Agile development

1. Design, Implement and Verify (test) something

2. Decide next priority in consultation with client

3. Repeat.

Advantage:

● delivers something useful almost immediately, rather than at the end of the project.

● don’t have to be nailed down at the beginning of the project.

Disadvantage:

● The client becoming overly ambitious.

● It might be harder to keep the project on track.

Waterfall model

1. Requirements

2. Design

3. Implementation

4. Verification

5. Maintenance

Advantage:

● This model is simple and easy to understand and use.

● It is easy to manage.

Disadvantage:

● It assumes that requirements are very clear and there is less chance of changes.

● No working software is produced until late during the life cycle.

Project Management Plan (PMP)

● Project information
The background, aims and scope

● Info on personnel
The information of team member. Such as the contact detail and the roles of each team member.

● Decisions on process
The PMP should describe the methodology being used and any practices and processes being employed. It should detail software tools used for communication, development, testing/integration, etc.

● Communication management
The PMP should explain processes for meetings, any written reports, communication via email, automatic logging.

● Quality management
The PMP should describe what Quality Assurance (QA) is to be conducted and who is responsible for it.

● Risk management
The PMP should detail risks that can be identified and the strategy to mitigate them. It should explain contingency plans, should risks occur.

Ps. Red one means easy to remember.

User story

Structure: As a <persona>, I want <action> [ so that <outcome>].

Independent	User stories should be self-contained.
Negotiable	User stories should be able to be easily revised or replaced, such as with a different user story that satisfies the same outcome.
Valuable	A user story must be beneficial to end users.
Estimatable	A user story should correspond to functionality for which implementation effort can be estimated.
Small	User stories must be small enough to be considered and scheduled independently.
Testable	The user story must provide enough info to verify that it has been implemented satisfactorily.

INVEST mnemonic:

Processes in Agile requirements tracking

Kanbans: a signboard with user stories

1.“To Do”

2.“Doing”

3.“Done”

Backlogs: allowing prioritisation of user stories and associated developer tasks, and assignment of tasks to individual developers.

Burndown charts: The gradient of the graph gives a indication of how quickly the team is progressing towards the goal of project completion as well as roughly how much work remains. (In the Agile development methodologies progress is often tracked with burndown charts.)

Gantt chart for waterfall model.

Design the system. 

Class diagrams: Class diagrams are an easy-to-read visual representation of the structure of the system. 

They can be shared with clients and used for discussion of the proposed system in the analysis and design stages, and then as a reference in the implementation phase. 

Activity diagrams: Activity diagrams are used to document workflows and even overall system behaviour. 

Wireframing:  Showing mock data. Wireframes are beneficial because they give a sense of the user interface before any code is written.

Storyboards: Storyboards are a sequence of user interface steps and connecting transitions used for simulating interaction. For software, storyboards give us an understanding of navigation, flow and story of an app, which can be discussed with clients and iterated between designers and software engineers.

Methods of software testing

Static testing: test the code or application without running it.

● Code review: person review.

● Static Analysis: running a special tool to identifies some common problems like syntax errors and patterns issues. Exclude logical issues.

Dynamic testing: Testing approaches that perform tests on running code

Black box testing: Test process is not visible.

White box testing: Test process is visible.

Levels of testing

1. Unit testing: Unit tests stress small portions, or units, of code.

2. Integration testing: Integration tests examine the behaviour and communication between two or more components of a system. 

3. System testing: System testing involves testing the complete application to check that it satisfies its requirements.

Internet Protocol (IP)

Ipv4: 2³²  =  4,294,967,296

Ipv6:  7.9×10²⁸  times Ipv4.

Network Address Translation (NAT)

Make many devices to use a same IP address.

Domain Name System (DNS)

There is an infrastructure for registering and looking up domain names

Code complexity(still confusing)

Constant time: O (1)

Logarithmic time: O (log n)

Linear time: O (n)

Quadratic time: O (n²)

High-level computer architecture

● Processor: the brains. Responsible for executing instructions;

● Storage and Memory

o Registers: fastest, on the processor, very few;

o Cache: very fast, on the processor, recent items from RAM;

o Random Access Memory (RAM): fast, but temporary storage;

o Hard disk / flash memory: slower, but permanent storage;

● Peripherals:

o Radios: Bluetooth, Wi-Fi, Cellular, GPS; and

o Input/output devices: display, keyboard, mouse, touchscreen, etc.

Peripherals: radio communication and sensors

● Bluetooth is very low-powered and only operates over very short distances, typically tens of metres.

