# Part II: User Requirement Specification ## 1. Back ground Information Under the rapid development and popularization of e-commerce in 21st century ,people prefer to handle things through their moblie phones and computers that they can do it anywhere and anytime they like. So,to satisfy the variety request of customers and have a better management system.Most stores choose to create their own APP or WEB for the daily management and customer business which is faster、more accurate and more convenient than manual works.With the help of digital management the staffs can avoid repeating boring tasks to have a better working experience,as for the managers they can check the running status anytime on the digital plantform. > *2015-2020 Global online shopper size(hundred million)* DataSource: iiMedia Research >  ### 1.1 GetFreshFood #### 1.1.1 Basic Information GetFreshFood is a supermarket which sells a large variety of products ranging from foods to household.Now they have issues on their working practises which are inefficient and problematic compare to other grocery stores which has the help of digital management. Thus they decided to implement comprehensive IT solutions to help automate the operation of the supermarket. Internal staff arrangement： - 6 cashiers - 20 promoters - 4 StoreMan Working In shifts:7am to 3pm and 3pm to 10pm 3 cashier、10 promoters、2 storeman for each shift. #### 1.1.2 Problems to be solved *By studying their working practice here are the main problems occured.* - Managers—looks after the overrall operation of the store - Classify the sell speed of each produce - Promoters—incharge of a set of products and their designated shelves - Record the num of wasted goods accurately - Label the price of each produce accurately - Cashier - Enter the price accurately - List of the number of each product sold accurately - StoreMan - Feeling tedious about maintaining the inventory of all the goods - The numbers recorded in the inventory do not tally with the actual goods. Plus,To increase the customer number and overall sales while keeping up with the automatic operation.The GetFreshFood would like to have a end-to-end customer services and a digitised shop floor that is linked to the backroom store too. >  ## 2 . Overview of in scope and out of scope content ### 2.1 Project objectives Realize the transformation of getfreshfood from traditional supermarket to modern digital supermarket, and realize global supply and chain management. **Including but not limited to the following functions:** + Build an online e-commerce platform to expand the business of get fresh food. + Process user orders and manage and distribute them as required. + Manage the inventory of goods stored in the warehouse and the loading and unloading of goods. + Manage employees and permissions, and facilitate employees to operate the whole system.  ### 2.2 Project scope 1. Project management plan 2. Project demand analysis 3. Project outline design 4. Detailed design of the project 5. Coding implementation 6. Project test and commissioning 7. Project delivery and deployment ### 2.3 Excluded scope 1. This project is the construction of an industrial defect detection system for aluminum sheet surface based on FPGA platform, excluding the maintenance work after the platform is applied in actual use. 2. This project does not involve the fund flow between the external party and the merchants, so it does not include the external interface to each payment platform. 3. This project only includes the software development and initial deployment of the aluminum sheet surface industrial defect detection system based on FPGA platform, excluding the procurement or provision of hardware equipment required for software deployment. 4. New requirements and functions proposed by customers in the future are not within the scope of responsibility of the project. ### 2.4 Responsibilities of both parties #### 2.4.1 Responsibilities of Party A（Get Fresh Food） Party A (the client) shall dispatch the client's representative to provide the demand description documents and materials on time; It is necessary to confirm the functional design scheme submitted by Party B, and timely communicate and feed back the modification opinion form if there are any opinions; Confirm the model analysis and channel analysis submitted by Party B; If there is any change in the original demand during the development process, please fill in the demand change form and submit it to Party B; Timely cooperate with Party B in software testing and trial operation, and give feedback to Party B in a timely manner. Please use the modification opinions of * mm / DD / yyyy for the feedback form; Have the right to conduct quality inspection on the project at key points of the project; Provide software and hardware equipment, communication lines, system safety facilities and other operating environment required for software operation; Accept the project implementation results and issue the acceptance conclusion report; Be responsible for paying the amount agreed in the contract to Party B; If there is any requirement other than the original requirement, the new requirement description document shall be provided;. Cooperate with the development team to complete the project demand analysis, provide the help of demand research, participate in the docking with the customer manager, and confirm the development progress of the project. If there is any demand change outside the contract, Party B shall obtain the evaluation and approval of Party B and supplement it into the contract. #### 2.4.2 Responsibilities of Party B（Team1） Party B (development team) shall carry out the functional design scheme according to the specific needs of Party A, and communicate with Party A in time to ensure that the design function meets the actual operation and management needs; Conduct model analysis and channel analysis according to the software design determined by Party A; Be responsible for the code preparation of software to ensure that the software is reliable and the operation data is accurate to complete the development work; After receiving the demand change form, Party B needs the person in charge of the project team to conduct demand assessment and communicate with Party A in a timely manner; Timely modify the modification opinions put forward by Party A, and notify Party A of test and trial operation after modification; Assist Party A in quality inspection and provide necessary materials and information; Be responsible for deploying the accepted procedures on Party A's server; Be responsible for training Party A's personnel and providing operation instruction documents; Be responsible for the maintenance within the maintenance period agreed in the contract; After receiving the new demand, the person in charge of the project team shall conduct demand assessment and cost assessment and communicate with Party A in a timely manner. The requirements shall be completed in strict accordance with the scope specification of the project, the contract documents shall be prepared, the development shall be carried out according to the development plan agreed by both parties, the system meeting the requirements and standards of Party A shall be developed, and the deliverables including the system, user instructions and technical documents shall be delivered. In case of other emergencies, Party A shall be contacted in time. During the construction period of the project, the iteration results in each iteration of the project shall be submitted according to the time arrangement in the acceptance process, so that the customer can understand the project progress. ## 3. Acceptance criteria ### 3.1 Project acceptance criteria 1. Completion of project tasks: confirm that the work within the project plan has been completed. 2. Project related documents, such as project plan, drawing change application, test report, etc. 3. Inform customers and other related parties to participate in project acceptance and review. 4. Necessary testing and deployment, and project delivery results meet customer requirements. 