Skip to content
Snippets Groups Projects
Commit 62d7bcab authored by James D'Alton's avatar James D'Alton
Browse files

Final adjustments

parent 697fa68c
No related branches found
No related tags found
1 merge request!1Final report
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 324 additions and 315 deletions
report/2_BackgroundAndLiteratureReview.tex
+ 8
8
View file @ 62d7bcab
...@@ -4,19 +4,19 @@ ...@@ -4,19 +4,19 @@
\chapter{BACKGROUND AND LITERATURE REVIEW} \chapter{BACKGROUND AND LITERATURE REVIEW}
\section{Crime} \section{Crime}
There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR} There has been a significant increase in cyber-criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains} \section{Supply Chains}
Supply chain management is a process essential for linking major business actions and behaviours internally and between companies into a capable and effective business model. \cite{CSCRM} It encompasses all logistics management endeavours not to mention manufacturing operations, and it propels coordination of activities across marketing, sales, product design, finance, and IT. \cite{CSCRM} Supply chain management is a process essential for connecting major business actions and behaviours both internally and between organisations into a capable and effective business model. \cite{CSCRM} It encompasses all logistics management endeavours, not to mention manufacturing operations, and it drives the coordination of activities across multiple business areas including; marketing, sales, product design, finance, and IT. \cite{CSCRM}
\subsection{Supply Chain Security} \subsection{Supply Chain Security}
Supply chain security concentrates on the threats linked to an organisation\textquoteright s suppliers of goods and services, many of which potentially have considerable access to assets belonging to the company or to its customer data. \cite{CombattingCyberRisks} Supply chain security concentrates on the threats linked to an organisation\textquoteright s suppliers of goods and services, many of which potentially have considerable access to assets belonging to the company or to its customer data. \cite{CombattingCyberRisks}
\section{Compliance} \section{Compliance}
Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats. Compliance is a crucial, costly, and complex issue for any company to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies, or best practices known as standards. \cite{ComplianceGovernance} 1Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security} \subsection{Compliance in Cyber Security}
Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner. Cyber security is the aggregate of technologies, processes, and practices, which were designed to shield computer networks, software, and data from loss, theft, or manipulation. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials} \subsection{Cyber Essentials}
The UK Government worked with a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question. The UK Government worked with a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
...@@ -25,14 +25,14 @@ ...@@ -25,14 +25,14 @@
Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers. Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
\subsection{The Effect on Business and Loss of Confidence} \subsection{The Effect on Business and Loss of Confidence}
According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance} According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, a staggering 56\% said they were unwilling to pay any amount of money for additional security to protect their personal information. \cite{ITGovernance}
\subsection{Legal consequences} \subsection{Legal consequences}
GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo} GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
\section{Case Study: Pouring Pounds Ltd} \section{Case Study: Pouring Pounds Ltd}
Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag} Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occurred in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\section{Previous and Similar Work} \section{Previous and Similar Work}
...@@ -41,7 +41,7 @@ ...@@ -41,7 +41,7 @@
\subsection{Formstack} \subsection{Formstack}
Formstack boasts a drag and drop interface to allow quick and easy customisation of a form you create, with various components for different data types and layouts and you can see your changes in real time. The product is aimed at developers and non-technical people, offering a time-saving way to build forms for a wide variety of different functions, including collecting payments, gathering customer data and automating day-to-day tasks. \cite{Formstack} Formstack boasts a drag and drop interface to allow quick and easy customisation of a form you create, with various components for different data types and layouts and you can see your changes in real time. The product is aimed at developers and non-technical people, offering a time-saving way to build forms for a wide variety of different functions, including collecting payments, gathering customer data and automating day-to-day tasks. \cite{Formstack}
At the time of writing, the product has multiple pricing tiers, starting from \$19 USD per month with 'Bronze' and ending up at a \$249 USD per month for 'Platinum', which includes \textquotedblleft Advanced data collection features \& priority supprot\textquotedblright. \cite{Formstack} There is also an 'Enterprise' edition, however pricing for that seems to be on a case-by-case basis. At the time of writing, the product has multiple pricing tiers, starting from \$19 USD per month with 'Bronze' and ending up at a \$249 USD per month for 'Platinum', which includes \textquotedblleft Advanced data collection features \& priority support\textquotedblright. \cite{Formstack} There is also an 'Enterprise' edition, however pricing for that seems to be on a case-by-case basis.
\begin{figure}[H] \begin{figure}[H]
\center \center
...@@ -71,4 +71,4 @@ ...@@ -71,4 +71,4 @@
\end{figure} \end{figure}
\subsection{Evaluation and Comparison of Existing Products} \subsection{Evaluation and Comparison of Existing Products}
The range of customisations available in Formstack and Device Magic make them a generic solution in comparison to the specialised nature of proposed in this project. CompForge will have a more streamlined interface and method for form creation. Compliance forms have a more straightforward and predictable structure, a fact which was taken advantage of during the design phase (see chapter X). The range of customisations available in Formstack and Device Magic make them a generic solution in comparison to the specialised nature of proposed in this project. CompForge will have a more streamlined interface and method for form creation. Compliance forms have a more straightforward and predictable structure, a fact which was taken advantage of during the design phase (see Chapter 4: Design).
