What is System Development Life Cycle (SDLC)?
System Development Life Cycle, SDLC is a set of structured processes that are designed to guide in building a good software from the scratch. The SDLC is a roadmap for the software companies. To arrive at a fully functional, glitch-free software in the shortest period covering all the functionalities. That are expected from the system to be developed and also meeting all the end-user requirements. It can be viewed as a blueprint. A guide to help achieve a superior end product that has all the qualities of good software. Following SDLC will greatly help not only in understanding the project well but also in enhancing the project quality, speeding up the project timeline, and reducing the cost of the project.
What are the 7 phases of SDLC
It contains 7 stages or phases’ viz., Planning, Analysis, Design, Development, Testing, Implementing, and Maintaining. Each of these phases is equally important and contributes to the overall development of successful software.
As the name suggests, the development team plans how to approach the software system they are going to design. The planning includes the need for the new system, resources available, the scale of the project, cost estimation, scheduling of the project, and provisioning. Various inputs are taken in this stage from end-users, employees who are going to operate the designed system, operational heads, and domain experts in the field. These inputs are used to conduct a feasibility study on various aspects such as technical, operational, and economic.
This is the phase where it is determined the timeframes for each of the phases. What to expect of the software to be designed? What methods to be used, what are the risks involved, and how to minimize or eliminate them?
The second phase in the System Development Life Cycle is the Analysis phase. This phase involves gathering all the specific requirements for the system to be designed, analyzing any existing system if there is one, and the drawbacks it has that result in going for new software, and feasibility study of the new software system to be designed. The specific requirements include the software to be used, hardware to be procured, network requirements, and end-user requirements. .
All these details are summarised in a document called Software Requirement Specification or SRS document. This document describes what software is best suited for the project and how it is expected to perform. It also describes the functionality the end product has to achieve for all stakeholders such as business heads, employees, and end-users needs.
This stage in SDLC is a forerunner to the next stage, i.e., the Development stage. Based on the requirements specified in the SRS document, a few prototypes are designed detailing various features of the software such as user interfaces, system interfaces, databases, network requirements, and other finer details. These prototypes are then reviewed by all the stakeholders and based on various feasibility parameters, risk assessment, product vastness, budget, and time frames, the best design is selected for the system to be developed.
Once a prototype that is best suited for the project is finalized, the team is ready to move to the development phase.
The actual product is built in this stage of the secure System Development Life Cycle, Development. Based on the software being developed, a programming language is chosen and the code is written by the developers based on the various inputs from previous phases and also from the SRS document. Based on the coding guidelines defined, developers use compilers, interpreters and debuggers, etc. to generate the code. Different high-level languages like Java, PHP, C, and C++ are used for coding.
The critical phase of the SDLC, Testing is where the developed software is tested for various parameters. The first and foremost parameter is whether the software designed met all the end-user requirements specified in the planning stage. The developed software is tested against any vulnerabilities, bugs, coding errors, and other shortcomings. The time taken for the Testing phase depends on various factors like the scope of the project, the experience of the developers in writing error-free code, the complexity of the system being developed, and the requirements demanded by the system.
A test report is generated after testing documenting all the shortcomings detected if any and fixed.
Various tested modules pertaining to the new Software are integrated into a single unit and is released in a test environment called UAT, User Acceptance Testing. Based on the feedback received, improvements were made and fine-tuned. The product is thus implemented and is now available for the end-users.
This is the last phase of the System Development Life Cycle, the Maintaining phase. Once the developed software is being put in place for use, a few problems usually arise that weren’t envisaged by the developers during the SDLC. These minor issues are attended to by the maintenance team ensuring the smooth functioning of the Software.
The Importance of SDLC:
The first and foremost important aspect of the System Development Life Cycle, is it provides a standardized framework of approach in a phased manner with well-defined activities and deliverables.
SDLC helps in project planning, scheduling, and cost estimation before starting the project.
Since SDLC is done in a phased manner, project tracking and control are made easier. Because only after successfully completing one phase, the team can move into the next phase. This gives better control over the project especially when they are large and complex.
