Requirement Specification
| Document | Requirement Specification |
| Specification name | Req Spec for service X ? |
| Author: | Sanni & Petteri |
| Version: | 1.0 |
| Date: | 15-2-2024 |
Introduction
Our team Ca&Do is working on the development of Combitech Oy's Tukko traffic visualization service. Tukko uses public traffic APIs, particularly Digitraffic, to provide users with the ability to visualize traffic data on a map. The aim is to add and improve various features to the service. We aim to provide users with more versatile and powerful tools for analyzing and visualizing traffic data.
Client
The client of the assignment is Combitech Oy. Combitech is a technology and consulting company providing services mainly in the Nordic countries. They focus in particular on security, industrial digitalisation, and the development of business and information systems. Combitech offers its services in various sectors such as defence, security, telecommunications and energy.
Combitech representative in the project is Sini Karvonen and Jarmo Luostarinen. The product owner is Reima Parviainen.
About the author and project team
Our team Ca&Do consists of 6 ICT-students, all studying at JAMK - University of Applied Sciences. Each member brings unique strengths and expertise, making us a strong and diverse team. Thanks to our diverse skills and backgrounds, we work together effectively to solve challenges and drive innovation.
More about our team: team Introduction
Short description of solution
In the development of the Tukko, our focus is on improving several key areas:
-
Enhancing the user interface and accessibility: The goal is to enable a smoother and more user-friendly user experience.
-
Analyzing and exporting data: Users can get more detailed traffic data.
-
Expanding the scalability of the service to the Nordic countries: Opening up new possibilities for monitoring and comparing traffic data from different countries.
-
Ensuring security and user authentication: Increasing the reliability of the service and user safety.
-
Optimizing infrastructure and performance: Ensuring efficient and reliable operation in all usage scenarios, to improve the user experience.
Through these improvements, Tukko aims to provide an enhanced user experience and more effective functionality in managing and analyzing traffic data.
Business requirements / goals?
| ReqID | Description |
|---|---|
| BUSINESS-REQ-0001 | Improving the user interface and accessibility for a smoother user experience. |
| BUSINESS-REQ-0002 | Provide more detailed traffic data analysis and export features. |
| BUSINESS-REQ-0003 | Expanding the service to work in the Nordic countries. |
| BUSINESS-REQ-0004 | Improving the security of the site and the ability of users to log in. |
| BUSINESS-REQ-0005 | The implementation of the features must be completed by the deadline. |
Stakeholder map
Stakeholders and profiles
| Stakeholde/profile | Info / Link to description | Motivation? |
|---|---|---|
| Ca&Do | Website | Developer team |
| Combitech | Website | They want to improve the service |
| IoTitude | Website | Product owner, also wants to improve the product |
| End user 1 | Everyday User | Users want to use the service to get real-time traffic information and avoid jams on their way to school or work |
| End user 2 | Traffic analyst | User wants to monitoring and analyzing traffic data for urban planning and transportation optimization purposes |
| Admin user | Administrative user of the service | Admin users can benefit from the service to gain greater insight and control over the maintenance and analysis of traffic data |
Customer story's as background information
End user 1 - Profile
Irmeli, a 25-year-old student, uses Tukko every day on her way to university. She appreciates the real-time traffic information to avoid traffic jams and being late for class. Irmeli also likes the app's new dark theme.
End user 2 - Profile
Anna, a 40-year-old data analyst with over 15 years of experience in the field, relies on the Tukko to access detailed and accurate traffic data for her analysis. As a traffic analyst, Anna is tasked with identifying traffic patterns, congestion hotspots, and trends to optimize transportation systems.
Admin user - Profile
Seppo, a 35-year-old IT professional specializing in system administration, utilizes the Tukko to ensure the smooth operation, reliability, and security of the service's infrastructure. He values the service's stability, security and proactive maintenance and continuous improvement to enhance performance.
