Project Title: Cyber Incident Response Plan
Project Title: Cyber Incident Response Plan
Building a Comprehensive Cyber Incident Response plan for healthcare Organization.
Team Details :Sno Student ID Student Name Responsibility
1 202311662 Sachin Kumar Group Leader
2 202210961 Sandip Khatiwada Group member task
3 202210847 Abinash Kumar shah Group member
4 202210797 Bharati Joishi Group Member
5 202211264 Mohammad Razi Hossain Group Member
Please describe the type of system being developed.
We are going to create the good cyber incident response plan building a Comprehensive Cyber Incident Response plan for healthcare Organization.
Who is the system being developed for?
The system is being developed for the different healthcare institutions and organizations to build the response plan.
Why is such a system required?
This arrangement is planned to assist the organization successfully get ready for, react to, and recoup from cyber occurrences that seem compromise quiet information, disturb healthcare administrations, or harm the organization's notoriety.
What will be the main challenge for you in building the system?
Recognizing and classifying massive amounts of sensitive data, ensuring compliance with strict controls like HIPAA, and integrating modern security measures without disrupting IT infrastructure are the biggest challenges in building a comprehensive Cyber Occurrence Reaction Plan for a healthcare organization.
What new ideas and theory will you need to learn to build the system?
ICT-328 Capstone Project I Cyber Security
Weekly Journal Submission
Week 2
Team Details:
Sno Student Name Student ID
1 2 3 4 The aim of this weekly journal is to do a literature review related to existing research and developments in your field of study. By reviewing existing literature,
You need to identify the methodologies and approaches that have been used by other researchers.
You must avoid redundancy by ensuring that your project is not replicating work that has already been done.
You need to identify key concepts, theories, and models relevant to your project.
Project Title:
Literature Review
References
Project Specification Form
A. Project Title
Quick-witted security with quickened system performance
B. Project Background
Problem Context
In todays computing generation fragmented disk, unnecessary file storage, unnecessary shortcuts are a big threat that can lead to errors, viruses and cause instability in the users pc. Also, cyber frauds and other illegal activities are increasing very much. Even on a brand new system with plenty of RAM and high-end processors, the performance of the hard disk may be a bottleneck causing system performance issues. One of the ways to tackle such problems is to defragment the disk. Disk Defragmentation rearranges fragmented data so as disks and drives can work more efficiently.When a system is new, the registry is quite small with just the required information to enable your system to function on your PC. However, as you start working on the PC, the registry starts building up. Over time, a lot of unwanted, invalid, and incorrect data accumulates within the registry and causes registry bloating. A bloated registry easily gets damaged and starts generating several Windows related errors on the system. Moreover, a large registry easily gets fragmented and considerably slows down your PC and is the reason behind system freezes and system crashes. Nextly, if a computer is used a lot, it very well might be, especially if software applications are uninstalled frequently, any small pieces of information from the software that are left on the computer can clog up the computer and cause it to slow down. Multiply that by the number of times you uninstall software, and you can see how it adds up to a slow computer, a performance issue. Cleaning registry of the system at times can be the best solution to the performance related problems. Then, emerging USB storage technology allows massive amounts of data to be transferred at lightning speeds. Devices continue to decrease in size, and the storage capacity keeps multiplying. All this makes for fast, efficient, and convenient information exchange, but there is a downsidesecurity. Employees in an organization can use these tiny, portable USB storage devices to download sensitive data and upload potentially harmful apps or viruses. Thus, Safety and Security is a big issue for any system within a network in todays enterprise environment. So, to enhance the network security, the developer thinks that it would be prudent to disable the ports on all workstations in the organization/office so that no one could use USB drives to put stuff onto or pull stuff off of the network. The other issue specially related to home users is, if children are allowed completely unrestricted access to the family computer with no monitoring, they can quickly, and easily, find themselves in situations that they simply are not equipped to handle. This is because there are many unscrupulous users out there with malicious intentions, such as older individuals posing as someone else with the intention of luring younger children out of home. These inappropriate relationships can easily go unnoticed by parents who don't have any form of computer surveillance installed on their family computers. Also in many companies, employees may use PCs for non-work-related purposes, or for some illegal acts that could damage the company. Also, terrorist may use PCs anywhere, like in cyber caf for dangerous acts, people around them being unaware what is going around them. Keylogging is then the only answer to such issues that is designed to secretly monitor and log all keystrokes. The utility of the application named Quick-witted security with quickened system performance relies in the fact that all the above mentioned features are integrated into one single system.
