Skip to content

Version 2.0 Brainstorming

Daniel Kefer edited this page Jul 6, 2017 · 11 revisions

SecurityRAT version 2 brainstorming

New feature ideas:

  • GIT integration (storing the .yml file together with code) → 5

  • More JIRA tickets for one requirement → 3

  • Manual (de)linking of JIRA issues to requirements → 5

  • Possibility to store data to more artifacts in a single .yml file

  • Blueprint support (generic support) - 3-5?

  • Requirement import und export via GUI - 2

  • if we change the data scheme, we should have an importer for the old files - 4

  • migration script of requirements v1 to v2 - 2

  • adding metadata: 5

    • on a SecurityRAT instance level (admin says that every artifact [has to|can] have certain fields defined - e.g. live URL, git url, asset management url

    • on a requirement set level - I decide to add a certain information to the requirement set. This information gets stored to the yml file only

  • we should support editing of implementation types once the artifact is created 2

  • Excel (status value) import - 5

    • use case: for external partners, we currently use the xlsx export functionality (usage of Universal ID for import?)

  • Query language for searching in requirements (e.g. give me everything where status column contains "foobar") - 1

  • notifications of requirement changes (e.g. mail address, slack, hipchat, …​) - 2

  • Optional showing of tag values for one tag category (or e.g. indicating by background color) - 3

  • Diff of two answered requirement sets - 4?

  • Maturity evaluation - 1

  • Database Strategy:

    • Allow deletion of foreign dependencies (GUI) -

    • Delete flags

  • Token authentication to the REST API so that machines can consume it as well

Changes in data model:

  • linking of collections to implementation types

  • linking of alternative instances to collections (/implementation types?)

  • linking of tags to implementation types / collections?

  • linking of collections to collections? (showing of collections if other collections are shown - e.g.

    • Example: One collection says "Artifact type: Mobile app" and second one "Reachability: External" The second one doesn’t make much sense for a mobile app.

  • blueprints:

    • gemapped to collection types n:n

  • "training columns"?

  • generate data model with JHipster UML Studio: https://jhipster.github.io/managing-relationships/

  • changing the structure of the YAML file to avoid redundant information

Open Questions:

  • How to better support "inheritance"?

    • Use case: I use an artifact (library) in more projects, which solves certain requirements for me

    • Approach 1: Use "rulesets" - "if option X is set, status column S for requirement R has a value V"

    • Approach 2: Composition of more YAML files

  • There is a lot of clicking currently. How to make the operation faster?

    • Approach 1: Keyboard shortcuts

  • How to support external development better?

    • Currently we use XLSX export. This has some issues, esp. problematic importing of the data back into yml

    • Approach 1: Parse XLSX/CSV back into yaml/SecurityRAT

      • 1.1 Only Status values

      • 1.2 Complete

    • Approach 2: Write an Excel makro for yaml export

    • Approach 3: Cloud based application accessible for external partners

    • Approach 4: Portable application generating yml file - e.g. http://electron.atom.io/

    • Approach 5: New role for import of yamls only

Lessons Learned: