Spiral model
The spiral model is a risk-driven software development process model. Based on the unique risk patterns of a given project, the spiral model guides a team to adopt elements of one or more process models, such as incremental, waterfall, or evolutionary prototyping.
History
This model was first described by Barry Boehm in his 1986 paper, "A Spiral Model of Software Development and Enhancement". In 1988 Boehm published a similar paper to a wider audience. These papers introduce a diagram that has been reproduced in many subsequent publications discussing the spiral model.These early papers use the term "process model" to refer to the spiral model as well as to incremental, waterfall, prototyping, and other approaches. However, the spiral model's characteristic risk-driven blending of other process models' features is already present:
In later publications, Boehm describes the spiral model as a "process model generator", where choices based on a project's risks generate an appropriate process model for the project. Thus, the incremental, waterfall, prototyping, and other process models are special cases of the spiral model that fit the risk patterns of certain projects.
Boehm also identifies a number of misconceptions arising from oversimplifications in the original spiral model diagram. He says the most dangerous of these misconceptions are:
- that the spiral is simply a sequence of waterfall increments;
- that all project activities follow a single spiral sequence;
- that every activity in the diagram must be performed, and in the order shown.
In a National Research Council report this model was extended to include risks related to human users.
To better distinguish them from "hazardous spiral look-alikes", Boehm lists six characteristics common to all authentic applications of the spiral model.
The six invariants of spiral model
Authentic applications of the spiral model are driven by cycles that always display six characteristics. Boehm illustrates each with an example of a "dangerous spiral look-alike" that violates the invariant.Define artifacts concurrently
Sequentially defining the key artifacts for a project often lowers the possibility of developing a system that meets stakeholder "win conditions".This invariant excludes “hazardous spiral look-alike” processes that use a sequence of incremental waterfall passes in settings where the underlying assumptions of the waterfall model do not apply. Boehm lists these assumptions as follows:
- The requirements are known in advance of implementation.
- The requirements have no unresolved, high-risk implications, such as risks due to cost, schedule, performance, safety, user interfaces, organizational impacts, etc.
- The nature of the requirements will not change very much during development or evolution.
- The requirements are compatible with all the key system stakeholders’ expectations, including users, customer, developers, maintainers, and investors.
- The right architecture for implementing the requirements is well understood.
- There is enough calendar time to proceed sequentially.
Perform four basic activities in every cycle
This invariant identifies the four activities that must occur in each cycle of the spiral model:- Consider the win conditions of all success-critical stakeholders.
- Identify and evaluate alternative approaches for satisfying the win conditions.
- Identify and resolve risks that stem from the selected approach.
- Obtain approval from all success-critical stakeholders, plus commitment to pursue the next cycle.
Some "hazardous spiral look-alike" processes violate this invariant by excluding key stakeholders from certain sequential phases or cycles. For example, system maintainers and administrators might not be invited to participate in definition and development of the system. As a result, the system is at risk of failing to satisfy their win conditions.
Risk determines level of effort
For any project activity, the project team must decide how much effort is enough. In authentic spiral process cycles, these decisions are made by minimizing overall risk.For example, investing additional time testing a software product often reduces the risk due to the marketplace rejecting a shoddy product. However, additional testing time might increase the risk due to a competitor's early market entry. From a spiral model perspective, testing should be performed until the total risk is minimized, and no further.
"Hazardous spiral look-alikes" that violate this invariant include evolutionary processes that ignore risk due to scalability issues, and incremental processes that invest heavily in a technical architecture that must be redesigned or replaced to accommodate future increments of the product.
Risk determines degree of details
For any project artifact, the project team must decide how much detail is enough. In authentic spiral process cycles, these decisions are made by minimizing overall risk.Considering requirements specification as an example, the project should precisely specify those features where risk is reduced through precise specification. Conversely, the project should not precisely specify those features where precise specification increases the risk.
Use anchor point milestones
Boehm's original description of the spiral model did not include any process milestones. In later refinements, he introduces three anchor point milestones that serve as progress indicators and points of commitment. These anchor point milestones can be characterized by key questions.- Life Cycle Objectives. Is there a sufficient definition of a technical and management approach to satisfying everyone's win conditions? If the stakeholders agree that the answer is "Yes", then the project has cleared this LCO milestone. Otherwise, the project can be abandoned, or the stakeholders can commit to another cycle to try to get to "Yes."
- Life Cycle Architecture. Is there a sufficient definition of the preferred approach to satisfying everyone's win conditions, and are all significant risks eliminated or mitigated? If the stakeholders agree that the answer is "Yes", then the project has cleared this LCA milestone. Otherwise, the project can be abandoned, or the stakeholders can commit to another cycle to try to get to "Yes."
- Initial Operational Capability. Is there sufficient preparation of the software, site, users, operators, and maintainers to satisfy everyone's win conditions by launching the system? If the stakeholders agree that the answer is "Yes", then the project has cleared the IOC milestone and is launched. Otherwise, the project can be abandoned, or the stakeholders can commit to another cycle to try to get to "Yes."
The three anchor point milestones fit easily into the Rational Unified Process, with LCO marking the boundary between RUP's Inception and Elaboration phases, LCA marking the boundary between Elaboration and Construction phases, and IOC marking the boundary between Construction and Transition phases.