Difference between revisions of "IU:TestPage"

From IU
Jump to navigation Jump to search
Line 1: Line 1:
   
= Secure development =
+
= IT COURSE =
* '''Course name''': Secure development
+
* '''Course name''': IT COURSE
* '''Code discipline''': XXX
+
* '''Code discipline''': CSE807
* '''Subject area''': Security and Networks
+
* '''Subject area''': Software Engineering
   
 
== Short Description ==
 
== Short Description ==
  +
This course has two parts: 1) building and launching a user-facing software product with the special emphasis on understanding user needs and 2) the application of data-driven product development techniques to iteratively improve the product. Students will learn how to transform an idea into software requirements through user research, prototyping and usability tests, then they will proceed to launch the MVP version of the product. In the second part of the course, the students will apply an iterative data-driven approach to developing a product, integrate event analytics, and run controlled experiments.
 
   
 
== Prerequisites ==
 
== Prerequisites ==
   
 
=== Prerequisite subjects ===
 
=== Prerequisite subjects ===
* CSE101: Introduction to Programming
+
* CSE101
  +
* CSE112
* CSE112: Software Systems Analysis and Design
 
* CSE105 or CSE128 or CSE130
+
* CSE122 or CSE804 or CSE809 or CSE812
   
 
=== Prerequisite topics ===
 
=== Prerequisite topics ===
* Basic programming skills, C/C++ is recommended
+
* Basic programming skills.
* Software design or software architecture
+
* OOP, and software design.
  +
* Familiarity with some development framework or technology (web or mobile)
* Basics of compilers
 
* Basics of computer architecture (Intel or ARM is preferrable)
 
   
 
== Course Topics ==
 
== Course Topics ==
Line 27: Line 26:
 
! Section !! Topics within the section
 
! Section !! Topics within the section
 
|-
 
|-
| Basics of security ||
+
| From idea to MVP ||
  +
# Introduction to Product Development
# Security and safety. Security and code quality. Maintainability and security. Why it is so hard to develop a secure system and what approaches may be applied? When it makes sense to drive system secure?
 
  +
# Exploring the domain: User Research and Customer Conversations
  +
# Documenting Requirements: MVP and App Features
  +
# Prototyping and usability testing
 
|-
 
|-
| Security architecture ||
+
| Development and Launch ||
  +
# Product backlog and iterative development
# NIST recommendations
 
  +
# Estimation Techniques, Acceptance Criteria, and Definition of Done
# Security principles
 
  +
# UX/UI Design
# Theoretical security: access matrix and security models
 
  +
# Software Engineering vs Product Management
# Secure by design
 
 
|-
 
|-
  +
| Hypothesis-driven development ||
| Secure coding<br> ||
 
  +
# Hypothesis-driven product development
# Security on the code level
 
  +
# Measuring a product
# SDL
 
  +
# Controlled Experiments and A/B testing
# Main binary vulnerabilities and their mitigations
 
|-
 
| Secure operating ||
 
# Security monitoring
 
# DevSecOps
 
# Dealing with 3rd parties
 
|-
 
| Security assurance ||
 
# Pen testing
 
# Fuzzing
 
# Bug Bounty programs
 
|-
 
| Linux security ||
 
# Keep it all together and see how Linux kernel deals with that.
 
# SELinux
 
# GrSec patches
 
# Why Linux is not safety system
 
 
|}
 
|}
 
== Intended Learning Outcomes (ILOs) ==
 
== Intended Learning Outcomes (ILOs) ==
   
 
=== What is the main purpose of this course? ===
 
=== What is the main purpose of this course? ===
The main purpose of this course is to give students a security vision from up to down, because the security principle of weakest link insist that the weakest part of the process/system would be the one to be attacked.
+
The main purpose of this course is to enable a student to go from an idea to an MVP with the focus on delivering value to the customer and building the product in a data-driven evidence-based manner.
   
 
=== ILOs defined at three levels ===
 
=== ILOs defined at three levels ===
Line 66: Line 52:
 
==== Level 1: What concepts should a student know/remember/explain? ====
 
==== Level 1: What concepts should a student know/remember/explain? ====
 
By the end of the course, the students should be able to ...
 
By the end of the course, the students should be able to ...
  +
* Describe the formula for stating a product idea and the importance of delivering value
* Reason about the limitation of different security policies
 
* Remember main security principles
+
* Remember the definition and main attributes of MVP
  +
* Explain what are the main principles for building an effective customer conversation
* List SDL stages
 
* Describe the difference between security and safety
+
* Describe various classification of prototypes and where each one is applied
  +
* State the characteristics of a DEEP product backlog
* Explain basic binary vulnerabilities
 
  +
* Elaborate on the main principles of an effective UI/UX product design (hierarchy, navigation, color, discoverability, understandability)
* Specify the required security assurance
 
  +
* List the key commonalities and differences between the mentality of a software engineer and a product manager
* Describe the key elements of SOC systems
 
* Explain why fuzzing is not the same as unit or integration testing
+
* Explain what is hypothesis-driven development
  +
* Describe the important aspects and elements of a controlled experiment
   
 
==== Level 2: What basic practical skills should a student be able to perform? ====
 
==== Level 2: What basic practical skills should a student be able to perform? ====
 
By the end of the course, the students should be able to ...
 
