19 Glossary
A comprehensive glossary of key terms from all chapters of the software engineering course. Terms are organized alphabetically for easy reference.
19.1 A
Acceptance Criteria Specific, testable conditions that must be met for a user story or feature to be considered complete. Defines the boundaries of a requirement and provides a basis for testing. Chapter 2: Requirements Engineering
Acceptance Testing Testing conducted to determine whether a system satisfies its acceptance criteria and is ready for delivery. Often performed by end users or stakeholders. Chapter 8: Testing and Quality Assurance
ACID Properties (Atomicity, Consistency, Isolation, Durability) that ensure reliable database transactions. Atomicity means all-or-nothing execution; Consistency ensures valid state transitions; Isolation means concurrent transactions don’t interfere; Durability means committed data persists. Chapter 10: Data Management and APIs
Activity Diagram UML behavioral diagram that models workflows and business processes as a sequence of activities connected by control flows and decision points. Chapter 3: Systems Modeling and UML
ADR (Architectural Decision Record) Document capturing the reasoning behind significant architectural decisions, including context, decision, rationale, and consequences. Preserves institutional knowledge about why systems are designed as they are. Chapter 13: Software Maintenance and Evolution
Agile Family of iterative, incremental software development methodologies emphasizing flexibility, collaboration, working software, and responsiveness to change over rigid planning. Chapter 6: Agile Methodologies
API (Application Programming Interface) Contract defining how software components interact. Specifies operations, inputs, outputs, and behaviors that one component exposes to others. Chapter 10: Data Management and APIs
Artifact Any tangible output of the software development process, including code, documentation, diagrams, test results, and deployed applications. Chapter 6: Agile Methodologies
Association UML relationship representing a connection between classes where instances of one class are related to instances of another. Chapter 3: Systems Modeling and UML
19.2 B
Backlog Prioritized list of work items (features, bugs, technical tasks) waiting to be completed. Product backlog contains all desired work; sprint backlog contains work committed for a specific iteration. Chapter 6: Agile Methodologies
bcrypt Password hashing algorithm designed to be computationally expensive, making brute-force attacks impractical. Uses adaptive cost factor that can be increased as hardware improves. Chapter 12: Software Security
Big-Bang Integration Risky approach of developing all components separately and combining them at once at the end. Often leads to difficult-to-diagnose integration problems. Chapter 15: Final Project Integration and Course Synthesis
Branch Independent line of development in version control. Allows parallel work on features, fixes, or experiments without affecting the main codebase. Chapter 7: Version Control with Git
Bug Triage Process of prioritizing which defects to fix given limited resources. Categorizes bugs by severity and impact to focus effort on the most critical issues. Chapter 15: Final Project Integration and Course Synthesis
Build Process of transforming source code into executable software, including compilation, linking, and packaging. Also refers to the resulting executable artifact. Chapter 9: CI/CD Pipelines
19.3 C
Cache-Aside Caching pattern where the application explicitly manages the cache—checking it before database queries and populating it after retrievals. Chapter 10: Data Management and APIs
CD (Continuous Delivery/Deployment) Practice of automatically preparing code for release (Continuous Delivery) or automatically deploying to production (Continuous Deployment) after passing automated tests. Chapter 9: CI/CD Pipelines
Changelog Document recording what changed in each version of software, typically organized by version number with categorized lists of additions, changes, fixes, and removals. Chapter 13: Software Maintenance and Evolution
Characterization Test Test that documents actual behavior of existing code, rather than specifying what behavior should be. Used when working with legacy code where specifications are unavailable. Chapter 13: Software Maintenance and Evolution
CI (Continuous Integration) Practice of frequently merging code changes into a shared repository, with automated builds and tests verifying each integration. Chapter 9: CI/CD Pipelines
Class Diagram UML structural diagram showing classes, their attributes and methods, and relationships between classes. Foundational diagram for object-oriented design. Chapter 3: Systems Modeling and UML
Code Coverage Metric measuring what percentage of code is executed by tests. Types include line coverage, branch coverage, and path coverage. Chapter 8: Testing and Quality Assurance
Code of Ethics Formal statement of ethical principles for a profession, articulating shared values and expected conduct for practitioners. Chapter 14: Professional Practice and Ethics
Code Review Practice of having other developers examine code changes before integration. Catches bugs, enforces standards, and spreads knowledge. Chapter 7: Version Control with Git
Cohesion Degree to which elements of a module belong together. High cohesion means a module focuses on a single, well-defined purpose. Chapter 13: Software Maintenance and Evolution
Cold Start Latency experienced when a serverless function starts from an inactive state, requiring container initialization before handling requests. Chapter 11: Cloud Services and Deployment
Commit Snapshot of changes saved to version control repository. Creates a permanent record with unique identifier, author, timestamp, and message. Chapter 7: Version Control with Git
Component Diagram UML structural diagram showing how a system is divided into components and the dependencies between them. Chapter 3: Systems Modeling and UML
Composition Strong form of UML association where the contained object cannot exist without its container. When the container is destroyed, contained objects are destroyed too. Chapter 3: Systems Modeling and UML
Consequentialism Ethical theory that judges actions by their outcomes. The right action is the one that produces the best consequences for those affected. Chapter 14: Professional Practice and Ethics
Container Lightweight, isolated runtime environment that packages an application with its dependencies. Provides consistency across development, testing, and production environments. Chapter 11: Cloud Services and Deployment
Continuous Integration Practice of frequently merging and testing code changes, typically multiple times per day, to detect integration problems early. Chapter 15: Final Project Integration and Course Synthesis
Copyleft Licensing approach requiring derivative works to use the same license as the original. Ensures modifications remain open source. Chapter 14: Professional Practice and Ethics
Copyright Legal protection for original creative works, including software. Grants exclusive rights to copy, distribute, modify, and create derivative works. Chapter 14: Professional Practice and Ethics
Coupling Degree of interdependence between modules. Loose coupling means modules can be changed independently; tight coupling means changes ripple across modules. Chapter 13: Software Maintenance and Evolution
CRUD Acronym for Create, Read, Update, Delete—the four basic operations for persistent data storage. Chapter 10: Data Management and APIs
CSP (Content Security Policy) HTTP header that controls which resources browsers can load for a page. Helps prevent XSS attacks by restricting script sources. Chapter 12: Software Security
CSRF (Cross-Site Request Forgery) Attack that tricks authenticated users into performing unintended actions by exploiting their existing session with a website. Chapter 12: Software Security
Cyclomatic Complexity Metric measuring the number of independent paths through code. Higher complexity indicates code that is harder to understand and test. Chapter 13: Software Maintenance and Evolution
19.4 D
DAST (Dynamic Application Security Testing) Security testing that analyzes running applications by simulating attacks. Finds real exploitable vulnerabilities but can’t see internal code structure. Chapter 12: Software Security
DataLoader Utility that batches and caches data requests to solve N+1 query problems in GraphQL and similar scenarios. Chapter 10: Data Management and APIs
Defense in Depth Security principle of layering multiple controls so that failure of one doesn’t compromise overall security. If one defense fails, others remain. Chapter 12: Software Security
Demo Live demonstration of working software, typically showing key features and capabilities to stakeholders or evaluators. Chapter 15: Final Project Integration and Course Synthesis
Deontology Ethical theory that judges actions by adherence to duties and rules, regardless of consequences. Some actions are inherently right or wrong. Chapter 14: Professional Practice and Ethics
Dependency Injection Design pattern where objects receive their dependencies from external sources rather than creating them internally. Improves testability and flexibility. Chapter 4: Software Architecture and Design Patterns
Deployment Process of making software available for use, including installation, configuration, and activation in target environments. Chapter 9: CI/CD Pipelines
Deployment (Kubernetes) Kubernetes resource that manages a set of identical pods, handling updates, scaling, and self-healing. Chapter 11: Cloud Services and Deployment
Deprecation Marking a feature as scheduled for removal in a future version. Gives users time to migrate before the feature is removed. Chapter 13: Software Maintenance and Evolution
Design Pattern Reusable solution to a commonly occurring problem in software design. Provides a template for solving similar problems across different contexts. Chapter 4: Software Architecture and Design Patterns
Docker Platform for building, running, and distributing containers. Defines containers using Dockerfiles and manages them through a runtime engine. Chapter 11: Cloud Services and Deployment
19.5 E
End-to-End Testing (E2E) Testing that validates complete user workflows from start to finish, simulating real user behavior across the entire system. Chapter 8: Testing and Quality Assurance
Epic Large user story that is too big to complete in a single iteration. Broken down into smaller, implementable user stories. Chapter 2: Requirements Engineering
Ethics Branch of philosophy concerned with right and wrong conduct, examining moral principles that govern behavior. Chapter 14: Professional Practice and Ethics
19.6 F
Factory Pattern Creational design pattern that provides an interface for creating objects without specifying their exact classes. Chapter 4: Software Architecture and Design Patterns
Foreign Key Database column that references a primary key in another table, creating relationships between tables and enforcing referential integrity. Chapter 10: Data Management and APIs
Functional Requirement Specification of what the system should do—specific behaviors, features, and functions it must provide. Chapter 2: Requirements Engineering
19.7 G
GDPR (General Data Protection Regulation) European Union data privacy regulation governing collection, processing, and storage of personal data. Applies to any organization handling EU residents’ data. Chapter 14: Professional Practice and Ethics
Git Distributed version control system that tracks changes to files over time, enabling collaboration and maintaining history. Chapter 7: Version Control with Git
Graceful Degradation System behavior that maintains partial function when components fail, rather than failing completely. Chapter 15: Final Project Integration and Course Synthesis
GraphQL Query language for APIs that allows clients to specify exactly what data they need, reducing over-fetching and under-fetching problems. Chapter 10: Data Management and APIs
19.8 H
HSTS (HTTP Strict Transport Security) HTTP header that forces browsers to use HTTPS connections, preventing SSL stripping attacks and accidental insecure connections. Chapter 12: Software Security
19.9 I
IaaS (Infrastructure as a Service) Cloud computing model providing virtualized computing resources (servers, storage, networking) over the internet. Chapter 11: Cloud Services and Deployment
IaC (Infrastructure as Code) Practice of managing and provisioning infrastructure through machine-readable definition files rather than manual configuration. Chapter 11: Cloud Services and Deployment
IDOR (Insecure Direct Object Reference) Vulnerability where attackers access unauthorized objects by manipulating identifiers in requests. Chapter 12: Software Security
Integration Combining separately developed components into a working system. Also refers to automated integration in CI/CD. Chapter 15: Final Project Integration and Course Synthesis
Integration Testing Testing that verifies interactions between components or systems work correctly when combined. Chapter 8: Testing and Quality Assurance
19.10 J
JWT (JSON Web Token) Compact, self-contained token format for securely transmitting information between parties. Commonly used for authentication. Chapters 10, 12: Data Management and APIs; Software Security
19.11 K
Kanban Agile methodology emphasizing continuous flow, visualization of work, and limiting work in progress. Uses a board with columns representing workflow stages. Chapter 6: Agile Methodologies
Kubernetes Container orchestration platform that automates deployment, scaling, and management of containerized applications across clusters. Chapter 11: Cloud Services and Deployment
19.12 L
Lambda AWS serverless computing service that runs code in response to events without provisioning or managing servers. Chapter 11: Cloud Services and Deployment
Least Privilege Security principle of granting only the minimum permissions necessary for a task, limiting potential damage from compromise. Chapter 12: Software Security
Legacy System Existing system that remains valuable but is difficult to work with due to outdated technology, missing documentation, or accumulated technical debt. Chapter 13: Software Maintenance and Evolution
Lessons Learned Documented reflection on what went well and what could improve in a project, capturing knowledge for future reference. Chapter 15: Final Project Integration and Course Synthesis
