Requirement Specification
| Document | Requirement Specification |
| Specification name | TukkoTrafficVisualizer |
| Author(s): | Noora Kuikka & Andreas Kjersheim |
| Version: | 1.0 |
| Date: | 21.02.2024 |
Introduction
For the 2024 iteration of Future Factory, our team has been tasked with adding improvements and new features to the Tukko Traffic Visualizer service which began development at WIMMA Lab during the summer of 2023.
Tukko is an open-source project utilizing public traffic APIs from services such as Digitraffic. It provides data visualizations of traffic patterns on a user customizable map, allowing for different filters to be selected according to e.g. vehicle types or timescales.
Client
Client Name: Combitech
Project Ownership and Authority:
Combitech is the primary stakeholder responsible for the development of the Traffic Visualizer project. They have full ownership and decision-making authority over the project's requirements and direction.
Purpose of the Requirements Specification:
The purpose of this Requirements Specification document is to formally outline Combitech's specific needs, desired features, and required functionalities for the Traffic Visualizer project. This document will serve as a key reference point for effective communication and collaboration between the development team and Combitech throughout the project's lifecycle. It aims to ensure that the final product aligns closely with Combitech's vision and expectations.
About the authors
Team Synergy is a dynamic group of second-year year ICT students, driven by a shared passion for embracing emerging technologies and honing their skillsets.
As individuals, we are highly motivated and bring a diverse range of skills to the project. Some of us excel in web development, crafting elegant and user-friendly websites, while others bring strong leadership qualities that help steer our project in the right direction. Additionally, we have team members who are deeply intrigued by the intricacies of penetration testing and systems administration, adding a valuable layer of security to our endeavors.
Our collective strength lies in our ability to synergize our distinct strengths, fostering an environment where creativity and technical proficiency flourish. Together, we are dedicated to delivering a product that not only meets but exceeds expectations, creating a solution that truly shines in the world of technology.
Learn more about us at the team introduction!
Short description of service/solution
The Tukko traffic visualizer service is designed to provide real-time data analysis on a wide range of traffic conditions, including monitoring traffic congestion, identifying road closures, and calculating travel times between destinations. To accomplish this, it seamlessly integrates with the Digitraffic API and has been optimized to handle large volumes of data efficiently.
It features an intuitive map interface that allows uers to filter and explore results based on vehicle types and timescales. Additonally, users can also create interactive data visualizations through features like heatmaps, charts, and graphs, enabling a deeper insight of traffic patterns.
Business Requirements and Goals
| ReqID | Description |
|---|---|
| BUSINESS-REQ-0001 | Increase user engagement on the platform. |
| BUSINESS-REQ-0002 | Improve system scalability to accommodate growth. |
| BUSINESS-REQ-0003 | Enhance data security and compliance measures. |
| BUSINESS-REQ-0004 | Optimize product performance for mobile devices. |
| BUSINESS-REQ-0005 | Expand market reach to new customer segments. |
| BUSINESS-REQ-0006 | Enhance user experience through a redesigned UI. |
| BUSINESS-REQ-0007 | Reduce operational costs and resource utilization. |
| BUSINESS-REQ-0008 | Ensure regulatory compliance in all operations. |
| BUSINESS-REQ-0009 | Improve customer support and issue resolution. |
Stakeholder map
Stakeholders and profiles
| Stakeholder/profile | Info/Link | Motivation |
|---|---|---|
| Synergy | Link to website | Development Team to improve and expand the features of Tukko v1.0 Traffic Visualizer |
| Combitech | Link to website | They seek new features to be added to Tukko |
| JAMK | Link to website | Supports the development team of the project through mentors and materials |
| End User 1 | enduser1-profile | Person 36-45 years old. Regular user of Tukko. |
| End User 2 | enduser2-profile | Person 21 - 35 years old. Tourist and is exploring Finland in a rental car. |
| Journalist | mediauser1-profile | Technology journalist exploring and comparing traffic visualization applications. |
| City Planner | cityplanner-profile | City planner using the application to gain insight in traffic situations around a specific area. |
Customer Stories
Customer Story 1 - Commuter's Perspective
Alex (Profile) is a daily commuter living in a bustling city. His typical day involves catching the subway, followed by a bus connection to reach his office. However, unpredictable delays and service disruptions often throw a wrench into his schedule, causing unnecessary stress and inconvenience. Alex dreams of a service that can provide real-time updates on transit conditions, helping him plan his routes efficiently and avoid disruptions. Such a solution would not only save him time but also reduce the daily commute's uncertainties, ultimately improving his overall quality of life.