SDLC has immense process flexibility and transparency. Since the entire SDLC is based on a structured process in a phased manner and does not depend on one person or a group, team members can move in and out of the project without hindering the process. As SDLC increases visibility throughout its cycle, all the stakeholders can see the actual progress of the project without being kept in the dark. This improves client relations to a large extent.
SDLC being a planned process eliminates unnecessary expenses and the overall cost of production. This also decreases certain project risks as these are envisaged during the initial planning phase of the project.
SDLC Methodologies & Drawbacks
There are several SDLC methodologies adopted while approaching software development. While most old models have become redundant, some still find a place in a few projects. Let’s take a look at major SDLC models.
This model can be termed the first model in SDLC and is the oldest and most structured of SDLC methodologies. All the phases in this model run sequentially and move to the next phase only on completion of the previous phase. The major drawback of this model is that it is very rigid and inflexible. This model doesn’t give the opportunity for any change once a phase is completed. If at all a change is incorporated, the whole cycle has to be started from the planning stage itself. Hence this model has become outdated soon.
In this model, each phase produces a partial but deployable version of the software. And in each subsequent iteration, new features are added until all the features and covered. One of the advantages of this model is developers can arrive at a working model early in the project. It can eliminate a few bugs very early through the feedback from end-users. The biggest disadvantage of this model is it requires more resources as each successive phase is rigid with no overlaps. Another disadvantage is project conclusion date cannot be fixed. Moreover, a highly skilled team is required for risk analysis at each iteration.
Spiral model is used for large projects and it combines the iterative development model with the elements of the waterfall model. This model enables gradual releases of the product with refinement with each spiraled phase. This model aids in building prototypes at each phase and this helps in identifying unknown risks after the project has commenced. The disadvantages of this model are it is highly expensive, not suitable for small projects, the dependency on risk analysis, the complexity of the model, and is time-consuming.
V Shaped Model
In this model, each phase of SDLC is associated with a testing phase. Verification and validation phases are run in parallel at each stage of the SDLC to identify any bugs and shortcomings. The disadvantage of this model is it is very rigid and least flexible as it is derived from the waterfall model. Another disadvantage is no working software can be produced in the intermediate stages. And is not suitable if the requirements of the project are not consistent.
Big Bang Model
Bing Bang model does not follow any specific process and just commences without any planning. The output arrived may or may not match the end-user requirements. This model does not follow a particular process flow or procedure with little or no planning required. This model is generally used for small projects with smaller teams of developers. The requirements for this model are understood and implemented as they occur. The advantage of this model is it is very simple and requires no planning. Coming to the disadvantages this is a very risky model as the changes in requirements or misunderstood requirements may often lead to undesired results.
The agile model produces continuous release cycles, each containing small incremental changes from its previous release, and the product is tested at each iteration. This model helps the development teams to identify issues and bugs at each release and correct them before evolving into bigger ones. The advantage of the agile model in SDLC is, that it is a very realistic approach, and functionality can be developed rapidly with minimum resources, suitable for both fixed and changing requirements, and can deliver partial working solutions. Disadvantages include it is not suitable for complex dependencies, risk of sustainability, maintainability, and extensibility. As this model depends more on end-user interaction, if the end-user is not clear on what he needs. The whole project can run in the wrong direction.
Secure System Development Life Cycle
Security is the most important aspect of any application that has a critical functionality and it applies to every stage in the SDLC and needs to be the frontrunner while implementing any software requirements. Developers need to be aware of the potential security concerns at each phase of the SDLC. This requires integrating security into SDLC into every phase of the SDLC. The Secure System Development Life Cycle, SSDLC describes security requirements that should be considered and addressed within every system.
Secure System Development Life Cycle ensures that security is incorporated into every phase of the SDLC. Having a strong and secure SDLC process is very critical to ensure the application is not subject to attacks by any malicious forces. This can be achieved by incorporating Application Security Testing at every phase of the SDLC. Application Security Testing (AST) is the process of making software applications more resistant to various security threats by identifying various vulnerabilities and weaknesses in the source code. Most organizations use various tools such as static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Mobile Application Security Testing (MAST) at each of the SDLC phases to secure the whole Software.