Customer need
| ReqID | Description |
|---|---|
| CUSTOMER-REQ-0001 | Accurate and real-time traffic information |
| CUSTOMER-REQ-0002 | Easy-to-use interface |
| CUSTOMER-REQ-0003 | Wide range of functionalities: Sweden, Norway and Finland |
| CUSTOMER-REQ-0004 | Safe and reliable application |
| CUSTOMER-REQ-0005 | Versatile information and functions |
Customer Journey paths in Service/solution
Preliminary User Storys
| User Story ID | Description |
|---|---|
| US002 | As a user, I want to be able to create an account and securely authenticate myself to the web app |
| US003 | As a data analyst, I want to export data to csv from the database |
| US004 | As a customer I want secure authentication mechanisms, such as password hashing and session management, to protect user accounts |
| US011 | As a user I want to choose an area and count average traffic |
| US017 | As a developer, I want to regularly scan the codebase and dependencies for known security vulnerabilities and address them promptly |
| US024 | As a developer, I want to implement logging and error tracking mechanisms to capture and analyze any issues or errors occurring in the web app |
| US027 | As a platform engineer, I want to set up a scalable and resilient infrastructure using containerization, such as Docker, to ensure easy deployment and management of the web app |
| US029 | As a platform engineer, I want to implement an automated build and deployment pipeline using tools like GitLab CI/CD to streamline the release process and ensure consistent deployment's |
| US038 | As a developer, I want to have automated tests for both frontend and backend code to ensure the reliability and correctness of the web app |
| US039 | As a developer, I want to set up continuous integration (CI) and continuous deployment (CD) pipelines to automate the testing and deployment processes |
| US040 | As a tester I want to implement Robot Framework and browser libraries |
| US045 | As a user, I want the dark mode colors to not pop out as much |
| US053 | As a user, I want to see traffic situation in Sweden |
| US054 | As a user, I want to see traffic situation in Norway |
| US057 | As a security specialist I want to have controls over who can access the server |
| US058 | As a swedish person I want to use the user interface in my native language, Swedish |
| US060 | As a product owner I want the testing to include exploratory testing |
| US061 | As a team member I want to have maintainable documentation |
Selected Use Cases of service/solution
| Use Case | Domain | ID |
|---|---|---|
| Improve dark mode colors | User interface | FEA106 |
| Securely authenticate user accounts | User interface and security | FEA102 |
| Export data to csv from the database | Data analysis | FEA201 |
| Count average traffic in chosen area | Data analysis | FEA204 |
| Traffic situation in Sweden | Nordic scalability | FEA304 |
| Traffic situation in Norway | Nordic scalability | FEA303 |
| Localization for Swedish | Nordic scalability | FEA304 |
| Control access to the server | Security | FEA407 |
| Regularly scan for known security vulnerabilities | Security | FEA403 |
| Configure scalable and resilient infrastructure using containerization | Infrastructure and performance | FEA505 |
| Implement automated build and deployment pipeline | Infrastructure and performance | FEA506 |
| Implement logging and error tracking mechanisms | Infrastructure and performance | FEA503 |
| Maintainable documentation | Infrastructure and performance | FEA517 |
| Automate tests for frontend and backend code | Testing | FEA515 |
| Manual Testing | Testing | FEA516 |
Preliminary MockUp-prototype layouts for solution/service
System requirements
System is produced as Software-as-a-Service and cPouta of csc is used as a platform during development. After project software can be run in any kind of environment that is capable of running containers e.g. docker. Software is to be designed to be run on either a single computer or in cluster of computers using containerization technologies. Costs of running software largely depends on scale of operations and amount of concurrent users of the software. There is no need for large amounts of storage, since software doesn't have to store production data for long periods of time.