By the end of the course, the students should be able to ...
  +
* Formulate and assess the product ideas
* Read CVEs and understand its impact instead of trusting other experts
 
* Perform Threat Modeling
+
* Perform market research for existing products
  +
* Design effective customer conversations
* Review code to find insecure patterns
 
  +
* Prototype UI, design and conduct usability tests
* Deal with open source code securely
 
  +
* Prototype user interface
* Explain the value of bug bounty programme and find the right moment to start it
 
  +
* Design and conduct usability testing
  +
* Populate and groom a product backlog
  +
* Conduct Sprint Planning and Review
  +
* Choose product metrics and apply GQM
  +
* Integrate a third-party Analytics tools
  +
* Design, run and conclude Controlled experiments
   
 
==== Level 3: What complex comprehensive skills should a student be able to apply in real-life scenarios? ====
 
==== Level 3: What complex comprehensive skills should a student be able to apply in real-life scenarios? ====
 
By the end of the course, the students should be able to ...
 
By the end of the course, the students should be able to ...
  +
* Conduct user and domain research to identify user needs and possible solutions
* Reason about security and safety of the system
 
  +
* Elicit and document software requirements
* Suggest hardenings and architecture drifts to achieve required level of s&s
 
  +
* Organize a software process to swiftly launch an MVP and keep improving it in an iterative manner.
* Propose process improvement in a cost-effective manner that would drastically improve the security and safety level.
 
  +
* Build a data pipeline to monitor metrics based on business goals and assess product progress in regards to design changes.
  +
* Evolve and improve a product in a data-driven evidence-based iterative manner
 
== Grading ==
 
== Grading ==
   
Line 96: Line 91:
 
! Grade !! Range !! Description of performance
 
! Grade !! Range !! Description of performance
 
|-
 
|-
| A. Excellent || 80-100 || -
+
| A. Excellent || 90-100 || -
 
|-
 
|-
| B. Good || 60-79 || -
+
| B. Good || 75-89 || -
 
|-
 
|-
| C. Satisfactory || 40-59 || -
+
| C. Satisfactory || 60-74 || -
 
|-
 
|-
| D. Fail || 0-39 || -
+
| D. Fail || 0-59 || -
 
|}
 
|}
   
Line 111: Line 106:
 
! Activity Type !! Percentage of the overall course grade
 
! Activity Type !! Percentage of the overall course grade
 
|-
 
|-
| Assignment/Labs || 70
+
| Assignment || 50
 
|-
 
|-
| Final quiz || 30
+
| Quizzes || 15
  +
|-
  +
| Peer review || 15
  +
|-
  +
| Demo day || 20
 
|}
 
|}
   
 
=== Recommendations for students on how to succeed in the course ===
 
=== Recommendations for students on how to succeed in the course ===
Participation is important. Showing up is the key to success in this course.<br>If you don’t have a corresponding technical background, please do not hesitate to ask lecturer. If you feel that the gap is deep, request for extra reading.<br>Reading the recommended literature is optional, and will give you a deeper understanding of the material.
+
Participation is important. Showing up is the key to success in this course.<br>You will work in teams, so coordinating teamwork will be an important factor for success. This is also reflected in the peer review being a graded item.<br>Review lecture materials before classes to do well in quizzes.<br>Reading the recommended literature is optional, and will give you a deeper understanding of the material.
   
 
== Resources, literature and reference materials ==
 
== Resources, literature and reference materials ==
   
 
=== Open access resources ===
 
=== Open access resources ===
  +
* Jackson, Michael. "The world and the machine." ICSE '95: Proceedings of the 17th international conference on Software engineeringApril 1995 Pages 283–292,
* Owasp.com
 
  +
* The Guide to Product Metrics:
* MITRE SOC Operations https://www.mitre.org/sites/default/files/publications/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf
 
* MISRA, AUTOSAR, SEI CERT
 
* https://www.microsoft.com/en-us/securityengineering/sdl
 
* Managing Security Risks Inherent in the Use of Third-Party Components
 
   
 
=== Closed access resources ===
 
=== Closed access resources ===
  +
* Fitzpatrick, R. (2013). The Mom Test: How to talk to customers & learn if your business is a good idea when everyone is lying to you. Robfitz Ltd.
* Matt Bishop, (2018) “Computer Security: Art and Science”
 
  +
* Reis, E. (2011). The lean startup. New York: Crown Business, 27.
* D Deougun, DB Jonhsson, D Sawano (2019) “Secure by design”
 
  +
* Rubin, K. S. (2012). Essential Scrum: A practical guide to the most popular Agile process. Addison-Wesley.
* D LeBlanc, Michael Howard (2002) “Writing secure code”
 
* ISO26262
 
   
 
=== Software and tools used within the course ===
 
=== Software and tools used within the course ===
  +
* Firebase Analytics and A/B Testing, https://firebase.google.com/
* Some static analyser
 
