diff --git a/progress/1_Chapter1.tex b/progress/1_Chapter1.tex
index 24ea2eef3e7f652e495106882c4026c78b026367..db452cf53ab7da862ebc850bf5a6a3c46eea3890 100644
--- a/progress/1_Chapter1.tex
+++ b/progress/1_Chapter1.tex
@@ -1,13 +1,16 @@
%% ----------------------------------------------------------------
%% 1_Chapter1.tex
%% ----------------------------------------------------------------
-\chapter{Project Description} \label{Chapter:one}
- \section{Project Overview}
+\chapter{INTRODUCTION}
+ \section{Overview}
Many businesses require their partners to comply with numberous and varied cyber security compliances, of which there are literally hundreds. Cyber supply chain risk management (CSCRM) differs from cyber security, by gaining a higher degree of governance over the company in question, and over its extended enterprise partners, such as all its suppliers and customers. Whereas cyber security only considers security of a technical nature, CSCRM attempts to encompass both managerial and human factors in preventing risks from disrupting IT systems\textquoteright\ operations. \cite{CSCRM}
-
+
+ Section two will go on to talk about compliance in cyber security, cyber crime, supply chains and the impacts of security breaches on businesses. Section three will look at use cases, requirements, risks and functionality for the proposed application. Section four will give an overview of the work completed so far, and the work remaining.
+
+ \section{Problem}
Keeping track of each company\textquoteright s compliance to a specific standard is a lengthy and potentially expensive task since it can be very difficult to maintain without the use of an external service or consultant. Due to the time and experience level required, it is unlikely to be something a system administrator will be able to do on top of their other responsibilities, and a specialist will, in all likelihood, be too expensive for most SMEs.
- \section{Project aim}
+ \section{Aim}
An automatically-generated cyber security compliance engine, could provide a low cost, time efficient solution for businesses that need a flexible, customisable way of tracking their partner\textquoteright s compliance - or their own compliance - with multiple standards.
- The goal of this project is to create a client-server system that will generate and store compliance forms for the end-user. The forms will be automatically generated via an interface on the application by a user, and accessible by \textquoteleft partners\textquoteright. Partners will be other users that can be added by the primary user, much like friends or followers on a social media application. Users will be able to update the forms\textquoteright\ parameters, and partners will be able to update their answers to the forms, at a later date. This project is a cloud-based application, and it will deal with cyber security compliance only - no other forms of compliance will be within the scope of this project.
+ The goal of this project is to create a client-server system that will generate and store compliance forms for the end-user. The forms will be automatically generated via an interface on the application by a user, and accessible by \textquoteleft partners\textquoteright. Partners will be other users that can be added by the primary user, much like friends or followers on a social media application. Users will be able to update the forms\textquoteright\ parameters, and partners will be able to update their answers to the forms, at a later date. This project is a cloud-based application, and it will deal with cyber security compliance only - no other forms of compliance will be within the scope of this project.
\ No newline at end of file
diff --git a/progress/2_Chapter2.tex b/progress/2_Chapter2.tex
index ac1eb94a85ddf4443f113a390dc1ab8ab0eed7c0..5c403b505f78c19f2b988a56fb759cf4b23fa610 100644
--- a/progress/2_Chapter2.tex
+++ b/progress/2_Chapter2.tex
@@ -1,7 +1,7 @@
%% ----------------------------------------------------------------
%% 2_Chapter2.tex
%% ----------------------------------------------------------------
-\chapter{Background and Literature Review} \label{Chapter:two}
+\chapter{BACKGROUND AND LITERATURE REVIEW}
% Define your goal
% Do your research
@@ -10,40 +10,32 @@
% Include references/works cited list
\section{Compliance}
-
- \subsection{What is Compliance?}
- Compliance relates to the conformance to a set of laws, regulations, policies or best practices. Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in the given compliance standard(s). The purpose of the compliance standards is to safeguard the organisation against security threats.
-
- \subsection{Cyber Security}
- Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM}
+ Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security}
- Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various legislation and regulations often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of each enterprise. The hope for this project is that it will enable organisations to achieve this in a cost effective manner.