5. Sign on the acceptance document to confirm the acceptance conclusion. ### 3.2 Work acceptance criteria The team1 project development team shall complete their assigned work according to the WBS requirements, and the personnel who fail to complete their work on time shall be evaluated. ### 3.3 Project acceptance process #### 3.3.1 Acceptance application #### 3.3.2 Acceptance preparation The acceptance preparation stage is mainly to establish the acceptance organization according to the project situation, and determine the acceptance method, acceptance content, standard and acceptance conditions. 1. Establish an acceptance team. The acceptance team is mainly composed of the user department, information technology department, bidding department, finance department and other departments. This work requires the participation and approval of leaders. In addition, for projects with relatively large amounts, shareholders' representatives can also be applied to participate if conditions permit. 2. Determine the acceptance strategy. The acceptance team determines the method of project acceptance according to the characteristics of the project, i.e. whether it is necessary to carry out acceptance by stages, complete the division of acceptance stages, and formulate relevant acceptance plans. Generally, for complex projects, preliminary acceptance by stages is required, and the division of stages also needs to be communicated and confirmed with the supplier. 3. Determine the acceptance contents and standards. According to the acceptance strategy determined above, the conditions of acceptance at each stage, the contents to be accepted, the criteria for passing the acceptance, and the list of subclasses to be submitted are specified. It is worth mentioning that the acceptance contents include the acceptance items of time schedule. 4. Leader approval. The leader shall examine and approve whether the acceptance stage, acceptance contents and standards determined by the acceptance team are reasonable. ### 3.4 Preliminary acceptance The preliminary acceptance is mainly to complete the preliminary operation of the software and hardware system. The IT project may involve the acceptance of hardware equipment, the acceptance of software system, and the acceptance of software and hardware 1. Acceptance application. When the supplier considers that the acceptance conditions are met, it will submit for acceptance. 2. Check whether the acceptance conditions are qualified. After receiving the acceptance application from the supplier, the acceptance team shall review whether it meets the acceptance conditions. 3. The supplier shall rectify. If the acceptance team considers that the acceptance conditions are not met, the supplier will be required to make rectification. The supplier will make relevant rectification according to the rectification opinions put forward by the acceptance team, and submit it for acceptance again after the rectification is completed. 4. Judgment of acceptance type. The acceptance team will conduct preliminary acceptance according to the nature of the project and the software and hardware systems. 5. Hardware equipment arrival acceptance. When the hardware equipment arrives, the supplier will request the arrival acceptance. The acceptance team will inspect the brand and specification of the equipment according to the contract and the acceptance content, check whether the equipment is complete and record whether the arrival time of the equipment meets the requirements. 6. Verification of customs declaration, warranty card and instruction manual. The acceptance team shall check whether the warranty card and instructions of the equipment are accurate. In addition, for imported equipment, it is necessary to check whether the customs declaration of the equipment is correct and effective. 7. Integration debugging. After the arrival acceptance is qualified, the supplier shall carry out the integrated commissioning of the equipment. 8. Commissioning acceptance. Commonly known as commissioning acceptance, after the supplier completes the integrated commissioning of the equipment, it will be submitted for commissioning acceptance. The acceptance team needs to carry out relevant acceptance item by item according to the acceptance content. 9. Software system function verification. Software use department] according to the requirements or acceptance contents and standards, carry out detailed verification tests on software system functions, and the acceptance team supervises and summarizes the test results. 10. Software system performance verification. The information technology department shall conduct technical tests on the performance of the system from the perspective of technology, and the acceptance team shall supervise and summarize the test results. 11. Data acceptance. The acceptance team shall check the submission of data item by item according to the requirements of the acceptance preparation stage, including the program source code, operation manual, training data, test report, process data, etc. required in the contract. 12. Comprehensive evaluation. The acceptance team summarizes various acceptance materials of the project at this stage and makes collective comments on the acceptance of the project. 13. Inspection and acceptance. The acceptance team will judge whether the acceptance is qualified according to the comprehensive evaluation, and put forward rectification opinions for the unqualified parts. 14. Carry out rectification. If this acceptance fails, the supplier shall make relevant rectification according to the requirements of the acceptance team. 15. Re inspection. After the supplier completes the rectification, the acceptance team will organize re inspection. 16. Check whether the preliminary acceptance is passed. If this acceptance is passed, the acceptance team will check whether the acceptance of each stage involved in the preliminary acceptance is completed. If the preliminary acceptance is completed, it will enter the formal operation stage; If there is a subsequent acceptance stage, steps 5 to 19 will be repeated until all subsystems are accepted. For some special projects subject to relevant laws and regulations of the state or regulatory authorities, whether they pass the relevant external acceptance will be the basis for the initial acceptance of the project. For example, the computer room project needs to pass the acceptance of the fire bureau, the power department and other departments, and the network system needs to pass the acceptance of the CIRC. ### 3.5 Acceptance test Acceptance test is the last quality inspection activity conducted by the user before the software product is put into practical application after the software development is completed. It needs to answer whether the developed software product meets the expected requirements and whether the user can accept it. As it is not only to inspect the quality of a certain aspect of the software, but also to conduct a comprehensive quality inspection and determine whether the software is qualified, acceptance testing is a strict formal test activity. The software acceptance test is divided into three parts: document code consistency review, software configuration review and executable program test. The sequence can be divided into document review, source code review, configuration script review, function test and performance test. #### 3.5.1 Document review The main requirements of document review are to ensure that all processes of software development are under the control of submitted documents. The specific requirements for documents are as follows: (1) Completeness of documents: whether all documents are submitted according to the requirements of the contract and its attachments; (2) Content pertinence: refers to whether the document is required by Party A; (3) Content adequacy: refers to the comprehensive and detailed degree of the document; (4) Value of documents: the documents should be able to reflect the whole process of software development, that is, the functions mentioned in the requirements are reflected in the outline design, implemented in the detailed design, and tested in the test plan; (5) Content consistency: whether there is any inconsistency; Whether the functions mentioned in the requirements specification are not involved in the general design and detailed design; (6) Literal clarity: do not use ambiguous sentences such as "may", "may" and "to be determined"; (7) Legibility: the content that can be clearly explained in one document shall not be divided into several documents as far as possible, and circular reference shall not be allowed. The document directory is clear at a glance and the structure is clear #### 3.5.2 Source code review The main requirements of source code review are to ensure that the developer delivers all source programs to Party A and that the delivered code has no copyright problem. The specific requirements for source code review are as follows: + **clear copyright** 1. Where the copyright is noted in the submitted code, the copyright notice shall be removed, or the copyright shall be declared to be owned by Party A. 2. For controls that can be used with the permission of Party A, the developer shall provide a commitment without copyright dispute. Other controls with source code need to be placed directly in the project file of the compilation environment as part of the submitted code. No additional settings are required during compilation and release. + **code integrity** 1. The developer must deliver all the codes that meet the user's requirements to Party A. 2. Unless approved by Party A, the control used must also have source code and be authorized to use; 3. Program files containing development tools; It is required to be able to compile and run normally in Party A's computer; Unless permitted by Party A, there is no need to install plug-ins or controls of development tools when compiling in Party A's computer. + **high readability** Notes are the concrete embodiment of software readability. The amount of program comments shall not be less than 30% of the amount of program code. Program comments cannot be written in abstract language (such as "processing", "loop", etc.), and the processing description of the program should be accurately expressed. In order to avoid using comments for each line of programs, you can add a section of comments before a section of programs, and some processing logic. #### 3.5.3 Configuration file review For B / s programs, deployment and maintenance is the longest process in the software life cycle, and the review of configuration files is particularly important. The audit requirements for configuration files are completely consistent with those for source code. #### 3.5.4 Preparation of test cases and review of test procedures and scripts This process is to check whether the program compiled through the source code meets the design requirements after the document review and the configuration script review. The inspection methods are mainly functional test and performance test; At this stage, the features included in the design and related tests shall be completed, and the test cases and test procedures required for the test shall be completed, and the passing criteria of the features shall be specified. This safety and reliability test Because the safety and reliability of software system is the most important link for users. So that the test content is relatively large. It mainly includes the following items. ① User permission restriction test: this test mainly examines whether the system has user login permission and the rationality of permission allocation. For example, the difference between the authority range of super users and ordinary users, whether the authority setting meets the user's needs, and whether the system has the screening function for user names and passwords. ② Trace function test: trace function is particularly important in many fields, especially in the financial field. Its purpose is to provide accurate and reliable traces of system operation and data operation for the system supervision department. It is mainly reflected in the user operation log. Therefore, special attention should be paid to the integrity of the operation log and the safety and reliability of the storage in the detection of the marking function. Including the user's login time, modification and deletion action and departure time. ③ Shielding user operation error response test: this test mainly detects whether the software system has a limit on the number of user error logins, whether the user's error operation can be shielded and relevant prompts are given; Whether the wrong operation causes the system to exit abnormally, etc. Since various operations and data used in the process of system development are within the normal range, such tests are ignored, which makes such problems occur frequently in the application process and affects the normal use. ④ System backup and recovery means test: in the network system, whether effective backup and recovery is one of the signs of system maturity. At present, most software systems rely on third-party backup systems. Due to various problems such as compatibility, the expected effect is often not achieved. Therefore, the system software with complete backup and recovery means will be favored by users. ⑤ Validity test of multi-user operation input data: this test is mainly to test the locking function of database records. The test standard is that the software system can judge the validity of data and avoid the generation of invalid data when multiple users operate at the same time within the specified range. Since it is necessary to simulate the simultaneous operation of multiple users, the software test tools that have been used at home and abroad can be used to ensure good test results. ⑥ Test on the impact of abnormal conditions and network faults on the system: this test is mainly for the software system running in the network. Because unexpected problems such as broadcast storm are often encountered in the network operation, and with the increasingly extensive use of the network, such problems will become increasingly prominent. The main content of the detection is how the network fault will affect the running software system. At present, there is no unified standard for such tests. It generally means that the data and system in the database will not be affected in case of sudden power failure or network failure during the operation of the program, and the system can ensure the integrity of the data in case of failure, and the system can operate normally after troubleshooting. #### 3.5.5 Integration test / pressure test Common black box tests include integration test and system test. Problems that can not be reflected in some parts of the program may be exposed in the whole and affect the realization of functions. Through the joint test of various components of an application system, we can determine whether they can work together and whether they can meet the functional requirements when working together. #### 3.5.6 Acceptance test The purpose is to check whether the software to be accepted maintains good compatibility with the platform and other software. ### 3.6 Acceptance conclusion (performance evaluation standard) At the end of the acceptance, fill in the acceptance conclusion according to the above documents and evaluate the quality of the software 1. Excellent + Material integrity + The software can operate normally + Realize the functional requirements required by the project software requirements specification + The software interface is friendly and easy to interact + The software has novel functions and strong innovation 2. Qualified + The materials required by this standard are complete + It can operate normally and realize functions that reach more than two-thirds of the requirements of the software requirements specification 3. Unqualified + Incomplete materials required by the standard + The software cannot run + The main functions required by the software requirements specification are not realized + Inaccurate description of software operation and installation documents ## 4. Two important Personas for the system and Their customer journey ### 4.1 Two Persona #### 【The Picture 4-1 ： "Persona of Branch Manager"】   #### 【The Picture 4-2 ： "Persona of Store Man"】   ### 4.2 Customer Journey #### 【The Picture 4-3 ： "Journey of Branch Manager"】  #### 【The Picture 4-4 ： "Journey of Store Man"】  ## 5. Use case analysis ### 5.1 User Stories derived from the two Personas #### 【The Picture 5-1 ： "User Story of Branch Manager"】  #### 【The Picture 5-2 ： "User Story of Store Man"】  ### 5.2 System Use Case Model(full automation) #### 【The Picture 5-3 ： "System Use Case Model"】  ## 6. System Use Case Model(full automation) ### 6.1 Online shopping Part #### 6.1.1 Function introduction E-commerce platform procurement + scheduled delivery process,Customers log in to select goods, confirm orders, and order delivery. As well as the management of customer orders and the processing of delivery orders by employees. ### 6.1.2 Activity diagram for use case #### 【The Picture 6-1-1 ： "Activity diagram of Part1"】  ### 6.1.3 Class diagram #### 【The Picture 6-1-2 ： "Class diagram of Part1"】  ### 6.1.4 Screen/Print out design #### 【The Picture 6-1-3 ： "Screen1 of Part1"】 Online Shopping Page(Moblie End).  #### 【The Picture 6-1-4 ： "Screen2 of Part1"】 Customer order creation page(Mobile End).  #### 【The Picture 6-1-5 ： "Screen3 of Part1"】 Online Shopping Page(Moblie End).  #### 【The Picture 6-1-6 ： "Screen4 of Part1"】 Customer order creation page(Web End).  #### 【The Picture 6-1-7 ： "Screen5 of Part1"】 order management page.  ### 6.2 Checkout and Record Part #### 6.2.1 Function introduction This part will take the place of cashiers. It helps check out for clients and report the daily sale of goods to the managers and the storage men. #### 6.2.2 Activity diagram for use case ##### 【The Picture 6-2-2 ： "Checkout and Record the Items(Activity)"】  #### 6.2.3 Class diagram ##### 【The Picture 6-2-3 ： "Checkout and Record the Items(Class)"】  #### 6.2.4 Screen/Print out design ##### 【The Picture 6-2-4 ： "Confirm Order"】  ##### 【The Picture 6-2-5 ： "Report to manager and store man"】  ### 6.3 Managing Damaged or Expired Goods (Store Man) #### 6.3.1 Function introduction This function is designed for Store Man, the staff who manage the inventory of the grocery branch. This function includes user logging into the system, system automatically shows expired or damaged goods with generated diagrams, and user place new order to resupply these abnormal goods. ### 6.3.2 Activity diagram for use case #### 【Picture 6-3-1 ： "Activity diagram of Part3"】  ### 6.3.3 Class diagram #### 【Picture 6-3-2 ： "Class diagram of Part3"】  ### 6.3.4 Screen/Print out design #### 【Picture 6-3-3 ： "Index of Management System"】  #### 【Picture 6-3-4 ： "Abnormal good list of Management System"】  #### 【Picture 6-3-5 ： "Expired good list of Management System"】  #### 【Picture 6-3-6 ： "Damaged good list of Management System"】  #### 【Picture 6-3-7 ： "Inventory visualization of Management System"】  #### 【Picture 6-3-8 ： "New order page of Management System"】  ### 6.4 Customer Service #### 6.4.1 Function introduction This part meant to offer help when customer meet questions #### 6.4.2 Activity diagram for use case #### 【Picture 6-4-1 ： "Activity diagram of customer service"】  ### 6.4.3 Class diagram #### 【Picture 6-4-2 ： "Class diagram of customer service"】  ### 6.4.4 Screen/Print out design #### 【Picture 6-4-3 ： "Customer page of customer service"】  #### 【Picture 6-4-4 ： "Staff page of customer service"】  #### 【Picture 6-4-5 ： "ChatRoom page of customer service"】  ### 6.5 IOT storage system #### 6.5.1 Function introduction This part is the function of IOT storage management system. We use this system to store and manage the goods, giving support to the e-commerce platform. #### 6.5.2 Activity diagram for use case #### 【Picture 6-5-1 ： "Activity diagram of IOT storage system"】  ### 6.5.3 Class diagram #### 【Picture 6-5-2 ： "Class diagram of IOT storage system"】  ### 6.5.4 Screen/Print out design #### 【Picture 6-5-3 ： "page of IOT storage system"】   ## 7. System Architectures (High level diagram) ### 7.1 Diagrams #### 【The Picture 7-1 ： "System Architecture 1"】  #### 【The Picture 7-1 ： "System Architecture 2"】  ### 7.2 System Architecture and Technical Analysis #### 7.2.1 Actual Requirements 1. To build an online E-commerce platform to expand company's business. 2. To manage products stored in the warehouse. 3. To manage staff and make it convenient for staff to work using the system. #### 7.2.2 Overview The GetFreshFood™ Supermarket Management System has five modules: Central Control System, Data Storage System, OA System, E-commerce System and Automated Warehouse Management System. #### 7.2.3 Central Control System The Central Control System is consists of 2 parts: Overall Control Program and Gateway. ##### Overall Control Program The Overall Control Program is the central assembly that controls the GetFreshFood™ Supermarket Management System. Its functions are as follows: 1. Perform CRUD operations on the Data Storage System. 2. Perform access commands on the Automated Warehouse Management System. 3. Receive commands from Gateway. Receive and execute commands from OA System and E-commerce System. 4. Perform system logging, system security and system backups, etc. ##### Gateway Gateway functions are as follows: 1. Isolate the OA System and the E-commerce System to ensure system integrity. 2. Coordinate the communications between the CDN load-balancing server and the Central Control System. 3. Manage the reception and transmission of external information on the LAN of the OA System. #### 7.2.4 Data Storage System The Data Storage System is a highly automated system in which we use a three-pronged approach to assist the data management of CDN: Message Queue, Redis Memory Cache Database and SQL Server Database. This system is controlled by the CDN coordinating processing server automatically or controlled by the central processing server, and no one except the highest authority administrator can change its content. The Automated Warehouse Management System will issue change instructions through the Central Control System. The control flow of this system is as follows: 1. The message queue collects instructions from the Central Control System and buffers them in the SLB for processing. 2. SLB distributes the instructions to each server. 3. The CDN processes the corresponding data and caches the results in Redis or returns the response results. 4. Redis periodically synchronizes data to the SQL Server. #### 7.2.5 OA System The OA System is an office system specifically designed for company staff and managers. The people mentioned above could access the business status of the entire company while giving instructions via corresponding office apps or terminals. We used a secondary routing to separate different parts of the system to have easier control while assuring no data loss and responsibility mix-up. Meanwhile, all the instructions and data will access the Central Control System through an external gateway before being dispatched to separate systems. Since this OA System is where the majority of admin permission accounts and high privilege commands originate, we created a low-level gateway and secured system to counter potential cyberattacks and mis-operations. We also set the corresponding roll back, backup and log system in the Central Control System. This OA System contains the following subsystems: 1. Staff Management System: for managing all employees' daily work and attendance. 2. Finance Management System: for auditing overall flow of funds. Including cashier system, cost management system, payroll system, turnover system, etc. 3. Command Operating System: for processing employees' access and control commands to the entire system, and using the authority classification system to strictly control security issues. #### 7.2.6 E-commerce System In the E-commerce System, we have taken into account the high-concurrency and high-complexity data management issues including the number of visits of more than 10 million individuals and the overall planning of inventory. Therefore, we decided to use SLB with CDN to coordinate the problem of high concurrency in multiple places. When highly concurrent data is sent to our servers using this method, the load balancing and access balancing servers distribute the access data to each server for processing, and the server then synchronizes the data of the entire system through the synchronization system, ultimately achieving the goal of high concurrent processing. Based on this, we will create a complete e-commerce system using the front-end and back-end architecture of SpringBoot with Vue. At the same time, all other command operations except operation and maintenance will be communicated from the intranet through our network system to achieve a good confidentiality and security effects. In this process, our data and instructions will all be formatted as JSON formatted data for transmission. Features of this system include: 1. Complete service from placing an order to charging. 