  +
* Amplitude Product Analytics, https://www.amplitude.com/
* AFL
 
  +
* MixPanel Product Analytics, https://mixpanel.com/
* snyk.io
 
 
= Teaching Methodology: Methods, techniques, & activities =
 
= Teaching Methodology: Methods, techniques, & activities =
   
Line 144: Line 139:
 
|+ Teaching and Learning Methods within each section
 
|+ Teaching and Learning Methods within each section
 
|-
 
|-
! Teaching Techniques !! Section 1 !! Section 2 !! Section 3 !! Section 4 !! Section 5 !! Section 6
+
! Teaching Techniques !! Section 1 !! Section 2 !! Section 3
 
|-
 
|-
| Problem-based learning (students learn by solving open-ended problems without a strictly-defined solution) || 1 || 1 || 1 || 1 || 1 || 1
+
| Problem-based learning (students learn by solving open-ended problems without a strictly-defined solution) || 1 || 1 || 1
 
|-
 
|-
| Modular learning (facilitated self-study) || 1 || 1 || 1 || 1 || 1 || 1
+
| Project-based learning (students work on a project) || 1 || 1 || 1
 
|-
 
|-
| Differentiated learning (provide tasks and activities at several levels of difficulty to fit students needs and level) || 1 || 1 || 1 || 1 || 1 || 1
+
| Differentiated learning (provide tasks and activities at several levels of difficulty to fit students needs and level) || 1 || 1 || 1
 
|-
 
|-
  +
| развивающего обучения (задания и материал "прокачивают" ещё нераскрытые возможности студентов); || 1 || 1 || 1
| Contextual learning (activities and tasks are connected to the real world to make it easier for students to relate to them); || 1 || 1 || 1 || 1 || 1 || 1
 
 
|-
 
|-
  +
| концентрированного обучения (занятия по одной большой теме логически объединяются); || 1 || 1 || 1
| Business game (learn by playing a game that incorporates the principles of the material covered within the course). || 1 || 1 || 1 || 1 || 1 || 1
 
  +
|-
  +
| inquiry-based learning || 1 || 1 || 1
 
|}
 
|}
 
{| class="wikitable"
 
{| class="wikitable"
 
|+ Activities within each section
 
|+ Activities within each section
 
|-
 
|-
! Learning Activities !! Section 1 !! Section 2 !! Section 3 !! Section 4 !! Section 5 !! Section 6
+
! Learning Activities !! Section 1 !! Section 2 !! Section 3
  +
|-
  +
| Lectures || 1 || 1 || 1
  +
|-
  +
| Interactive Lectures || 1 || 1 || 1
  +
|-
  +
| Lab exercises || 1 || 1 || 1
  +
|-
  +
| Development of individual parts of software product code || 1 || 1 || 1
  +
|-
  +
| Group projects || 1 || 1 || 1
  +
|-
  +
| Quizzes (written or computer based) || 1 || 1 || 1
  +
|-
  +
| Peer Review || 1 || 1 || 1
  +
|-
  +
| Discussions || 1 || 1 || 1
  +
|-
  +
| Presentations by students || 1 || 1 || 1
 
|-
 
|-
| Lectures || 1 || 1 || 1 || 1 || 1 || 1
+
| Written reports || 1 || 1 || 1
 
|-
 
|-
| Lab exercises || 1 || 1 || 1 || 1 || 1 || 1
+
| Experiments || 0 || 0 || 1
 
|}
 
|}
 
== Formative Assessment and Course Activities ==
 
== Formative Assessment and Course Activities ==
Line 175: Line 190:
 
! Activity Type !! Content !! Is Graded?
 
! Activity Type !! Content !! Is Graded?
 
|-
 
|-
  +
| Quiz || 1. What is a product? What are the techniques for describing a product idea in a clear concise manner?<br>2. What user research techniques do you know? In what situations are they applied?<br>3. What are the key customer conversation principles according to the Mom Test technique? Bring an example of bad and good questions to ask.<br>4. What are the 4 phases of the requirements engineering process? <br>5. How do we document requirements? What techniques do you know? || 1
| Individual Assignments || A2: Product Ideation and Market Research<br>Find all weakness in the code snippet. Suggest how to fix them in a secure way. What is your recommendation for the code author? || 1
 