Rationale
Because of the above mentioned problems, there is a need to implement this system which is useful for various types of users and is the best answer to security, privacy and performance issues. There are certain elementary benefits serving to account for implementation of the proposed system:
Tangible Benefits
The application uses facial recognition technology to authenticate the desired user which is quicker and more secure than using password or other biometric technique for authentication
The disk defragmenter of the application allows the programs and data to run more efficiently and quickly as the operating system does not have to read from multiple locations and hence results in faster load times and faster performance.
The application has an in-built task manager that acts as a powerful troubleshooting tool and resolves issues. It monitors the computer's performance, closes a program that is not responding, view network status and graphs, view processes and services running.
The application disables USB ports of PC for specific devices, hence preventing people from taking out data from personal computer without permission or spreading viruses through the use of USB (pen and flash) drives.
The Registry Cleaner module scans the registry directory and tries to identify empty, useless and corrupted files and removes those unwanted configuration files from the system.
The keylogger module smartly tracks the keystrokes hit from the system preventing the illegal actions.
The application removes useless shortcuts and internet files that get downloaded automatically while browsing internet.
Message/Notification to the users mobile phone in case any blocked URL or application is accessed from the users pc.
Intangible Benefits
The application enhances security by incorporating facial recognition technique of biometrics for authenticating the user.
It frees up disk and memory space, hence improving the performance with the help of disk defragmenter.
The application helps in troubleshooting and performance monitoring by the task manager.
Registry cleaner increase the efficiency of the computer by cleaning the unwanted files from the registry.
It helps employers maintain productivity, protect valuable bandwidth and ensure optimum use of networked resources by monitoring employee activity online with the help of keylogger and prevents illegal actions.
Maintains security with its folder lock feature and USB port disabling feature.
Problem Area
The greater the fragmentation, the more time it takes for the fragmented files to be read, thus slowing down the PC performance. This is the reason why this particular choice of defragmenting the PC was made to solve the performance issues for business and home users.
In business areas, where the computers are used frequently, programs/files being installed/ uninstalled regularly, the deletion of temporary or potentially unwanted files left by certain programs including various browsers is a big issue that slows down the performance of the system as it updates the registry each time. This is the reason why the business users would want to implement the proposed system to avoid PC performance problems.
In organizations, the employees can use the PC for personal and illegal purposes apart from the work purpose, can steal the confidential data from the system with the help of USB devices and hence can destroy business relationships. Thus, there is a need for such system in organizations for employers to keep any eye on their employees, whether they are using the PC, internet etc. for work purpose only.
At homes, children can misuse the PC and internet behind their parents, their parents being unaware of the bad motives the strangers have with whom their children are communicating. Therefore, there is a need to develop such system to serve the purpose for home users, especially for parents.
USB devices being inserted into the computer frequently creates an easy path for any person/ employees to steal confidential data in any business organization leading to illegal actions or crimes. Also, insertion of USB devices into a PC creates an easy path for viruses to hit the users PC with damage, slowing down the performance. The proposed system hence prevents the illegal actions and crimes, and protects the PC in any kind of business organizations or at homes.
These are the problem areas where the proposed system is to be implemented to enhance the performance, security and privacy of the users PC.
Nature of Challenge
The main challenge in the system is the solution to window registry problems that is the development of the tool to boost the performance of PC that will deep scan user registry to identify problems and errors that can cause instability. For making the system on windows the developer is required to have thorough understanding of Windows Forms. Learning Face recognition technique to authenticate the user is the next challenge in the project for which the developer needs to have understanding of algorithms, graphics and GDI+. The next challenge is to maintain the security of the users PC at various levels to protect personalized data. Also, the Keylogging feature that can track the keystrokes being pressed on the users keyboard is a challenging task that uses hooks to be achieved. The other challenging task is to gather system statistics, monitor system health, and manage system components for which WMI technology is to be used. The implementations of technologies such as web services, Windows Hooks Windows Management Instrumentation, Ribbon Control, algorithms, GDI+ to achieve above mentioned tasks are major challenges which will be incorporated in this project.