-
-
-\section{The State of Compliance in the UK}
+ Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials}
- The UK Government worked with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop Cyber Essentials, a set of basic technical controls to help organisations protect themselves against common online security threats. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice and 2 levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, and the latter is similar, but the verification of the organisation\textquoteright s cyber security is carried out by a certification body instead of the organisation itself.
+ The UK Government worked with the a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
- \subsection{Crime}
- We have seen a significant increase in cyber criminal activity in recent years. The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
+\section{Crime}
+ There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains}
-
- \subsection{Supply Chain Management}
- Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
+ Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. \cite{CSCRM} It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
\subsection{Supply Chain Security}
- Supply chain security focuses on the potential threats associated with an organisation’s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation’s customer environments, some of which may be sensitive in nature. \cite{CombattingCyberRisks}
+ Supply chain security focuses on the potential threats associated with an organisation\textquoteright s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation\textquoteright s customer environments - some of which may be sensitive in nature. \cite{CombattingCyberRisks}
\section{Impacts}
-
- \subsection{Security Breaches}
- Cyber attacks are financially devastating and disrupting to people and businesses. Security breaches have the potential to leak personal information on a large scale, leaving victims vulnerable to fraud \cite{CyberCrime} and further attacks using the information gained by attackers, which could be sold on to others.
-
+ Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
+
\subsection{The Effect on Business and Loss of Confidence}
- According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people would stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that recently experienced a data breach. However, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
+ According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
+
+ \subsection{Legal consequences}
+ GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
-\section{Case Studies(?)}
+\section{Case Study: Pouring Pounds Ltd}
+ Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\ No newline at end of file
diff --git a/progress/3_Chapter3.tex b/progress/3_Chapter3.tex
index 61dc9e530f50312003367ed674b96e9e803abe72..e3ce3a6892e57a3f5b87218296087f51ced886c5 100644
--- a/progress/3_Chapter3.tex
+++ b/progress/3_Chapter3.tex
@@ -1,30 +1,32 @@
%% ----------------------------------------------------------------
%% 3_Chapter3.tex
%% ----------------------------------------------------------------
-\chapter{Requirements and Analysis} \label{Chapter:three}
+\chapter{REQUIREMENTS AND ANALYSIS}
-This chapter will analyse the requirements of the proposed application and inform the design decisions that have been made.
+This section will analyse the requirements of the proposed application and inform the design decisions that have been made.
-\section{Use cases}
-Explanation
+\section{Use Cases}
+ Use cases describe the various interactions between external actors and a given system as part of the Unified Modelling Language (UML). They are used in this section to define the interactions between users and the proposed application.
\begin{figure}
\center
- \includegraphics{../figures/UseCaseInterface}
+ \includegraphics[height=100mm, width=150mm]{../figures/UseCaseUser}
\caption{Use Case Diagram 1}
\end{figure}
- \begin{figure}
+ \begin{figure}[h]
\center
- \includegraphics[scale=0.70]{../figures/UseCaseUser}
+ \includegraphics[width=150mm]{../figures/UseCaseInterface}
\caption{Use Case Diagram 2}
\end{figure}
- \subsection{Use case description}
+ \clearpage
+
+ \subsection{Use Case Description}
- The following table explains the major use cases for the application.