2. Complete internal product recommendation function. 3. Utilize the promotion services of other e-commerce platforms. 4. Applicable to multi-platform and multi-terminal APP or front-end interface of web page, etc. #### 7.2.7 Automated Warehouse Management System Finally, there is the automatic storage system, which is a fully automatic logistics storage system. There are five major modules in it: the mechanical control system, the storage monitoring system, the temperature and humidity control system, and the system for adjusting feedback. Its internal processes and functions include the following: 1. When an external command is received, the logistics control system instructs the mechanical control system to control the conveyor belts, mechanical arms, and other mechanical facilities to automatically obtain or store the required goods, while also feeding back to the logistics control system and finally providing feedback on whether the database was successfully accessed. 2. The warehousing monitoring system uses the sensors on each shelf, including infrared, weight, light, etc., to judge whether the goods are different from the records at regular intervals. These record files will be stored in the data storage system through the logistics control system. Simultaneously, the temperature and humidity sensor will provide real-time feedback to the temperature and humidity control system to ensure the freshness of the food. 3. The feedback adjustment system will intelligently analyze the past access data, adjust the overall access process and provide suggestions on the amount of purchases. ## 8. Nonfunctional Requirement ### 8.1 System Performance Requirement System performance analysis plays a very important role in the overall system analysis. We will mainly analyze the delay of the system and the storage occupancy rate of the system. #### 8.1.1 System Latency The system latency mainly affects the user experience and the overall operation efficiency. We need to test and analyze the following code channels: 1. latency of access instruction from the OA system to the storage system: The scenario corresponding to this process is the total time from the system receiving the instructions to the completion of all operations and feedback to the employees when the employees issue access instructions to the warehouse. 2. The latency of the access instruction from the back end of the e-commerce platform to the storage system: The scenario corresponding to this process is the overall time from the receipt of the order to the completion of the operation and feedback to the customer after the customer has paid the payment, the system will automatically issue the access instruction to the warehouse. 3. latency of update instruction from OA system to data storage system: This process corresponds to the total time from the end of the system update to the feedback when the employee has other data, such as financial data, which needs to be updated. 4. latency of update instruction from storage system to data storage system: This process is to store the new status in the database every time the storage system accesses or updates the internal goods using the IOT system. We need to know the overall running time of this process. 5. The latency of a single purchase order from the front end to the back end and getting feedback: The speed of data interaction between the front and back ends is tested here. Since our system classifies the overall permissions, we need to test the speed of this module separately. 6. Time of CDN + SLB system caching and synchronizing data: This technology itself is prepared for dealing with high concurrency environments. Therefore, we need to test the average response time by stress testing. 7. Average cache instruction time of message queue of central control system: We use distributed technology to process message queues on the bus, but we still need to know how long it takes for the central control system to allocate these simple instructions. 8. Mechanical operation feedback time of storage system: The storage system uses IOT technology to reduce the use of manpower. Therefore, we need to know the individual consumption time of mechanical parts. 9. Overall operation time of IOT system: How long does it take from the monitoring of the IOT control program to the corresponding data to the completion of the overall command operation, including the reading and writing of the database. 10. Read / write jam caused by log update: Because the system log has the highest read / write lock permission, it is extremely easy to cause the whole system to lock up when reading / writing the log, and then cause our system to get stuck. We need to know how much time this process will take. 11. Jamming caused by monitoring system log reading and writing: Different from the system log, this part mainly refers to the videos stored by CCTV and other warehouse monitoring systems. This part of data is stored in the warehouse's own storage system. Therefore, we need to deal with this part of latency separately to prevent it from affecting the access speed of the warehouse. 12. Network latency caused by gateway: The central control system has a gateway that controls the overall network system. We need to know the latency of this gateway. Performance strategy goal is to generate to arrive in system based on time under the constraint of the incident response. The event can be a single event, can also be a flow of events, or perform calculations of the trigger. Performance control strategy to generate response time. After the arrival of the event, but any time before the system complete response, system or responding to events, or processing was blocked for some reason, which leads to the response time of the two basic factors: processing time (response) system and blocking time (no response) system. #### 8.1.2 System Storage Occupancy The system storage occupancy rate will affect our operation efficiency from the following aspects: 1. When the cache in the SLB is frequently replaced, a large number of cache misses will occur, which is very fatal to the efficiency, because the reading speed of the cache is dozens of times that of the static database. 2. When the database itself is about to store full data, the performance of the database will show a downward trend. Therefore, we need to know when its impact on the operation efficiency is unacceptable. 3. The physical storage space of the storage system itself is limited. We need to optimize the purchase strategy and the storage management strategy to ensure that the mechanical system will not be inefficient. This involves a series of algorithms such as the addressing of the robot arm. 4. If our message queue is full, some instructions may be lost and actual losses may be caused. We need to know when this happens. #### 8.1.3 Technology of test the performence The technology we use to test software performance: 1. Benchmark test Benchmark test refers to the quantitative and comparable test of a certain index of a type of test object through the design of scientific test methods, test tools and test systems. 2. Pressure test By constantly exerting pressure on the software system and identifying the inflection point of the system performance, the test activities of the larger service sectors provided by the system can be obtained. The main purpose is to check the application performance of the system under pressure. 3. Load test By increasing the pressure in the tested system until the performance index limit is reached. The main purpose is to find the limit of system processing capacity in a specific environment. 4. Concurrent test It mainly refers to whether there are hidden concurrency problems when testing multiple users accessing the same application, module and data concurrently, such as memory leakage, thread lock and resource contention. Almost all performance tests involve concurrency testing. The main purpose is not to obtain performance indicators, but to find and cause problems. 5. Fatigue test The main purpose is to verify the reliability of the system operation by allowing the software to run for a long time under a certain amount of access to check how long the system performance will decline significantly. 