  +
|-
  +
| Presentation || Prepare a short 2-minutes pitch for your project idea (2-5 slides). <br><br>Suggested structure:<br>What problem you are solving:<br>- State the problem clearly in 2-3 short sentences.<br><br>Who are you solving it for:<br>- Who is your user/customer?<br>- Why will they be attracted to it?<br><br>What is your proposed solution to solve that problem:<br>- One sentence description<br>- What main feature(s) will it have? || 0
  +
|-
  +
| Individual Assignments || A1: Product Ideation and Market Research<br>Formulate 3 project ideas in the following format:<br>X helps Y to do Z – where X is your product’s name, Y is the target user, and Z is what user activity product help with.<br><br>Submit Link to Screenshot board and Feature Analysis Table:<br>- Pick and explore 5 apps similar to your idea<br>- Take screenshots along the way and collect them on a board.<br>- Make a qualitative analysis table for app features.<br><br>Prepare a short 2-minutes pitch for your project idea (2-5 slides). <br><br>Suggested structure:<br>What problem you are solving:<br>- State the problem clearly in 2-3 short sentences.<br><br>Who are you solving it for:<br>- Who is your user/customer?<br>- Why will they be attracted to it?<br><br>What is your proposed solution to solve that problem:<br>- One sentence description<br>- What main feature(s) will it have? || 1
  +
|-
  +
| Group Project Work || A2: Forming Teams and Identifying Stakeholders<br>Students are distributed into teams. <br>Meet your team <br>Discuss the idea<br>Agree on the roles<br>Setup task tracker (Trello or similar)<br>Identify 3-5 stakeholders and how to approach them<br>Compose a set of 5 most important questions you would ask from each stakeholder when interviewing them<br><br>Submit<br>A pdf with the idea description, roles distribution among the team, identified stakeholders, ways to approach them, a set of questions for each stakeholder.<br>An invite link to join your task tracker<br><br>A3: Domain Exploration and Requirements<br>User Research Process:<br>Compose the questionnaire for each stakeholder type. <br>Talk to 5-7 stakeholders.<br>Keep updating the questionnaire throughout the process<br>Compose an interview results table<br>Produce personas<br>Summarize most important learning points<br>Describe features your MVP will have (use case diagram + user story mapping)<br><br>Submit a pdf report with:<br>Personas + corresponding questionnaires<br>Interview results table (can provide a link to spreadsheet, make sure to open access)<br>Learning points summary<br>MVP features.<br><br>Optional: <br>Start implementation of the functionality you are certain about.<br><br>Assignment 4. UI design, Prototyping, MVP, and Usability Testing<br>Break down MVP features into phases and cut down the specification to implement MVP V1<br>Produce low and high fidelity designs for your product.<br>Review the phases breakdown.<br>Follow either the Prototyping or MVP path to complete the assignment.<br><br>Prototyping path:<br>Make a clickable prototype with Figma or a similar tool<br>Make 5-10 offline stakeholders use your prototype, observe them and gather feedback<br>Embed your prototype into an online usability testing tool (e.g. Maze).<br>Run an online usability test with 5-10 online stakeholders.<br>Summarize key learning points<br><br>MVP path:<br>Review your MVP phases.<br>Build MVP V1 <br>Make 5-10 offline stakeholders use your MVP, observe them and gather feedback<br>Integrate an online usability testing tool to observe user sessions (e.g. Smartlook).<br>Distribute the MVP to 5-10 online stakeholders and run an online usability test.<br>Summarize key learning points<br><br><br>Submit all of the below in one PDF:<br>Link to sketches and designs.<br>Link to your MVP/Clickable prototype.<br>Link to online usability test.<br>Names of people you conducted the tests with and which stakeholder type are they.<br>Key learning points summary.<br><br>Make sure all links are accessible/viewable. || 1
 
|}
 
|}
 
==== Section 2 ====
 
==== Section 2 ====
  +
{| class="wikitable"
 
  +
|+
  +
|-
  +
! Activity Type !! Content !! Is Graded?
  +
|-
  +
| Quiz || 1. What does the acronym MVP stand for? What types of MVP do you know of?<br>2. Define roles, activities, and artefacts of Scrum. What differentiates Scrum from other Agile frameworks, e.g. Kanban?<br>3. What does DEEP criteria stand for when discussing Product Backlog? Explain each of the aspects with examples.<br>4. Describe how Scrum activities are performed. Which of them are essential and which of them can vary depending on the product. || 1
  +
|-
  +
| Presentation || Prepare a 5-mins presentation describing your: <br>product backlog<br>sprint results<br>MVP-launch plan<br>Each team will present at the class. The assessment will be based on the presentation delivery, reasoning for decision making and asking questions and providing suggestions for other teams. || 0
  +
|-
  +
| Group Project Work || Assignment 5. Launching an MVP<br>1. Populate and groom product backlog: <br>Comply with the DEEP criteria. <br>2. Run two one-week sprints:<br>Conduct two Sprint plannings, i.e. pick the tasks for Sprint Backlog.<br>Conduct two Sprint reviews<br>Run one Sprint Retrospective<br>3. Make a launch plan and release:<br>You need to launch in the following two weeks.<br>Decide what functionality will go into the release.<br>Release your first version in Google Play.<br>Hint: Focus on a small set of features solving a specific problem for a specific user, i.e. MVP.<br>4. Prepare a 5-mins presentation describing your: <br>product backlog<br>sprint results<br>MVP-launch plan.<br>Demo for your launched MVP.<br>Each team will present at the class. The assessment will be based on the presentation delivery, reasoning for decision making and asking questions and providing suggestions for other teams.<br>5. Submit a PDF with:<br>Backlogs and Launch plan<br>Link to the launched product<br>Assignment 6. AC, DoD and Midterm Presentation<br>1. Produce acceptance criteria for 3-5 most important user stories in your product.<br>2. Produce definition of done checklist<br>3. Estimate the items in your product backlog<br>4. Prepare a midterm presentation for 10-mins in which you cover:<br>The problem you are trying to solve<br>Your users and customers (personas)<br>Your solution and it's core value proposition<br>Current state of your product<br>Clear plan for the upcoming weeks<br>Your team and distribution of responsibilities<br>Demo<br>Retrospective and learning points<br>Link to your app<br><br>Submit a pdf with:<br>Items 1, 2, 3<br>link to the presentation<br> || 1
  +
|}
 
