WITN05970143
WITN05970143
RESTRICTED - COMMERCIAL
benefits
BA/POCL Programme Delivery Authority
agency
From: Jeremy Folkes
Date: 19% January 1998
JOHN MEAGHER File: j£/22jm0119.doc
John
FORTNIGHTLY REPORT - period to 19/01/98
Main activities for the period
a)
.
for John:
EPOSS - been involved in two workshop sessions on Pathway’s implement
EPOSS, plus further off-line analysis
testing/acceptance - working on initial version of “Route to Acceptance
through Testing and Assurance paper”.
tion of
managing Product Assurance review of “Joint Testing Agreement” and “E2E/MOT
Testing Approach”
miscellaneous other pseudo-intellectual discussions
for Gareth:
completed various outstanding activities relating to physical security of
Pathway sites
small amount of work re R2 exclusions etc
2. Activities planned for next period
a) for John:
* EPOSS - further workshops, including Shared Stock Units and Data Resilience.
Work with Product Management in identifying non-compliances and impacts of
Pathway’s impleme: Expect to need fairly heavy involvement in
area over next two »
© testing/acce; ng with Testing (SR) and Acceptance (MR) this week
* draft “Route to Acceptance” paper to be issued for comment and infill by the
relevant groups
b) for Gareth:
* two sessions on Release 2 Hangouts and on Helpdesk Authentication (likely to
be more significant amount of time this week on Security)
* work on physical security with Pathway (review of issues from site visits,
Huthwaite visit etc)
3. Current Issues and Concerns
Testing/Acceptance: Documentation from PDA Testing at Borough re Model
Office and End to End still steadfastly ignoring anything to do with
Acceptance. Hopefully will be some change of direction following the “week
long workshop” this week, given Mary’s involvement.
Release 2 and Acceptance: Given the nature of the hangouts for Nile 2, a
significant number of acceptance criteria (eg for security) are likely to be
“unacceptable” until a subsequent release. Are we content that we understand
WITN05970143
WITN05970143
RESTRICTED - COMMERCIAL
the contractual and other implications (eg re Op Trial, Rollout etc) of
“partial acceptance”?
© EPOSS - application: Evidence emerging from the EPOSS workshops that the
emerging product is likely to be non-conformant in a number of areas, and
will miss the (possibly unwritten) business rules in a larger number of
areas. The product does not appear to be at the stage one would expect given
the closeness to entry to a testing phase - Pathway admitted to several
“holes” where they don’t yet have a solution (eg Cash Account).
¢ EPOSS ~ design approac. Very concerned about Pathway’s (apparent) design
approach for EPOSS, which is totally inappropriate for an application of this
complexity - appears to be based on reverse engineering a product which has
been cobbled together first by someone who is no longer with Pathway (and
left little documentation) and since by Escher. This a very dangerous
approach for a product of this nature and importance, and I do not believe
that the risk can be adequately mitigated through testing alone.
e EPOSS - failure conditions: Significant concerns re operation of EPOSS - and
the office platform in general - during ‘everyday’ failure conditions, such
as loss of a terminal or of LAN connectivity, but similar issues likely to
emerge in non-failure conditions with shared stock units. Pathway’s problem
is basically that Riposte gives high integrity for data held on a “per
terminal” basis - whereas the business requirement is for data to be
accounted for on a “per SU” basis; they need to build the integrity for the
latter using the facilities provided by the former. Trying to meet this need
without a rigorous design method, and without proper failure analysis, is
unlikely to succeed. Pathway appear not to understand the business impacts
of failure of the accounting process (as opposed to failure of a transaction)
and appear to want to rely on the “it’s not going to happen” philosophy.
{Same may be true of other applications, given Release ic experience, but
have less visibility].
¢ Non-ISDN: Pathway appear, at the working level, to have suspended work on a
non-ISDN solution (eg VSAT) at least partly on the grounds that “Pathway
Lite” would negate the need. This may leave us at Release 2 with no non-ISDN
solution - and PSTN, even though mentioned in the SADD, is not part of
“Solution”.
Jeremy