IEEE Std 830-1998 Recommended Practice for Software Requirements SpeciЮcations
(This introduction is not a part of IEEE Std 830-1998, IEEE Recommended Practice for Software Requirements SpeciÞ- cations.)
This recommended practice describes recommended approaches for the speciÞcation of software requirements.
It is based on a model in which the result of the software requirements speciÞcation process is an unambiguous and complete speciÞcation document. It should help a) Software customers to accurately describe what they wish to obtain; b) Software suppliers to understand exactly what the customer wants; c) Individuals to accomplish the following goals: 1) Develop a standard software requirements speciÞcation (SRS) outline for their own organizations; 2) DeÞne the format and content of their speciÞc software requirements speciÞcations; 3) Develop additional local supporting items such as an SRS quality checklist, or an SRS writerÕs handbook.
To the customers, suppliers, and other individuals, a good SRS should provide several speciÞc beneÞts, such as the following: - Establish the basis for agreement between the customers and the suppliers on what the software product is to do.
The complete description of the functions to be performed by the software speciÞed in the SRS will assist the potential users to determine if the software speciÞed meets their needs or how the software must be modiÞed to meet their needs.
- Reduce the development effort.
The preparation of the SRS forces the various concerned groups in the customerÕs organization to consider rigorously all of the requirements before design begins and reduces later redesign, recoding, and retesting. Careful review of the requirements in the SRS can reveal omissions, misunderstandings, and inconsistencies early in the development cycle when these problems are easier to correct. - Provide a basis for estimating costs and schedules.
The description of the product to be developed as given in the SRS is a realistic basis for estimating project costs and can be used to obtain approval for bids or price estimates. - Provide a baseline for validation and veriÞcation.
Organizations can develop their validation and veriÞcation plans much more productively from a good SRS. As a part of the development contract, the SRS provides a baseline against which compliance can be measured. - Facilitate transfer.
The SRS makes it easier to transfer the software product to new users or new machines. Customers thus Þnd it easier to transfer the software to other parts of their organization, and suppliers Þnd it easier to transfer it to new customers. - Serve as a basis for enhancement. Because the SRS discusses the product but not the project that developed it, the SRS serves as a basis for later enhancement of the Þnished product. The SRS may need to be altered, but it does provide a foundation for continued production evaluation.
The readers of this document are referred to Annex B for guidelines for using this recommended practice to meet the requirements of IEEE/EIA 12207.1-1997, IEEE/EIA GuideÑIndustry Implementation of ISO/IEC 12207: 1995, Standard for Information TechnologyÑSoftware life cycle processesÑLife cycle data.
This recommended practice was prepared by the Life Cycle Data Harmonization Working Group of the Software Engineering Standards Committee of the IEEE Computer Society. At the time this recommended practice was approved, the working group consisted of the following members:
Leonard L. Tripp, Chair
The following persons were on the balloting committee:
When the IEEE-SA Standards Board approved this recommended practice on 25 June 1998, it had the following membership:
Richard J. Holleman, Chair
Donald N. Heirman, Vice Chair
Judith Gorman, Secretary
This recommended practice describes recommended approaches for the speciÞcation of software requirements. It is divided into Þve clauses. Clause 1 explains the scope of this recommended practice. Clause 2 lists the references made to other standards. Clause 3 provides deÞnitions of speciÞc terms used. Clause 4 provides background information for writing a good SRS. Clause 5 discusses each of the essential parts of an SRS. This recommended practice also has two annexes, one which provides alternate format templates, and one which provides guidelines for compliance with IEEE/EIA 12207.1-1997.
This is a recommended practice for writing software requirements speciÞcations. It describes the content and qualities of a good software requirements speciÞcation (SRS) and presents several sample SRS outlines. This recommended practice is aimed at specifying requirements of software to be developed but also can be applied to assist in the selection of in-house and commercial software products. However, application to already-developed software could be counterproductive.
When software is embedded in some larger system, such as medical equipment, then issues beyond those identiÞed in this recommended practice may have to be addressed.
This recommended practice describes the process of creating a product and the content of the product. The product is an SRS. This recommended practice can be used to create such an SRS directly or can be used as a model for a more speciÞc standard.
This recommended practice does not identify any speciÞc method, nomenclature, or tool for preparing an SRS.
This recommended practice shall be used in conjunction with the following publications.
ASTM E1340-96, Standard Guide for Rapid Prototyping of Computerized Systems.
IEEE Std 610.12-1990, IEEE Standard Glossary of Software Engineering Terminology.
IEEE Std 730-1998, IEEE Standard for Software Quality Assurance Plans.
IEEE Std 730.1-1995, IEEE Guide for Software Quality Assurance Planning.
IEEE Std 828-1998, IEEE Standard for Software ConÞguration Management Plans.
IEEE Std 982.1-1988, IEEE Standard Dictionary of Measures to Produce Reliable Software.
IEEE Std 982.2-1988, IEEE Guide for the Use of IEEE Standard Dictionary of Measures to Produce Reliable Software.
IEEE Std 1002-1987 (Reaff 1992), IEEE Standard Taxonomy for Software Engineering Standards.
IEEE Std 1012-1998, IEEE Standard for Software VeriÞcation and Validation.
IEEE Std 1012a-1998, IEEE Standard for Software VeriÞcation and Validation: Content Map to IEEE/EIA 12207.1-1997.
IEEE Std 1016-1998, IEEE Recommended Practice for Software Design Descriptions.
IEEE Std 1028-1997, IEEE Standard for Software Reviews.
IEEE Std 1042-1987 (Reaff 1993), IEEE Guide to Software ConÞguration Management.
IEEE P1058/D2.1, Draft Standard for Software Project Management Plans, dated 5 August 1998.
IEEE Std 1058a-1998, IEEE Standard for Software Project Management Plans: Content Map to IEEE/EIA 12207.1-1997.
IEEE Std 1074-1997, IEEE Standard for Developing Software Life Cycle Processes.
IEEE Std 1233, 1998 Edition, IEEE Guide for Developing System Requirements SpeciÞcations.