6. Data volume test By running the software under different data volumes, we can detect the performance of the system under various data volumes. The main purpose is to find the data volume permission that supports the normal operation of the system. 7. Configuration test The configuration test is mainly aimed at the hardware to understand the impact of various environments on the system performance, so as to find the optimal allocation principle of various resources of the system. The main purpose is to understand the impact of various factors on system performance, so as to determine the more worthwhile tuning operations. ### 8.2 System Security #### 8.2.1 Threats and attacks to computer systems Threats and attacks faced by computer systems can be broadly divided into two categories: one is threats and attacks against entities, and the other is threats and attacks against information. Computer crime and virus include threats and attacks on computer system entities and information. 1. Threats and attacks against entities Threats and attacks against entities mainly refer to threats and attacks against computers and their external devices and networks. 2. Threats and attacks to information Information leakage: accidental or intentional acquisition (interception, interception, theft or analysis and decoding) of information in the target system, especially sensitive information, resulting in leakage events. Information destruction: accidental accident or man-made destruction destroys the correctness and availability of information, resulting in the destruction, modification or loss of a large amount of information. #### 8.2.2 Vulnerability of computer system 1. The unsafe factors of the system include data input part, data processing part, communication line, software, output part, access control part, etc. 2. The causes of insecurity are threats posed by natural disasters, accidental and unintentional threats, and man-made attacks. 3. The performance of system vulnerability is high storage density, data accessibility, information aggregation, confidentiality difficulty, residual magnetic effect of medium, electromagnetic leakage, and weakness of communication network. These vulnerabilities of computer system pose potential dangers to system security. If these vulnerabilities are utilized, the resources of the system will be greatly lost. #### 8.2.3 Safety requirements for computer system The security of the computer system is to ensure the integrity, reliability, confidentiality, security, effectiveness and legality of the system resources, maintain the legitimate information activities and the social morality and power compatible with the application development, and the sum of the technical measures and methods established and adopted to ensure that the hardware, software and data of the system will not be damaged, leaked, modified or copied due to accidental or human factors, Protect state and collective property from serious losses. The security requirements of the computer system mainly include confidentiality, security, integrity, reliability and availability as well as the validity and legality of information. 1. Confidentiality: the information is encrypted by using cryptographic technology to prevent information leakage. 2. Security: it indicates the security degree of the program and data of an information system, that is, the degree of preventing illegal use and access. It is divided into internal security and external security. 3. Integrity: marks the integrity of information such as program and data, so that the program and data can meet the predetermined requirements. 4. Reliability and availability: reliability refers to the ability to ensure that the system hardware and software are free of faults or errors, so as to execute predetermined algorithms under specified conditions. Availability is to ensure that legal users can use the system correctly without refusing access or use, and to prevent illegal users from accessing the system, stealing system resources and damaging the system, and to prevent legal users from illegally operating or using the system. 5. Information validity and legality: content and sequence of information, identity identification, anti repudiation, tampering, etc. #### 8.2.4 Security Architechture of FreshFood ##### 8.2.4.1 Permission System > System Root > > > Root Administrator > > > > > Global System Administrator > > > > > > > Sub System Administrator > > > > > > > > > staff > > > > > > > > > > > client >>> software develop engineer >>> >>> > test engineer >>> > >>> > > test server >> Log Read/write System >> >> > sub system Log Read/Write System >> massage/commond checker >> >> > massage queue >>> monitor system >>> storage system >>> >>> > automatically balance system >>> > >>> > > get commond >>>>> take commond >>> OA system >>> >>> > Financial system >>> > >>> > > staff check system >>>>> staff commond system >>> database system >>> >>> > read commond >>> > >>> > > insert commond >>> > > >>> > > > delete/update commond ##### 8.2.4.2 Security Technology We Use 1. How do we guarantee the front and back end data security of e-commerce system: JWT Generally speaking, the essence of JWT is a string. It is to save the user information into a JSON string, and then encode it to obtain a JWT token. The JWT token has signature information, and can verify whether it has been tampered with after receiving. Therefore, it can be used to securely transmit information as a JSON object between parties. The certification process of JWT is as follows: 1. First, the front end sends its user name and password to the back end interface through a web form. This process is generally a post request. The recommended method is SSL encrypted transmission (HTTPS) to avoid sensitive information being sniffed 2. After checking the user name and password successfully, the back-end takes the data containing the user information as the payload of JWT, and performs Base64 coding and splicing with the JWT header to form a JWT token, which is a string like lll.zzz.xxx 3. The back end returns the JWT token string to the front end as the result of successful login. The front end can save the returned results in the browser, and delete the saved JWT token when logging out 4. The front end puts the JWT token into the authorization attribute in the HTTP request 5 header at each request (to solve the XSS and xsrf problems) 5. The back-end checks the JWT token passed from the front-end to verify its validity, such as checking whether the signature is correct, whether it has expired, and whether the receiver of the token is himself 6. After the verification is passed, the back end parses the user information contained in the JWT token, performs other logical operations (generally obtaining permissions according to the user information), and returns the results Why JWT Disadvantages of traditional session authentication: We know that HTTP itself is a stateless protocol, which means that if the user provides the user name and password to our application for user authentication, the HTTP protocol will not record the status after authentication after the authentication is passed. Then the user needs to authenticate again in the next request, because according to the HTTP protocol, we do not know which user sent the request, Therefore, in order to enable our application to identify which user made the request, we can only store a user login information in the server after the user successfully logs in for the first time. This login information will be transmitted to the browser when responding, telling it to save it as a cookie, so that it can be sent to our application when the next request is made, so that our application can identify which user the request is from, This is a traditional session based authentication process However, traditional session authentication has the following problems: 1. The login information of each user will be saved in the session of the server. As the number of users increases, the server overhead will increase significantly 2. Since the session exists in the physical memory of the server, this method will fail in the distributed system. Although sessions can be saved in redis, this will undoubtedly increase the complexity of the system. For applications that do not need redis, a caching middleware will