==== Section 3 ====
 
==== Section 3 ====
  +
{| class="wikitable"
 
  +
|+
==== Section 4 ====
 
  +
|-
 
  +
! Activity Type !! Content !! Is Graded?
==== Section 5 ====
 
  +
|-
 
  +
| Quiz || 1. What are common product hypotheses present? How can we formulate them as questions about our UX?<br>2. Explain what is hypothesis-driven development<br>3. Describe the important aspects and elements of a controlled experiment || 1
==== Section 6 ====
 
  +
|-
 
  +
| Presentation || Prepare a short 2-minutes pitch for your project idea (2-5 slides). <br><br>Suggested structure:<br>What problem you are solving:<br>- State the problem clearly in 2-3 short sentences.<br><br>Who are you solving it for:<br>- Who is your user/customer?<br>- Why will they be attracted to it?<br><br>What is your proposed solution to solve that problem:<br>- One sentence description<br>- What main feature(s) will it have? || 0
  +
|-
  +
| Group project work || Assignment 7: Development, Observation, and Product Events.<br>1. Continue with your development process:<br>- Hold sprint planning and reviews.<br>- Revisit estimations and keep track for velocity calculation.<br>- Host demos and release new versions to your users<br><br>2. Observing users:<br>- Integrate a user sessions recording tool into your product<br>- As a team: watch 100 user sessions and outline common user behavior patterns.<br>- Each team member: give product to 3 new people and observe them use it.<br><br>3. Product events:<br>Create a product events table.<br>Integrate a free analytics tool that supports events reporting (e.g. Amplitude, MixPanel).<br><br>Write and submit a report:<br>- describe user behavior patterns (main ways how people use your product).<br>- learning points from the observations<br>- add the events table.<br>- describe which analytics tool you chose and why<br><br>Assignment 8: GQM, Metrics, and Hypothesis-testing.<br>1. GQM and Metrics Dashboard<br>- Compose a GQM for your product.<br>- Identify your focus and L1 metrics<br>- Setup an Analytics Dashboard with the metrics you chose.<br>- Add the instructors to your Analytics Dashboard.<br><br>Hypothesis-testing:<br>- answer clarity and hypotheses: do users understand your product, is it easy for them to get started, and do they return?<br>- suggest product improvements to increase clarity, ease of starting and retention.<br>- based on the suggestions formulate 3 falsifiable hypotheses<br>- design a simple test to check each of them<br>- pick one test that could be conducted by observing your users<br>- conduct the test<br><br>Submit:<br>- GQM, Focus and L1 Metrics breakdown.<br>- Report on the hypothesis-testing activities<br>- Access link to the dashboard.<br>Assignment 9: Running an A/B test<br>Compose an A/B test:<br>- Design a change in your product<br>- Hypothesis: Clearly state what you expect to improve as the result of the change.<br>- Parameter and Variants: Describe both A and B variants (and other if you have more).<br>- Intended sample size.<br>- OEC: Determine the target metric to run the experiment against.<br><br>Then do one of the two options:<br>Option 1: Conduct the A/B test using a remote control and A/B testing tool (Firebase, Optimizely or like)<br><br>Option 2: Do the statistical math yourself<br>Conduct an A/B test and collect data.<br>Do the math manually using the standard Student T-test.<br><br>Submit a PDF with:<br>- the A/B test description <br>- report on how the experiment went.<br>- either screenshots from the tool or math calculations. || 1
  +
|}
 
=== Final assessment ===
 
=== Final assessment ===
 
'''Section 1'''
 
'''Section 1'''
  +
# Grading criteria for the final project presentation:
 
  +
# Problem: short clear statement on what you are solving, and why it’s important.
  +
# User: should be a specific user, can start from generic and then show how you narrowed it.
  +
# Solution: how do you target the problem, what were the initial assumptions/hypotheses
  +
# Elicitation process: interviews, how many people, what questions you asked, what you learnt.
 
'''Section 2'''
 
'''Section 2'''
  +
# Arriving at MVP: how you chose features, describe prototyping and learning from it, when did you launch, and how it went.
 
  +
# Team and development process: how it evolved, what were the challenges, what fixes you made to keep progressing.
  +
# Product demo: make it clear what your current product progress is.
 
'''Section 3'''
 
'''Section 3'''
  +
# Hypothesis-driven development: how did you verify value and understandability of your product, what were the main hypotheses you had to check through MVP.
 
  +
# Measuring product: what metrics you chose, why, what funnels did you set for yourself, and what was the baseline for your MVP.
'''Section 4'''
 
  +
# Experimentation: What usability tests and experiments you conducted, what did you learn, how did it affect your funnels and metrics.
 
'''Section 5'''
 
 
'''Section 6'''
 
 
   
 
=== The retake exam ===
 
=== The retake exam ===
 
'''Section 1'''
 
'''Section 1'''
  +
# .3 The retake exam.
 
  +
# For the retake, students have to implement a product and follow the guidelines of the course. The complexity of the product can be reduced, if it is one person working on it. The grading criteria for each section are the same as for the final project presentation. There has to be a meeting before the retake itself to plan and agree on the product ideas, and to answer questions.
 