1 ASTM publications are available from the American Society for Testing and Materials, 100 Barr Harbor Drive, West Conshohocken, PA 19428-2959, USA.
IEEE publications are available from the Institute of Electrical and Electronics Engineers, 445 Hoes Lane, P.O. Box 1331, Piscataway, NJ 08855-1331, USA.
As this standard goes to press, IEEE Std 828-1998; IEEE Std 1012a-1998; IEEE Std 1016-1998; and IEEE Std 1233, 1998 Edition are approved but not yet published. The draft standards are, however, available from the IEEE. Anticipated publication date is Fall 1998.
Contact the IEEE Standards Department at 1 (732) 562-3800 for status information.
See Footnote 3.
See Footnote 3.
Upon approval of IEEE P1058 by the IEEE-SA Standards Board, this standard will be integrated with IEEE Std 1058a-1998 and published as IEEE Std 1058, 1998 Edition. Approval is expected 8 December 1998.
As this standard goes to press, IEEE Std 1058a-1998 is approved but not yet published. The draft standard is, however, available from the IEEE. Anticipated publication date is December 1998. Contact the IEEE Standards Department at 1 (732) 562-3800 for status information. See Footnote 6.
See Footnote 3.
In general the deÞnitions of terms used in this recommended practice conform to the deÞnitions provided in IEEE Std 610.12-1990. The deÞnitions below are key terms as they are used in this recommended practice.
A legally binding document agreed upon by the customer and supplier. This includes the technical and organizational requirements, cost, and schedule for a product. A contract may also contain informal but useful information such as the commitments or expectations of the parties involved.
The person, or persons, who pay for the product and usually (but not necessarily) decide the requirements. In the context of this recommended practice the customer and the supplier may be members of the same organization.
The person, or persons, who produce a product for a customer. In the context of this recommended practice, the customer and the supplier may be members of the same organization.
The person, or persons, who operate or interact directly with the product. The user(s) and the customer(s) are often not the same person(s).
4. Considerations for producing a good SRS
This clause provides background information that should be considered when writing an SRS. This includes the following:
a) Nature of the SRS;
b) Environment of the SRS;
c) Characteristics of a good SRS;
d) Joint preparation of the SRS;
e) SRS evolution;
g) Embedding design in the SRS;
h) Embedding project requirements in the SRS.
4.1 Nature of the SRS
The SRS is a speciÞcation for a particular software product, program, or set of programs that performs certain functions in a speciÞc environment. The SRS may be written by one or more representatives of the supplier, one or more representatives of the customer, or by both. Subclause 4.4 recommends both. The basic issues that the SRS writer(s) shall address are the following:
a) Functionality. What is the software supposed to do?
b) External interfaces. How does the software interact with people, the systemÕs hardware, other hardware, and other software?
c) Performance. What is the speed, availability, response time, recovery time of various software functions, etc.?
d) Attributes. What are the portability, correctness, maintainability, security, etc. considerations?
e) Design constraints imposed on an implementation.
Are there any required standards in effect, implementation
language, policies for database integrity, resource limits, operating environment(s) etc.?
The SRS writer(s) should avoid placing either design or project requirements in the SRS.
For recommended contents of an SRS see Clause 5.
4.2 Environment of the SRS
It is important to consider the part that the SRS plays in the total project plan, which is deÞned in IEEE Std 610.12-1990. The software may contain essentially all the functionality of the project or it may be part of a larger system. In the latter case typically there will be an SRS that will state the interfaces between the system and its software portion, and will place external performance and functionality requirements upon the software portion. Of course the SRS should then agree with and expand upon these system requirements. IEEE Std 1074-1997 describes the steps in the software life cycle and the applicable inputs for each step. Other standards, such as those listed in Clause 2, relate to other parts of the software life cycle and so may complement software requirements.
Since the SRS has a speciÞc role to play in the software development process, the SRS writer(s) should be careful not to go beyond the bounds of that role. This means the SRS
a) Should correctly deÞne all of the software requirements. A software requirement may exist because of the nature of the task to be solved or because of a special characteristic of the project.
b) Should not describe any design or implementation details. These should be described in the design stage of the project.
c) Should not impose additional constraints on the software. These are properly speciÞed in other documents such as a software quality assurance plan.
Therefore, a properly written SRS limits the range of valid designs, but does not specify any particular design.
4.3 Characteristics of a good SRS
An SRS should be
e) Ranked for importance and/or stability;
An SRS is correct if, and only if, every requirement stated therein is one that the software shall meet.
There is no tool or procedure that ensures correctness. The SRS should be compared with any applicable superior speciÞcation, such as a system requirements speciÞcation, with other project documentation, and with other applicable standards, to ensure that it agrees. Alternatively the customer or user can determine if the SRS correctly reßects the actual needs. Traceability makes this procedure easier and less prone to error (see 4.3.8).
An SRS is unambiguous if, and only if, every requirement stated therein has only one interpretation. As a minimum, this requires that each characteristic of the Þnal product be described using a single unique term.
In cases where a term used in a particular context could have multiple meanings, the term should be included in a glossary where its meaning is made more speciÞc.
An SRS is an important part of the requirements process of the software life cycle and is used in design, implementation, project monitoring, veriÞcation and validation, and in training as described in IEEE Std 1074-1997. The SRS should be unambiguous both to those who create it and to those who use it. However, these groups often do not have the same background and therefore do not tend to describe software requirements the same way. Representations that improve the requirements speciÞcation for the developer may be counterproductive in that they diminish understanding to the user and vice versa.
Subclauses 184.108.40.206 through 220.127.116.11 recommend how to avoid ambiguity.
18.104.22.168 Natural language pitfalls
Requirements are often written in natural language (e.g., English). Natural language is inherently ambiguous.
A natural language SRS should be reviewed by an independent party to identify ambiguous use of language so that it can be corrected.
22.214.171.124 Requirements speciÞcation languages
One way to avoid the ambiguity inherent in natural language is to write the SRS in a particular requirements speciÞcation language. Its language processors automatically detect many lexical, syntactic, and semantic errors.