+ The following table explains the major use cases for the application:\\
- \begin{table}[b]
+ \begin{table}[h]
\centering
\begin{tabular}{|c|c|}
\hline
@@ -37,7 +39,7 @@ Explanation
\hline
\makecell{Create new\\form button} & Takes the user to a page where they can design a new form.\\
\hline
- Share form button & \makecell{Allows the user to share forms they have created with\\partners.}\\
+ Share form button & \makecell{Allows the user to share forms they have created with partners.}\\
\hline
Add partner button & \makecell{Allows the user to search for other people's accounts on\\the application, and add them as partners. This should\\be done with other users that one would wish to share\\ forms with and/or receive forms from.}\\
\hline
@@ -46,164 +48,199 @@ Explanation
Sign out button & Allows the user to sign out from the application.\\
\hline
\end{tabular}
- \caption{Use case descriptions}
+ \caption{Use Case Descriptions}
+ \end{table}
+
+\section{Functional Requirements}
+ A functional requirement defines the intended behaviour of a component or part of a system. In the table below, the major functional requirements have been described:\\
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c|c|}
+ \hline
+ Requirement & Description\\
+ \hline
+ \hline
+ Register & \makecell{New users will create an account before being allowed to use\\the application.}\\
+ \hline
+ Sign in & \makecell{Users will need to log in before they are able to\\access their account, create, share and complete forms.}\\
+ \hline
+ Create a form & \makecell{Users will be able to create a new form, which will be saved to\\their account.}\\
+ \hline
+ Share a form & \makecell{Users will be able to share a form that they have created with\\a partner.}\\
+ \hline
+ Add a partner & \makecell{Users will be able to view and edit their account information,\\including; name, email, company and password (not viewable).}\\
+ \hline
+ Sign out & Users will be able to sign out of the application.\\
+ \hline
+ Notifications & \makecell{Users will be notified of various changes, including their partners'\\answers to forms.}\\
+ \hline
+ \end{tabular}
+ \caption{Functional Requirements}
+ \end{table}
+
+ \subsection{Functional Requirements Analysis}
+ An importance level has been assigned to each of the functional requirements, in order to effectively plan the work to be done in order to create the minimum viable product. An additional table shows how the importance levels have been determined.\\
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c||c|c|c|c|c|}
+ \hline
+ Complexity/Time & Low & Medium & High\\
+ \hline
+ \hline
+ Short & \cellcolor{green}0.0625 & \cellcolor{green}0.125 & \cellcolor{yellow}0.25\\
+ \hline
+ Medium & \cellcolor{green}0.125 & \cellcolor{yellow}0.25 & \cellcolor{red}0.5\\
+ \hline
+ Long & \cellcolor{yellow}0.25 & \cellcolor{red}0.5 & \cellcolor{red}0.75\\
+ \hline
+ \end{tabular}
+ \caption{Importance Levels}
+ \end{table}
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c|c|c|c|}
+ \hline
+ Requirement & Complexity & Time & Importance Level\\
+ \hline
+ \hline
+ Register & Medium & Short & \cellcolor{green}0.125\\
+ \hline
+ Log in & Low & Short & \cellcolor{green}0.0625\\
+ \hline
+ Create a form & Medium & Medium & \cellcolor{yellow}0.25\\
+ \hline
+ Share a form & High & Medium & \cellcolor{red}0.5\\
+ \hline
+ Add a partner & Medium & Medium & \cellcolor{yellow}0.25\\
+ \hline
+ Sign out & Low & Low & \cellcolor{green}0.0625\\
+ \hline
+ Notifications & Medium & Short & \cellcolor{green}0.125\\
+ \hline
+ \end{tabular}
+ \caption{Functional Requirements Analysis}
\end{table}
-\section{Functional requirements}
-Explanation
-