Target Audience
The system serves variety of users ranging from home users to business users who are conscious about protecting their precious data from unauthorized access.
Business Organizations: It is also useful in organizations for business purposes where certain information such as project information is strictly hidden. USB port disabling and Keylogging feature ensure that the employees use the computers for legal and business purposes only.
Call centers: The system is of high utility in call centers or other areas where PCs are used on a large scale. In such areas, performance of the system is a big issue that is enhanced using the proposed system.
Home Users: Keyloggers are used in the home, where they may be used to monitor the activities of children or teenagers by their parents. Also, registry cleaner is also of high utility for home users.
Other security (e.g. law enforcement): Using keylogger records to analyze and track incidents linked to the use of personal computers.
C. Project Objectives
Objectives
The projects objective is to deliver the proposed system within time and budget and with appropriate quality.
The system objective is to integrate various modules together to come up with the best solution to security and performance issues.
The next objectives include implementation of advanced C# concepts for disabling USB ports, developing keylogger, authenticating user through facial recognition technique, and creating folder level security to enhance the security of the system.
The next objective is to view and manage all the processes and services running on the users PC with the help of task manager.
The other objectives are to develop a window registry repairer tool, defragmentation tool to enhance the system speed.
Other Learning Objectives
To analyze advanced programming techniques, software engineering principles, project management concepts, security concepts and integration of varied technologies.
To put upon or implement all the knowledge and concepts for the development of the system.
Scope
The proposed system intends to provide solution to performance and security issues by detecting the threats to the system that may enter the system through USBs or Internet. It is primarily focused on identifying windows registry problems, fragmentation issues, disabling USB ports, and incorporating folder level security, and developing keylogger. The system also reports to system administrator in case the user accesses vulgar websites or use some restricted words. In that case the system will be locked and user password will be changed automatically when the system restarts. The system thus has the potential to monitor all the unauthorized events and processes running on the PC and control them with the help of keylogger. This system thus supports security and speed.
Registration Module
Profile Management Module
Defragmentation Module
Registry Repair Module
Task Management Module
Authentication Module
Hidden Camera Activation Module
Keylogging Module
Folder Security Module
Theme Building Module
Gadgets Module
Modes Module
Notification Module
Description of Functionalities/ Features (Module wise)
Core Functionalities
Registration
The registration process registers both admin and the regular user. The admin has its default username and password. The regular user is registered by admin who will provide the permissions to the users.
Profile Management
Two different profiles are maintained, one for the admin and other for the regular users. Both of them have different authorities. A user has the authority to disable USB ports, defragment disks, view task manager, clean registry, track Keylogging, secure folders, change themes and customize gadgets etc. An admin has all the authorities that a regular user has. Furthermore, admin can view the history and log files, control the devices for which USB ports will be disabled and manage the different profiles, send notifications etc.
Defragmentation
This feature of the application defragment the disk and not only helps put file pieces back together, but can also consolidate free space so that there are larger blocks of space available to write new files thus preventing further fragmentation. The module is responsible for improving the efficiency of users PC
Registry Repair
Registry repairer locates and corrects problems in the Windows registry, such as missing references to shared DLLs, unused registration entries for file extensions, marks the registry items which are safe to remove as well as those which are not advisable to remove. And it will automatically back up the deleted registry. It cleans the registry by removing obsolete, temporary, invalid and redundant registry items from windows registry.
Task Management
The Task Manager, that manages the tasks is broken up into multiple tabs. Each tab is associated with a particular category such as the running applications, running processes, Windows services, the computer's performance, network utilization, and various corresponding graphs. Using this module, the user can tune the computer to run optimally and efficiently by disabling programs that may be using too many resources and thus slowing down your computer.
Enhanced Functionalities
Authentication
User (Admin/Regular User) is authenticated using facial recognition technique of biometrics using the camera that acquires the image of the face. The technique uses the spatial geometry of the distinguish features of the face. The face recognition technique is preferred over password authentication and other technique of biometrics because it is more secure and quicker. Butpermanence and uniqueness of the face might remain a limiting factor of this biometric solution.
Hidden Camera Activation
If any unauthorized user tries to access the system for more than three times, the hidden camera of the system gets activated and will capture the image automatically.
