Requirement Specification
| Document | Requirement Specification |
| Specification name | Requirement specification |
| Author: | Joona Hirvonen, Kuisma Kuivanen, Tomi Isokytö |
| Version: | 1.0 |
| Date: | 21.2.2025 |
Introduction
As a part of the Future Factory 2025 course, we are assigned to build a PrestaShop-based solution designed for businesses and individuals to manage their online stores efficiently.
Client
Our client is a business or individual looking to build, improve, or scale their online store using PrestaShop. They could be business owners and enterpreneurs who want to launch an online store or migrate their services to a more versatile and user-friendly solution.
About the author and project team
The prject team consists of ICT engineering students, ready to apply their expertise to real-world challenges.
Team members
| Name | Description |
|---|---|
| Kuisma Kuivanen | LEAD |
| Riku Voutilainen | SEC |
| Milla Sammallahti | SEC |
| Jere Koskimäki | DEV |
| Tomi Isokytö | TEST |
| Joona Hirvonen | OPS |
Short description of service/solution
The service is an eCommerce platform based on PrestaShop that provides businesses with an easy and scalable way to manage their online store services, including efficient tools to manage inventory, customers and orders.
Target users
- Customers
- Businesses and individuals looking to launch a new online store or migrate their existing e-commerce solution to PrestaShop.
- End users
- Consumers seeking a reliable platform for their everyday online shopping needs.
Business requirements / goals?
| ReqID | Description |
|---|---|
| BUSINESS-REQ-01 | Minimize the risk of data breaches and unauthorized access to sensitive information |
| BUSINESS-REQ-02 | Improve user trust and confidence in the system's security |
| BUSINESS-REQ-03 | We want to ensure that bug fixes are handled efficiently and effectively, preserving the overall quality and performance of the system |
| BUSINESS-REQ-04 | Offer a wide range of pre-integrated payment gateways to meet the diverse needs of customers |
Stakeholder map
Internal stakeholders:
External stakeholders:
Stakeholders and profiles
| Stakeholde/profile | Info / Link to description | Motivation? |
|---|---|---|
| Customers | Businesses or individuals using the eCommerce platform to either buy or sell products | Purchases and sales on the platform |
| Partners | Shipping companies and payment gateways | Secure and reliable payment and delivery services |
| Government | Government agencies eg. Tax administration | Ensuring compliance with taxation laws, consumer protection regulations, and data privacy requirements |
| Competitors | Other open source platforms and eCommerce services | Competes for the customers and market share |
| Investors and lenders | Provide funding to project | Expect return on investment |
| Admin user | Owner or administrator | Supports service users and manages the service |
| DEV user | Platform developer | Supports service users |
| SEC user | Platform security officer | Is responsible of the platform security |
Customer Journey paths in Service/solution
Customer journey path as PlantUML Statemachine -diagram
Preliminary User Storys
| User Story ID | Description / link to issue |
|---|---|
| US120 | Link to user story |
| US194 | Link to user story |
| US191 | Link to user story |
| US015 | Link to user story |
| US192 | Link to user story |
| US104 | Link to user story |
| US105 | Link to user story |
| US101 | Link to user story |
| US030 | Link to user story |
| US032 | Link to user story |
| US106 | Link to user story |
| US093 | Link to user story |
| US098 | Link to user story |
| US099 | Link to user story |
| US097 | Link to user story |
| US019 | Link to user story |
| US037 | Link to user story |
| US005 | Link to user story |
| US012 | Link to user story |
| US007 | Link to user story |
| US038 | Link to user story |
| US010 | Link to user story |
System requirements
This document outlines the software requirements for a cloud-based Software as a Service (SaaS) solution designed to provide users with continuous access and reliability. The service aims to ensure 24/7 availability, allowing customers to utilize its features and functionalities at any time, regardless of their location. A reasonable Service Level Agreement (SLA) will be established, detailing performance expectations, uptime guarantees, and response times for support requests.
| RequirementsID | Description |
|---|---|
| SYSTEM-HW-REQ-0002 | The main services must be at least duplicated N + 1 |
| SYSTEM-HW-REQ-0003 | Server memory capacity> 16GB |
| SYSTEM-HW-REQ-0004 | Intel / AMD x64 processor |
Constraints and standards that affect on service design
Our service must comply with relevant privacy laws and regulations within the European Union (EU) and Finland. This is essential to protect user data and ensure trust in our platform.
Key Privacy Regulations
-
General Data Protection Regulation (GDPR)
- The GDPR is a comprehensive regulation that governs data protection and privacy in the EU. It requires organizations to obtain explicit consent from users for data processing and to provide them with rights over their personal data. -
Data Protection Act (Finland)
- This act complements the GDPR in Finland, providing specific provisions on the processing of personal data, including additional rights for individuals and obligations for data controllers. -
ePrivacy Directive
- This directive focuses on privacy and electronic communications. It mandates consent for storing cookies and similar technologies, ensuring users are informed about data collection practices.
| ReqId | Description |
|---|---|
| CONSTRAINT-REQ-S00000 | The service login process must adhere to laws and regulations specific to the region to ensure compliance and protect user data. |
Service primay features and functionalities
- Functions
- The user can send mail to another person
- The customer receives information about previous selections
- The person can pay the bill
- Describe main features by using Product Mind Map?
It is worth noting that some of the functional requirements are in practice essential functions, i.e. they can be "upgraded" to features. As an example, the Online Banking service has the essential function "payment from account", which is an important feature of the service in practice. Over here there are a number of other smaller and more specific functional requirements associated with functionality If you are asked what the service / software can do, try to identify the most important functions! They are quite certainly essential features. Think about what functions you can do, for example, on the online banking page? What are the most important functions you use most often? Is it worth considering at the definition stage whether all the features are necessary? You should try to group the key features first. The features can be specified by functional requirements, which are called expand the feature description. In practice, the features are larger entities that make up the entire service / software. The Finnish word feature may be a bit misleading, because often when presenting products, the aim is to emphasize its "information security" as a feature of the product. This is not to say that this is one feature of the product software but a general "design philosophy." The product may contain features that allow it to be called secure.
**eg. Priorization of essential features / functions **
- P1 = Mandatory
- P3 = Required
- P5 = Nice to have
Functional requirements of the service
| ReqID | Description | Affected feature? |
|---|---|---|
| FUNC-REQ-C0001 | eg. User profile X is able to authenticate using Faceboot-account | eg. Feature 6 - Service Login |
| FUNC-REQ-C0002 | eg. User profile X is able to create weekly report about selling | eg. Feature 1 - report generator |
Software / service non-functional requirements
Performance Requirements
| ReqID | Requirement | Description |
|---|---|---|
| PERF-REQ-0000 | Response Time | The gateway service should respond to requests within a specified time frame under normal load conditions |
| PERF-REQ-0001 | Throughput | The gateway service should be able to handle a certain number of requests per second without degradation of performance |
| PERF-REQ-0002 | Scalability | The gateway service should be able to scale up to handle increased load, either by adding more resources (vertical scaling) or by distributing the load across multiple instances (horizontal scaling) |
| PERF-REQ-0003 | Availability | The gateway service should be available for use a certain percentage of the time, often expressed as a "five nines" (99.999%) availability requirement |
| PERF-REQ-0004 | Resilience | The gateway service should be able to recover quickly from failures and continue to function |
Security Requirements
| ReqID | Requirement | Description |
|---|---|---|
| SEC-REQ-001 | Authentication | The system requires strong authentication mechanisms from the users. |
| SEC-REQ-002 | Data Integrity | The system must ensure that data, such as customer data, is not tampered with. |
Accessability Requirements
| ReqID | Requirement | Description |
|---|---|---|
| ACC-REQ-0000 | Keyboard Accessibility | All functionality must be operable through a keyboard interface. |
| ACC-REQ-0002 | Text Alternatives | Provide text alternatives for any non-text content. |
| ACC-REQ-0003 | Time-based Media | Provide alternatives for time-based media, such as captions for videos. |
| ACC-REQ-0004 | Adaptable | Content must be presented in ways that can be perceived by all users, including those with disabilities. |
Quality Assurance
- Link to Master Test Plan
Preliminary Acceptance Tests
| AcceptanceTestId | Description | Feature |
|---|---|---|
| ACCTEST001 - Acceptance Test 1 | eg. Verify login as new user | Feature X |
| ACCTEST002 - Acceptance Test 2 | eg. Verify remove of personal data | Feature Y |
| ACCTEST003 - Acceptance Test 3 | eg. Verify login with correct password | Feature Z |
Software architecture, placement view, database description, and integrations
Software implementation requirements can be set for pre-defined technologies that must be followed in development. This situation often occurs when the software is related to a previously implemented solution
- Link to Software architecture
Deployment diagram
Integrations with other systems
- Link to Software architecture
General view of integrations as UML Deployment Diagram
OR
** Describing integration as a sequence diagram **
Standards and sources
- General Data Protection Regulation (GDPR): This regulation protects privacy and gives individuals control over their personal data.
- ePrivacy Directive: This directive complements the GDPR and provides rules on confidentiality of communications and tracking technologies such as cookies.
- Directive on the legal protection of computer programs ('Software Directive'): This directive protects computer programs by means of copyright.
- Directive on the enforcement of intellectual property right ('IPRED'): This directive enforces intellectual property rights.
- Directive on the legal protection of databases ('Database Directive'): This directive protects databases.
- EU Cybersecurity Act: This act ensures safer hardware and software.
- Digital contract rules: These rules make it easier for consumers and businesses to buy and sell digital content, digital services, goods, and 'smart goods' in the EU.
Please note that these are just a few examples and the specific laws and rules may vary depending on the context and the specific needs of your software service. It's always a good idea to consult with a legal expert to ensure compliance with all relevant laws and regulations.