Top critical review
3 people found this helpful
Cockburn's approach naive
on August 5, 2001
Being a consultant requirements/acceptance test/systems test analyst working on large business systems using OOA techniques, I was hoping that this would be a significant improvement over e.g. Jacobson and Schneider & Winters.
Cockburn's approach to business use-cases is centred on an actor wanting to achieve a goal rather than a business event/response focus. Although business events are stated as triggers to a use-case, I am not happy with this, as a business event occurrence needs to cause the instantiation of an actor to handle the event. If BPR is part of the programme, the actor may not yet be known, as the determination of actors may be deferred until design, which is possible with the business event/response paradigm.
Cockburn partitions use case scenarios into those which 'succeed', i.e. the actor achieves the goal, and those that 'fail', i.e. the goal is not achieved due to violation of a rule. I do not agree with this view; a use case 'fails' if it puts the business into an undefined state, which must never happen.
The content of the example use cases made no explicit mention of business objects, i.e. the static data-centric viewpoint was completely missing. As a result, I found the use cases to be too imprecise and largely untestable. In order to be precise and unambiguous, business use cases must be written in terms of a static business object model, supplemented with statecharts for business objects with complex lifecycles.
On page 164 Cockburn states that ' business rules do not fit well into the use case narrative'. I totally disagree : business use cases are the dynamic process view, and this is exactly where business rules must be, in their context of application. Business rules are often candidate variation points in a design, but for the designer to make intelligent decisions about them, their context of application to transactions must be clearly defined.
Cockburn's recommended format for use cases is numbered paragraphs detailing the main 'success' scenario, with extensions for other scenarios. He does not recommend if..then..else statements, as he believes this leads to the document being difficult to read. If ... statements have basically been transmuted into extension paragraphs, but this will quickly degenerate into the 'Fragmentary' type of process specification, which is hard work for designers and test analysts.
The section on stakeholders in use cases is focussed on business interests, whereas the focus should be on designers and test analysts as being the primary audience. As a result, the sections on QA and testing are woefully inadequate.
Much is made of 'readability'; in my experience, the reason requirements documents do not get read is because they do not directly tell the the reader what he/she wants to know. Cockburn's method is more compact than the 'Wuthering Heights' and 'Fragmentary styles', but ultimately still falls into this trap.
Overall, I found this approach naïve, there being no evidence of any real analysis or modelling. This is reinforced by the reading list being very short for a technical book and not containing a single 'serious' requirements engineering reference. I also believe Cockburn's approach is dangerous, in that it could lead to a totally false sense of security in the hands of inexperienced practitioners with a low level of knowledge of real requirements engineering.
Although the format is an improvement over the 'Wuthering Heights' and 'Fragmentary' styles of functional requirements specification, the example use cases are at 'Concept of Operations' level, and are not sufficient for process requirements specification. If I were an acceptance test analyst given this content from which to identify test cases, I would know that I would have a lot of work to do; and yes, in my opinion there is a better way......