One disadvantage in the use of such languages is the length of time required to learn them. Also, many nontechnical users Þnd them unintelligible. Moreover, these languages tend to be better at expressing certain types of requirements and addressing certain types of systems. Thus, they may inßuence the requirements in subtle ways.
126.96.36.199 Representation tools
In general, requirements methods and languages and the tools that support them fall into three general categories Ñobject, process, and behavioral. Object-oriented approaches organize the requirements in terms of real-world objects, their attributes, and the services performed by those objects. Process-based approaches organize the requirements into hierarchies of functions that communicate via data ßows. Behavioral approaches describe external behavior of the system in terms of some abstract notion (such as predicate calculus), mathematical functions, or state machines.
The degree to which such tools and methods may be useful in preparing an SRS depends upon the size and complexity of the program. No attempt is made here to describe or endorse any particular tool.
When using any of these approaches it is best to retain the natural language descriptions. That way, customers unfamiliar with the notations can still understand the SRS.
An SRS is complete if, and only if, it includes the following elements:
a) All signiÞcant requirements, whether relating to functionality, performance, design constraints, attributes, or external interfaces. In particular any external requirements imposed by a system speci- Þcation should be acknowledged and treated.
b) DeÞnition of the responses of the software to all realizable classes of input data in all realizable classes of situations. Note that it is important to specify the responses to both valid and invalid input values.
c) Full labels and references to all Þgures, tables, and diagrams in the SRS and deÞnition of all terms and units of measure.
188.8.131.52 Use of TBDs
Any SRS that uses the phrase Òto be determinedÓ (TBD) is not a complete SRS. The TBD is, however, occasionally necessary and should be accompanied by
a) A description of the conditions causing the TBD (e.g., why an answer is not known) so that the situation can be resolved;
b) A description of what must be done to eliminate the TBD, who is responsible for its elimination, and by when it must be eliminated.
Consistency refers to internal consistency. If an SRS does not agree with some higher-level document, such as a system requirements speciÞcation, then it is not correct (see 4.3.1).
184.108.40.206 Internal consistency
An SRS is internally consistent if, and only if, no subset of individual requirements described in it conßict. The three types of likely conßicts in an SRS are as follows:
a) The speciÞed characteristics of real-world objects may conßict. For example,
1) The format of an output report may be described in one requirement as tabular but in another as textual.
2) One requirement may state that all lights shall be green while another may state that all lights shall be blue.
b) There may be logical or temporal conßict between two speciÞed actions. For example,
1) One requirement may specify that the program will add two inputs and another may specify that the program will multiply them.
2) One requirement may state that ÒAÓ must always follow ÒB,Ó while another may require that ÒA and BÓ occur simultaneously.
c) Two or more requirements may describe the same real-world object but use different terms for that object. For example, a programÕs request for a user input may be called a ÒpromptÓ in one requirement and a ÒcueÓ in another. The use of standard terminology and deÞnitions promotes consistency.
4.3.5 Ranked for importance and/or stability
An SRS is ranked for importance and/or stability if each requirement in it has an identiÞer to indicate either the importance or stability of that particular requirement.
Typically, all of the requirements that relate to a software product are not equally important. Some requirements may be essential, especially for life-critical applications, while others may be desirable.
Each requirement in the SRS should be identiÞed to make these differences clear and explicit. Identifying the requirements in the following manner helps:
a) Have customers give more careful consideration to each requirement, which often clariÞes any hidden assumptions they may have.
b) Have developers make correct design decisions and devote appropriate levels of effort to the different parts of the software product.
220.127.116.11 Degree of stability
One method of identifying requirements uses the dimension of stability. Stability can be expressed in terms of the number of expected changes to any requirement based on experience or knowledge of forthcoming events that affect the organization, functions, and people supported by the software system.
18.104.22.168 Degree of necessity
Another way to rank requirements is to distinguish classes of requirements as essential, conditional, and optional.
a) Essential. Implies that the software will not be acceptable unless these requirements are provided in an agreed manner.
b) Conditional. Implies that these are requirements that would enhance the software product, but would not make it unacceptable if they are absent.
c) Optional. Implies a class of functions that may or may not be worthwhile. This gives the supplier the opportunity to propose something that exceeds the SRS.
An SRS is veriÞable if, and only if, every requirement stated therein is veriÞable. A requirement is veriÞable if, and only if, there exists some Þnite cost-effective process with which a person or machine can check that the software product meets the requirement. In general any ambiguous requirement is not veriÞable. NonveriÞable requirements include statements such as Òworks well,Ó Ògood human interface,Ó and Òshall usually happen.Ó These requirements cannot be veriÞed because it is impossible to deÞne the terms Ògood,Ó Òwell,Ó or Òusually.Ó The statement that Òthe program shall never enter an inÞnite loopÓ is nonveriÞable because the testing of this quality is theoretically impossible.
An example of a veriÞable statement is
Output of the program shall be produced within 20 s of event ´ 60% of the time; and shall be produced within 30 s of event ´ 100% of the time.
This statement can be veriÞed because it uses concrete terms and measurable quantities.
If a method cannot be devised to determine whether the software meets a particular requirement, then that requirement should be removed or revised.
An SRS is modiÞable if, and only if, its structure and style are such that any changes to the requirements can be made easily, completely, and consistently while retaining the structure and style. ModiÞability generally requires an SRS to
a) Have a coherent and easy-to-use organization with a table of contents, an index, and explicit crossreferencing;
b) Not be redundant (i.e., the same requirement should not appear in more than one place in the SRS);
c) Express each requirement separately, rather than intermixed with other requirements.
Redundancy itself is not an error, but it can easily lead to errors. Redundancy can occasionally help to make an SRS more readable, but a problem can arise when the redundant document is updated. For instance, a requirement may be altered in only one of the places where it appears. The SRS then becomes inconsistent.
Whenever redundancy is necessary, the SRS should include explicit cross-references to make it modiÞable.