-\begin{table}[h]
- \centering
- \begin{tabular}{|c|c|}
- \hline
- Requirement & Description\\
- \hline
- \hline
- Register & \makecell{New users will create an account before being allowed to use\\the application.}\\
- \hline
- Log in & \makecell{Users will need to log in before they are able to\\access their account, create, share and complete forms.}\\
- \hline
- Create a form & \makecell{Users will be able to create a new form, which will be saved to\\their account.}\\
- \hline
- Share a form & \makecell{Users will be able to share a form that they have created with\\a partner.}\\
- \hline
- Add a partner & \makecell{Users will be able to view and edit their account information,\\including; name, email, company and password (not viewable).}\\
- \hline
- Sign out & Users will be able to sign out of the application.\\
- \hline
- Notifications & \makecell{Users will be notified of various changes, including their partners'\\answers to forms.}\\
- \hline
- \end{tabular}
- \caption{Functional requirements}
-\end{table}
-
-\begin{table}[h]
- \centering
- \begin{tabular}{|c||c|c|c|c|c|}
- \hline
- Complexity/Time & Low & Medium & High\\
- \hline
- \hline
- Short & 0.0625 & 0.125 & 0.25\\
- \hline
- Medium & 0.125 & 0.25 & 0.5\\
- \hline
- Long & 0.25 & 0.5 & 0.75\\
- \hline
- \end{tabular}
- \caption{Importance Levels}
-\end{table}
-
-\begin{table}[h]
- \centering
- \begin{tabular}{|c|c|c|c|}
- \hline
- Requirement & Complexity & Time & Importance Level\\
- \hline
- \hline
- Register & Medium & Short & 0.125\\
- \hline
- Log in & Low & Short & 0.0625\\
- \hline
- Create a form & Medium & Medium & 0.25\\
- \hline
- Share a form & High & Medium & 0.5\\
- \hline
- Add a partner & Medium & Medium & 0.25\\
- \hline
- Sign out & Low & Low & 0.0625\\
- \hline
- Notifications & Medium & Short & 0.125\\
- \hline
- \end{tabular}
- \caption{Requirements analysis}
-\end{table}
-
-\section{Non-functional requirements}
-Explanation\\table
-
-\begin{table}
- \centering
- \begin{tabular}{|c|c|}
- \hline
- Requirement & Description\\
- \hline
- \hline
- Internet connection & \makecell{The application will be hosted online, therefore users will require\\a connection to the internet in order to access the application.}\\
- \hline
- \end{tabular}
- \caption{Non-functional requirements}
-\end{table}
-
-\section{Risk analysis}
-Explanation\\tables
-
-\begin{table}
- \centering
- \begin{tabular}{|c||c|c|c|c|c|}
- \hline
- Consequence/Likelihood & Negligible & Minor & Moderate & Major & Catastrophic\\
- \hline
- \hline
- Impossible & 0 & 0 & 0 & 0 & 0\\
- \hline
- Low & 0 & 0.0625 & 0.125 & 0.1875 & 0.25\\
- \hline
- Medium & 0 & 0.125 & 0.25 & 0.375 & 0.5\\
- \hline
- High & 0 & 0.1875 & 0.375 & 0.5625 & 0.75\\
- \hline
- Certain & 0 & 0.25 & 0.5 & 0.75 & 1\\
- \hline
- \end{tabular}
- \caption{Risk Levels}
-\end{table}
-
-\begin{table}
- \centering
- \begin{tabular}{|c|c|c|c|c|c|}
- \hline
- Risk & Likelihood & Consequence & Risk Rating & Mitigation\\
- \hline
- \hline
- Network loss & High & Minor & 0.1875 & Frequent update of database.\\
- \hline
- Data loss & Low & Catastrophic & 0.25 & Redundant database.\\
- \hline
- Security breach & Low & Catastrophic & 0.25 & \makecell{Follow good practice for secure\\deveopment of cloud applications.}\\
- \hline
- Function error & Medium & Major & 0.375 & \makecell{Implementation of test\\framework to ensure application\\is fully functional.}\\
- \hline
- Interface error & Medium & Major & 0.375 & \makecell{Implementation of test\\framework to ensure application\\is fully functional.}\\
- \hline
- \end{tabular}
- \caption{Risk Analysis}
-\end{table}
+\section{Non-Functional Requirements}