Customer Story 2 - Tourist's Perspective
Saara (Profile) is an avid traveler who loves exploring new cities and cultures. When she visits a new destination, she often finds herself struggling to navigate public transportation systems, decipher unfamiliar routes, and manage language barriers. Saara wishes for a service that caters to tourists like her, offering clear and user-friendly guidance on local transportation options, including maps, fare information, and real-time updates. Such a service would enhance her travel experiences, allowing her to immerse herself in new adventures without the stress of navigating complex transit networks.
Customer Story 3 - Urban Planner's Perspective
Mira (Profile), an urban planner responsible for shaping sustainable cities. She understands the significance of efficient and eco-friendly transportation systems. To achieve sustainability goals, Mira needs access to comprehensive data on traffic patterns, usage trends, and environmental impacts. A service that provides detailed insights into transportation behaviors and their ecological footprint would be invaluable. With such data, Mira can make informed decisions to enhance public transportation infrastructure, reduce congestion, and promote eco-friendly modes of transit, ultimately creating better cities for all residents.
Customer Story 4 - Technology Journalist's Perspective
As a technology journalist, Craig (Profile) diligently evaluates traffic visualization applications like Tukko v1.1 to assess their effectiveness, accessibility, security, and user-friendliness. His scrutiny extends to compliance with WCAG standards for inclusivity, robust security measures, and intuitive interfaces. Through meticulous testing and comparison with competitors, he aims to provide insightful recommendations to his audience, guiding them in selecting the most suitable traffic visualization tool for their needs.
Requirements for Alex (Regular User)
| ReqID | Description |
|---|---|
| CUSTOMER-REQ-0001 | As a user, I want the app to provide real-time updates on traffic conditions to help me plan my commute efficiently |
| CUSTOMER-REQ-0002 | As a user, I want the app to offer visual representations of traffic data, such as maps and charts, for easy analysis |
| CUSTOMER-REQ-0003 | As a user, I need the app to be user-friendly and intuitive, allowing me to customize views and easily interpret data |
| CUSTOMER-REQ-0004 | As a user, I want the app to include features like dark mode and color contrast options for better visibility during night-time driving |
| CUSTOMER-REQ-0005 | As a user, I expect the app to prioritize security by regularly scanning for vulnerabilities and following secure coding practices |
Customer Journey Path for Alex
Requirements for the Technology Journalist Craig
| ReqID | Description |
|---|---|
| CUSTOMER-REQ-0001 | As a technology journalist, I want the app to be accessible and compliant with WCAG standards to ensure inclusivity for all users |
| CUSTOMER-REQ-0002 | As a technology journalist, I need the app to prioritize security by conducting regular security scans and adhering to secure coding practices |
| CUSTOMER-REQ-0003 | As a technology journalist, I expect the app to have clear documentation and be easy to use, facilitating my testing process |
| CUSTOMER-REQ-0004 | As a technology journalist, I want the app to provide comprehensive results and insights for comparison with other traffic visualization apps |
Customer Journey Path for the Technology Journalist
Selected Use Cases of service/solution
| Use Case | Domain |
|---|---|
| Use Case - Compare Different LAM Stations Side by Side | Traffic Visualization |
| Use Case - Implement Web App Accessibility Measures | Accessibility |
| Use Case - Improve Dark Mode Colors | User Interface |
| Use Case - Enhance Color Contrast for Color Blindness | Accessibility |
| Use Case - Localization for Swedish | Localization |
| Use Case - Localization for Norwegian | Localization |
| Use Case - Regularly Scan for Known Security Vulnerabilities | Security |
| Use Case - Enforce Secure Coding Practices | Security |
| Use Case - Implement Automated Security Testing Pipeline | Security |
| Use Case - Harden All the Containers | Security |
| Use Case - Control Access to the Server | Security |
| Use Case - Protect Application with Web Application Firewall | Security |
| Use Case - Manual Testing | Testing |
| Use Case - Maintainable Documentation | Documentation |
Preliminary MockUp-prototype layouts for Tukko v1.1
FEA101 Compare Different LAM Stations Side by Side
FEA304, FEA305 Language selection. FEA 105 Web app accessibility measures, logo and description. FEA112 JAMK & Synergy branding
Use the following link to visit the Figma design and prototype workspace (Click here!)