be introduced for nothing 3. It is not applicable to non browser clients, mobile phones, etc. because sessions depend on cookies, and mobile terminals often do not have cookies Because session authentication is essentially based on cookies, if cookies are intercepted, users are vulnerable to cross site request forgery attacks. And if the browser disables cookies, this method will also fail 4. The front-end and back-end separation system is not applicable. The back-end deployment is complex. The requests sent by the front-end often arrive at the back-end through multiple middleware. The information about the session in the cookie will be forwarded many times 5. Because it is based on cookies, and cookies cannot cross domains, session authentication cannot cross domains, and is not applicable to single sign on Advantages of JWT certification Compared with the traditional session authentication method, the advantages of JWT are: 1. Simplicity: JWT token has a small amount of data and a fast transmission speed 2. Because JWT tokens are stored in the client in the form of JSON encryption, JWT is cross language, and in principle, any web form is supported 3. There is no need to save the session information on the server, that is, it does not depend on cookies and sessions, so there is no disadvantage of traditional session authentication, and it is especially suitable for distributed micro services 4. Single sign on friendly: when using session for identity authentication, it is difficult to achieve single sign on because cookies cannot cross domains. However, if the token is used for authentication, the token can be stored in the memory of any location of the client, and it is not necessarily a cookie. Therefore, it does not depend on cookies, and there will be no such problems 5. Suitable for mobile applications: if you use session for identity authentication, you need to save a piece of information on the server side, and this method will depend on cookies (cookies are required to save the sessionid 2. MQ With MQ(massag queue), application developers can easily communicate with applications quickly and reliably by sending and receiving messages. Message processing provides you with guaranteed message delivery and a reliable fail safe way to perform many business processes. MSMQ and XML Web services and Net remoting is a distributed development technology. But when using XML Web services or Net remoting component, the client side needs to exchange information with the server side in real time, and the server needs to remain online. MSMQ can work when the server is offline, temporarily save messages in the message queue on the client side, and then send them to the server side for processing when the server is online. Obviously, MSMQ is not suitable for the situation where the client needs a timely response from the server. MSMQ interacts with the server asynchronously, without worrying about the long-time processing process on the server. Although XML Web services and Net remoting provides the [oneway] attribute to handle asynchronous calls, which is used to solve the problem that long method calls on the server side hinder the client side for a long time. However, it cannot solve the problem of a large number of client loads. At this time, the server accepts requests faster than it processes requests. In general, the [oneway] attribute is not used in special message services. In our system, except for the e-commerce system, other non immediate instructions will be processed using this technology. ### 8.3 System Reliability #### 8.3.1 How we analyse ##### 8.3.1.1 Analytic method The analytical method is usually based on the reliability attribute of components, enumerates the possible fault states of the system, analyzes the behavior characteristics of each component under the fault state of the system, and then calculates the system reliability index to analyze the system reliability. Analytical method is widely used in the reliability evaluation of small-scale systems or simple systems because of its simple principle and fast calculation speed. However, the analytical method has the following defects when applied to complex systems: when the number of system space states to be analyzed by the analytical method increases exponentially with the number of components, the calculation process is too complicated; The potential assumption is that components are independent of each other, which contradicts the complex coupling relationship of components in complex systems. 1. System reliability analysis method based on FTA FTA is one of the most commonly used methods in reliability analysis. Based on the fault mode, it analyzes the reliability of the system from top to bottom, that is, first determine the fault mode of the system layer, and then find all the possible faults that cause the fault of the previous layer until all the basic events that cause the system fault are found. The reliability of any monotone correlation system can be expressed by the reliability of its minimum cut set combination. Therefore, for the system with fewer components and simple correlation, the system reliability analysis can be transformed into solving the minimum cut set problem. However, for a system with a large number of components and complex coupling relations between components, there are the following problems in direct application of FTA: how to solve the minimum cut set, how to construct the structural function, and how to describe the relationship between components in the system. The fault tree established by FTA for complex systems is often static, but the faults of the components that actually constitute the system are dynamic. Therefore, the dynamic fault tree DFTA emerges as the times require. It introduces the dynamic characteristics of fault tree structure and state transition, defines the new logic gate type of standard dynamic characteristics, establishes the dynamic fault tree, and conducts the system reliability research of local relevant components, so as to improve the description ability of the system reliability model, So as to realize more accurate logical processing. 2. System reliability analysis method based on state space method The state space method is usually based on the Markov model in reliability engineering. It analyzes the state change process of the system, constructs the state transition equation, and statistically analyzes the system reliability index. The state space method is applicable to the system with a small number of state spaces. It can enumerate all the states of the system in turn and analyze the system reliability. However, in reality, the number of system state space is often huge, so in a short time, Markov model is used to analyze the reliability of multi-state systems. The generate algorithm can generate the most likely states when the system is actually running, thus reducing the number of system state spaces. The maximum probability value effective states are generated in the order that the system state probability does not increase. The generate algorithm is modified to reduce the number of system state spaces. In Markov model, it is assumed that there are only two states of components: normal and fault, but in fact, there are many states of components, such as normal, fault and maintenance, and it is also difficult to obtain parameters such as fault rate and repair rate of components. The parameter values of multi-state components are estimated by using the difference importance measure. Fuzzy theory and Markov model are combined to calculate the failure rate and repair rate of components in the model. Combined with Taylor expansion, the inverse function of generating matrix group of Markov chain is established, and the probability density function of system reliability is calculated by using the inverse function. In the study of system reliability based on Markov model, it is assumed that the state transfer function obeys exponential distribution, while the preventive maintenance interval in engineering practice is non exponential distribution. In order to overcome the above problems, semi Markov model is proposed. Semi Markov model is a one-dimensional continuous parameter stochastic process that changes with time, and it does not need to assume exponential distribution of state transfer function. The semi Markov model has no Markov property, and its future state depends on the present state and the time spent in the state. 