USB Ports Tracking
This disables USB ports of the computer for some specific devices, not allowing USB drives to be inserted into the computer, thus preventing the confidential data from stealing and also protecting the computer from viruses that can enter the computer through USB drives. The devices for which USB ports are disabled/ enabled are controlled by the admin only.
Special Functionalities
Keylogging
This feature records thekeystrokes on a computer by monitoring a user's inputand keeping a log of all keys that are pressed. The logs are then saved to a file. Those keystrokes can then be accessed at a later date to see what the users have typed on that machine and thus it ensures that the computer is not used for illegal actions in someones absence. Also, this feature has the capability to report to system administrator in case the user accesses vulgar websites or use some restricted words. In that case the system will be locked and user password will be changed automatically when the system restarts.
Folder Security
The feature allows the user to secure their folders using password as the authentication technique, thus protecting the files safe from prying eyes, hence enhance the security through an intuitive and simple interface. It can be easily used by any novice user as it is very simple to use.
Theme Building
It controls changing the theme of the application to enhance the visibility. The application can be customized with colors, fonts and many more things.
Gadgets
This is an accessory that makes life easier or more enjoyable.
Modes
The application consists of three modes namely normal mode, fast mode and game mode that can be switched as per the user requirements. Normally, normal mode runs. When fast mode runs, graphical applications are switched off. When game mode runs, graphical applications are switched on, switching off other unused applications.
Notification
The feature enhances the security by sending a message to the users mobile phone in case any blocked URL or application is accessed from the users pc.
Limitations
The proposed system is Windows Specific, which is, it works only on Windows Operating System.
The system prevents threats that come from internet when some file is installed but it does not have the ability to scan and remove virus.
This is a desktop based application.
Deliverables
Draft Proposal
Project Proposal
Project Specification form
Implemented Modules of the system
Hard copy of final documentation
Soft copy of final documentation
Final Presentation and Demonstration
D. Resources needed by the Project
Hardware Resources
Processor : At least Pentium IV with at least 1.6 MHz speed
Hard Drive Space: At least 20GB Free space and 80GB for better performance
Memory: At least 1 GB RAM for better performance
Monitor: Any Standard Monitor
Web Camera
Keyboard and Mouse.
Printer: For Printing the documents, throughout the project.
Any external storage device i.e. USB Drives or DVD/CD ROMs.
Software Resources
Operating System : Windows 7 Ultimate or Windows XP
Software Development Tools: Microsoft Visual Studio .NET 3.5
Database Management System: Microsoft SQL Server 2008
Software Modeling Tools: Microsoft Visio
Project Management Tools : Microsoft Project
System Documentation and Presentation Tools: Microsoft Office
Graphic Design Tools: Paint, Giffy, Photoscape
Web Browser: Any standard browser but above Internet Explorer 8.
Access to Information/Expertise and User Involvement
Improved quality of the system arises from more accurate user requirements so as to implement/ avoid system features that the user wants/ did not want to use and hence improving levels of acceptance of the system. Therefore, user involvement is necessary to produce a fruitful system. Users shouldbe directly involved in development projects, particularlywhen the scope of development project includesproduct and services where the end users will be external customers or consumers.
Various users involved are:
Employers
Investigators
Software Developer
Software Designer
Network administrators
For gathering information and user requirements, the following have highlighted the fact-finding techniques to be used throughout the research stages. These techniques are listed below:
Domain & Technical Research
Also calledliterature search,involves reviewing all readily available materials. These materials include internal organization information, relevant trade publications, newspapers, magazines, and any other published materials. It is a very inexpensive method of gathering information, although it often does not yield timely information. Literature searches over the web are the fastest and are preferred more, while library literature searches can are also to be considered as one the most powerful research method.
Interview
Interview will be carried out for a short time period to obtain opinion and the perspective from professionals who are specialized in programming field (like Lecturer, Software Developer, Software Designer) or even those who have experience in implementing and using such system in order to allow the developer to further enhance and refine the system ideas and features of the system that is going to be developed. End-users who are going to implement this system are also to be interviewed to improve the acceptance level of the system and produce a fruitful and usable system.
Software Developer and Software Designer- Interview those software developers and software designers who have already made such similar systems to come up with deep knowledge from the technical aspects.