+ Non-functional requirements are high-level requirements, that need to be considered during the development decisions for the entire application.\\
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c|c|}
+ \hline
+ Requirement & Description\\
+ \hline
+ \hline
+ Internet connection & \makecell{The application will be hosted online, therefore users will require\\a connection to the internet in order to access the application.}\\
+ \hline
+ Confidentiality & \makecell{The application will need to keep the personal information of\\ its users safe from third parties and malicious individuals.}\\
+ \hline
+ Integrity & \makecell{The application must present accurate information in an\\ easy-to-understand format.}\\
+ \hline
+ Availability & \makecell{The application must be accessible at all times. Loss of\\ Availability could lead to users leaving the application for\\ more reliable competitors.}\\
+ \hline
+ \end{tabular}
+ \caption{Non-Functional Requirements}
+ \end{table}
+
+\section{Risk Analysis}
+ The following risk analysis has been produced, based on the requirements above and potential risks to the application as a whole. A rating system, similar to that of the importance levels for the functional requirements, has been devised for the risk level.\\
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c||c|c|c|c|c|}
+ \hline
+ Consequence/Likelihood & Negligible & Minor & Moderate & Major & Catastrophic\\
+ \hline
+ \hline
+ Impossible & \cellcolor{green}0 & \cellcolor{green}0 & \cellcolor{green}0 & \cellcolor{green}0 & \cellcolor{green}0\\
+ \hline
+ Low & \cellcolor{green}0 & \cellcolor{green}0.0625 & \cellcolor{green}0.125 & \cellcolor{green}0.1875 & \cellcolor{yellow}0.25\\
+ \hline
+ Medium & \cellcolor{green}0 & \cellcolor{green}0.125 & \cellcolor{yellow}0.25 & \cellcolor{yellow}0.375 & \cellcolor{yellow}0.5\\
+ \hline
+ High & \cellcolor{green}0 & \cellcolor{green}0.1875 & \cellcolor{yellow}0.375 & \cellcolor{red}0.5625 & \cellcolor{red}0.75\\
+ \hline
+ Certain & \cellcolor{green}0 & \cellcolor{yellow}0.25 & \cellcolor{yellow}0.5 & \cellcolor{red}0.75 & \cellcolor{red}1\\
+ \hline
+ \end{tabular}
+ \caption{Risk Levels}
+ \end{table}
+
+ \hfill\break
+
+ \begin{table}[h]
+ \centering
+ \begin{tabular}{|c|c|c|c|c|c|}
+ \hline
+ Risk & Likelihood & Consequence & \makecell{Risk\\Rating} & Mitigation\\
+ \hline
+ \hline
+ \makecell{Network\\loss} & High & Minor & \cellcolor{green}0.1875 & Frequent update of database.\\
+ \hline
+ \makecell{Data\\loss} & Low & Catastrophic & \cellcolor{yellow}0.25 & Redundant database.\\
+ \hline
+ \makecell{Security\\breach} & Medium & Catastrophic & \cellcolor{yellow}0.5 & \makecell{Follow good practice for secure\\deveopment of cloud applications.}\\
+ \hline
+ \makecell{Function\\error} & High & Major & \cellcolor{red}0.5625 & \makecell{Implementation of test\\framework to ensure application\\is fully functional.}\\
+ \hline
+ \makecell{Interface\\error} & High & Major & \cellcolor{red}0.5625 & \makecell{Implementation of test\\framework to ensure application\\is fully functional.}\\
+ \hline
+ \end{tabular}
+ \caption{Risk Analysis}
+ \end{table}
\section{Functionality}
+ Below is a series of diagrams which describe the flow of some of the primary pieces of functionality in the application. They show the logic behind various aspects of the application, as well as some of the infrastructure that will be in place.
+
+ \pagebreak
+
+ \subsection{Activity Diagrams}
+
+ \begin{figure}[!h]
+ \center
+ \includegraphics[width=120mm]{../figures/ActivityDiagramAuthentication}
+ \caption{Activity Diagram: Authentication}
+ \end{figure}
+
+ \pagebreak
+
+ \begin{figure}[!h]
+ \center