\ No newline at end of file \ No newline at end of file
report/3_RequirementsAndAnalysis.tex
+ 104
94
View file @ 62d7bcab
This diff is collapsed.
report/4_Design.tex
+ 25
7
View file @ 62d7bcab
...@@ -11,20 +11,20 @@ The design of the web application will be based on the requirements established ...@@ -11,20 +11,20 @@ The design of the web application will be based on the requirements established
In an SME, any one person could be in charge of compliance, from an employee in IT to someone in an administration role or even the CEO. In light of the fact that the application must allow for both technical and non-technical users, the design must be as accessible as possible. In order to ensure accessibility, the application will be designed with non-technical users in mind, and to that end will also be tested and evaluated by them. In an SME, any one person could be in charge of compliance, from an employee in IT to someone in an administration role or even the CEO. In light of the fact that the application must allow for both technical and non-technical users, the design must be as accessible as possible. In order to ensure accessibility, the application will be designed with non-technical users in mind, and to that end will also be tested and evaluated by them.
\subsection{Competitor Research} \subsection{Competitor Research}
Existing products have been evaluated in chapter 2. As previously stated, the design of these products is unncessecarily bloated for the purpose of producing cyber security compliance forms. Such products are designed to generate many other form types, whereas this product capitalises on the simple structure of compliance to streamline the design of the tool needed to build them. Existing products have been evaluated in chapter 2. As previously stated, the design of these products is unnecessarily bloated for the purpose of producing cyber security compliance forms. Such products are designed to generate many other form types, whereas this product capitalises on the simple structure of compliance to streamline the design of the tool needed to build them.
\subsection{User Personas} \subsection{User Personas}
Creating personas allows the production of dependable, authentic representations of the target user group, in order to perform stakeholder analysis. \cite{Personas} Creating personas allows the production of dependable, authentic representations of the target user group, in order to perform stakeholder analysis. \cite{Personas}
\begin{itemize} \begin{itemize}
\item \item
Alan is a 35 year old head of IT at a a small company. He is very capable when it comes to maintaining the company's network and cyber security, but does not know anything about the level of security at other organisations in his company's supply chain. He knows that those organisations could be compromised and used as an attack vector to infiltrate the company network and steal valuable data or do other serious harm. Alan is a 35-year-old head of IT at a small company. He is very capable when it comes to maintaining the company's network and cyber security, but does not know anything about the level of security at other organisations in his company's supply chain. He knows that those organisations could be compromised and used as an attack vector to infiltrate the company network and steal valuable data or do other serious harm.
\item \item
Emily is a 22 year old computer science graduate, tasked with producing some cyber security best practices for her company to follow, in order for it to fend off the basic attacks that could be carried out by an unskilled individual. She knows about cyber security best practices from some of her modules at university, but is not sure where to start with producing compliance forms for her company to follow. Emily is a 22-year-old computer science graduate, tasked with producing some cyber security best practices for her company to follow, in order for it to fend off the basic attacks that could be carried out by an unskilled individual. She knows about cyber security best practices from some of her modules at university but is not sure where to start with producing compliance forms for her company to follow.
\item \item
Bob is a 57 year old systems administrator at a medium sized company that has just undergone a merger with another firm. He is tasked with combining the cyber security compliance standards that both of the old companies were using into a single standard for the new company to follow. Bob is a 57-year-old systems administrator at a medium sized company that has just undergone a merger with another firm. He is tasked with combining the cyber security compliance standards that both old companies were using into a single standard for the new company to follow.
\end{itemize} \end{itemize}
...@@ -34,6 +34,8 @@ The design of the web application will be based on the requirements established ...@@ -34,6 +34,8 @@ The design of the web application will be based on the requirements established
\subsection{Wireframes} % 2D outline of single page \subsection{Wireframes} % 2D outline of single page
TODO: Sign in / Sign up wireframe TODO: Sign in / Sign up wireframe
TODO: Dashboard wireframe TODO: Dashboard wireframe
TODO: Create a Form wireframe TODO: Create a Form wireframe
...@@ -41,14 +43,30 @@ The design of the web application will be based on the requirements established ...@@ -41,14 +43,30 @@ The design of the web application will be based on the requirements established
TODO: Add a Partner wireframe TODO: Add a Partner wireframe
\subsection{Flow Charts} % Map journey \subsection{Flow Charts} % Map journey
TODO: Minified versions of the wireframes with arrows and generally flowiness... TODO: Minified versions of the wireframes with arrows showing flow of the application...
\section{Material-UI} \section{Material-UI}
Material-UI is a popular React UI framework for faster and easier web development. It has a massive suite of components that help with building a fully customisable UI, it is incredibly well documented and it receives regular monthly updates from its developers. For these reasons, Material-UI has been used for many of the components in the project in order to increase development speed. Material-UI is a popular React UI framework for faster and easier web development. It has a massive suite of components that help with building a fully customisable UI, it is incredibly well documented, and it receives regular monthly updates from its developers. For these reasons, Material-UI has been used for many of the components in the project in order to increase development speed.
\section{Minimum Viable Product} \section{Minimum Viable Product}
The Minimum Viable Product (MVP) is the encapsulation of the core features that allow an application to function. While not fully functional, it will have the necessary functionality to allow the application to work at its most basic level, and it provides a solid starting point for a project to work towards. The Minimum Viable Product (MVP) is the encapsulation of the core features that allow an application to function. While not fully functional, it will have the necessary functionality to allow the application to work at its most basic level, and it provides a solid starting point for a project to work towards.