19.13 M
Merge Git operation that combines changes from different branches into a single branch, integrating parallel development efforts. Chapter 7: Version Control with Git
Microservices Architectural style structuring an application as a collection of loosely coupled, independently deployable services. Chapter 4: Software Architecture and Design Patterns
Migration Script that transforms database schema or data from one version to another, enabling controlled evolution of data structures. Chapter 13: Software Maintenance and Evolution
Mock Test double that simulates the behavior of real objects in controlled ways. Used to isolate the code being tested. Chapter 8: Testing and Quality Assurance
Model-View-Controller (MVC) Architectural pattern separating an application into three components: Model (data and logic), View (presentation), and Controller (input handling). Chapter 4: Software Architecture and Design Patterns
MoSCoW Method Prioritization technique categorizing requirements as Must Have, Should Have, Could Have, or Won’t Have for this release. Chapter 15: Final Project Integration and Course Synthesis
19.14 N
N+1 Problem Performance issue where fetching N items causes N+1 database queries—one to get the list and one for each item’s related data. Chapter 10: Data Management and APIs
Non-Functional Requirement Specification of how the system should behave—qualities like performance, security, usability, and reliability. Chapter 2: Requirements Engineering
Normalization Process of organizing database data to reduce redundancy and improve integrity by dividing tables and establishing relationships. Chapter 10: Data Management and APIs
NoSQL Category of non-relational databases optimized for specific use cases like documents, key-value pairs, graphs, or time series. Chapter 10: Data Management and APIs
19.15 O
Observer Pattern Behavioral design pattern where objects (observers) subscribe to receive notifications when another object (subject) changes state. Chapter 4: Software Architecture and Design Patterns
Open Source Software distributed with a license granting rights to use, study, modify, and redistribute the source code. Chapter 14: Professional Practice and Ethics
OpenAPI Specification standard for describing REST APIs in a machine-readable format, enabling documentation and code generation. Chapter 10: Data Management and APIs
OWASP (Open Web Application Security Project) Nonprofit organization producing security standards, tools, and resources including the OWASP Top 10 vulnerability list. Chapter 12: Software Security
19.16 P
PaaS (Platform as a Service) Cloud computing model providing a platform for deploying applications without managing underlying infrastructure. Chapter 11: Cloud Services and Deployment
Patent Legal protection for novel, non-obvious inventions. Requires application and approval, unlike copyright which is automatic. Chapter 14: Professional Practice and Ethics
Permissive License Open source license with minimal restrictions, typically requiring only attribution (e.g., MIT, Apache 2.0, BSD). Chapter 14: Professional Practice and Ethics
Pipeline Automated sequence of stages that code passes through from commit to production, including build, test, and deployment steps. Chapter 9: CI/CD Pipelines
Pod Smallest deployable unit in Kubernetes, consisting of one or more containers that share storage and network resources. Chapter 11: Cloud Services and Deployment
Polish Attention to detail that distinguishes professional from amateur work—handling edge cases, providing good feedback, and ensuring consistency. Chapter 15: Final Project Integration and Course Synthesis
Portfolio Collection of work samples demonstrating a developer’s capabilities and experience to potential employers or clients. Chapter 15: Final Project Integration and Course Synthesis
Primary Key Column(s) that uniquely identify each row in a database table. Every table should have a primary key. Chapter 10: Data Management and APIs
Product Owner Scrum role responsible for maximizing product value by managing the product backlog and representing stakeholder interests. Chapter 6: Agile Methodologies
Psychological Safety Team climate where members feel safe to take risks, ask questions, and admit mistakes without fear of punishment or ridicule. Chapter 14: Professional Practice and Ethics
Pull Request Request to merge changes from one branch into another, typically including code review before integration. Chapter 7: Version Control with Git
19.17 R
Rate Limiting Controlling request frequency to prevent abuse, protect resources, and ensure fair usage across clients. Chapter 10: Data Management and APIs
Refactoring Restructuring existing code without changing its external behavior to improve internal structure, readability, and maintainability. Chapter 13: Software Maintenance and Evolution