+ \includegraphics[width=120mm]{../figures/ActivityDiagramFormCreation}
+ \caption{Activity Diagram: Form Creation}
+ \end{figure}
+
+ \pagebreak
+
+ \begin{figure}[!h]
+ \center
+ \includegraphics[width=120mm]{../figures/ActivityDiagramFormSharing}
+ \caption{Activity Diagram: Form Sharing}
+ \end{figure}
+
+ \pagebreak
+
+ \begin{figure}[!h]
+ \center
+ \includegraphics[width=120mm]{../figures/ActivityDiagramPartnerInvitation}
+ \caption{Activity Diagram: Partner Invitation}
+ \end{figure}
+
+ \pagebreak
+
+ \subsection{Model-View-Controller Diagram}
+
+ \hfill\break
+
+ \begin{figure}[!h]
+ \center
+ \includegraphics[width=155mm]{../figures/MVC}
+ \caption{MVC Diagram}
+ \end{figure}
-\begin{figure}[]
-\center
-\includegraphics{../figures/ActivityDiagramAuthentication}
-\caption{Activity Diagram: Authentication}
-\end{figure}
-
-\begin{figure}[]
-\center
-\includegraphics{../figures/ActivityDiagramFormCreation}
-\caption{Activity Diagram: Form Creation}
-\end{figure}
-
-\begin{figure}[]
-\center
-\includegraphics{../figures/ActivityDiagramFormSharing}
-\caption{Activity Diagram: Form Sharing}
-\end{figure}
-
-\begin{figure}[]
-\center
-\includegraphics{../figures/ActivityDiagramPartnerInvitation}
-\caption{Activity Diagram: Partner Invitation}
-\end{figure}
-
-\section{Justification of the Approach (?)}
\ No newline at end of file
+\section{Validation}
+ The testing and validation of the application will be done using Robot Framework. Robot Framework is a generic, open source, automation framework for acceptance testing \cite{Robot}, developed with Python. The framework has many libraries that extend its functionality, and one such library is Selenium, which will be used extensively to automatically drive the application\textquoteright s user interface. These tests will be written in conjunction with the application\textquoteright s features, and run alongside each check-in, as per the continuous integration methodology.
\ No newline at end of file
diff --git a/progress/4_Chapter4.tex b/progress/4_Chapter4.tex
index 9c99d27e0ea14ab99c6b6a4ccad2abace58a33e6..ad8a9b9e0965ea7530e2ef2f0d6f79a7ce787349 100644
--- a/progress/4_Chapter4.tex
+++ b/progress/4_Chapter4.tex
@@ -1,11 +1,116 @@
%% ----------------------------------------------------------------
%% 4_Chapter4.tex
%% ----------------------------------------------------------------
-\chapter{Work Completed and Remaining} \label{Chapter:four}
+\chapter{WORK COMPLETED AND REMAINING}
\section{Work to Date}
+ At the time of writing, the project has just finished its design phase and will shortly be moving into implementation. So far, extensive background reading into compliance, cyber security, supply chains and cyber crime has been conducted, including the impacts and consequences of successful cyber attacks. A problem area has been identified in the cost of conforming to compliance standards, and the difficultly of SMEs in achieving said compliance. From this, a solution has been proposed, a list of requirements devised and a series of designs for the functionality of the solution have been produced.
\section{A Plan for the Work Remaining}
+ Remaining work includes the implementation of the application, the testing and validation of the completed product, and composing the final report. A plan of the all the work to be done has been made in the form of a Gantt chart, shown overleaf.
-\section{Gantt Chart}
+ \begin{sidewaystable}[h]
+ \centering
+ \begin{tabular}{|c|c|c|c|c|c|c|c|c|}
+ \hline
+ & & October & November & December & January & February & March & April\\
+ \hline
+ \hline
+ Project Brief & & \cellcolor{gray} & & & & & & \\
+ \hline
+ & Background Research & \cellcolor{lightgray} & & & & & & \\
+ \hline
+ & Write up & \cellcolor{lightgray} & & & & & & \\
+ \hline
+ \hline
+ Time Management Planning & & \cellcolor{gray} & \cellcolor{gray} & \cellcolor{gray} & & & & \\
+ \hline
+ & Final Gantt Chart & \cellcolor{lightgray} & \cellcolor{lightgray} & \cellcolor{lightgray} & & & & \\
+ \hline
+ \hline
+ Research & & \cellcolor{gray} & \cellcolor{gray} & \cellcolor{gray} & & & & \\
+ \hline
+ & Further background research & \cellcolor{lightgray} & \cellcolor{lightgray} & & & & & \\
+ \hline
+ & Literature review & & \cellcolor{lightgray} & \cellcolor{lightgray} & & & & \\
+ \hline
+ \hline
+ Design & & & \cellcolor{gray} & & & & & \\
+ \hline
+ & Planning diagrams & & \cellcolor{lightgray} & & & & & \\
+ \hline
+ \hline
+ Progress Report & & & \cellcolor{gray} & \cellcolor{gray} & & & & \\
+ \hline
+ & Write up & & \cellcolor{lightgray} & \cellcolor{lightgray} & & & & \\
+ \hline
+ \hline
+ Implementation & & & & \cellcolor{gray} & \cellcolor{gray} & \cellcolor{gray} & & \\
+ \hline
+ & Account creation (Register) & & & \cellcolor{lightgray} & & & & \\
+ \hline
+ & Sign in & & & \cellcolor{lightgray} & & & & \\
+ \hline
+ & Add a partner & & & \cellcolor{lightgray} & \cellcolor{lightgray} & & & \\
+ \hline
+ & Create a form & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Share a form & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Sign out & & & & \cellcolor{lightgray} & \cellcolor{lightgray} & & \\
+ \hline
+ & Notifications & & & & & \cellcolor{lightgray} & & \\
+ \hline
+ \end{tabular}
+ \caption{Gantt Chart}
+ \end{sidewaystable}
+ \pagebreak
+
+ \begin{sidewaystable}[h]
+ \centering
+ \begin{tabular}{|c|c|c|c|c|c|c|c|c|}
+ \hline
+ & & October & November & December & January & February & March & April\\
+ \hline
+ \hline
+ Testing and Validation & & & & & \cellcolor{gray} & \cellcolor{gray} & & \\
+ \hline
+ & Robot Framework setup & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Test Implementation & & & & \cellcolor{lightgray} & \cellcolor{lightgray} & & \\
+ \hline
+ Final Report & & & & & \cellcolor{gray} & \cellcolor{gray} & \cellcolor{gray} & \cellcolor{gray}\\
+ \hline
+ & Introduction & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Background and Literature Review & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Designs & & & & \cellcolor{lightgray} & & & \\
+ \hline
+ & Implementation & & & & \cellcolor{lightgray} & \cellcolor{lightgray} & & \\
+ \hline
+ & Testing and software validation & & & & & \cellcolor{lightgray} & \cellcolor{lightgray} & \\
+ \hline
+ & Results and Analysis & & & & & \cellcolor{lightgray} & \cellcolor{lightgray} & \\
+ \hline
+ & Evaluation & & & & & & \cellcolor{lightgray} & \cellcolor{lightgray}\\
+ \hline
+ & Project management & & & & & & \cellcolor{lightgray} & \cellcolor{lightgray}\\
+ \hline
+ & Conclusions & & & & & & \cellcolor{lightgray} & \cellcolor{lightgray}\\
+ \hline
+ & Future work & & & & & & & \cellcolor{lightgray}\\
+ \hline
+ & Bibliography & & & & & & & \cellcolor{lightgray}\\
+ \hline
+ & Appendices & & & & & & & \cellcolor{lightgray}\\
+ \hline
+ \hline
+ Project Viva & & & & & & & & \cellcolor{gray}\\
+ \hline
+ & Viva & & & & & & & \cellcolor{lightgray}\\
+ \hline
+ \end{tabular}
+ \caption{Gantt Chart cont.}
+ \end{sidewaystable}
\ No newline at end of file
diff --git a/progress/9_Conclusions.tex b/progress/9_Conclusions.tex
index 56041283e65b57d3b3465effa085a4c464a401fc..d4a7dd3f3c6f4f1990c2f6879f32d8727bed0cdb 100644
--- a/progress/9_Conclusions.tex
+++ b/progress/9_Conclusions.tex
@@ -2,4 +2,3 @@
%% Conclusions.tex
%% ----------------------------------------------------------------
\chapter{Conclusions} \label{Chapter: Conclusions}
-It works.
diff --git a/progress/master.bib b/progress/master.bib
index 03822dfb95c33bf56c4d68ae7cc1cd2116163f04..a0bd83be1c295fb4529841ad6c84f621ff3e94c8 100644
--- a/progress/master.bib
+++ b/progress/master.bib
@@ -62,4 +62,21 @@
title = {Customers lose confidence - data breaches aren't just about fines},
year = {2018},
url = {https://www.itgovernance.co.uk/blog/customers-lose-confidence-data-breaches-arent-just-about-fines}
+}
+
+@misc{BusinessInfo,
+ author = {nibusinessinfo.co.uk, provided by Invest Northern Ireland},
+ title = {Cyber security for business},
+ url = {https://www.nibusinessinfo.co.uk/content/impact-cyber-attack-your-business}
+}
+
+@misc{Robot,
+ author = {Robot Framework Foundation},
+ url = {https://www.robotframework.org/}
+}
+
+@misc{z6mag,
+ author = {z6mag},
+ title = {Two cashback sites leaked data of 3.5 million users},
+ url = {https://z6mag.com/2019/10/16/two-cashback-sites-leaked-data-of-3-5-million-users/}
}
\ No newline at end of file
diff --git a/progress/master.pdf b/progress/master.pdf
index f435d0be542481f71cfe2dfdf71cb28ead117b29..4e5d61eff6e39905886ea73dc288e8ce2c659df3 100644
Binary files a/progress/master.pdf and b/progress/master.pdf differ
diff --git a/progress/master.tex b/progress/master.tex
index e4f4c0ab53011b2ec7d7b8110cd729e551218b01..3948ee1e8b452461adcf54cc227bff82a32b6032 100644
--- a/progress/master.tex
+++ b/progress/master.tex
@@ -17,12 +17,12 @@
\subject {}
\keywords {}
\supervisor {Professor Nawfal Fadhel}
-\examiner {TBD}
+\examiner {Dr Jie Zhang}
\degree {BSc Computer Science}
\reporttype {project progress report} % Change here if you're doing a 3YP report
\maketitle
-\include{0_Abstract}
+% \include{0_Abstract}
\tableofcontents
\listoffigures
@@ -44,7 +44,8 @@
\include{1_Chapter1}
\include{2_Chapter2}
\include{3_Chapter3}
-\include{9_Conclusions}
+\include{4_Chapter4}
+% \include{9_Conclusions}
% \include{11_Bibliography}
% \backmatter means that we've gone from 1,2,3,4,5 chapter numbering
diff --git a/progress/src/ecsgdp.cls b/progress/src/ecsgdp.cls
index 156ffa7e6c281bd17b5c6a521e1fb83dc8ee53db..005be37d2b1903a40d0737cb46ad5fc2b168086d 100644
--- a/progress/src/ecsgdp.cls
+++ b/progress/src/ecsgdp.cls
@@ -32,6 +32,7 @@
\newcommand\bhrule{\typeout{------------------------------------------------------------------------------}}
\newcommand\btypeout[1]{\bhrule\typeout{\space #1}\bhrule}
\usepackage{setspace}
+\usepackage{titlesec}
\onehalfspacing
\setlength{\parindent}{0pt}
\setlength{\parskip}{2.0ex plus0.5ex minus0.2ex}
@@ -55,8 +56,10 @@
\lhead[\rm\thepage]{\fancyplain{}{\sl{\rightmark}}}
\rhead[\fancyplain{}{\sl{\leftmark}}]{\rm\thepage}
\chead{}\lfoot{}\rfoot{}\cfoot{}
+\titleformat{\chapter}[display]
+ {\normalfont\bfseries}{}{0pt}{\Large}
\pagestyle{fancy}
-\renewcommand{\chaptermark}[1]{\btypeout{\thechapter\space #1}\markboth{\@chapapp\ \thechapter\ #1}{\@chapapp\ \thechapter\ #1}}
+\renewcommand{\chaptermark}[1]{\markboth{#1}{}}
\renewcommand{\sectionmark}[1]{}
\renewcommand{\subsectionmark}[1]{}
\def\cleardoublepage{\clearpage\if@twoside \ifodd\c@page\else
@@ -98,9 +101,10 @@
\usepackage{epstopdf}
\usepackage[scriptsize]{subfigure}
\usepackage{booktabs}
-\usepackage{rotating}
\usepackage{listings}
\usepackage{makecell}
+\usepackage[table]{xcolor}
+\usepackage[figuresright]{rotating}
\lstset{captionpos=b,
frame=tb,
basicstyle=\scriptsize\ttfamily,