An SRS is traceable if the origin of each of its requirements is clear and if it facilitates the referencing of each requirement in future development or enhancement documentation. The following two types of traceability are recommended:
a) Backward traceability (i.e., to previous stages of development).
This depends upon each requirement explicitly referencing its source in earlier documents.
b) Forward traceability (i.e., to all documents spawned by the SRS).
This depends upon each requirement in the SRS having a unique name or reference number.
The forward traceability of the SRS is especially important when the software product enters the operation and maintenance phase. As code and design documents are modiÞed, it is essential to be able to ascertain the complete set of requirements that may be affected by those modiÞcations.
4.4 Joint preparation of the SRS
The software development process should begin with supplier and customer agreement on what the completed software must do. This agreement, in the form of an SRS, should be jointly prepared. This is important because usually neither the customer nor the supplier is qualiÞed to write a good SRS alone.
a) Customers usually do not understand the software design and development process well enough to write a usable SRS.
b) Suppliers usually do not understand the customerÕs problem and Þeld of endeavor well enough to specify requirements for a satisfactory system.
Therefore, the customer and the supplier should work together to produce a well-written and completely understood SRS.
A special situation exists when a system and its software are both being deÞned concurrently. Then the functionality, interfaces, performance, and other attributes and constraints of the software are not predeÞned, but rather are jointly deÞned and subject to negotiation and change. This makes it more difÞcult, but no less important, to meet the characteristics stated in 4.3. In particular, an SRS that does not comply with the requirements of its parent system speciÞcation is incorrect.
This recommended practice does not speciÞcally discuss style, language usage, or techniques of good writing.
It is quite important, however, that an SRS be well written. General technical writing books can be used for guidance.
4.5 SRS evolution
The SRS may need to evolve as the development of the software product progresses. It may be impossible to specify some details at the time the project is initiated (e.g., it may be impossible to deÞne all of the screen formats for an interactive program during the requirements phase). Additional changes may ensue as deÞ- ciencies, shortcomings, and inaccuracies are discovered in the SRS.
Two major considerations in this process are the following:
a) Requirements should be speciÞed as completely and thoroughly as is known at the time, even if evolutionary revisions can be foreseen as inevitable. The fact that they are incomplete should be noted.
b) A formal change process should be initiated to identify, control, track, and report projected changes. Approved changes in requirements should be incorporated in the SRS in such a way as to
1) Provide an accurate and complete audit trail of changes;
2) Permit the review of current and superseded portions of the SRS.
Prototyping is used frequently during the requirements portion of a project. Many tools exist that allow a prototype, exhibiting some characteristics of a system, to be created very quickly and easily. See also ASTM E1340-96.
Prototypes are useful for the following reasons:
a) The customer may be more likely to view the prototype and react to it than to read the SRS and react to it. Thus, the prototype provides quick feedback.
b) The prototype displays unanticipated aspects of the systems behavior. Thus, it produces not only answers but also new questions. This helps reach closure on the SRS.
c) An SRS based on a prototype tends to undergo less change during development, thus shortening development time.
A prototype should be used as a way to elicit software requirements. Some characteristics such as screen or report formats can be extracted directly
from the prototype. Other requirements can be inferred by running experiments with the prototype.
4.7 Embedding design in the SRS
A requirement speciÞes an externally visible function or attribute of a system. A design describes a particular subcomponent of a system and/or its interfaces with other subcomponents. The SRS writer(s) should clearly distinguish between identifying required design constraints and projecting a speciÞc design. Note that every requirement in the SRS limits design alternatives. This does not mean, though, that every requirement is design.
The SRS should specify what functions are to be performed on what data to produce what results at what location for whom. The SRS should focus on the services to be performed. The SRS should not normally specify design items such as the following:
a) Partitioning the software into modules;
b) Allocating functions to the modules;
c) Describing the ßow of information or control between modules;
d) Choosing data structures.
4.7.1 Necessary design requirements
In special cases some requirements may severely restrict the design. For example, security or safety requirements may reßect directly into design such as the need to
a) Keep certain functions in separate modules;
b) Permit only limited communication between some areas of the program;
c) Check data integrity for critical variables.
Examples of valid design constraints are physical requirements, performance requirements, software development standards, and software quality assurance standards.
Therefore, the requirements should be stated from a purely external viewpoint. When using models to illustrate the requirements, remember that the model only indicates the external behavior, and does not specify a design.
4.8 Embedding project requirements in the SRS
The SRS should address the software product, not the process of producing the software product.
Project requirements represent an understanding between the customer and the supplier about contractual matters pertaining to production of software and thus should not be included in the SRS. These normally include items such as
b) Delivery schedules;
c) Reporting procedures;
d) Software development methods;
e) Quality assurance;
f) Validation and veriÞcation criteria;
g) Acceptance procedures.
Project requirements are speciÞed in other documents, typically in a software development plan, a software quality assurance plan, or a statement of work.
5. The parts of an SRS
This clause discusses each of the essential parts of the SRS. These parts are arranged in Figure 1 in an outline that can serve as an example for writing an SRS.
While an SRS does not have to follow this outline or use the names given here for its parts, a good SRS should include all the information discussed here.
Figure 1ÑPrototype SRS outline
5.1 Introduction (Section 1 of the SRS)
The introduction of the SRS should provide an overview of the entire SRS. It should contain the following subsections:
c) DeÞnitions, acronyms, and abbreviations;
5.1.1 Purpose (1.1 of the SRS)
This subsection should
a) Delineate the purpose of the SRS;
b) Specify the intended audience for the SRS.
5.1.2 Scope (1.2 of the SRS)
This subsection should
a) Identify the software product(s) to be produced by name (e.g., Host DBMS, Report Generator, etc.);
b) Explain what the software product(s) will, and, if necessary, will not do;
c) Describe the application of the software being speciÞed, including relevant beneÞts, objectives, and goals;
d) Be consistent with similar statements in higher-level speciÞcations (e.g., the system requirements speciÞcation), if they exist.