In the case of CompForge, the core features consist of the ability for a user to create and store a form, and share it with another user. Features like creating persistent accounts, authentication, adding other users as partners were integrated after this first iteration was completed. In the case of CompForge, the core features have been listed below:
\ No newline at end of file
\begin{itemize}
\item Register
\item Sign in
\item Sign out
\item Create Form
\item View Form
\item Share Form
\item Delete Form
\item Submit Form
\end{itemize}
\begin{itemize}
\item Edit Form
\item Add Partner
\end{itemize}
\ No newline at end of file
report/5_Implementation.tex
+ 25
16
View file @ 62d7bcab
...@@ -4,14 +4,14 @@ ...@@ -4,14 +4,14 @@
\chapter{IMPLEMENTATION} \chapter{IMPLEMENTATION}
\section{Project Development Objective} \section{Project Development Objective}
The objective of this project was to produce a web application that would allow a company to create, store and share compliance forms, in order to reduce the cost of tracking and maintaining compliance to any cyber security standard. The objective of this project was to produce a web application that would allow an organisation to create, store and share and submit completed compliance forms, in order to reduce the cost of tracking and maintaining compliance to any cyber security standard.
\subsection{Functionality} \subsection{Functionality}
The application, called CompForge, allows a user to create custom forms, which are stored on a serverless database hosted on Google\textquoteright s Firebase. These forms can be shared with partners - other users that are added in a similar fashion to friends or followers on social media. When a form is shared with a partner, that partner is able to complete and return it to the original user, with their answers also being stored in the application\textquoteright s database. The application, called CompForge, allows a user to create custom compliance forms, which are stored on a serverless database, hosted on Google Firebase. These forms can be shared with partners - other users that are added in a similar fashion to friends or followers on social media. When a form is shared with a partner, that partner can complete and return it to the original user, with their given responses to each question.
\section{Technologies} \section{Technologies}
A variety of functionality was required to complete the application and this required the employment of a number of different technologies. Requirements included a fast and flexible frontend framework to reduce loading times and adapt quickly to changes from the backend, a realtime database to send those changes to the frontend, and good out-of-the-box security. The implementation of a variety of different features was required to complete the application and this required the employment of a number of different technologies. Requirements included a fast and flexible frontend framework to reduce loading times and adapt quickly to changes from the backend, a real-time database to send those changes to the frontend, and good out-of-the-box security.
\begin{table}[H] \begin{table}[H]
\centering \centering
...@@ -23,7 +23,7 @@ ...@@ -23,7 +23,7 @@
\multicolumn{3}{|c|}{Application}\\ \multicolumn{3}{|c|}{Application}\\
\hline \hline
\hline \hline
\makecell{React} & \makecell{Front end development} & \makecell{Reuseable components,\\development speed,\\ reduced loading times}\\ \makecell{React} & \makecell{Front end development} & \makecell{Reusable components,\\development speed,\\ reduced loading times}\\
\hline \hline
\makecell{React Router} & \makecell{Navigation between\\virtual pages} & \makecell{Reduced loading times}\\ \makecell{React Router} & \makecell{Navigation between\\virtual pages} & \makecell{Reduced loading times}\\
\hline \hline
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
\hline \hline
\makecell{Firebase Authentication} & \makecell{Authentication as a Service} & \makecell{Development speed,\\security}\\ \makecell{Firebase Authentication} & \makecell{Authentication as a Service} & \makecell{Development speed,\\security}\\
\hline \hline
\makecell{Firestore} & \makecell{Serverless realtime\\NoSQL database} & \makecell{Development speed,\\realtime updates}\\ \makecell{Firestore} & \makecell{Serverless real-time\\NoSQL database} & \makecell{Development speed,\\real-time updates}\\
\hline \hline
\makecell{Firebase CLI} & \makecell{Utility for\\administering\\Firebase projects} & \makecell{Configuration of\\React-Firebase connection}\\ \makecell{Firebase CLI} & \makecell{Utility for\\administering\\Firebase projects} & \makecell{Configuration of\\React-Firebase connection}\\
\hline \hline
...@@ -53,14 +53,21 @@ ...@@ -53,14 +53,21 @@
\hline \hline
\makecell{GitLab} & \makecell{Version control system} & \makecell{Project planning and\\code management}\\ \makecell{GitLab} & \makecell{Version control system} & \makecell{Project planning and\\code management}\\
\hline \hline
\makecell{Batch \& WSL} & \makecell{Scripting \& providing\\linux commands\\on Windows} & \makecell{Latex build and\\clean up script\\(see appendix)}\\ \makecell{Batch \& WSL} & \makecell{Scripting \& providing\\Linux commands\\on Windows} & \makecell{Latex build and\\clean up script\\(see appendix)}\\
\hline \hline
\end{tabular} \end{tabular}
\caption{Technologies and Justifications for Use} \caption{Technologies and Justifications for Use}
\end{table} \end{table}
\subsection{React} \subsection{React}
React is a JavaScript library specialising in the development of user interfaces, developed and maintained by Facebook. \cite{React} React was chosen as the medium for the frontend due to it's manipulation of the virtual DOM, which reduces loading times; reuseable components to increase development speed, and built-in defence against Cross Site Scripting attacks. Given that the core of the application involves user inputting data to forms, the latter is especially important. React is a JavaScript library specialising in the development of user interfaces, developed and maintained by Facebook. \cite{React} React was chosen as the medium for the frontend due to it's manipulation of the virtual DOM, which reduces loading times; reusable components to increase development speed, and built-in defence against Cross Site Scripting attacks. Given that the core of the application involves user inputting data to forms, the latter is especially important.
\subsubsection{Redux/Thunk}
Redux was utilised to manage the state of the application, including the user's data, and whether they are authenticated. Redux imposes certain restrictions when it comes to state management, increasing a developer's control over how and when the state can be updated.
To change the application's state, you need to dispatch an action (a JavaScript object). The action and the application's current state are passed into a JavaScript function, called a reducer. A reducer takes these two parameters and returns the new state of the application. Usually the state of an application will be quite large, so instead of managing the entire state with a single reducer, multiple reducers are written to manage different parts of the state.
Thunk allows asynchronous logic to interact with the state. It was used in CompForge to do ...
\subsubsection{Code Structure} \subsubsection{Code Structure}
The structure of the React frontend is heavily influenced by create-react-app - a tool used in this project to get a head start on the setup and configuration of the frontend application. Since there is no recommended way to structure React projects, my opinion on the best way to do this for the remainder source code was to group by page, thereby simplifying the process of finding and editing related components. The structure of the React frontend is heavily influenced by create-react-app - a tool used in this project to get a head start on the setup and configuration of the frontend application. Since there is no recommended way to structure React projects, my opinion on the best way to do this for the remainder source code was to group by page, thereby simplifying the process of finding and editing related components.
...@@ -72,7 +79,7 @@ ...@@ -72,7 +79,7 @@
Node is a free cross platform open source server environment that runs JavaScript. It was used in this project as a local testing environment as it allows the React project to run on a local development server. Node also manages a range of modules that the project was dependent on, including Material-UI, and the Firebase CLI. Node is a free cross platform open source server environment that runs JavaScript. It was used in this project as a local testing environment as it allows the React project to run on a local development server. Node also manages a range of modules that the project was dependent on, including Material-UI, and the Firebase CLI.
\subsection{Google Firebase} \subsection{Google Firebase}
Firebase is Google's mobile application development platform. \cite{Firebase} It is used by many large applications such as Lyft, Venmo and Trivago for its multitude of services including hosting, authentication, database, storage and functions. Firebase is Google's mobile application development platform. \cite{Firebase} It is used by many large applications such as Lyft, Venmo and Trivago for its multitude of services including hosting, authentication, database, storage, and functions.
\subsubsection{Firestore} \subsubsection{Firestore}
The benefit of using Firebase's database (called Firestore) is that data sent to the database is immediately forwarded on to relevant interested instances of the application, so changes made by one user can update another user in close to real time. In addition, you can add multiple apps to the service and they will all share the same database, making maintaining the application across multiple platforms, like Web, iOS and Android far easier, however, this project is only a web application. The benefit of using Firebase's database (called Firestore) is that data sent to the database is immediately forwarded on to relevant interested instances of the application, so changes made by one user can update another user in close to real time. In addition, you can add multiple apps to the service and they will all share the same database, making maintaining the application across multiple platforms, like Web, iOS and Android far easier, however, this project is only a web application.
...@@ -81,10 +88,10 @@ ...@@ -81,10 +88,10 @@
Serverless architecture is the model Firebase uses as its platform. It is not, in fact, serverless as the name suggests. It simply means that the need for server software and hardware management by the developer is erased, because the infrastructure is provided by a host, like Firebase. This allows for improved scalability for hosted applications. Serverless architecture is the model Firebase uses as its platform. It is not, in fact, serverless as the name suggests. It simply means that the need for server software and hardware management by the developer is erased, because the infrastructure is provided by a host, like Firebase. This allows for improved scalability for hosted applications.
\section{Progression} \section{Progression}
This section describes the progression of the implementation during each sprint. The original plan for these sprints are laid out in chapter 8. Much of the implementation took longer than expected due to the fact it was the first time many of the technologies were being used, resulting in a steep learning curve for myself. This section describes the progression of the implementation during each sprint. The original plan for these sprints is laid out in chapter 8. Much of the implementation took longer than expected due to the fact it was the first time many of the technologies were being used, resulting in a steep learning curve for myself.
\subsection{Sprint 1} \subsection{Sprint 1}
The implementation started with the installation and running of create-react-app to kickstart frontend development. From there Material-UI components were used and tweaked alongside custom code to construct the \textquotedblleft Dashboard\textquotedblright\, and \textquotedblleft Create a Form\textquotedblright\ pages. React Router was then used to ensure the page navigation worked correctly. The implementation started with the installation and running of create-react-app to kickstart frontend development. From there Material-UI components were used and tweaked alongside custom code to construct the \textquotedblleft Dashboard\textquotedblright\, and \textquotedblleft Create a Form\textquotedblright\ pages. Below is a screenshot of an early iteration of the dashboard.
\begin{figure}[H] \begin{figure}[H]
\center \center
...@@ -93,20 +100,22 @@ ...@@ -93,20 +100,22 @@
\end{figure} \end{figure}
\subsection{Sprint 2} \subsection{Sprint 2}
A \textquoteleft Compforge\textquoteright\ project was created on Firebase. The Firebase documentation was used to configure the react project to connect to the Firebase project's realtime database. TODO: more here about how that works. A \textquoteleft Compforge\textquoteright\ project was created on Firebase. Some configuration in the React code ws needed to connect to the project's Firestore. In addition, a lot of work was done to implement the Redux/Thunk reducers and actions needed to store and manipulate the state of the application.
\begin{figure}[H] \begin{figure}[H]
\center \center
\includegraphics[height=100mm, width=145mm]{../figures/Firebase} \includegraphics[height=100mm, width=145mm]{../figures/Firebase}
\caption{Firebase} \caption{Firestore}
\end{figure} \end{figure}
\subsection{Sprint 3} \subsection{Sprint 3}
With the MVP finished, the next step was to set up authentication and user accounts. Firebase Authentication was used for this. For simplicity, I only configured sign ups by email, though it is possible to set up authentication via many other methods in Firebase namely; phone number, Google, Facebook, Twitter, GitHub, Yahoo, Microsoft and Apple accounts. Once authentication was complete, the frontend needed a \textquoteleft Sign up\textquoteright\ and \textquoteleft Sign in\textquoteright\ page. Using a Material-UI template, some configuration of the React code, as well as adjustments to the routing, the ability to sign up, sign in and sign out had been added to the web app. With the basics finished, the next step was to set up authentication and user accounts, implemented using Firebase Authentication. For simplicity, I only configured sign ups by email, though it is possible to set up authentication via many other methods in Firebase namely; phone number, Google, Facebook, Twitter, GitHub, Yahoo, Microsoft and Apple accounts. Once accounts and authentication were completed, the frontend needed a \textquoteleft Sign up\textquoteright\ and \textquoteleft Sign in\textquoteright\ page. Using a Material-UI template, some configuration of the React code, as well as adjustments to the routing, the ability to sign up, sign in and sign out was added to the web app.
\subsection{Sprint 4} \subsection{Sprint 4}
After user accounts had been set up, it was then possible to implement a partner system. This started with the creation of an \textquoteleft Add Partner\textquoteright\ page in React. Partners were added to a list, stored as an entry in a user's record in the database. After user accounts had been set up, the had been to implement the partner system. However, due to time constraints (discussed further in Chapter 7: Evaluation) this requirement was removed. Instead work focused on finishing the MVP; saving forms from the form creation page to Firestore, and the ability to share forms direct to users via their email addresses.
\subsection{Sprint 5} \subsection{Sprint 5}
The final requirement was for a user to share created forms with partners. After creating a frontend page for this, and adding it to the routing, the form sharing was done by creating a database record for the form (when the form was originally created) and adding the user as the author and later adding a list of partners to whom it was shared. The final requirements were for a user to create submissions for forms that are shared with them, and to view forms and submissions. After creating a frontend page for completing and submitting a form, and adding it to the routing, the submissions were stored in Firestore in their own collection.
\ No newline at end of file \subsection{Sprint 6}
Refinements to the UI were made to improve the user experience, including changes to the columns shown on the form table on the dashboard. Some compiler warnings were also cleared and links between the \textquotedblleft sign in\textquotedblright\ and \textquotedblleft sign up\textquotedblright\ pages were created.
\ No newline at end of file
report/6_TestingAndSoftwareValidation.tex
+ 43
58
View file @ 62d7bcab
...@@ -10,70 +10,55 @@ ...@@ -10,70 +10,55 @@
\subsection{Requirements testing} \subsection{Requirements testing}
% List of requirements | Expected results | Acutal Outcome | Pass/Fail
\begin{table}[H]
\centering
\begin{tabular}{|c|c|c|c|}
\hline
Requirement & Expectation & Outcome & Result\\
\hline
\hline
\makecell{Register} & \makecell{Use email address to\\create an account} & \makecell{Users are able to\\use their email\\ address to create\\a persistent account} & \cellcolor{green}\checkmark\\
\hline
\makecell{Sign in} & \makecell{Use email address and\\password created at sign\\up to sign in} & \makecell{Users are able to\\login} & \cellcolor{green}\checkmark\\
\hline
\makecell{Create Form} & \makecell{Create a custom cyber\\security compliance form\\which is stored in\\association with the\\user's account} & \makecell{Ability to create a\\compliance-style form\\which is stored and\\associated with the\\user's account} & \cellcolor{green}\checkmark\\
\hline
\makecell{Share Form} & \makecell{Share a form created\\by the user with\\with a partner} & \makecell{Sharing a form with\\a partner allows them\\to view, fill out\\and return the form} & \cellcolor{green}\checkmark\\
\hline
\makecell{Add Partner} & \makecell{To search and add another\\user as a partner} & \makecell{Users can add\\other users as partners\\who appear in\\their list of partners\\on the dashboard} & \cellcolor{green}\checkmark\\
\hline
\makecell{Notifications} & \makecell{Receive notifications when\\another user shares a form\\with the user or when a\\form the user has shared\\is completed by a partner} & \makecell{Unable to implement a\\notification system within\\the remaining time} & \cellcolor{red}\texttimes\\
\hline
\makecell{Sign out} & \makecell{Sign out of account\\so that account is\\no longer accessible\\without signing back in} & \makecell{On clicking the sign\\out button the user\\is no longer able\\to access their account\\without logging back\\in} & \cellcolor{green}\checkmark\\
\hline
\hline
\end{tabular}
\caption{Requirements testing}
\end{table}
\subsection{User Testing}
% Testing how intuitive the software is to use
Using a simple quantitative evaluation, the usability of the application was tested. Users were told about the functionality of the application. They were then asked to perform specific tasks on the application, without any instruction on how to go about carrying out those tasks. The tasks included all of the core requirements; registering an account, signing in, creating a form, adding a partner (who's account had already been set up and email address provided to the user), sharing their form with the partner and signing out.
Once every task was completed, they were asked to answer the following questions using a value between 1 and 5, with 1 being the least positive answer and 5 being the most valuable.
The population of users making up the test group were from a mixture of backgrounds similar to the personas in chapter 4.
\begin{table}[H] \begin{table}[H]
\centering \centering
\begin{tabular}{|c|c|} \begin{tabular}{|c|c|c|c|}
\hline \hline
Question & Average Result\\ Requirement & Expectation & Outcome & Result\\
\hline \hline
\hline \hline
\makecell{How easy was it to create an account?} & \makecell{}\\ \makecell{Register} & \makecell{Use email address to\\create an account} & \makecell{Users are able to use their\\email address to create a\\persistent account} & \cellcolor{green}\checkmark\\
\hline \hline
\makecell{How easy was it to sign in?} & \makecell{}\\ \makecell{Sign in} & \makecell{Use email address and\\password created at sign\\up to sign in} & \makecell{Users are able to login} & \cellcolor{green}\checkmark\\
\hline \hline
\makecell{How easy was it to create a form?} & \makecell{}\\ \makecell{Sign out} & \makecell{Sign out of account\\so that account is\\no longer accessible\\without signing back in} & \makecell{On clicking the sign out\\button the user is no\\longer able to access\\their account without\\logging back in} & \cellcolor{green}\checkmark\\
\hline \hline
\makecell{How easy was it to add a partner?} & \makecell{}\\ \makecell{Create Form} & \makecell{Create a custom\\compliance form which is\\stored in association\\with the user's account} & \makecell{Ability to create a compliance\\form which is stored and\\associated with the user's\\account} & \cellcolor{green}\checkmark\\
\hline \hline
\makecell{How intuitive was the layout of the dashboard?} & \makecell{}\\ \makecell{View Form} & \makecell{View created forms} & \makecell{Users can view their own\\forms and those of other\\users that have been shared\\with them.} & \cellcolor{green}\checkmark\\
\hline \hline
\hline \makecell{Share Form} & \makecell{Share a form created\\by the user with\\another user} & \makecell{Sharing a form with\\another user allows that\\ user to view, fill out and\\return a form submission} & \cellcolor{green}\checkmark\\
\end{tabular} \hline
\caption{User testing} \makecell{Edit Form} & \makecell{Edit the questions and\\responses of created forms.} & \makecell{Requirement dropped due\\to time constraints as it\\was not a part of the MVP.} & \cellcolor{red}\texttimes\\
\end{table} \hline
\makecell{Delete Form} & \makecell{Delete a form created\\by the user} & \makecell{Deleting a form that\\was originally created by\\that user. Unable to\\delete forms created\\by other users} & \cellcolor{green}\checkmark\\
\hline
\makecell{Form Submission} & \makecell{To return a user's responses\\to a form to its author} & \makecell{Users can select responses\\for each form's questions\\and submit their responses\\to the form's author} & \cellcolor{green}\checkmark\\
\hline
\makecell{Add Partner} & \makecell{To search and add another\\user as a partner} & \makecell{Requirement dropped due\\to time constraints as it\\was not a part of the MVP.} & \cellcolor{red}\texttimes\\
\hline
\end{tabular}
\caption{Requirements testing}
\end{table}
\section{Validation} \section{Validation}
To ensure that CompForge met the functional requirements specified in chapter 2, and to establish the absence of bugs, the application was evaluated using an automated test suite. To ensure that CompForge met the functional requirements specified in chapter 2, and to establish the absence of bugs, the application was evaluated using an automated test suite.
\subsection{Manual Testing} \subsection{Manual Testing}
TODO The most straightforward way to test the application was to simply use it. Listed below are the steps taken to manually test CompForge.
\begin{itemize}
\item Accounts 1, 2 \& 3 created.
\item Account 1 creates and shares Forms 1 \& 2 with the other accounts.
\item Account 1 \& 2 view Form 1.
\item Account 1 deletes Form 1.
\item Accounts 1 \& 2 verify Form 1 is no longer visible.
\item Account 2 creates a submission for Form 2.
\item Account 1 views the submission from Account 2 for Form 2.
\item Account 3 verifies that it can view Form 2, but not the submission for Form 2, and that it does not have the ability to delete Form 2.
\item Account 3 creates a submission for Form 2.
\item Account 1 verifies that there are 2 separate, viewable submissions of Form 2, for Accounts 2 \& 3.
\end{itemize}
\subsection{Robot Framework} \subsection{Robot Framework}
The testing and validation of the application was done using Robot Framework. Robot Framework is a generic, open source, automation framework for acceptance testing \cite{Robot}, developed with Python. The framework has many libraries that extend its functionality, and one such library is Selenium, which was used extensively to automatically drive the application's user interface. The testing and validation of the application was done using Robot Framework. Robot Framework is a generic, open source, automation framework for acceptance testing \cite{Robot}, developed with Python. The framework has many libraries that extend its functionality, and one such library is Selenium, which was used extensively to automatically drive the application's user interface.
......
report/7_Evaluation.tex
+ 116
9
View file @ 62d7bcab
...@@ -3,20 +3,127 @@ ...@@ -3,20 +3,127 @@
%% ---------------------------------------------------------------- %% ----------------------------------------------------------------
\chapter{EVALUATION} \chapter{EVALUATION}
\section{Comparison to Forerunner Projects} This chapter will evaluate the project by critical evaluation and will discuss the results of the requirements testing, taking into consideration issues that were faced during implementation.
% Maybe a table here? Subjective evaluation in the subsections below \section{Critical Evaluation}
While React was a good choice from a development and maintenance point of view, it would probably have been more prudent to use a language/library/framework with which I was already more familiar. Whilst a great deal was learned from the implementation of this project, it was significantly delayed - in part due to the time required to learn how to properly use the React library, including React Router and Redux/Thunk.
\subsection{Example 1} With regard to the outcome of the project versus the initial functional requirements, the project is functional because all of the components identified as the MVP have been implemented, however with the obvious downfall that some features, namely adding partners and editing forms, were not implemented which was disappointing, albeit unavoidable, given the delays.
\subsection{Example 2}
\subsection{User opinions?} \section{Project Management}
Some of the first parts of the project actually progressed ahead of schedule, such as the creation of the initial Gantt chart. Until the deadline for the progress report in December, the project was progressing on schedule. Understandably, the implementation, testing and final report write up were severely impacted by the university closure from the 23rd March onwards, due to the spread of COVID-19. This, coupled with delays during the implementation caused by an underestimation of the learning curve of the technologies that were used, resulted in much of the remainder of the project being completed behind schedule.
\section{Result of Design Decisions} \subsection{Gantt Chart}
\subsection{design decision 1} The initial Gantt chart is represented by the cells in blue, with the aforementioned delays to the project represented in orange. Major components are represented in a darker shade of each colour, with each subcomponent represented by respective lighter shades. For readability, it has been split over two pages.
\subsection{design decision 2} \begin{sidewaystable}[h]
\centering
\begin{tabular}{|c|c|c|c|c|c|c|c|c|c|}
\hline
Component & Subcomponent & October & November & December & January & February & March & April & May\\
\hline
\hline
Project Brief & & \cellcolor{RoyalBlue} & & & & & & & \\
\hline
& Background Research & \cellcolor{Cyan} & & & & & & & \\
\hline
& Write up & \cellcolor{Cyan} & & & & & & & \\
\hline
\hline
\makecell{Time Management\\Planning} & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& Gantt Chart & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Research & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& \makecell{Further\\background research} & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & & \\
\hline
& Literature review & & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Design & & & \cellcolor{RoyalBlue} & & & & & & \\
\hline
& Planning diagrams & & \cellcolor{Cyan} & & & & & & \\
\hline
\hline
Progress Report & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& Write up & & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Implementation & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange} & & \\
\hline
& Sign up & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Sign in & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Sign out & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Create form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& Delete form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& View form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& Share form & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
& Submit form & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
& View submissions & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
\end{tabular}
\caption{Gantt Chart}
\end{sidewaystable}
\subsection{design decision 3} \pagebreak
\ No newline at end of file
\begin{sidewaystable}[h]
\centering
\begin{tabular}{|c|c|c|c|c|c|c|c|c|c|}
\hline
Component & Subcomponent & October & November & December & January & February & March & April & May\\
\hline
\hline
\makecell{Testing and\\Validation} & & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange} & \cellcolor{BurntOrange} & \\
\hline
& Robot Framework setup & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & \cellcolor{Apricot} & \cellcolor{Apricot} & \\
\hline
& Test Implementation & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} & \cellcolor{Apricot} & \\
\hline
Final Report & & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange}\\
\hline
& Introduction & & & \cellcolor{Cyan} & & & & & \\
\hline
& \makecell{Background and\\Literature Review} & & & \cellcolor{Cyan} & & & & & \\
\hline
& Designs & & & \cellcolor{Cyan} & & & & & \\
\hline
& Implementation & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} & \\
\hline
& Testing and software validation & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} \\
\hline
& Results and Analysis & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} \\
\hline
& Evaluation & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Project management & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Conclusions & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Future work & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Bibliography & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Appendices & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
\hline
\makecell{\st{Project Viva}\\(cancelled)} & - & - & - & - & - & - & - & \cellcolor{RoyalBlue} - & - \\
\hline
- & \st{Viva} & - & - & - & - & - & - & \cellcolor{Cyan} - & - \\
\hline
\end{tabular}
\caption{Gantt Chart cont.}
\end{sidewaystable}
\ No newline at end of file
report/8_Conclusions.tex
+ 3
123
View file @ 62d7bcab
...@@ -3,131 +3,10 @@ ...@@ -3,131 +3,10 @@
%% ---------------------------------------------------------------- %% ----------------------------------------------------------------
\chapter{CONCLUSION} \label{Chapter: Conclusions} \chapter{CONCLUSION} \label{Chapter: Conclusions}
This project aimed to enable SMEs to create and customise their own compliance forms in order to stay up to date with the latest cyber security standards, as well as ensure that their partner organisations and other organisations in their supply chain are keeping to those same standards. CompForge has lowered the time and cost required to perform these tasks, with a user friendly UI and real time updates from the application's Firestore database. This project aimed to enable SMEs to create and customise their own compliance forms in order to stay up to date with the latest cyber security standards, as well as ensure that their partner organisations and other organisations in their supply chain are keeping to those same standards. CompForge has lowered the time and cost required to perform these tasks, with a user-friendly UI and real time updates from the application's Firestore database.