Repository Storage location for code and its history in version control. May refer to the local copy or remote server. Chapter 7: Version Control with Git
Resolver Function that fetches data for a GraphQL field, connecting the schema to actual data sources. Chapter 10: Data Management and APIs
Resource Conceptual entity in REST architecture, identified by a URI and manipulated through standard HTTP methods. Chapter 10: Data Management and APIs
REST (Representational State Transfer) Architectural style for distributed systems using resources, URIs, HTTP methods, and stateless communication. Chapter 10: Data Management and APIs
Retrospective Scrum ceremony at the end of each sprint where the team reflects on what went well, what could improve, and actions to take. Chapter 6: Agile Methodologies
Runbook Operational documentation for running and troubleshooting systems, containing procedures for common tasks and incidents. Chapter 13: Software Maintenance and Evolution
19.18 S
SaaS (Software as a Service) Cloud computing model delivering complete applications over the internet, with the provider managing all infrastructure. Chapter 11: Cloud Services and Deployment
SAST (Static Application Security Testing) Security testing that analyzes source code for vulnerabilities without executing the program. Chapter 12: Software Security
SCA (Software Composition Analysis) Security testing that scans third-party dependencies for known vulnerabilities. Chapter 12: Software Security
Scope Creep Gradual expansion of project requirements beyond the original definition, often leading to delays and incomplete features. Chapter 15: Final Project Integration and Course Synthesis
Scrum Agile framework using fixed-length iterations (sprints), defined roles, and regular ceremonies to deliver software incrementally. Chapter 6: Agile Methodologies
Scrum Master Scrum role responsible for facilitating the process, removing impediments, and helping the team improve. Chapter 6: Agile Methodologies
Semantic Versioning Version numbering scheme using MAJOR.MINOR.PATCH format to encode compatibility information. Major changes break compatibility; minor adds features; patch fixes bugs. Chapter 13: Software Maintenance and Evolution
Sequence Diagram UML behavioral diagram showing object interactions over time as a sequence of messages exchanged between participants. Chapter 3: Systems Modeling and UML
Serverless Computing model where the cloud provider automatically manages infrastructure, scaling, and resource allocation. Developers deploy functions rather than servers. Chapter 11: Cloud Services and Deployment
Service (Kubernetes) Kubernetes resource providing a stable network endpoint for a set of pods, enabling service discovery and load balancing. Chapter 11: Cloud Services and Deployment
Singleton Pattern Creational design pattern ensuring a class has only one instance and providing global access to that instance. Chapter 4: Software Architecture and Design Patterns
Sprint Fixed-length iteration (typically 1-4 weeks) in Scrum during which a potentially shippable product increment is created. Chapter 6: Agile Methodologies
SQL Injection Attack that inserts malicious SQL code through user input to manipulate database queries and access unauthorized data. Chapter 12: Software Security
SSRF (Server-Side Request Forgery) Attack that tricks servers into making requests to unintended URLs, potentially accessing internal resources. Chapter 12: Software Security
Stakeholder Anyone with an interest in or influence over a software project, including users, customers, developers, and management. Chapter 2: Requirements Engineering
Strangler Fig Pattern for gradually replacing legacy systems by routing increasing portions of traffic to a new system until the old system can be retired. Chapter 13: Software Maintenance and Evolution
19.19 T
T-Shaped Skills Professional development concept combining broad knowledge across many areas (the top of the T) with deep expertise in specific areas (the stem). Chapter 15: Final Project Integration and Course Synthesis
Technical Debt Accumulated cost of shortcuts, expedient decisions, and deferred work in software. Like financial debt, it accrues interest and must eventually be repaid. Chapters 13, 14: Software Maintenance and Evolution; Professional Practice and Ethics
Technical Presentation Structured communication of technical work to an audience, including demonstrations, architecture explanations, and project overviews. Chapter 15: Final Project Integration and Course Synthesis
Terraform Infrastructure as code tool supporting multiple cloud providers, allowing infrastructure to be defined, versioned, and automated. Chapter 11: Cloud Services and Deployment
Test-Driven Development (TDD) Development practice of writing tests before implementation. Red (failing test) → Green (passing implementation) → Refactor. Chapter 8: Testing and Quality Assurance