3. System reliability analysis method based on go method The go method is a method guided by function flow, which converts the system schematic diagram or engineering drawing into a go diagram according to certain rules, and then analyzes the system reliability qualitatively or quantitatively. Different from FTA, go method mainly reflects the sequential operation process of the system and the functional relationship between components, while FTA reflects the various causes of system faults and their logical relationships. At present, go method and its improved algorithm have been widely used in the reliability analysis of various types of systems. Instead of calculating the reliability joint probability of complex combinations, go method reduces the difficulty of computer programming. Combining the shortest path set with the go method, the difficulty of the go method using computer programming is further reduced. The go method is applied to the reliability analysis of the supply chain system, and the system reliability calculation problem is transformed into the reliability problem of finding the corresponding equivalent node. Go method is used to model and analyze the reliability of multi-stage mission system with common cause failure. In recent years, go method has been widely used in the reliability analysis of electromechanical complex systems such as power supply system, automobile braking system and nuclear power system, and has achieved certain results. On the basis of go method, a GO-FLOW method, which is suitable for time series problems and multi-state system stage task problems, is proposed to analyze system reliability. ##### 8.3.1.2 Monte Carlo method Monte Carlo method, also known as simulation method, is based on the theory of probability and statistics. With the help of system probability model and random variable simulation, some mathematical and technical problems are generated to solve the system reliability problem. Monte Carlo simulation technology is considered to play an important role in the system reliability evaluation of large complex networks. Based on neural network and Monte Carlo simulation, the reliability of large-scale structural system is studied. In order to improve the statistical efficiency and convergence of data and reduce the computational complexity, Monte Carlo simulation based on cross entropy is proposed. The basic idea of this method is to calculate the density function with the aid of sampling, and to minimize the computational complexity of Monte Carlo simulation by using the optimization process. The Monte Carlo method based on cellular automata is a system reliability analysis method. This method does not need to know the shortest path or the minimum cut set of the system, and can still evaluate the reliability of the system. The analysis results are better than the Monte Carlo method based on the shortest path and the Monte Carlo method based on the minimum cut set. In addition, the combination of particle swarm optimization algorithm and Monte Carlo simulation solves the optimization problem of reliability calculation of complex network system, and reduces the calculation cost to the maximum extent. Using the advantage of support vector machine in computing speed, combining it with Monte Carlo simulation, an empirical model is established to evaluate the reliability of the system. ##### 8.3.1.3 Synthesis method The synthesis method combines the advantages of the analytical method and the Monte Carlo method, uses the analytical method to analyze and build the system reliability model, and combines the advantages of the Monte Carlo method in simulation to solve the reliability model, reducing the calculation difficulty and improving the calculation speed. The time fault tree model analyzes the reliability of the system, and the Monte Carlo simulation method is used to accelerate the calculation process of the model. The time fault tree model of the system can characterize the relationship between the time and the number of failures of the system and components. The reliability model is established according to Markov process, and the system reliability is solved by Monte Carlo simulation to improve the calculation efficiency. The dynamic gate introduced by the dynamic fault tree can describe the complex relationship between components. Therefore, a dynamic fault tree model for system reliability analysis is established and solved by Monte Carlo simulation. Inheriting the advantages of fault tree and Markov model, this paper defines a new set of reliability models for analysis system, which is the formal Boolean logic driven Markov process. This model overcomes the shortcomings of Markov method, such as the large number of state spaces and the failure tree model can not describe the system dynamics. In addition, the most common method in the synthesis method is the system reliability analysis method based on Bayesian network. The Bayesian network model uses the advantages of Bayesian in dealing with uncertainty theory, combines the minimum path set or FTA to establish the system Bayesian network, and calculates the fault probability of each node in the system according to the Bayesian algorithm, so as to find out the weak links of the system and analyze the system reliability. Bayesian network model can better deal with uncertain information in the system, and Bayesian network is intuitive. Therefore, this model is one of the most widely used methods to study the reliability of complex systems. However, there are two hypothetical relationships with independent conditions during the construction of Bayesian networks: ① If the parent node is known, any node is conditionally independent from its non descendant nodes; ② Given the Markov cover of the parent node, the child node and the parent node of the child node, this node is conditionally independent from all other nodes in the network. These two assumptions are not applicable to systems with complex coupling relationships. At the same time, in the Bayesian network model, the calculated probability distribution belongs to the conditional probability, and the conditional probability is greatly affected by human subjective factors. Therefore, there are some doubts about the objectivity and authenticity of the system reliability calculated by the Bayesian network model. ##### 8.3.1.4 Network method In view of the essential problems of analytical method, Monte Carlo method and synthesis method, that is, the structural properties of the system and the functional relationship between components can not be accurately described, the method of studying system reliability based on network theory is proposed. The core idea of the network method is to combine the reliability of the system with the network theory, make use of the advantages of the network to describe the internal structure of the system, establish the system reliability evaluation index and analyze the system reliability., Network theory has received extensive attention in the research of system reliability, especially in the application of complex network systems. The so-called complex network means that its topological characteristics meet certain conditions, such as the small world characteristics. The reliability of network system refers to the probability / capability that the system still maintains the original network function under the normal operation condition. When studying the reliability of complex network system, the reliability of the system is generally expressed by the connectivity reliability, that is, the stronger the connectivity of the network, the higher the reliability of the system. According to the different emphases of the research, the indexes of evaluating the reliability of network system based on network theory are also different. By referring to the research results of the real world network system and the reliability of complex network system, the index system for evaluating the reliability of complex network system is summarized, including four first-class indexes (i.e. survivability, survivability, effectiveness and synchronization), and each first-class index includes several second-class indexes.