\section{Project Management}
Some of the first parts of the project actually progressed ahead of schedule, such as the initial Gantt chart. Until the handin for the progress report in December, the project was progressing on schedule. Understandably, the implementation, testing and final report write up were severly impacted by the university closure from the 23rd March onwards, due to the spread of COVID-19. This, coupled with delays during the implementation caused by an underestimation of the learning curve of the technologies that were used, resulted in much of the remainder of the project being completed behind schedule.
\subsection{Gantt Chart}
The initial Gantt chart is represented by the cells in blue, with the aforementioned delays to the project represented in orange. Major components are represented in a darker shade of each colour, with each subcomponent represented by respective lighter shades. For readability, it has been split over two pages.
\begin{sidewaystable}[h]
\centering
\begin{tabular}{|c|c|c|c|c|c|c|c|c|c|}
\hline
Component & Subcomponent & October & November & December & January & February & March & April & May\\
\hline
\hline
Project Brief & & \cellcolor{RoyalBlue} & & & & & & & \\
\hline
& Background Research & \cellcolor{Cyan} & & & & & & & \\
\hline
& Write up & \cellcolor{Cyan} & & & & & & & \\
\hline
\hline
\makecell{Time Management\\Planning} & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& Gantt Chart & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Research & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& \makecell{Further\\background research} & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & & \\
\hline
& Literature review & & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Design & & & \cellcolor{RoyalBlue} & & & & & & \\
\hline
& Planning diagrams & & \cellcolor{Cyan} & & & & & & \\
\hline
\hline
Progress Report & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & & & & & \\
\hline
& Write up & & \cellcolor{Cyan} & \cellcolor{Cyan} & & & & & \\
\hline
\hline
Implementation & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange} & & \\
\hline
& Sign up & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Sign in & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Sign out & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & & \\
\hline
& Create form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& Delete form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& View form & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & & \\
\hline
& Share form & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
& Submit form & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
& View submissions & & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & & \\
\hline
\end{tabular}
\caption{Gantt Chart}
\end{sidewaystable}
\pagebreak
\begin{sidewaystable}[h]
\centering
\begin{tabular}{|c|c|c|c|c|c|c|c|c|c|}
\hline
Component & Subcomponent & October & November & December & January & February & March & April & May\\
\hline
\hline
\makecell{Testing and\\Validation} & & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange} & \cellcolor{BurntOrange} & \\
\hline
& Robot Framework setup & & & & \cellcolor{Cyan} & \cellcolor{Apricot} & \cellcolor{Apricot} & \cellcolor{Apricot} & \\
\hline
& Test Implementation & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} & \cellcolor{Apricot} & \\
\hline
Final Report & & & & & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{RoyalBlue} & \cellcolor{BurntOrange}\\
\hline
& Introduction & & & \cellcolor{Cyan} & & & & & \\
\hline
& \makecell{Background and\\Literature Review} & & & \cellcolor{Cyan} & & & & & \\
\hline
& Designs & & & \cellcolor{Cyan} & & & & & \\
\hline
& Implementation & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} & \\
\hline
& Testing and software validation & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} \\
\hline
& Results and Analysis & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot} \\
\hline
& Evaluation & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Project management & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Conclusions & & & & & & \cellcolor{Cyan} & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Future work & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Bibliography & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
& Appendices & & & & & & & \cellcolor{Cyan} & \cellcolor{Apricot}\\
\hline
\hline
\makecell{\st{Project Viva}\\(cancelled)} & - & - & - & - & - & - & - & \cellcolor{RoyalBlue} - & - \\
\hline
- & \st{Viva} & - & - & - & - & - & - & \cellcolor{Cyan} - & - \\
\hline
\end{tabular}
\caption{Gantt Chart cont.}
\end{sidewaystable}
\subsection{Issues}
As previously mentioned, there were problems during the implementation due to a lack of previous experience working with the technologies that were employed for development of the application. This had a knock on effect, pushing back the integration and implementation of the automated test suite, and writing of the report.
\section{Improvements} \section{Improvements}
After evaluating the application and comparing it to competitors, a number of improvements that could be made have come to mind. After evaluating the application and comparing it to competitors, a number of improvements that could be made have come to mind.
The ability to edit forms that have already been created, would be a useful tool in case a mistake is found, or an update is required. This is to be expected in the continuously growing field of cyber security, as doubtless many of the standards that are active today will change with time as technology continues to move forward along with the threats. The ability to edit forms that have already been created, would be a useful tool in case a mistake is found, or an update is required. This is to be expected in the continuously growing field of cyber security, as doubtless many of the standards that are active today will change with time as technology continues to move forward along with the threats.
...@@ -137,6 +16,7 @@ This project aimed to enable SMEs to create and customise their own compliance f ...@@ -137,6 +16,7 @@ This project aimed to enable SMEs to create and customise their own compliance f
Finally, the number of forms you can create and share is technically infinite, so a search bar and sorting filter would both be useful additions to the application. Finally, the number of forms you can create and share is technically infinite, so a search bar and sorting filter would both be useful additions to the application.
\section{Future Work} \section{Future Work}
Further to the above improvements, there are some more major improvements that could be made with future work. Further to the above improvements, there are some more major improvements that could be made with future work.
......
report/master.pdf
+ 0
0
View file @ 62d7bcab
No preview for this file type
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment