Skip to main content

Software Development Life Cycle (SDLC): Phases and Methodologies

著者:
0 分で読めます

As software development tools continue to improve, new possibilities for building more advanced and sophisticated software are being opened at unprecedented speeds. Writing code is only one element of the software delivery process, but planning, management, and communication are equally important. This is where the software development life cycle (SDLC) plays an important role.

What Is SDLC?

SDLC stands for software development life cycle and describes the process of shipping any kind of software deliverable, from small features to entire multi-million dollar systems. SDLC involves a number of phases, representing the sequence of steps required to go from concept to deliverable.

The execution of these phases can vary significantly depending on the nature of the project and how it is managed.

Why Is SDLC Important?

The software development life cycle provides a structured framework for approaching software projects, which often come with a high level of uncertainty. It allows project stakeholders to better understand what is required, identify issues early on, keep costs down, and deliver higher-quality software.

What are the 7 phases of SDLC?

While software development is often thought of as simply writing code, there are, in fact, several software development life cycle stages prior to delivery, of which programming is only one. These phases include requirements gathering, analysis, design, development, testing, deployment, and maintenance.

wordpress-sync/sdlc_v2
SDLC の 7 つのフェーズ

Depending on the SDLC methodologies employed, the SDLC phases are not necessarily a linear sequence. The stages may, in fact, overlap or change order, as we will see below, where we discuss each of the individual phases.

1. Requirements Gathering

Before embarking on any software development project, it’s important to understand what actually needs to be done. It is not uncommon for development teams and their clients to have different ideas about what the final deliverable should look like. For example, the client might not know exactly what they need initially. Later in the project, however, once they can test the software, they may have a clearer idea.

The problem, however, is that it is already too late at this stage. Development teams could invest lots of time and effort in building a system with no validation, at which point it would take far more effort to change it to meet the client’s criteria and vision for the solution. Therefore, it is critical to work closely with the client from the earliest stages to understand their pain points and elicit requirements effectively.

Beyond the initiation stage, the client should provide feedback throughout the software development life cycle process to make adjustments and ensure the client and development team are on the same page.

2. Analysis

After examining the problem that needs to be addressed in the requirements gathering stage, the development team is tasked with determining the best approach for achieving a solution. They must provide an estimate of the efforts involved in delivering such a project, including costs and a delivery timeline, but without going into too many technical details so early on in the project. The goal here is to assess the project’s feasibility based on budget and the expected delivery timeline.

3. Design

If the project passes the analysis phase, the development team can move forward with the plans for how the software will be built, the software development life cycle design phase. There are many different aspects to consider when creating a software solution beyond the code itself, including infrastructure, system architecture, and the user interface. It is important to plan ahead and ensure every functional and non-functional aspect is covered, since building all the necessary components without a plan in place could result in costly rewrites.

4. Development

Building software itself is an art that goes beyond simply writing code. Code runs on an infrastructure typically involving servers and networking or a managed hosting platform (such as Azure App Service or AWS Elastic Beanstalk).

DevOps is a best practice that bridges the traditional divide between developers and infrastructure engineers. Recognizing that infrastructure is just as important as code, DevOps engineers are usually part of the development team. They can take care of anything from servers and networking to the CI/CD pipeline.

5. Testing

Developing software is not enough. Before the software is delivered to the client, the team must ensure it is fit for purpose and that there are no significant problems with it:

It is important to catch such problems early on since fixing them becomes much more expensive later on in the SDLC.

6. Deployment

Once the software has been verified as fit for purpose, it’s time to hand it over to the client. Depending on how the project is managed, this could be done in a single step at the end of the project or as part of an ongoing process during development. The software is then set up in a real environment, where the client conducts a round of user acceptance testing (UAT) before signing off and beginning to use it in a production environment.

7. Maintenance

Although deployment is often viewed as the final step in shipping software, it is really just the beginning of its useful lifetime. There is almost always a need to revisit it to fix bugs or add new features. The software supplier will usually provide the client with a service level agreement (SLA) that dictates how any issues with the software should be handled. If significant redevelopment is needed, this could require an entirely new SDLC.

SDLC Methodologies

Today, software projects are usually developed and delivered using agile methodologies. However, there are many other ways of implementing the SDLC. The waterfall model is a more traditional approach, but most see it as outdated. Other approaches, such as the spiral model, are no longer in widespread use.

Waterfall SDLC

The waterfall model is a rigid, linear approach where each phase of the SDLC feeds into the next one. For instance, the development phase must be completed before beginning the testing phase. This approach assumes that all information about a project can be known ahead of time, which is unrealistic in a world where surprises crop up during development and requirements constantly change.

However, the waterfall approach does have its place in mission-critical projects where there is no room for compromise on the requirements or the quality of the deliverable. History has shown several examples in the aircraft and space industries where software bugs have cost lives. In these scenarios, perfection is far more important than the flexibility to adapt and innovate.

Agile SDLC

Recognizing the dynamic nature of software, where requirements could change suddenly even in the middle of development, a group of prominent software engineers published the Agile Manifesto. The publication popularized that software projects needed to respond to change quickly and could not be hindered by excessive bureaucracy.

This has led to an entire family of so-called agile methodologies, including Scrum, Kanban, Extreme Programming, and others. All of these embrace the principles of the Agile Manifesto and implement the SDLC in slightly different ways.

Agile SDLC usually focuses on rapid iteration, meaning deliverables are smaller and more frequent. This has a number of advantages, including:

  • The cost of change is small: If requirements change, you might need to throw away a couple of days—not a whole year—of work.

  • SDLC phases can occur in parallel: A QA team can test a dev-complete feature while the development team works on the next one.

  • More frequent deliverables: This allows the client to see how the software takes shape early in the process. It also enables rapid course correction and prevents surprises later in the process that could be very costly to fix.

The Benefits of SDLC

While in the past, it may have been possible for a single developer to deliver a project solo, today, even building relatively small applications can involve a range of tools, including programming languages, third-party libraries, cloud service providers, containers, as well as SQL and NoSQL databases. As such, almost every project now requires a team and involves many stakeholders—developers, testers, project managers, DevOps or DevSecOps engineers, and the client. SDLC provides a structured approach to keep everyone on the same page and working towards a common goal.

What is the difference between SDLC and SSDLC?

A secure software development life cycle (SSDLC) framework incorporates security throughout the development process, while the traditional SDLC framework defines the process of building an application from initial planning to production operations, maintenance, and eventual decommissioning.

wordpress-sync/ssdlc-2

Implementing Secure SDLC with Snyk

Integrating security into every phase of the SDLC and following the right SDLC best practices is essential.

Snyk, one of the best security tools available, can integrate at various points throughout the SDLC: from our CLI interface, through one-click Git integrations, and by adding Snyk as a failing stage in your CI/CD pipeline. There are different advantages to each starting point—better visibility of the team’s work for Git integrations, safer deployment with CI integration, and so on.

When choosing which starting point best suits your needs, it is important to involve your dev teams so they know to expect this. We also suggest encouraging teams to use our Snyk CLI interface and IDE plugins. The further left you integrate Snyk in the development process, the easier it will be to fix issues that may arise.

The following tools can help to implement a secure software development life cycle:

開発プロセスのセキュリティ確保

Snyk は、開発者とセキュリティチームを結びつけ、大規模な速度とセキュリティを確保します。