| RequirementsID | Description |
|---|---|
| SYSTEM-HW-REQ-0001 | Atleast 16GB of RAM on each server |
| SYSTEM-HW-REQ-0002 | Atleast 8 vcpus on each server |
| SYSTEM-HW-REQ-0003 | 2 or more servers behind a load balancer |
| SYSTEM-HW-REQ-0004 | Atleast 2 NIC:s on each server |
Constraints and standards that affect on service design
| ReqId | Description |
|---|---|
| CONSTRAINT-REQ-S00001 | User data should be handled in way to complies with GDPR |
| CONSTRAINT-REQ-S00002 | Network connections should be encrypted |
Service primay features and functionalities
- Functions
- User can toggle dark and light mode
- User can login securely
- User can export data to csv-file
- User can count traffic from given area
- User can see traffic situtation in Sweden
- User can see traffic situation in Norway
- User can use software in swedish
Functional requirements of the service
What are the functional requirements? Functional requirements describe the operation required of a software / system Functional requirements are the most easily identifiable. Avoid writing multiple claims in the same sentence! Each requirement separately .. You can present them in a table or refer to [one] (bases / baseline requirements list.md) for a larger entity
| ReqID | Description | Affected feature? |
|---|---|---|
| FUNC-REQ-C0001 | User is able to securely authenticate | Feature 102 - Securely authenticate users |
| FUNC-REQ-C0002 | User is able to export database data to csv-file | Feature 201 - Export data to csv from the database |
| FUNC-REQ-C0003 | User is able to view traffic situation in Sweden | Feature 302 - Traffic situation in Sweden |
| FUNC-REQ-C0003 | User is able to view traffic situation in Norway | Feature 303 - Traffic situation in Norway |
| FUNC-REQ-C0004 | User is able to view average traffic in chosen area | Feature 204 - Count average traffic in chosen area |
| FUNC-REQ-C0005 | User is able to use software in Swedish | Feature 304 - Localization in Swedish |
Software / service non-functional requirements
Performance Requirements
| ReqID | Requirement | Description |
|---|---|---|
| PERF-REQ-0001 | Scalability | The gateway service should be able to scale up to handle increased load |
| PERF-REQ-0002 | Resilience | The gateway service should be able to recover quickly from failures and continue to function |
Security Requirements
| ReqID | Requirement | Description |
|---|---|---|
| SEC-REQ-0001 | Authentication | Securely authenticate users |
| SEC-REQ-0002 | Vulnerability scanning | Regurarly scan for known security vulnerabilites |
| SEC-REQ-003 | Server access | Control access to the server |
Accessability Requirements
| ReqID | Requirement | Description |
|---|---|---|
| ACC-REQ-0000 | Localization | Localization in Swedish |
| ACC-REQ-0002 | Dark mode colors | Ability to switch between dark and light mode to please programmers |
Quality Assurance
- Link to Master Test Plan
Preliminary Acceptance Tests (Not implemented yet)
Acceptance tests generally focus on the customer / end-user perspective. The aim is to validate, ie to validate whether the product meets the customer's wishes and whether it meets the set requirements. Acceptance tests can be used to determine whether a product is also sufficiently high-performance, usable, or secure for customer use.
| AcceptanceTestId | Description | Feature |
|---|---|---|
| ACCTEST001 - Acceptance Test 1 | eg. Verify login as new user | Feature X |
| ACCTEST002 - Acceptance Test 2 | eg. Verify remove of personal data | Feature Y |
| ACCTEST003 - Acceptance Test 3 | eg. Verify login with correct password | Feature Z |
Software architecture, placement view, database description, and integrations
- Link to Software architecture
Deployment diagram
Integrations with other systems
Currently only Third party assets that are needed are cPouta virtual machines, which can be replaced with hosting provider or virtualmachine that runs ubuntu version > 20_04 and docker.
- Link to Software architecture
General view of integrations as UML Deployment Diagram
Standards and sources
- General Data Protection Regulation (GDPR): This regulation protects privacy and gives individuals control over their personal data.
- ePrivacy Directive: This directive complements the GDPR and provides rules on confidentiality of communications and tracking technologies such as cookies.
- Directive on the legal protection of computer programs ('Software Directive'): This directive protects computer programs by means of copyright.
- Directive on the enforcement of intellectual property right ('IPRED'): This directive enforces intellectual property rights.
- Directive on the legal protection of databases ('Database Directive'): This directive protects databases.
- EU Cybersecurity Act: This act ensures safer hardware and software.
- Digital contract rules: These rules make it easier for consumers and businesses to buy and sell digital content, digital services, goods, and 'smart goods' in the EU.