Models and Methodologies SDLC

Agile: This model involves production of ongoing release cycles that feature small, incremental changes from the previous release, whereby at every iteration, the product is tested. The model helps project teams to identify and resolve issues on the project before they transform into bigger problems. Stakeholders are concurrently engaged in order to get feedback throughout the process.

Lean: Inspired by manufacturing practices, this model is guided by key principles: amplify learning, eliminate waste, make drastic decisions, deliver promptly, empower team, build integrity in, and see the whole. Only what is done must be done at the given time, with no multitasking. The priority of this model is customer satisfaction, while project team are flexible enough to respond to stakeholder feedback during the project cycle.

Waterfall: The structure involves completing one phase and proceeding to the next, with no going back. Therefore, each stage relies on information provided by the previous stage. While it is easy to understand and simple to manage, its disadvantage is its rigidity, because there is no room to revise a stage once completed, hence the model can’t work well where flexibility is required and problems can only be fixed at the maintenance stage.

Iterative: This model involves implementation of a set of software requirements, tests, and evaluation. Once a new software version is produced with each iteration, it is repeated until the complete system is ready. The model has capacity to produce a working software version quite early and makes it less costly to implement changes. The downside of the model is that the continuous repetitive process consumes resources at a faster rate. 

Spiral. As a flexible methodology, Spiral borrows from Iterative model and its repetition structure. The project repetitively goes through four distinct phases: planning, risk analysis,

engineering and evaluation, in a “spiral” manner until completion and allowing multiple rounds of refinement. This model is applicable for large projects that require development of highly customized products, while incorporating feedback at the early project stages. The second benefit is its risk management characteristics, which ensure that at each point of iteration, there is evaluation of potential risks and mitigation methods. 

DevOps. This method is the latest entrant to the SDLC and was birthed from Agile and Lean practices, as well as the business shift that requires collaboration between development and operations staff at every stage of the SDLC. The collaboration is necessary to accelerate innovation and deployment of high-quality and more reliable products. Other key features are: frequent product updates, continuous feedback, automation of manual processes, and process improvement (Robert Half, 2017).

Development Methodology that Fits Your Organization and Explain Why

The DevOps methodology effectively fits my organization because it is requires effective collaboration between different teams (development and operations). This feature is critical to facilitate development of products that are of high quality and acceptable by all. Furthermore, automation and the need for frequent update of the software is critical in enhancing security of systems. 

Phases of the Software Life Cycle

Planning: Involves aspects of project and product management and includes: resource allocation, capacity planning, project scheduling, cost estimation, and provisioning. At the end of the planning phase, the output will be: schedules, cost estimates, plans, and procurement requirements. Persons involved are: project managers, development staff, operations, and security personnel to give their input (Stackify, 2017).

Requirements: At this stage, business department informs IT department on the requirements for development and enhancement. Other people involved are development teams, product managers, architects to document processes that require software automation.

Design and Prototyping: Developers and architects make initial software design and develop it through known design patterns and use of frameworks like TOGAF respectively.

Output in this section includes design documents listing patterns and components for the project and code produced by spikes, used as the beginning point for development.

Software Development: A phase where software is now developed and it may be conducted via time-boxed sprints or the waterfall method. At each point of progress, business stakeholders ought to be involved to validate that their expectations are incorporated in the software design and development. 

Testing: A critical phase that helps to evaluate the quality of the software including: code quality, functional tests, integration testing, performance testing, and security testing. Testing is done through automation. The output of this phase is functional software that is ready for deployment. 

Deployment: It is an automated face that is mostly invisible, because it occurs in a continuous deployment model. Furthermore, Application Release automation tools are integrated with Continuous Integration tools. The functional outputs of this phase is the release to Production of working software. 

Operations and Maintenance: Marks the end of the development cycle, but also determines the beginning, because software must be continuously monitored for detection and correction of bugs and defects, hence achieving efficient operation. Any time bugs are noted, the system receives feedback and the cycle is repeated based on where there is need to begin fixing the bug through regression.

Security Principles to Be Considered and Applicability to SDLC

Initially, software is secured by through integrating a trusted maturity model into the SDLC so as to infuse best practices and solid security design. 

Secondly, when gathering requirements for the software, it is critical to understand the exact needs and establish the scope and boundaries, identify stakeholders, process gaps, and implement security activities that are related to the scope of the project. 

A software security group guarantees software security whose role is to educate, assess, and enforce all security measures put in place. Furthermore, personnel involved in the project need to be knowledgeable about software security standards, hence reducing insecure design and development bottlenecks (Balarama, 2016). 

Software security is assured by establishing a comprehensive risk management process, which identifies risks and executes mitigation plans. At the software implementation phase, undertaking code reviews helps to reduce the number of bugs that can creep into the final product.

Elements of a Maturity Model

Initial: Key features involve processes operating under unstable environment, whereby success depends on personal initiative of individuals and not proven processes, hence software success relies on competent staff. While products and services in this level always meet expectations, they frequently exceed the budget and schedule of their projects.

Repeatable: At this level, success of software development relies on repetition, although processes may not repeat for all projects, but the organization can use project management skills 

to track cost and schedules. In order to achieve success in implementing processes on schedule, the documented plans are followed without deviation. In so doing, management is able to see major milestones and are involved at completion of tasks. Essentially, there is ability to track costs, schedules, and functionality of the project management processes (Frick, 2012).

Defined: The organization sets standards for executing processes and used to institute consistency in defined processes based on tailored guidelines. At the same time, the management of the organization ensures that through the set processes, its objectives are addressed accordingly. 

Managed: Software development is controlled through distinct measurements through identification of ways to adjust and align processes to specific projects without considerable loss or deviation of quality. At this level, organizations establish a quantitative quality goal for software process as well as software maintenance. At the same time, sub-processes are used to contribute to the general process performance; and are controlled by statistical and quantitative techniques (Select Business Solutions, 2019).

Optimizing: This level is focused continuous improvement using incremental and innovative technological improvements. Therefore, process improvements are revised to reflect the changing business objectives. Furthermore, deployed process improvements are evaluated and measured against quantitative process-improvement objectives. Empowered employees can adequately participate in aligning business values and objectives of the organization. At the same time the organization should be responsive to rapid changes and innovate ways of accelerating shared learning.

Reference

Balarama, K. (2016). 10 Ways to infuse security into your software development life cycle. Retrieved https://www.synopsys.com/blogs/software-security/infuse-security-into-your-software-development-life-cycle/

Frick, N. (2012). Identification of Design Elements for a Maturity Model for Interorganizational Integration: A Comparative Analysis. Retrieved https://pdfs.semanticscholar.org/6e5c/eeea4fadc64da667f7693072a95df5a785b9.pdf

Robert Half (2017). 6 Basic SDLC Models: Which One is Best? Retrieved https://www.roberthalf.com/blog/salaries-and-skills/6-basic-sdlc-methodologies-which-one-is-best

Select Business Solutions (2019). What is the Capability Maturity Level? Retrieved http://www.selectbs.com/process-maturity/what-is-the-capability-maturity-model

Stackify (2017). What is SDLC? Understand the Software Development Cycle. Retrieved https://stackify.com/what-is-sdlc/