Alternatively, visist our teams pages for an embedded version (Click here!)
A visual prototype is not yet constructed, but the ideas and plans for such can be found within the feature documentation. link here
FEA106 Improved Dark mode colors
Visit the feature documentation for our further plans about dark mode.
FEA110 Enhance color contrast for color blindness
More palettes are described and shown within the feature documentation. Visit for our visualizations.
System requirements
| RequirementsID | Description |
|---|---|
| SYSTEM-HW-REQ-0001 | Frontend server must have at least 4 VCPUs |
| SYSTEM-HW-REQ-0002 | Backend server must have at least 4 VCPUs |
| SYSTEM-HW-REQ-0003 | Frontend server memory capacity must be at least 2GB |
| SYSTEM-HW-REQ-0004 | Backend server memory capacity must be at least 2GB |
Contraints
| RequirementsID | Description |
|---|---|
| CONSTRAINT-REQ-S00000 | End user data shall be handled in a way that complies with EU GDPR Act |
| CONSTRAINT-REQ-S00001 | The service should be accessible by Directive (EU) 2019/882 |
| CONSTRAINT-REQ-S00002 | Service design should take into account the agreed-upon service levels and performance metrics that will be used to monitor the service's performance. |
| CONSTRAINT-REQ-S00003 | The service must be designed with usability in mind to ensure that it is easy to use and understand. |
| CONSTRAINT-REQ-S00004 | The design of the service must take into account the technical constraints and opportunities presented by available technology. |
| CONSTRAINT-REQ-S00005 | The service design must consider the ability of the service to integrate with other systems and technologies as necessary. |
Production Environment
-
Hosting Model: The service will be produced using Infrastructure as a Service (IAAS) model, leveraging the cPouta environment owned by CSC.
-
Cloud Service: The service runs on the cPouta cloud service, which is publicly accessible via the internet and utilizes OpenStack cloud software.
-
Server Configuration: Separate virtual machines host the frontend and backend components of Tukko Traffic Visualizer.
-
Containerization: Both frontend and backend are containerized using Docker to ensure consistency, scalability, and security. Availability and Reliability
-
Uptime: While 24/7 availability is desirable, achieving 100% uptime may not be feasible due to maintenance and unforeseen events.
-
Service Level Agreement (SLA): An SLA will be prepared to define the expected uptime, response times, and support availability for the service.
Performance and Scalability
-
Server Specifications: The servers hosting Tukko Traffic Visualizer must meet certain hardware requirements, such as a minimum of 4VCPUs and a memory capacity of at least 2GBs.
-
Scalability: The architecture should support horizontal scaling to handle increasing user loads efficiently.
Cost Considerations
-
Production Cost: The production cost includes expenses related to server infrastructure, cloud services, software licenses, maintenance, and support.
-
Optimization: Cost optimization strategies will be implemented to ensure efficient resource utilization and minimize unnecessary expenses.