5.1.3 DeÞnitions, acronyms, and abbreviations (1.3 of the SRS)
This subsection should provide the deÞnitions of all terms, acronyms, and abbreviations required to properly interpret the SRS. This information may be provided by reference to one or more appendixes in the SRS or by reference to other documents.
5.1.4 References (1.4 of the SRS)
This subsection should a) Provide a complete list of all documents referenced elsewhere in the SRS;
b) Identify each document by title, report number (if applicable), date, and publishing organization;
c) Specify the sources from which the references can be obtained.
This information may be provided by reference to an appendix or to another document.
5.1.5 Overview (1.5 of the SRS)
This subsection should
a) Describe what the rest of the SRS contains;
b) Explain how the SRS is organized.
5.2 Overall description (Section 2 of the SRS)
This section of the SRS should describe the general factors that affect the product and its requirements. This section does not state speciÞc requirements. Instead, it provides a background for those requirements, which are deÞned in detail in Section 3 of the SRS, and makes them easier to understand.
This section usually consists of six subsections, as follows:
a) Product perspective;
b) Product functions;
c) User characteristics;
e) Assumptions and dependencies;
f) Apportioning of requirements.
5.2.1 Product perspective (2.1 of the SRS)
This subsection of the SRS should put the product into perspective with other related products. If the product is independent and totally self-contained, it should be so stated here. If the SRS deÞnes a product that is a component of a larger system, as frequently occurs, then this subsection should relate the requirements of that larger system to functionality of the software and should identify interfaces between that system and the software.
A block diagram showing the major components of the larger system, interconnections, and external interfaces can be helpful.
This subsection should also describe how the software operates inside various constraints. For example, these constraints could include
a) System interfaces;
b) User interfaces;
c) Hardware interfaces;
d) Software interfaces;
e) Communications interfaces;
h) Site adaptation requirements.
22.214.171.124 System interfaces
This should list each system interface and identify the functionality of the software to accomplish the system requirement and the interface description to match the system.
126.96.36.199 User interfaces
This should specify the following:
a) The logical characteristics of each interface between the software product and its users.
This includes those conÞguration characteristics (e.g., required screen formats, page or window layouts, content of any reports or menus, or availability of programmable function keys) necessary to accomplish the software requirements.
b) All the aspects of optimizing the interface with the person who must use the system.
This may simply comprise a list of doÕs and donÕts on how the system will appear to the user. One example may be a requirement for the option of long or short error messages. Like all others, these requirements should be veriÞable, e.g., Òa clerk typist grade 4 can do function X in Z min after 1 h of trainingÓ rather than Òa typist can do function X. Ó (This may also be speciÞed in the Software System
Attributes under a section titled Ease of Use.)
188.8.131.52 Hardware interfaces
This should specify the logical characteristics of each interface between the software product and the hardware components of the system. This includes conÞguration characteristics (number of ports, instruction sets, etc.). It also covers such matters as what devices are to be supported, how they are to be supported, and protocols. For example, terminal support may specify full-screen support as opposed to line-by-line support.
184.108.40.206 Software interfaces
This should specify the use of other required software products (e.g., a data management system, an operating system, or a mathematical package), and interfaces with other application systems (e.g., the linkage between an accounts receivable system and a general ledger system). For each required software product, the following should be provided:
Ñ SpeciÞcation number;
Ñ Version number;
For each interface, the following should be provided:
Ñ Discussion of the purpose of the interfacing software as related to this software product.
Ñ DeÞnition of the interface in terms of message content and format. It is not necessary to detail any well-documented interface, but a reference to the document deÞning the interface is required.
220.127.116.11 Communications interfaces
This should specify the various interfaces to communications such as local network protocols, etc.
18.104.22.168 Memory constraints
This should specify any applicable characteristics and limits on primary and secondary memory.
This should specify the normal and special operations required by the user such as
a) The various modes of operations in the user organization (e.g., user-initiated operations);
b) Periods of interactive operations and periods of unattended operations;
c) Data processing support functions;
d) Backup and recovery operations.
NOTEÑThis is sometimes speciÞed as part of the User Interfaces section.
22.214.171.124 Site adaptation requirements
a) DeÞne the requirements for any data or initialization sequences that are speciÞc to a given site,
mission, or operational mode (e.g., grid values, safety limits, etc.);
b) Specify the site or mission-related features that should be modiÞed to adapt the software to a particular
5.2.2 Product functions (2.2 of the SRS)
This subsection of the SRS should provide a summary of the major functions that the software will perform.
For example, an SRS for an accounting program may use this part to address customer account maintenance, customer statement, and invoice preparation without mentioning the vast amount of detail that each of those functions requires.
Sometimes the function summary that is necessary for this part can be taken directly from the section of the higher-level speciÞcation (if one exists) that allocates particular functions to the software product. Note that for the sake of clarity
a) The functions should be organized in a way that makes the list of functions understandable to the customer or to anyone else reading the document for the Þrst time.
b) Textual or graphical methods can be used to show the different functions and their relationships. Such a diagram is not intended to show a design of a product, but simply shows the logical relationships among variables.
5.2.3 User characteristics (2.3 of the SRS)
This subsection of the SRS should describe those general characteristics of the intended users of the product including educational level, experience, and technical expertise. It should not be used to state speciÞc requirements, but rather should provide the reasons why certain speciÞc requirements are later speciÞed in Section 3 of the SRS.
5.2.4 Constraints (2.4 of the SRS)
This subsection of the SRS should provide a general description of any other items that will limit the developer Õs options. These include
a) Regulatory policies;
b) Hardware limitations (e.g., signal timing requirements);
c) Interfaces to other applications;
d) Parallel operation;
e) Audit functions;
f) Control functions;
g) Higher-order language requirements;
h) Signal handshake protocols (e.g., XON-XOFF, ACK-NACK);
i) Reliability requirements;
j) Criticality of the application;
k) Safety and security considerations.
5.2.5 Assumptions and dependencies (2.5 of the SRS)
This subsection of the SRS should list each of the factors that affect the requirements stated in the SRS. These factors are not design constraints on the software but are, rather, any changes to them that can affect the requirements in the SRS. For example, an assumption may be that a speciÞc operating system will be available on the hardware designated for the software product. If, in fact, the operating system is not available, the SRS would then have to change accordingly.
5.2.6 Apportioning of requirements (2.6 of the SRS)
This subsection of the SRS should identify requirements that may be delayed until future versions of the system.
5.3 SpeciÞc requirements (Section 3 of the SRS)
This section of the SRS should contain all of the software requirements to a level of detail sufÞcient to enable designers to design a system to satisfy those requirements, and testers to test that the system satisÞes those requirements. Throughout this section, every stated requirement should be externally perceivable by users, operators, or other external systems. These requirements should include at a minimum a description of every input (stimulus) into the system, every output (response) from the system, and all functions performed by the system in response to an input or in support of an output. As this is often the largest and most important part of the SRS, the following principles apply:
a) SpeciÞc requirements should be stated in conformance with all the characteristics described in 4.3.
b) SpeciÞc requirements should be cross-referenced to earlier documents that relate.
c) All requirements should be uniquely identiÞable.
d) Careful attention should be given to organizing the requirements to maximize readability.
Before examining speciÞc ways of organizing the requirements it is helpful to understand the various items that comprise requirements as described in 5.3.1 through 5.3.7.
5.3.1 External interfaces
This should be a detailed description of all inputs into and outputs from the software system. It should complement the interface descriptions in 5.2 and should not repeat information there. It should include both content and format as follows:
a) Name of item;
b) Description of purpose;
c) Source of input or destination of output;
d) Valid range, accuracy, and/or tolerance;
e) Units of measure;
g) Relationships to other inputs/outputs;
h) Screen formats/organization;
i) Window formats/organization;
j) Data formats;
k) Command formats;
l) End messages.
Functional requirements should deÞne the fundamental actions that must take place in the software in accepting and processing the inputs and in processing and generating the outputs. These are generally listed as ÒshallÓ statements starting with ÒThe system shallÉÓ These include
a) Validity checks on the inputs
b) Exact sequence of operations
c) Responses to abnormal situations, including
2) Communication facilities
3) Error handling and recovery
d) Effect of parameters
e) Relationship of outputs to inputs, including
1) Input/output sequences
2) Formulas for input to output conversion
It may be appropriate to partition the functional requirements into subfunctions or subprocesses. This does not imply that the software design will also be partitioned that way.
5.3.3 Performance requirements
This subsection should specify both the static and the dynamic numerical requirements placed on the software or on human interaction with the software as a whole. Static numerical requirements may include the following:
a) The number of terminals to be supported;
b) The number of simultaneous users to be supported;
c) Amount and type of information to be handled.
Static numerical requirements are sometimes identiÞed under a separate section entitled Capacity.
Dynamic numerical requirements may include, for example, the numbers of transactions and tasks and the amount of data to be processed within certain time periods for both normal and peak workload conditions.
All of these requirements should be stated in measurable terms.
For example, 95% of the transactions shall be processed in less than 1 s. rather than,
An operator shall not have to wait for the transaction to complete.
NOTEÑNumerical limits applied to one speciÞc function are normally speciÞed as part of the processing subparagraph description of that function.
5.3.4 Logical database requirements
This should specify the logical requirements for any information that is to be placed into a database. This may include the following:
a) Types of information used by various functions;
b) Frequency of use;
c) Accessing capabilities;
d) Data entities and their relationships;
e) Integrity constraints;
f) Data retention requirements.
5.3.5 Design constraints
This should specify design constraints that can be imposed by other standards, hardware limitations, etc.
126.96.36.199 Standards compliance
This subsection should specify the requirements derived from existing standards or regulations. They may include the following:
a) Report format;
b) Data naming;
c) Accounting procedures;
d) Audit tracing.
For example, this could specify the requirement for software to trace processing activity. Such traces are needed for some applications to meet minimum regulatory or Þnancial standards. An audit trace requirement may, for example, state that all changes to a payroll database must be recorded in a trace Þle with before and after values.
5.3.6 Software system attributes
There are a number of attributes of software that can serve as requirements. It is important that required attributes be speciÞed so that their achievement can be objectively veriÞed. Subclauses 188.8.131.52 through
184.108.40.206 provide a partial list of examples.
This should specify the factors required to establish the required reliability of the software system at time of delivery.
This should specify the factors required to guarantee a deÞned availability level for the entire system such as checkpoint, recovery, and restart.
This should specify the factors that protect the software from accidental or malicious access, use, modiÞcation, destruction, or disclosure. SpeciÞc requirements in this area could include the need to
a) Utilize certain cryptographical techniques;
b) Keep speciÞc log or history data sets;
c) Assign certain functions to different modules;
d) Restrict communications between some areas of the program;
e) Check data integrity for critical variables.
This should specify attributes of software that relate to the ease of maintenance of the software itself. There may be some requirement for certain modularity, interfaces, complexity, etc. Requirements should not be placed here just because they are thought to be good design practices.
This should specify attributes of software that relate to the ease of porting the software to other host
machines and/or operating systems. This may include the following:
a) Percentage of components with host-dependent code;
b) Percentage of code that is host dependent;
c) Use of a proven portable language;
d) Use of a particular compiler or language subset;
e) Use of a particular operating system.
5.3.7 Organizing the speciÞc requirements
For anything but trivial systems the detailed requirements tend to be extensive. For this reason, it is recommended that careful consideration be given to organizing these in a manner optimal for understanding. There is no one optimal organization for all systems. Different classes of systems lend themselves to different organizations of requirements in Section 3 of the SRS. Some of these organizations are described in 220.127.116.11 through 18.104.22.168.
22.214.171.124 System mode
Some systems behave quite differently depending on the mode of operation. For example, a control system may have different sets of functions depending on its mode: training, normal, or emergency. When organizing this section by mode, the outline in A.1 or A.2 should be used. The choice depends on whether interfaces and performance are dependent on mode.
