (1 September 2022). "A Study About the Knowledge and Use of Requirements Engineering Standards in Industry". IEEE Transactions on Software Engineering. 48 (9): 3310–3325. doi:10.1109/TSE.2021.3087792. Retrieved 24 January 2023.
- ^ "Functional vs Non Functional Requirements". GeeksforGeeks. 28 April 2020. Retrieved 24 January 2023.
- ^ "Functional vs Non-Functional Requirements [Updated 2021]". enkonix.com. Retrieved 24 January 2023.
- ^ Habibullah, Khan Mohammad; Horkoff, Jennifer (September 2021). "Non-functional Requirements for Machine Learning: Understanding Current Use and Challenges in Industry". 2021 IEEE 29th International Requirements Engineering Conference (RE). IEEE. doi:10.1109/re51729.2021.00009.
- ^ a b c d Wiegers, Karl E. (1999). "Writing Quality Requirements" (PDF). Software Development. 7 (5): 44–48.
- ^ a b c Sommerville, Ian (2016). Software engineering (10th ed.). Boston. ISBN 0-13-394303-8. OCLC 907941065.
{{cite book}}: CS1 maint: location missing publisher (link) - ^ Barbacci, Mario; Klein, Mark H.; Longstaff, Thomas A.; Weinstock, Charles B. (1995-12-01). "Quality Attributes". Fort Belvoir, VA.
{{cite journal}}: Cite journal requires|journal=(help) - ^ Offutt, J. (2002). "Quality attributes of Web software applications". IEEE Software. 19 (2): 25–32. doi:10.1109/52.991329. ISSN 0740-7459.
- ^ Sunday, D.A. "Software maintainability-a new 'ility'". Proceedings., Annual Reliability and Maintainability Symposium. IEEE. doi:10.1109/arms.1989.49572.
- ^ Rashwan, Abderahman; Ormandjieva, Olga; Witte, Rene (July 2013). "Ontology-Based Classification of Non-functional Requirements in Software Specifications: A New Corpus and SVM-Based Classifier". 2013 IEEE 37th Annual Computer Software and Applications Conference. IEEE. doi:10.1109/compsac.2013.64.
- ^ Pohl, Klaus (2010). Requirements engineering : fundamentals, principles, and techniques. Heidelberg. ISBN 978-3-642-12577-5. OCLC 642291082.
{{cite book}}: CS1 maint: location missing publisher (link) - ^ "Nonfunctional Requirements". Scaled Agile Framework. Retrieved 22 January 2023.
- ^ a b Jarzębowicz, Aleksander; Weichbroth, Paweł (2021). "A Systematic Literature Review on Implementing Non-functional Requirements in Agile Software Development: Issues and Facilitating Practices". Lean and Agile Software Development. 408: 91–110. doi:10.1007/978-3-030-67084-9_6.