19.20 U
UML (Unified Modeling Language) Standardized visual modeling language for specifying, visualizing, and documenting software systems. Chapter 3: Systems Modeling and UML
Unit Testing Testing individual components (functions, methods, classes) in isolation to verify they work correctly. Chapter 8: Testing and Quality Assurance
Use Case Description of how an actor (user or system) interacts with a system to achieve a goal. Captures functional requirements from the user’s perspective. Chapter 3: Systems Modeling and UML
Use Case Diagram UML diagram showing actors, use cases, and their relationships, providing a high-level view of system functionality. Chapter 3: Systems Modeling and UML
User Story Short, simple description of a feature from the perspective of the user who wants it. Format: “As a [role], I want [feature] so that [benefit].” Chapter 2: Requirements Engineering
19.21 V
Velocity Measure of how much work a team completes per sprint, used for planning and forecasting. Chapter 6: Agile Methodologies
Version Control System that records changes to files over time, enabling collaboration, history tracking, and reverting to previous states. Chapter 7: Version Control with Git
Virtue Ethics Ethical theory focused on developing good character traits (virtues) rather than following rules or calculating outcomes. Chapter 14: Professional Practice and Ethics
VPC (Virtual Private Cloud) Isolated virtual network within a cloud provider, allowing control over IP addressing, subnets, routing, and security. Chapter 11: Cloud Services and Deployment
19.22 W
WCAG (Web Content Accessibility Guidelines) W3C guidelines for making web content accessible to people with disabilities, covering perceivability, operability, understandability, and robustness. Chapter 14: Professional Practice and Ethics
Wireframe Low-fidelity visual representation of a user interface, showing structure and layout without detailed design. Chapter 5: UI/UX Design
19.23 X
XSS (Cross-Site Scripting) Attack that injects malicious scripts into web pages viewed by other users, potentially stealing data or performing actions as the victim. Chapter 12: Software Security
19.24 Index by Chapter
19.24.1 Chapter 1: Introduction to Software Engineering
- Software Engineering, Software Development Life Cycle (SDLC), Waterfall, Agile
19.24.2 Chapter 2: Requirements Engineering
- Acceptance Criteria, Epic, Functional Requirement, Non-Functional Requirement, Stakeholder, User Story
19.24.3 Chapter 3: Systems Modeling and UML
- Activity Diagram, Association, Class Diagram, Component Diagram, Composition, Sequence Diagram, UML, Use Case, Use Case Diagram
19.24.4 Chapter 4: Software Architecture and Design Patterns
- Dependency Injection, Design Pattern, Factory Pattern, Microservices, Model-View-Controller, Observer Pattern, Singleton Pattern
19.24.5 Chapter 5: UI/UX Design
- Wireframe, User Experience, User Interface, Usability, Accessibility, Responsive Design
19.24.6 Chapter 6: Agile Methodologies
- Agile, Artifact, Backlog, Kanban, Product Owner, Retrospective, Scrum, Scrum Master, Sprint, Velocity
19.24.7 Chapter 7: Version Control with Git
- Branch, Code Review, Commit, Git, Merge, Pull Request, Repository, Version Control
19.24.8 Chapter 8: Testing and Quality Assurance
- Acceptance Testing, Code Coverage, End-to-End Testing, Integration Testing, Mock, Test-Driven Development, Unit Testing
19.24.9 Chapter 9: CI/CD Pipelines
- Build, CD, CI, Deployment, Pipeline
19.24.10 Chapter 10: Data Management and APIs
- ACID, Cache-Aside, CRUD, DataLoader, Foreign Key, GraphQL, JWT, N+1 Problem, Normalization, NoSQL, OpenAPI, Primary Key, Rate Limiting, Resolver, Resource, REST
19.24.11 Chapter 11: Cloud Services and Deployment
- Cold Start, Container, Deployment (Kubernetes), Docker, IaaS, IaC, Kubernetes, Lambda, PaaS, Pod, SaaS, Serverless, Service (Kubernetes), Terraform, VPC
19.24.12 Chapter 12: Software Security
- bcrypt, CSP, CSRF, DAST, Defense in Depth, HSTS, IDOR, JWT, Least Privilege, OWASP, SAST, SCA, SQL Injection, SSRF, XSS
19.24.13 Chapter 13: Software Maintenance and Evolution
- ADR, Changelog, Characterization Test, Cohesion, Coupling, Cyclomatic Complexity, Deprecation, Legacy System, Migration, Refactoring, Runbook, Semantic Versioning, Strangler Fig, Technical Debt
19.24.14 Chapter 14: Professional Practice and Ethics
- Code of Ethics, Consequentialism, Copyright, Copyleft, Deontology, Ethics, GDPR, Open Source, Patent, Permissive License, Psychological Safety, Virtue Ethics, WCAG
19.24.15 Chapter 15: Final Project Integration and Course Synthesis
- Big-Bang Integration, Bug Triage, Continuous Integration, Demo, Graceful Degradation, Integration, Lessons Learned, MoSCoW Method, Polish, Portfolio, Scope Creep, T-Shaped Skills, Technical Presentation