Organization Employers- Interviewing the end-users is the most important factor towards the systems success. The developer of the proposed system gets the required functionalities, pros and cons of each module only by the actual end-users who are going to implement the system in their companies or organizations.
Questionnaire
Different type of questionnaires will be designed for different group of users, for employers of business organizations, and for employers of call centers because such a big number of peoples views cannot be judged by interviewing each one of them. So, this technique suits best when there are a large number of people who are to be judged within short span of time. It will give quantitative results. Questionnaire will be very useful to get proper idea about users needs.
E. Academic research being carried out and other information, techniques being learnt
Organized and controlled research enables developer to test and compare different theories and approaches, explore different methods, obtain other peoples views and learn from other peoples experience. It also enables to rule out or at least consider external factors which might influence their results. Researching about the proposed project gives the perfect platform for developing the project. In order to complete a project successfully a far-reaching research work must be carried out. Whether the research is domain based or technical research it will work as the basic developmental criteria for any project. One must have a proper knowledge on the type of system that is being made to make the project more efficient and effective.
Secondary Research Areas:
Academic/Theoretical Research Areas:
The first and foremost part of academic research is to compare as how the system named Quick-witted security with quickened system performance is better than the existing system. The question what are the new features to be added has to be the major research area.
Then, academically for carrying out the project, the developer is required to have a research on the advanced concepts of the Programming languages is done.
The system has to be made in such a way that it will have a good interaction between human and the computer. So, Human Computer Interaction Principles are to be researched upon.
Different types of software development methodologies are available. So, comparisons between all those are to be made and the methodology that best suits this security and performance based system, is chosen.
As security and performance booster concepts are to be implemented, so, those concepts accounts for another research area. This is to be included both as academic and technical research.
Information and Resources:
Books:
Leslie Ann Robertson, 2003, Simple Program Design, 2nd Edition , Boyd and Fraser
Shelly, G.B., Cashman, T.J. & Rosenblatt, H.J. (2005) System Analysis and Design, 5th or 6th Edition, Course Technology
OConnell, F. (2001) How to Run Successful Projects III: The Silver Bullet. Addison Wesley, ISBN: 0201748061
Websites:
http://www.codeproject.comTechnical/Programming Research Areas:
The Programming language chosen for developing the system is Visual C# and the database is Microsoft SQL Server 2008. A list of various techniques, programming languages and technical research area is given below:
Key Concepts and Strategy of developing a security and performance booster system.
Advanced APIs of Visual C# for implementing keylogger and registry cleaning.
Concepts of Windows Management Instrumentation.
Ribbon Control Technology
Algorithms and Graphical techniques for face recognition
Web Services for sending notifications
Security Concepts
Information and Research Sources:
Books
Deitel & Deitel, Listfied,Nieto, Yaeger, and Zlatkina, C# for Experienced Programmers, 2003, Prentice Hall.
John Sharp (2013)Microsoft Visual C# 2012: Step by Step,: Microsoft Press.
Andrew Stellman (2010)Head first C#, 2nd edn., Beijing: O'Reilly.
Websites
Security
http://www.securelist.com Last Accessed: 28 September 2013
http://www.bestsecuritytips.com Last Accessed: 28 September 2013
http://www.governmentsecurity.org Last Accessed: 27 September 2013
http://www.keelog.com Last Accessed: 29 September 2013
http://isafesoft.com Last Accessed: 27 September 2013
Efficiency
http://windows.microsoft.com Last Accessed: 28 September 2013
http://www.wisecleaner.com Last Accessed: 28 September 2013
Task Management
http://www.pcworld.com Last Accessed: 29 September 2013
Face Recognition Biometrics Technique
http://www.face-rec.org Last Accessed: 29 September 2013
Programming Language
www.c-sharpcorner.com Last Accessed: 29 September 2013
http://www.completecsharptutorial.com/ Last Accessed: 1 October 2013
Other Sources
Newspapers and Journals
F. Development Plan
Project Plan
Start Date: July, 2023
Duration: 12 Weeks
End Date:
Project Requirements
Duration:
Tasks:
Project Definition:
Idea Generation and identifying all the functionalities.
