CSS Prepare

Software Engineering

9 min read

Software engineering is the disciplined application of engineering principles to the design, development, operation and maintenance of software. While programming is about writing code, software engineering is about delivering reliable systems on time, on budget, and meeting users' needs.

Software Engineering

The systematic, disciplined and quantifiable approach to the development, operation and maintenance of software; the application of engineering to software (IEEE 610.12).

Software process

A software process is a structured set of activities required to develop a software system. Five generic phases:

  1. Specification — what the system should do.
  2. Design and implementation — how it does it.
  3. Validation — does it do what users wanted?
  4. Evolution — adapting to changing needs.
  5. Operations and maintenance — keeping it running.

Software crisis

The 1968 NATO Conference at Garmisch coined the term software crisis to describe systemic project failures — late delivery, over-budget, low quality. Modern software engineering emerged in response.

SDLC models

Waterfall (Royce, 1970)

Linear, sequential — requirements → design → implementation → testing → deployment → maintenance. Best for stable, well-understood requirements. Inflexible to change.

V-model

Extension of waterfall with corresponding test phase for each development phase (unit, integration, system, acceptance).

Iterative and incremental

Build the system in chunks; each iteration produces a working subset.

Spiral (Boehm, 1988)

Risk-driven, combines iterative development with systematic risk assessment in each cycle.

Prototyping

Quickly build prototypes to explore requirements; throwaway or evolutionary.

Agile

Articulated in the Agile Manifesto (2001) by 17 practitioners. Four core values:

  1. Individuals and interactions over processes and tools.
  2. Working software over comprehensive documentation.
  3. Customer collaboration over contract negotiation.
  4. Responding to change over following a plan.
  • Scrum — fixed-length sprints (2-4 weeks), product backlog, sprint backlog, daily stand-up, sprint review, retrospective. Roles: Product Owner, Scrum Master, Development Team.
  • Kanban — visual board, WIP limits, continuous flow.
  • XP (Extreme Programming) — pair programming, TDD, refactoring, continuous integration.
  • SAFe / LeSS — scaling agile to large enterprises.
Key Points
  • User story = "As a [user], I want [feature], so that [benefit]."
  • Velocity = story points completed per sprint.
  • Definition of Done (DoD) = criteria a backlog item must meet to be considered complete.
  • MoSCoW prioritisation: Must, Should, Could, Won't.

Requirements engineering

Activities

  1. Elicitation — interviews, workshops, observation, document analysis.
  2. Analysis and negotiation — resolve conflicts and priorities.
  3. Specification — formal documentation (SRS).
  4. Validation — review with stakeholders.
  5. Management — handle changes, traceability.

Types

  • Functional requirements — what the system shall do.
  • Non-functional requirements (NFRs) — quality attributes (performance, security, usability, reliability, scalability, maintainability).
  • Domain requirements — derived from the application domain.

Characteristics of good requirements

  • Complete, consistent, correct, unambiguous, verifiable, traceable, feasible, prioritised.

Software design

Design transforms requirements into a system blueprint.

Levels

  • Architectural design — high-level structure (modules, services).
  • Detailed design — internals of each module (classes, algorithms).

Architectural patterns

  • Layered — UI, business logic, data.
  • Client-server — central server, multiple clients.
  • Microservices — small, independently deployable services.
  • Event-driven — publishers and subscribers.
  • Model-View-Controller (MVC) — UI separation.
  • Pipe-and-filter — chained processing stages.

Design principles

  • SOLID (OOP):
    • Single Responsibility
    • Open-Closed
    • Liskov Substitution
    • Interface Segregation
    • Dependency Inversion
  • DRY — Don't Repeat Yourself.
  • KISS — Keep It Simple, Stupid.
  • YAGNI — You Aren't Gonna Need It.

Design patterns (Gang of Four, 1994)

  • Creational — Singleton, Factory, Builder, Prototype.
  • Structural — Adapter, Bridge, Composite, Decorator, Facade, Proxy.
  • Behavioural — Observer, Strategy, Command, Iterator, State.

Testing

Levels

  1. Unit testing — individual functions/classes.
  2. Integration testing — interactions among modules.
  3. System testing — entire system against requirements.
  4. Acceptance testing — user / business validation.

Types

  • Black-box — based on specifications without internal knowledge.
  • White-box — based on internal code structure (statement, branch, path coverage).
  • Grey-box — combination.
  • Regression — verify previously working features still work.
  • Smoke — quick sanity check.
  • Performance / Load / Stress testing.
  • Security testing — penetration tests, OWASP Top 10.

Test-Driven Development (TDD)

Red → Green → Refactor: write a failing test, write minimal code to pass, then refactor.

Software quality

ISO 25010 lists eight quality characteristics:

  1. Functional suitability
  2. Performance efficiency
  3. Compatibility
  4. Usability
  5. Reliability
  6. Security
  7. Maintainability
  8. Portability

CMMI (Capability Maturity Model Integration)

Five levels: Initial → Managed → Defined → Quantitatively Managed → Optimising. Pakistan's larger IT firms (e.g., NetSol Technologies, Systems Limited) often pursue CMMI Level 3-5 certifications to win export contracts.

Configuration management

  • Version control (Git, Mercurial).
  • Build automation (Maven, Gradle, Make, npm).
  • Continuous Integration (Jenkins, GitHub Actions, GitLab CI).
  • Continuous Delivery / Deployment — automated path from commit to production.
  • Branching strategies — Git Flow, trunk-based development.

DevOps and SRE

DevOps unifies development and operations through automation, collaboration and shared metrics. Site Reliability Engineering (SRE) (Google's approach) treats operations as a software problem, with SLIs, SLOs, and error budgets.

Cloud-native practices

  • Containers (Docker).
  • Orchestration (Kubernetes).
  • Infrastructure as Code (Terraform, Ansible).
  • Observability (Prometheus, Grafana, ELK stack).

Software project management

Estimation

  • COCOMO (Boehm) — Constructive Cost Model.
  • Function Point Analysis.
  • Story-point estimation in Agile (Planning Poker).

Risk management

Identify, analyse, plan response, monitor. Risks include technical, project, business and external.

Tools

  • JIRA, Trello, Asana — task management.
  • Confluence, Notion — documentation.
  • Slack, Teams — communication.

For CSS answers on software engineering, contrast Waterfall (predictive, plan-driven, suitable for regulated domains like defence) with Agile (adaptive, suitable for fast-changing requirements like fintech). A balanced answer acknowledges hybrid approaches are increasingly common.

Pakistani software industry

  • Pakistan's IT exports crossed USD 3 billion in FY 2023-24, with a goal of USD 25 billion by 2030.
  • Major segments: BPO, software development, fintech, e-commerce, gaming.
  • PSEB (Pakistan Software Export Board) facilitates exporters.
  • Special Technology Zones Authority (STZA) offers tax incentives.
  • A growing freelancer base of over a million developers.

Officers in roles related to digital governance — at MoITT, Punjab IT Board, KP IT Board, Sindh IT Board, NITB — need a working command of software engineering vocabulary to engage credibly with vendors and engineers.

Software Engineering — Computer Science CSS Notes · CSS Prepare