● Wi-Fi is low powered, but very fast and has quite a small range.

● Cellular radios are longer range but require the phone to constantly communicate to the mobile phone towers (so the phone can receive incoming calls) and use a lot more power as a result.

● GPS in mobile phones consists of a radio antenna that receives time and identification signals from several satellites and triangulates the device’s position based on this. Obviously, the GPS signals operate over a long distance and are very slow as a result—it typically takes a full minute to receive the full GPS message being continuously broadcast by each satellite.

Donald Norman’s Principles

1. Visibility: Relevant elements should be in view and it should be obvious what they are for

2. Affordance: The appearance of an object should indicate how it should be used

3. Constraints: Limitations of the possible actions of an object, which may be used to limit the possibility of the user making errors. 

4. Cognitive aids: External representations intended to gain our attention at a time relevant to the task (such as the pup-up windows)

5. Transfer effects: People transfer their learning and expectations of similar objects/interfaces to the current task.

6.  Natural mapping: The relationship between controls and their effects in the world

Ben Shneiderman’s 8 Golden Rules of Interface Design

1. Strive for consistency: Consistent interfaces (in terms of, e.g., language, layout, design, appearance) are easier to learn and use as they make interfaces more predictable and easier to understand.

2. Cater to universal usability: We need to cater for the needs of a wide range of users; including their knowledge, experience, preferences, physical and intellectual abilities.

3. Offer informative feedback: Give the user feedback on their actions to inform them about what is happening (e.g., sounds, highlighting, progress bars).

4. Design dialogs to yield closure: Provide feedback at the end of a transaction (e.g., a “success” page for a transaction on an e-commerce website), as well as warnings about any input information that may be saved or lost.

5. Prevent errors: Prevent errors before they occur;  detect and correct errors when they do occur; and reduce the consequences of error (e.g., give the user the ability to undo operations).

6. Permit easy reversal of actions: Users often change their mind, are interrupted, or become confused about a process—apps should offer an easy way out wherever possible (e.g., quit to Home screen for phones).

7. Support internal locus of control: Give the user a sense of being in control—so they know what to do, when, and how to do it. Allow the user (and not the app!) to initiate and control actions; e.g., do not impose popups or random updates on the user without warning.

8. Reduce short-term memory load: Don’t make navigation and tasks excessively complex—use meaningful mnemonics, icons, and abbreviations or “hint” to the user what is needed (e.g., predict user’s location instead of having them type it manually, or pop up a Calendar dialog instead of forcing them to type in a date manually).

Accounts and passwords

Due to this, reuse of passwords is common. This is a bad idea because there is the potential for a cascade effect if even one of your accounts ever becomes compromised. 

Strong passwords

● Long: contains 8 or more characters,

● Doesn’t contain dictionary words,

● Includes a mixture of special characters (numbers/symbols)

● Isn’t reused for multiple accounts.

Password attacks

● Dictionary attacks: attempting to log in using passwords consisting of dictionary words and common variations of these, such as replacing ‘A’ with ‘4′ or putting years on the ends of words. Solution: composed of a combination of different types of characters.

● Brute force attacks: attempting to log in using passwords consisting of every possible combination of short passwords, e.g. all one-character passwords (“a”, “b”, “c”, …), then two (“aa”, “ab”, “ac”, …), then three characters, etc. Solution: Use a long password

● Rainbow table attack: Find the corresponding password for a known password by looking it up in a table of hashes for all common and short password combinations. More on this below. Solution: Salting

Salt: the benefit of making the password much longer and the hash can no longer just be looked up in a rainbow table. 

Sandbox:  a security mechanism for separating running programs, usually to mitigate system failures or software vulnerabilities from spreading.

Cookies: Initially browsers were confined to saving data in very small, text files called cookies confined to the browser’s sandbox.

HTTPS: Without the use of HTTPS and encrypted communications, anyone can read any of your internet traffic.

HTTP: does not encrypt your information, so all traffic is visible to anyone.

2Fa: Two-factor Authentication(2FA) a method of validating that someone is who they say they are.

Git: Git is a version control system that stores all past versions of code films and easier to track the changes of film.

JSONP: JSONP is for a web service to return results in JSON format padded with a callback function. This callback function will be called after some indeterminate amount of time when the request returns and it will be given as an argument the data returned by the request.

The difference between interpreted and compiled language(speed): In general, it is considered that interpreted code will run more slowly than compiled code because it must actively perform the step of turning the code into something the machine can handle on the fly as opposed to compiled code which can just run.