126.96.36.199 User class
Some systems provide different sets of functions to different classes of users. For example, an elevator control system presents different capabilities to passengers, maintenance workers, and Þre Þghters. When organizing this section by user class, the outline in A.3 should be used.
Objects are real-world entities that have a counterpart within the system. For example, in a patient monitoring system, objects include patients, sensors, nurses, rooms, physicians, medicines, etc. Associated with each object is a set of attributes (of that object) and functions (performed by that object). These functions are also called services, methods, or processes. When organizing this section by object, the outline in A.4 should be used. Note that sets of objects may share attributes and services. These are grouped together as classes.
A feature is an externally desired service by the system that may require a sequence of inputs to effect the desired result. For example, in a telephone system, features include local call, call forwarding, and conference call. Each feature is generally described in a sequence of stimulus-response pairs. When organizing this section by feature, the outline in A.5 should be used.
Some systems can be best organized by describing their functions in terms of stimuli. For example, the functions of an automatic aircraft landing system may be organized into sections for loss of power, wind shear, sudden change in roll, vertical velocity excessive, etc. When organizing this section by stimulus, the outline in A.6 should be used.
Some systems can be best organized by describing all the functions in support of the generation of a response. For example, the functions of a personnel system may be organized into sections corresponding to all functions associated with generating paychecks, all functions associated with generating a current list of employees, etc. The outline in A.6 (with all occurrences of stimulus replaced with response) should be used.
188.8.131.52 Functional hierarchy
When none of the above organizational schemes prove helpful, the overall functionality can be organized into a hierarchy of functions organized by either common inputs, common outputs, or common internal data access. Data ßow diagrams and data dictionaries can be used to show the relationships between and among the functions and data. When organizing this section by functional hierarchy, the outline in A.7 should be used.
5.3.8 Additional comments
Whenever a new SRS is contemplated, more than one of the organizational techniques given in 184.108.40.206 may be appropriate. In such cases, organize the speciÞc requirements for multiple hierarchies tailored to the speciÞc needs of the system under speciÞcation. For example, see A.8 for an organization combining user class and feature. Any additional requirements may be put in a separate section at the end of the SRS. There are many notations, methods, and automated support tools available to aid in the documentation of requirements. For the most part, their usefulness is a function of organization. For example, when organizing by mode, Þnite state machines or state charts may prove helpful; when organizing by object, object-oriented analysis may prove helpful; when organizing by feature, stimulus-response sequences may prove helpful; and when organizing by functional hierarchy, data ßow diagrams and data dictionaries may prove helpful. In any of the outlines given in A.1 through A.8, those sections called ÒFunctional Requirement iÓ may be described in native language (e.g., English), in pseudocode, in a system deÞnition language, or in four subsections titled: Introduction, Inputs, Processing, and Outputs.
5.4 Supporting information
The supporting information makes the SRS easier to use. It includes the following:
a) Table of contents;
5.4.1 Table of contents and index
The table of contents and index are quite important and should follow general compositional practices.
The appendixes are not always considered part of the actual SRS and are not always necessary. They may include
a) Sample input/output formats, descriptions of cost analysis studies, or results of user surveys;
b) Supporting or background information that can help the readers of the SRS;
c) A description of the problems to be solved by the software;
d) Special packaging instructions for the code and the media to meet security, export, initial loading, or other requirements.
When appendixes are included, the SRS should explicitly state whether or not the appendixes are to be considered part of the requirements.
Annex A (informative) SRS templates A.1 Template of SRS Section 3 organized by mode: Version 1
A.2 Template of SRS Section 3 organized by mode: Version 2
A.3 Template of SRS Section 3 organized by user class
A.4 Template of SRS Section 3 organized by object
A.5 Template of SRS Section 3 organized by feature
A.6 Template of SRS Section 3 organized by stimulus
A.7 Template of SRS Section 3 organized by functional hierarchy
A.8 Template of SRS Section 3 showing multiple organizations
Annex B (informative) Guidelines for compliance with IEEE/EIA 12207.1-1997 B.1 Overview The Software Engineering Standards Committee (SESC) of the IEEE Computer Society has endorsed the policy of adopting international standards. In 1995, the international standard, ISO/IEC 12207, Information technologyÑSoftware life cycle processes, was completed. The standard establishes a common framework for software life cycle processes, with well-deÞned terminology, that can be referenced by the software industry. In 1995 the SESC evaluated ISO/IEC 12207 and decided that the standard should be adopted and serve as the basis for life cycle processes within the IEEE Software Engineering Collection. The IEEE adaptation of ISO/IEC 12207 is IEEE/EIA 12207.0-1996. It contains ISO/IEC 12207 and the following additions: improved compliance approach, life cycle process objectives, life cycle data objectives, and errata. The implementation of ISO/IEC 12207 within the IEEE also includes the following: Ñ IEEE/EIA 12207.1-1997, IEEE/EIA Guide for Information TechnologyÑSoftware life cycle processes ÑLife cycle data; Ñ IEEE/EIA 12207.2-1997, IEEE/EIA Guide for Information TechnologyÑSoftware life cycle processes ÑImplementation considerations; and Ñ Additions to 11 SESC standards (i.e., IEEE Stds 730, 828, 829, 830, 1012, 1016, 1058, 1062, 1219, 1233, 1362) to deÞne the correlation between the data produced by existing SESC standards and the data produced by the application of IEEE/EIA 12207.1-1997. NOTEÑAlthough IEEE/EIA 12207.1-1997 is a guide, it also contains provisions for application as a standard with speci Þc compliance requirements. This annex treats 12207.1-1997 as a standard. B.1.1 Scope and purpose Both IEEE Std 830-1998 and IEEE/EIA 12207.1-1997 place requirements on a Software Requirements Description Document. The purpose of this annex is to explain the relationship between the two sets of requirements so that users producing documents intended to comply with both standards may do so. B.2 Correlation This clause explains the relationship between IEEE Std 830-1998 and IEEE/EIA 12207.0-1996 and IEEE/ EIA 12207.1-1997 in the following areas: terminology, process, and life cycle data. B.2.1 Terminology correlation Both this recommended practice and IEEE/EIA 12207.0-1996 have similar semantics for the key terms of software, requirements, speciÞcation, supplier, developer, and maintainer. This recommended practice uses the term ÒcustomerÓ where IEEE/EIA 12207.0-1996 uses Òacquirer,Ó and this recommended practice uses ÒuserÓ where IEEE/EIA 12207.0-1996 uses Òoperator.