CSC326 Midterm Study Guide: Software Engineering Concepts and Design Patterns, Exams of Advanced Education

This study guide provides a comprehensive overview of key software engineering concepts and design patterns relevant to csc326. It covers topics such as version control, continuous integration, rest apis, object-relational mapping, software architecture, uml diagrams, design metrics, security design, common vulnerabilities, design patterns (strategy, state, observer, composite, mvc), requirements analysis and modeling, software development process models (waterfall and agile), testing methodologies, and software quality assurance. The guide includes explanations, examples, and diagrams to enhance understanding.

Typology: Exams

2024/2025

Available from 01/27/2025

solution-master
solution-master 🇺🇸

3.3

(28)

11K documents

1 / 11

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CSC326 Midterm study guide set Exam
GitHub - Hosting service for version control with git
Jenkins - Automation server for continuous integration
REST APIs - An API that uses HTTP requests to GET, PUT, POST and DELETE data
Hibernate - Object-relational mapping tool for Java, used to interact with SQL
Spring - Framework used for iTrust and MVC
Angular JS - JavaScript based front-end web app framework
Selenium - Used for automating web apps for testing
Cucumber - Runs acceptance tests in a behavioral (BDD) style
Software architecture - The high-level structures of a software system
Four main architectural patterns - Call and Return, Data Centered, Data Flow, Event Systems
Call and Return Pros and Cons - Easy to reason about behavior, sometimes not flexible enough
Call and Return Examples - Main and Subprogram, Object-Oriented, Layered Model
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download CSC326 Midterm Study Guide: Software Engineering Concepts and Design Patterns and more Exams Advanced Education in PDF only on Docsity!

CSC326 Midterm study guide set Exam

GitHub - Hosting service for version control with git Jenkins - Automation server for continuous integration REST APIs - An API that uses HTTP requests to GET, PUT, POST and DELETE data Hibernate - Object-relational mapping tool for Java, used to interact with SQL Spring - Framework used for iTrust and MVC Angular JS - JavaScript based front-end web app framework Selenium - Used for automating web apps for testing Cucumber - Runs acceptance tests in a behavioral (BDD) style Software architecture - The high-level structures of a software system Four main architectural patterns - Call and Return, Data Centered, Data Flow, Event Systems Call and Return Pros and Cons - Easy to reason about behavior, sometimes not flexible enough Call and Return Examples - Main and Subprogram, Object-Oriented, Layered Model

Main and Subprogram - C. Functions that call functions, etc. Easy to program and understand, performance can suffer and can be hard to extend Object-oriented - Java. Well defined interfaces, interface changes break all users of a particular class, multiple threads may contend for access to object data. Dynamic Dispatch for appropriate methods Layered Model - Easy to extend system with new layers, structuring layers can be difficult as layers may require services of non-adjacent layers Data Centered Pros and Cons - Easy to administer, hard to track down errors/dependencies Data Centered Examples - Repository, Blackboard Repository - Central repo that stores data, client make requests to repo, repository may be a bottleneck Blackboard - Central database accessible by all components that is active. Good for non-deterministic solutions. Adding new knowledge source is easier. Infrastructure is complex Data Flow Pros and Cons - A set of components with inputs and outputs, components operate independently, no knowledge of neighbors, common data format Data Flow Examples - Batch Sequential, Pipes and Filters Batch Sequential - Each component completes transformation of input before passing to output, easy reuse of components, easy to reason about, easy to maintain by adding components, each component has to wait for the previous pipe to finish, difficult to maintain correspondences

Multiplicity - 1 = always has one, 0..1 = zero or one, 1.. = one or more, 0.. = zero or more Abstraction UML - Italicized and dotted lines Scenario to sequence diagram - Most nouns become objects and verbs are messages Parts of a sequence diagram - Classes with columns, messages with arrows, and activations with narrow rectangles Sequence Diagram - Different type of UML Diagram. Describes the "control flow". Time flows down, control flow if (action) from object to object. Class diagram could have all scenarios, while sequence diagram is one scenario Parts of a state diagram - States and transitions, must have start and end states Design metrics - Minimize lines of code, maximize number of classes, minimize methods per class (tradeoff), minimize number of children (tradeoff), minimize depth of inheritance tree (tradeoff), maximize method hiding factor, maximize attribute hiding factor, minimize cyclomatic complexity, minimize lack of cohesion of methods, minimize coupling factor Security Design - Least Privilege: users are given only privileges they need to complete the task, Role- based access control, Server-side checks, Principle of Open Design, Psychological Acceptability Important Vulnerabilities - SQL Injection, Cross-Site Scripting, Buffer Overflow, URL Jumping, Insufficient Logging Strategy Pattern - Notion of encapsulating an algorithm and swapping between concrete implementations based off the scenario. Delegate behavior, reduce complex conditionals, must be aware of all strategies, increased number of objects. (Example: Sorting Algorithms)