Data Storage and Archiving
-
Storage Requirements: The service requires adequate storage capacity for storing user data, sensor data, configurations, logs, and backups.
-
Data Archiving: Archiving mechanisms will be implemented to manage data retention policies, ensuring compliance with regulatory requirements and optimizing storage utilization.
Security
-
Security Measures: Robust security measures will be implemented at various levels, including network security, access control, encryption, authentication, and authorization.
-
Data Protection: Measures such as data encryption, access controls, and regular security audits will safeguard sensitive information from unauthorized access or breaches.
-
Compliance: The service will adhere to relevant security standards and regulations to ensure data privacy and compliance with legal requirements.
Constraints and Standards
Legal and Regulatory Requirements
- EU GDPR Compliance: The service must comply with the General Data Protection Regulation (GDPR) requirements regarding the collection, storage, and processing of personal data. This includes obtaining explicit user consent for data processing activities, ensuring data security and privacy, and providing mechanisms for data access and deletion upon user request.
Industry Standards
-
ISO/IEC 27001: The service should adhere to the ISO/IEC 27001 standard for information security management systems to ensure the confidentiality, integrity, and availability of information assets.
-
OWASP Top 10: Security measures outlined in the OWASP Top 10 should be implemented to mitigate common web application security risks such as injection attacks, broken authentication, and sensitive data exposure.
Organizational Policies
-
Internal Access Control Policies: Access to sensitive data and system resources must be restricted based on role-based access control (RBAC) policies. Only authorized personnel should have access to administrative functions and privileged data.
-
Password Policy: The service should enforce strong password policies, including password complexity requirements, regular password expiration, and account lockout mechanisms to prevent unauthorized access.
Other Considerations
-
Data Retention Policies: The service should define clear data retention policies outlining the duration for which user data and activity logs are stored. Data should be retained only for as long as necessary for legitimate business purposes and in compliance with legal requirements.
-
Accessibility Standards: The service should adhere to accessibility standards such as WCAG (Web Content Accessibility Guidelines) to ensure that the application is usable by individuals with disabilities.
Service primary features and functionalities
This section will list the features and functionalities to be implemented by our team to the Tukko project during the Future Factory project.
For the functional features to be implemented, see the mindmap below for reference:
Functional requirements of the service
| ReqID | Description | Affected Feature |
|---|---|---|
| FUNC-REQ-F101 | User interface for comparing different LAM stations side by side. | FEA101 - Compare Different LAM Stations Side by Side |
| FUNC-REQ-F105-1 | Implement WCAG 2.2 accessibility measures. | FEA105 - Implement Web App Accessibility Measures |
| FUNC-REQ-F105-2 | Conduct accessibility testing and address any identified issues. | FEA105 - Implement Web App Accessibility Measures |
| FUNC-REQ-F105-3 | Ensure proper semantic markup and ARIA attributes. | FEA105 - Implement Web App Accessibility Measures |
| FUNC-REQ-F106-1 | Enhance dark mode colors for better visual comfort. | FEA106 - Improve Dark Mode Colors |
| FUNC-REQ-F110-1 | Provide sufficient color contrast options for users with color blindness. | FEA110 - Enhance Color Contrast for Color Blindness |
| FUNC-REQ-F112-1 | Update branding elements to reflect team and JAMK identity. | FEA112 - Change Branding to Team and JAMK Brand |
| FUNC-REQ-F304-1 | Implement localization for the Swedish language. | FEA304 - Localization for Swedish |
| FUNC-REQ-F305-1 | Implement localization for the Norwegian language. | FEA305 - Localization for Norwegian |
| FUNC-REQ-F403-1 | Regularly scan the codebase and dependencies for known security vulnerabilities. | FEA403 - Regularly Scan for Known Security Vulnerabilities |
| FUNC-REQ-F404-1 | Enforce secure coding practices such as input validation and output encoding. | FEA404 - Enforce Secure Coding Practices |
| FUNC-REQ-F405-1 | Establish an automated security testing pipeline for detecting and reporting security issues. | FEA405 - Implement Automated Security Testing Pipeline |
| FUNC-REQ-F406-1 | Harden all Docker containers for enhanced security. | FEA406 - Harden All the Containers |
| FUNC-REQ-F407-1 | Implement access controls for server security. | FEA407 - Control Access to the Server |
| FUNC-REQ-F409-1 | Deploy a Web Application Firewall to protect the application from threats. | FEA409 - Protect Application with Web Application Firewall |
| FUNC-REQ-F516-1 | Include exploratory testing in the testing process. | FEA516 - Manual Testing |
| FUNC-REQ-F517-1 | Ensure documentation is maintainable and easy to update. | FEA517 - Maintainable Documentation |
Software / service non-functional requirements
Non-functional requirements will be listed below.