Ó B.2.2 Process correlation IEEE/EIA 12207.0-1996 uses a process-oriented approach for describing the deÞnition of a set of requirements for software. This recommended practice uses a product-oriented approach, where the product is a Software Requirements Description (SRD). There are natural process steps, namely the steps to create each portion of the SRD. These may be correlated with the process requirements of IEEE/EIA 12207.0-1996. The difference is that this recommended practice is focused on the development of software requirements whereas IEEE/EIA 12207.0-1996 provides an overall life cycle view and mentions Software Requirements Analysis as part of its Development Process. This recommended practice provides a greater level of detail on what is involved in the preparation of an SRD. B.2.3 Life cycle data correlation IEEE/EIA 12207.0-1996 takes the viewpoint that the software requirements are derived from the system requirements. Therefore, it uses the term, ÒdescriptionÓ rather that ÒspeciÞcationÓ to describe the software requirements. In a system in which software is a component, each requiring its own speciÞcation, there would be a System Requirements SpeciÞcation (SRS) and one or more SRDs. If the term Software Requirements SpeciÞcation had been used, there would be a confusion between an SRS referring to the system or software requirements. In the case where there is a stand-alone software system, IEEE/EIA 12207.1-1997 states ÒIf the software is a stand-alone system, then this document should be a speciÞcation.Ó B.3 Content mapping This clause provides details bearing on a claim that an SRS complying with this recommended practice would also achieve Òdocument complianceÓ with the SRD described in IEEE/EIA 12207.1-1997. The requirements for document compliance are summarized in a single row of Table 1 of IEEE/EIA 12207.1- 1997. That row is reproduced in Table B.1 of this recommended practice.
The requirements for document compliance are discussed in the following subclauses: Ñ B.3.1 discusses compliance with the information requirements noted in column 2 of Table B.1 as prescribed by 220.127.116.11, 18.104.22.168, and 22.214.171.124 of IEEE/EIA 12207.0-1996.
Ñ B.3.2 discusses compliance with the generic content guideline (the ÒkindÓ of document) noted in column 3 of Table B.1 as a ÒdescriptionÓ. The generic content guidelines for a ÒdescriptionÓ appear in 5.1 of IEEE/EIA 12207.1-1997. Ñ B.3.3 discusses compliance with the speciÞc requirements for a Software Requirements Description noted in column 4 of Table B.1 as prescribed by 6.22 of IEEE/EIA 12207.1-1997. Ñ B.3.4 discusses compliance with the life cycle data objectives of Annex H of IEEE/EIA 12207.0- 1996 as described in 4.2 of IEEE/EIA 12207.1-1997. B.3.1 Compliance with information requirements of IEEE/EIA 12207.0-1996 The information requirements for an SRD are those prescribed by 126.96.36.199, 188.8.131.52, and 184.108.40.206 of IEEE/EIA 12207.0-1996. The requirements are substantively identical to those considered in B.3.3 of this recommended practice. B.3.2 Compliance with generic content guidelines of IEEE/EIA 12207.1-1997 According to IEEE/EIA 12207.1-1997, the generic content guideline for an SRD is generally a description, as prescribed by 5.1 of IEEE/EIA 12207.1-1997. A complying description shall achieve the purpose stated in 5.1.1 and include the information listed in 5.1.2 of IEEE/EIA 12207.1-1997. The purpose of a description is: IEEE/EIA 12207.1-1997, subclause 5.1.1: Purpose: Describe a planned or actual function, design, performance, or process. An SRD complying with this recommended practice would achieve the stated purpose. Any description or speciÞcation complying with IEEE/EIA 12207.1-1997 shall satisfy the generic content requirements provided in 5.1.2 of that standard. Table B.2 of this recommended practice lists the generic content items and, where appropriate, references the clause of this recommended practice that requires the same information.
B.3.3 Compliance with speciÞc content requirements of IEEE/EIA 12207.1-1997 The speciÞc content requirements for an SRD in IEEE/EIA 12207.1-1997 are prescribed by 6.22 of IEEE/ EIA 12207.1-1997. A compliant SRD shall achieve the purpose stated in 6.22.1 of IEEE/EIA 12207.1-1997. The purpose of the SRD is: IEEE/EIA 12207.1-1997, subclause 6.22.1: Purpose: Specify the requirements for a software item and the methods to be used to ensure that each requirement has been met. Used as the basis for design and qualiÞcation testing of a software item. An SRS complying with this recommended practice and meeting the additional requirements of Table B.3 of this recommended practice would achieve the stated purpose. An SRD compliant with IEEE/EIA 12207.1-1997 shall satisfy the speciÞc content requirements provided in 6.22.3 and 6.22.4 of that standard. Table B.3 of this recommended practice lists the speciÞc content items and, where appropriate, references the clause of this recommended practice that requires the same information. An SRD speciÞed according the requirements stated or referenced in Table B.3 of this recommended practice shall be evaluated considering the criteria provided in 220.127.116.11 of IEEE/EIA 12207.0-1996.
B.3.4 Compliance with life cycle data objectives In addition to the content requirements, life cycle data shall be managed in accordance with the objectives provided in Annex H of IEEE/EIA 12207.0-1996. B.4 Conclusion The analysis suggests that any SRS complying with this recommended practice and the additions shown in Table B.2 and Table B.3 also complies with the requirements of an SRD in IEEE/EIA 12207.1-1997. In addition, to comply with IEEE/EIA 12207.1-1997, an SRS shall support the life cycle data objectives of Annex H of IEEE/EIA 12207.0-1996.