'''Section 2'''
 
'''Section 2'''
   
 
'''Section 3'''
 
'''Section 3'''
 
'''Section 4'''
 
 
'''Section 5'''
 
 
'''Section 6'''
 

Revision as of 12:05, 12 September 2022

IT COURSE

  • Course name: IT COURSE
  • Code discipline: CSE807
  • Subject area: Software Engineering

Short Description

This course has two parts: 1) building and launching a user-facing software product with the special emphasis on understanding user needs and 2) the application of data-driven product development techniques to iteratively improve the product. Students will learn how to transform an idea into software requirements through user research, prototyping and usability tests, then they will proceed to launch the MVP version of the product. In the second part of the course, the students will apply an iterative data-driven approach to developing a product, integrate event analytics, and run controlled experiments.

Prerequisites

Prerequisite subjects

  • CSE101
  • CSE112
  • CSE122 or CSE804 or CSE809 or CSE812

Prerequisite topics

  • Basic programming skills.
  • OOP, and software design.
  • Familiarity with some development framework or technology (web or mobile)

Course Topics

Course Sections and Topics
Section Topics within the section
From idea to MVP
  1. Introduction to Product Development
  2. Exploring the domain: User Research and Customer Conversations
  3. Documenting Requirements: MVP and App Features
  4. Prototyping and usability testing
Development and Launch
  1. Product backlog and iterative development
  2. Estimation Techniques, Acceptance Criteria, and Definition of Done
  3. UX/UI Design
  4. Software Engineering vs Product Management
Hypothesis-driven development
  1. Hypothesis-driven product development
  2. Measuring a product
  3. Controlled Experiments and A/B testing

Intended Learning Outcomes (ILOs)

What is the main purpose of this course?

The main purpose of this course is to enable a student to go from an idea to an MVP with the focus on delivering value to the customer and building the product in a data-driven evidence-based manner.

ILOs defined at three levels

Level 1: What concepts should a student know/remember/explain?

By the end of the course, the students should be able to ...

  • Describe the formula for stating a product idea and the importance of delivering value
  • Remember the definition and main attributes of MVP
  • Explain what are the main principles for building an effective customer conversation
  • Describe various classification of prototypes and where each one is applied
  • State the characteristics of a DEEP product backlog
  • Elaborate on the main principles of an effective UI/UX product design (hierarchy, navigation, color, discoverability, understandability)
  • List the key commonalities and differences between the mentality of a software engineer and a product manager
  • Explain what is hypothesis-driven development
  • Describe the important aspects and elements of a controlled experiment

Level 2: What basic practical skills should a student be able to perform?

By the end of the course, the students should be able to ...

  • Formulate and assess the product ideas
  • Perform market research for existing products
  • Design effective customer conversations
  • Prototype UI, design and conduct usability tests
  • Prototype user interface
  • Design and conduct usability testing
  • Populate and groom a product backlog
  • Conduct Sprint Planning and Review
  • Choose product metrics and apply GQM
  • Integrate a third-party Analytics tools
  • Design, run and conclude Controlled experiments

Level 3: What complex comprehensive skills should a student be able to apply in real-life scenarios?

By the end of the course, the students should be able to ...

  • Conduct user and domain research to identify user needs and possible solutions
  • Elicit and document software requirements
  • Organize a software process to swiftly launch an MVP and keep improving it in an iterative manner.
  • Build a data pipeline to monitor metrics based on business goals and assess product progress in regards to design changes.
  • Evolve and improve a product in a data-driven evidence-based iterative manner

Grading

Course grading range

Grade Range Description of performance
A. Excellent 90-100 -
B. Good 75-89 -
C. Satisfactory 60-74 -
D. Fail 0-59 -

Course activities and grading breakdown

Activity Type Percentage of the overall course grade
Assignment 50
Quizzes 15
Peer review 15
Demo day 20

Recommendations for students on how to succeed in the course

Participation is important. Showing up is the key to success in this course.
You will work in teams, so coordinating teamwork will be an important factor for success. This is also reflected in the peer review being a graded item.
Review lecture materials before classes to do well in quizzes.
Reading the recommended literature is optional, and will give you a deeper understanding of the material.

Resources, literature and reference materials

Open access resources

  • Jackson, Michael. "The world and the machine." ICSE '95: Proceedings of the 17th international conference on Software engineeringApril 1995 Pages 283–292,
  • The Guide to Product Metrics:

Closed access resources

  • Fitzpatrick, R. (2013). The Mom Test: How to talk to customers & learn if your business is a good idea when everyone is lying to you. Robfitz Ltd.
  • Reis, E. (2011). The lean startup. New York: Crown Business, 27.
  • Rubin, K. S. (2012). Essential Scrum: A practical guide to the most popular Agile process. Addison-Wesley.

Software and tools used within the course

Teaching Methodology: Methods, techniques, & activities

Activities and Teaching Methods

Teaching and Learning Methods within each section
Teaching Techniques Section 1 Section 2 Section 3
Problem-based learning (students learn by solving open-ended problems without a strictly-defined solution) 1 1 1
Project-based learning (students work on a project) 1 1 1
Differentiated learning (provide tasks and activities at several levels of difficulty to fit students needs and level) 1 1 1
развивающего обучения (задания и материал "прокачивают" ещё нераскрытые возможности студентов); 1 1 1
концентрированного обучения (занятия по одной большой теме логически объединяются); 1 1 1
inquiry-based learning 1 1 1
Activities within each section
Learning Activities Section 1 Section 2 Section 3
Lectures 1 1 1
Interactive Lectures 1 1 1
Lab exercises 1 1 1
Development of individual parts of software product code 1 1 1
Group projects 1 1 1
Quizzes (written or computer based) 1 1 1
Peer Review 1 1 1
Discussions 1 1 1
Presentations by students 1 1 1
Written reports 1 1 1
Experiments 0 0 1

Formative Assessment and Course Activities

Ongoing performance assessment

Section 1

Activity Type Content Is Graded?
Quiz 1. What is a product? What are the techniques for describing a product idea in a clear concise manner?
2. What user research techniques do you know? In what situations are they applied?
3. What are the key customer conversation principles according to the Mom Test technique? Bring an example of bad and good questions to ask.
4. What are the 4 phases of the requirements engineering process?
5. How do we document requirements? What techniques do you know?
1
Presentation Prepare a short 2-minutes pitch for your project idea (2-5 slides).

Suggested structure:
What problem you are solving:
- State the problem clearly in 2-3 short sentences.

Who are you solving it for:
- Who is your user/customer?
- Why will they be attracted to it?

What is your proposed solution to solve that problem:
- One sentence description
- What main feature(s) will it have?
0
Individual Assignments A1: Product Ideation and Market Research
Formulate 3 project ideas in the following format:
X helps Y to do Z – where X is your product’s name, Y is the target user, and Z is what user activity product help with.

Submit Link to Screenshot board and Feature Analysis Table:
- Pick and explore 5 apps similar to your idea
- Take screenshots along the way and collect them on a board.
- Make a qualitative analysis table for app features.

Prepare a short 2-minutes pitch for your project idea (2-5 slides).

Suggested structure:
What problem you are solving:
- State the problem clearly in 2-3 short sentences.

Who are you solving it for:
- Who is your user/customer?
- Why will they be attracted to it?

What is your proposed solution to solve that problem:
- One sentence description
- What main feature(s) will it have?
1
Group Project Work A2: Forming Teams and Identifying Stakeholders
Students are distributed into teams.
Meet your team
Discuss the idea
Agree on the roles
Setup task tracker (Trello or similar)
Identify 3-5 stakeholders and how to approach them
Compose a set of 5 most important questions you would ask from each stakeholder when interviewing them

Submit
A pdf with the idea description, roles distribution among the team, identified stakeholders, ways to approach them, a set of questions for each stakeholder.
An invite link to join your task tracker

A3: Domain Exploration and Requirements
User Research Process:
Compose the questionnaire for each stakeholder type.
Talk to 5-7 stakeholders.
Keep updating the questionnaire throughout the process
Compose an interview results table
Produce personas
Summarize most important learning points
Describe features your MVP will have (use case diagram + user story mapping)

Submit a pdf report with:
Personas + corresponding questionnaires
Interview results table (can provide a link to spreadsheet, make sure to open access)
Learning points summary
MVP features.

Optional:
Start implementation of the functionality you are certain about.

Assignment 4. UI design, Prototyping, MVP, and Usability Testing
Break down MVP features into phases and cut down the specification to implement MVP V1
Produce low and high fidelity designs for your product.
Review the phases breakdown.
Follow either the Prototyping or MVP path to complete the assignment.

Prototyping path:
Make a clickable prototype with Figma or a similar tool
Make 5-10 offline stakeholders use your prototype, observe them and gather feedback
Embed your prototype into an online usability testing tool (e.g. Maze).
Run an online usability test with 5-10 online stakeholders.
Summarize key learning points

MVP path:
Review your MVP phases.
Build MVP V1
Make 5-10 offline stakeholders use your MVP, observe them and gather feedback
Integrate an online usability testing tool to observe user sessions (e.g. Smartlook).
Distribute the MVP to 5-10 online stakeholders and run an online usability test.
Summarize key learning points


Submit all of the below in one PDF:
Link to sketches and designs.
Link to your MVP/Clickable prototype.
Link to online usability test.
Names of people you conducted the tests with and which stakeholder type are they.
Key learning points summary.