Project Title Selection
Feasibility Studies
Draft Proposal
Project Plan:
Development plan
Work Breakdown Structure
Scheduling
Gantt chart
Pert Chart
Project Proposal Form
Project Requirements Identification and Specification:
Project Background
Resources required
Techniques to be learnt
Goals and Objectives
Determine System Functionalities
Identify scope of research
Project Specification Form
Research by:
Interview with various stake holders (software developers and designers)
User requirements
Analysis
User Modeling and Profiling
Domain analysis on the tools (ASP. Net/ C#)
System analysis
Risk analysis
System design and Prototyping
Data flow Diagram
UML Diagrams
Story-Boarding
UI Prototype
Functional Prototype
Implementation
Code generation
Module Integration
Testing
Duration:
Evaluation of Different Prototypes
Different Types of Testing
Generating Test Plans
Project ending and finally maintenance
Duration: Submission of the Final product
Presentation
User Manual and Generating Documentation
Methodology
The methodology that best suits for the proposed system is Iterative Waterfall Model.
Iterative Waterfall Model is quite similar to traditional waterfall model but the basic principle is differing. Waterfall model approach is predicated on the principle of completing, in detail, each stage before moving on to the next. While, Iterative Waterfall Model adopts the logical sequence of events of the Waterfall model but it follows the full lifecycle several times within a single project.
Phases of Iterative Waterfall Model
Requirements specification-In this phase, research is being conducted which includes requirements about the software. It clearly and unambiguously indicates the requirements for the system. A small amount of top-level analysis and design is also documented in this phase. In this phase, the users involved such as employers, network administrators are to be interviewed, questionnaires are obtained so as to research and analyze the system requirements.
System Design and Software Design- This step involves originating the basic design of the software. It will be done after the first phase gets successfully completed. System design included designing of software and hardware i.e. functionality of hardware and software is separated-out. After separation design of software modules is done, the design process translates requirements into representation of the software that can be assessed for quality before generation of code begins
Implementation and Unit Testing- Now that the developer has system design, code generation begins. Code generation is conversion of design into machine-readable form. Software modules are now further divided into units. And unit testing is performed with the generation of each module described above, namely registration, keylogger etc.
Integration and System testing- Now the units of the software are integrated together and a system is built. So we have complete system named Quick-witted security with quickened system performance at hand which is tested to check if it meets thefunctional and performance requirements. Testing is done, as per the steps defined in the test plan, to ensure defined input produces actual results which agree with the required results. A test report is generated which contains test results.
Operation & maintenance- Now that the developer has the completed system, she is to deliver the same. This phase goes on till the software is retired.
As it is an iterative Waterfall Model, each iteration goes through the activities of Requirements, Design, Implement, Integration and Testing and produces production-quality software at the end of the iteration. The contents of each iteration is determined according to risk - the new, the most challenging; the most critical elements are built first, so that the true nature of the project and its implications in terms of cost and time are constantly under review.
Why Iterative Waterfall Model?
For the project, Quick-witted security with quickened system performance, quality is the most crucial factor and Iterative Waterfall methodology is preferred where quality is more important as compared to schedule or cost.
The iterative model is quite appropriate to be implemented here because at the such early stage, the developer is not much sure about the all the requirements of the system and an iterative lifecycle model does not attemptto startwith a full specification of requirements. Instead, development begins by specifying and implementing just part of the software,which canthen be reviewed in order to identify further requirements. This process is then repeated, producing anew versionof the software for each cycle of the model.
While developing the system named Quick-witted security with quickened system performance, though major requirements have been described at an early stage but certain will be evolving with time. Therefore the iterative model is chosen because it best suits when the developer needs the flexibility to incorporate more features in the system with time.
The developer of the system Quick-witted security with quickened system performance is required to build the system step by step with a deliverable at each step and in iterative model; the projects are built and improved step by step. Hence the developer is able to track the defects at early stages. This avoids the downward flow of the defects.
The model also involves feedback loop. This is what required for developing the system Quick-witted security with quickened system performance. For this also, user is required to obtain feedback at each phase, lessening the chances of immense burden of changes and massive evaluation at the end.
Hardest Tasks
Keylogger is hardest module to implement. Its implementation requires learning completely new concepts such as Windows Hooks.
The other hard task is implementing face recognition technique of biometrics for authentication because it requires knowledge of Windows Hooks, various algorithms and graphical concepts such as GDI+.