State vs Strategy pattern - State pattern encapsulates a state of your data and swaps between it. (FSM) Observer pattern - Observer pattern waits for data to notify, Observable data is watched by the Observers. Composite Pattern - Tree structure (Whole-part relationships). Looks like a component interface with an operation, a composite with an operation and a leaf with an operation. Leaf is not a container, has component methods, composite is a container, has children and methods for children, delegates component methods to children MVC Pattern - MVC that is used to split up application into model (The data) The view is how we see the data. Controller takes the commands from the user, propagates changes from the data to the view. MVC with other patterns - HTML is an example of the composite pattern, Model could be composite pattern (Office Visit), View is Observer pattern (Could have many views, slack), Controller is strategy pattern Behavioral pattern - Characterize the ways in which the classes and objects interact. (Observer, Strategy, State) Structural Patterns - Deal with the composition of classes or objects (Composite, Adapter) Creational - Concerned with the process of object creation (Singleton, Factory Method) Requirement classes - Look for nouns and actions on nouns as methods Typical stakeholders in a system - Customers, Developers, QA, Management

Scenario vs Use Case - Scenarios and user stories are 1-to-1. Multiple scenarios would make up a use case. Requirements Validation - Correctness, Completeness, Consistency, Clarity, Concision Requirements analysis vs modeling - Requirements analysis can be thought of more as "understanding the requirements" whereas the modeling side is coming up with a form of the requirements that developers can work with (such as user stories and use cases). Story Points - Unit for expressing the overall size of a user story Ideal Time - The amount of time "something" takes when stripped of all peripheral activities Elapsed time - The amount of time that passes on the clock to do something Inspection Roles - Author, Inspectors, Moderator, Scribe, Reader Author - Developer of artifact Inspectors - Inspect artifact. Everyone except the author Moderator - Member of the quality assurance team Scribe - Takes notes during inspection of issues of interest Reader - Person who interprets artifact for inspectors

What software artifacts can be inspected? - Requirements, Design, BBTP Bug Reports - Steps to Reproduce, What should happen?, What did happen? Other information (Isolation) Presentations - Share your knowledge, work, information with others. Keep in mind dress code Interviews - Would like to be hired, proper attire, prepare ahead of time, have questions, know what the company does Two software development process models - Waterfall and agile Agile - Iterative, might have lots of errors but it's very difficult to get extremely detailed descriptions that are also accurate Plan-driven models - Extreme programming, crystal methods Scrum - Here's what I've done, here's what blocking me, here's what I'll do next Validation - Are we building the right product? Verification - Are we building the product right? Unit tests - Testing small pieces, White Box, Devs write and run Integration Tests - Individual software modules are tested as a group, white box, devs write and testers run

Driver - Write lower-level, mocked version of upper-level that runs code in the higher level Oracle - What is the expected behavior of an application (With this input, what should happen) Operational Profile - Used for performance testing. Here's what the actions on the system are, here's how likely we see they would be. Percentage on how often operations would be done Risk exposure - Likelihood and impact Vulnerability - Bad security Attack - Taking advantage of the vulnerability Four types of software maintenance - Corrective, Adaptive, Perfective, Preventive REST API - Performance, Scalability, Modify, needs to be done well, can't update. Names matter. API should do as much as possible. Standardized way for people to use data. Teaming - Generally you don't have solo projects, need to be able to work with people Project Management 3 Phases - Planning, Execution, Control Execution - Doing the project Control - Seeing how it worked

Velocity - How much is being done per time iteration vs what we expected Iteration 0 - Plan out all of the tasks, who will do them, and how long it will take Done criteria - Criteria for when we know we're done with the project Cost of software quality - Cost of development and maintaining, prevent by designing ahead of time, using test-driven-development and good tests Developing vs Maintaining - Maintaining is much harder and more expensive Privacy - Access is only as needed PII - Personally identifiable information, if you don't need it don't collect it Privacy policy - What is going to happen with the data, what is being collected, why HIPAA - Health Info is important Microservices - Take application and split up into chunks, Independent rest APIs Infrastructure management - What are things to think about when deploying, Where is it available, Load balancing if server goes down?