Make sure all links are accessible/viewable.
1

Section 2

Activity Type Content Is Graded?
Quiz 1. What does the acronym MVP stand for? What types of MVP do you know of?
2. Define roles, activities, and artefacts of Scrum. What differentiates Scrum from other Agile frameworks, e.g. Kanban?
3. What does DEEP criteria stand for when discussing Product Backlog? Explain each of the aspects with examples.
4. Describe how Scrum activities are performed. Which of them are essential and which of them can vary depending on the product.
1
Presentation Prepare a 5-mins presentation describing your:
product backlog
sprint results
MVP-launch plan
Each team will present at the class. The assessment will be based on the presentation delivery, reasoning for decision making and asking questions and providing suggestions for other teams.
0
Group Project Work Assignment 5. Launching an MVP
1. Populate and groom product backlog:
Comply with the DEEP criteria.
2. Run two one-week sprints:
Conduct two Sprint plannings, i.e. pick the tasks for Sprint Backlog.
Conduct two Sprint reviews
Run one Sprint Retrospective
3. Make a launch plan and release:
You need to launch in the following two weeks.
Decide what functionality will go into the release.
Release your first version in Google Play.
Hint: Focus on a small set of features solving a specific problem for a specific user, i.e. MVP.
4. Prepare a 5-mins presentation describing your:
product backlog
sprint results
MVP-launch plan.
Demo for your launched MVP.
Each team will present at the class. The assessment will be based on the presentation delivery, reasoning for decision making and asking questions and providing suggestions for other teams.
5. Submit a PDF with:
Backlogs and Launch plan
Link to the launched product
Assignment 6. AC, DoD and Midterm Presentation
1. Produce acceptance criteria for 3-5 most important user stories in your product.
2. Produce definition of done checklist
3. Estimate the items in your product backlog
4. Prepare a midterm presentation for 10-mins in which you cover:
The problem you are trying to solve
Your users and customers (personas)
Your solution and it's core value proposition
Current state of your product
Clear plan for the upcoming weeks
Your team and distribution of responsibilities
Demo
Retrospective and learning points
Link to your app

Submit a pdf with:
Items 1, 2, 3
link to the presentation
1

Section 3

Activity Type Content Is Graded?
Quiz 1. What are common product hypotheses present? How can we formulate them as questions about our UX?
2. Explain what is hypothesis-driven development
3. Describe the important aspects and elements of a controlled experiment
1
Presentation Prepare a short 2-minutes pitch for your project idea (2-5 slides).

Suggested structure:
What problem you are solving:
- State the problem clearly in 2-3 short sentences.

Who are you solving it for:
- Who is your user/customer?
- Why will they be attracted to it?

What is your proposed solution to solve that problem:
- One sentence description
- What main feature(s) will it have?
0
Group project work Assignment 7: Development, Observation, and Product Events.
1. Continue with your development process:
- Hold sprint planning and reviews.
- Revisit estimations and keep track for velocity calculation.
- Host demos and release new versions to your users

2. Observing users:
- Integrate a user sessions recording tool into your product
- As a team: watch 100 user sessions and outline common user behavior patterns.
- Each team member: give product to 3 new people and observe them use it.

3. Product events:
Create a product events table.
Integrate a free analytics tool that supports events reporting (e.g. Amplitude, MixPanel).

Write and submit a report:
- describe user behavior patterns (main ways how people use your product).
- learning points from the observations
- add the events table.
- describe which analytics tool you chose and why

Assignment 8: GQM, Metrics, and Hypothesis-testing.
1. GQM and Metrics Dashboard
- Compose a GQM for your product.
- Identify your focus and L1 metrics
- Setup an Analytics Dashboard with the metrics you chose.
- Add the instructors to your Analytics Dashboard.

Hypothesis-testing:
- answer clarity and hypotheses: do users understand your product, is it easy for them to get started, and do they return?
- suggest product improvements to increase clarity, ease of starting and retention.
- based on the suggestions formulate 3 falsifiable hypotheses
- design a simple test to check each of them
- pick one test that could be conducted by observing your users
- conduct the test

Submit:
- GQM, Focus and L1 Metrics breakdown.
- Report on the hypothesis-testing activities
- Access link to the dashboard.
Assignment 9: Running an A/B test
Compose an A/B test:
- Design a change in your product
- Hypothesis: Clearly state what you expect to improve as the result of the change.
- Parameter and Variants: Describe both A and B variants (and other if you have more).
- Intended sample size.
- OEC: Determine the target metric to run the experiment against.

Then do one of the two options:
Option 1: Conduct the A/B test using a remote control and A/B testing tool (Firebase, Optimizely or like)

Option 2: Do the statistical math yourself
Conduct an A/B test and collect data.
Do the math manually using the standard Student T-test.

Submit a PDF with:
- the A/B test description
- report on how the experiment went.
- either screenshots from the tool or math calculations.
1

Final assessment

Section 1

  1. Grading criteria for the final project presentation:
  2. Problem: short clear statement on what you are solving, and why it’s important.
  3. User: should be a specific user, can start from generic and then show how you narrowed it.
  4. Solution: how do you target the problem, what were the initial assumptions/hypotheses
  5. Elicitation process: interviews, how many people, what questions you asked, what you learnt.

Section 2

  1. Arriving at MVP: how you chose features, describe prototyping and learning from it, when did you launch, and how it went.
  2. Team and development process: how it evolved, what were the challenges, what fixes you made to keep progressing.
  3. Product demo: make it clear what your current product progress is.

Section 3

  1. Hypothesis-driven development: how did you verify value and understandability of your product, what were the main hypotheses you had to check through MVP.
  2. Measuring product: what metrics you chose, why, what funnels did you set for yourself, and what was the baseline for your MVP.
  3. Experimentation: What usability tests and experiments you conducted, what did you learn, how did it affect your funnels and metrics.

The retake exam

Section 1

  1. .3 The retake exam.
  2. For the retake, students have to implement a product and follow the guidelines of the course. The complexity of the product can be reduced, if it is one person working on it. The grading criteria for each section are the same as for the final project presentation. There has to be a meeting before the retake itself to plan and agree on the product ideas, and to answer questions.

Section 2

Section 3