G. Evaluation & Test Plan
The project is using Iterative Waterfall Model; testing plan is based upon the phases of the proposed model only.
Requirement Phase Testing; Simulation Testing
The first phase of the Iterative Model is the Requirements Phase. During the requirements analysis phase, test planning and design also starts as per the model selected. Though planning for integration and system test is done as the last steps to complete before system release but in iterative model, these testing strategies are planned at the first opportunity. The requirements that are specified in the first phase are verified to look for ambiguities, completion, consistency, and reasonability; in addition, whether it is achievable, traceable and measurable from a testing standpoint. If the specification satisfies the user requirements, a simulation environment can be built up by following the specifications which may be called prototype. The prototype is a solution at an early stage in order to prepare for later development. It, not a real product, also highlights certain properties of the intended system. The simulation testing in this phase is to validate the prototype, which is established according to the specification, with the designed cases/data in order to certify these test cases/data, and expected results, because they will be used to test the real system.
Unit Testing (At Implementation phase)
Then comes the design phase in which software architecture and components to meet the requirements are designed. Testing activity here begins to focus on the most atomic element--the unit that is done by the developer herself that asks the developer to take the smallest piece of testable software in the application and determine whether it behaves exactly as expected. Each unit is tested separately before integrating them into modules to test the interfaces between modules.
Tester for unit testing is the developer who is developing the proposed system.
Regression Testing; Core of Iterative Model
In the first iteration of a project, there may not be much to do here. In subsequent iterations, the focus will be on how new or changed components will affect the system called regression testing. The regression testing means the retesting of asoftwaresystem that has been modified to ensure that anybugshave been fixed and that no other previously working functions have failed as a result of the reparations. Tests performed in the previous iteration should be applied here again against the changes and/or additions. In all iterations, the implementation phase will be saturated with testing.
Tester for Regression testing is the developer herself.
Integration
Integrated testingwill start after completion of unit testing. Integration testing verifies that when two or more modules interact, produced result satisfies with its original functional requirement or not and it fall in Black box testing. Its main purposeis to identify the functional, requirement and performance levelbugs. When modules are not integrated, they perform as per requirement but when the modules such as keylogger, task manager, registry repairer integrate, functional, requirement and performance related issues will occurs due to the integration. This is the reason the developer needs to perform integration testing even if unit testing is already conducted.
Tester for Integration testing is the developer.
System Testing
System testingis the testing of behavior of a complete and fully integrated software product based on the software requirements specifications. In main focus of this testing is to evaluateBusiness / Functional / End-user requirements. For this type of testing do not required knowledge of internal design or structure or code.
Tester for Integration testing is the developer and End-User.
UserAcceptance testingUserAcceptance testingis the software testing process where system tested foracceptability& validates the end to end business flow. It is performed inseparate environment (similar to production environment) & confirmswhether system meets the requirements as per requirement specification or not. End users concentrate on end to end scenarios & it typically involves running a suite of tests on the completed system. TheAcceptance testingis black box tests, means end- users who is testing the system need not to beaware of internal structure of the code; they just specify the input to the system & check whether systems respond with correct result.
Tester for User Acceptance Testing is the End-User (Employers).
Criteria for a Successful Project
Meeting User Requirements: A successful system is supposed to meet all the user requirements. The system is to be developed in such a way that it fulfills all the requirements collected from research and investigation through interviews and questionnaires. The system is checked against the user requirements that are specified in the Requirement Specification phase. The evaluation is done by checking whether the proposed system meets the user requirements to which extent.
Research and Analysis: The phase is the initiation phase of any project. The proposed system is supposed to be user friendly, intuitive and quick so that users will stay with the system easily and not be deterred. The evaluation is done by checking how much in-depth research is done on the proposed area. The success is of the project is guaranteed if the developer does good amount of well investigated research and analysis.
Implementation of Modules: The desired modules are implemented in a way that the desired system produced runs without any bugs and quickly.
Special and Enhanced functionalities: The proposed system developed aims to fulfill the core as well as enhanced and special functionalities mentioned in the project specifications
Usability of the proposed system: Application's usability depends upon proven Human-Computer Interaction (HCI) principles and aims to achieve in the application ease of use, Navigation, time for completion and errors.
Documentation: The skills to turn up with documentation at the end which is very well formatted along with appropriate organization of information and standard level of English.