Performance Requirements
| ReqID | Description |
|---|---|
| PERF-REQ-0000 | Login is possible for 100 users at the same time (100 request/s) |
| PERF-REQ-0001 | The traffic data on the map should update quickly, with minimal delay |
| PERF-REQ-0002 | The application should load the initial map view promptly upon user interaction |
| PERF-REQ-0003 | The application should handle a large number of cities and traffic data points without performance issues |
| PERF-REQ-0004 | Zooming and panning across the map should be smooth and responsive. |
| PERF-REQ-0005 | The application should perform well on various devices and screen sizes |
Security Requirements
| ReqID | Description |
|---|---|
| SEC-REQ-0001 | The password must use at least MD5-level encryption, as required by the XY112 standard |
| SEC-REQ-0002 | Regularly update and patch the application's software components and libraries to address known security vulnerabilities |
| SEC-REQ-0003 | Ensure that sensitive data is encrypted both in transit and at rest using industry-standard encryption algorithms |
| SEC-REQ-0004 | Enforce proper access controls to restrict users' access to only the resources and functionalities they are authorized to use |
| SEC-REQ-0005 | Implement logging and auditing mechanisms to track user activities and system events for forensic analysis and compliance purposes |
| SEC-REQ-0006 | Implement secure error handling practices to avoid exposing sensitive information in error messages and ensure proper reporting of security-related incidents |
Accessability Requirements
| ReqID | Requirement | Description |
|---|---|---|
| ACC-REQ-0000 | Font Size | Font should be sized at 16pt |
| ACC-REQ-0001 | High Contrast Mode | User interface should be visible in high contrast mode |
| ACC-REQ-0002 | Dark Mode Support | User should be able to use dark mode in the application |
| ACC-REQ-0003 | City Search | User should be able to text search for a specific city |
| ACC-REQ-0004 | User-Friendly | Traffic Visualizer application should be as user-friendly as possible |
| ACC-REQ-0005 | Real-Time Traffic Data | Display real-time traffic data from reliable and up-to-date sources |
| ACC-REQ-0006 | Historical Traffic Data | Provide historical traffic data that allows the user to predict where traffic jams might happen |
| ACC-REQ-0007 | Intuitive Navigation | The application should have clear and intuitive navigation menus |
Quality Assurance
Three main points for quality assurance in the project are: Documentation, Risk Management and Master test plan.
Documentation ensures that we keep track of project details, requirements, changes, and different decision. It also helps the team members to communicate, and it also serves as reference for future development and maintenance.
Risk Management plan helps to identify potential threats for the project. By following the Risk Management plan, we can be prepared for the coming problems.
Master Test Plan serves as a guide for the testing. It gives details, objectives and the timelines for testing.
Preliminary Acceptance Tests
| AcceptanceTestId | Description | Feature |
|---|---|---|
| ACCTEST001 | Verify that different LAM stations are compared side by side in a user friendly format | FEA101 Compare different LAM stations side by side |
| ACCTEST003 | Verify that the application is fullfilling the required accessibility measures | FEA105 Implement web app accessibility measures |
| ACCTEST004 | Verify that color contrast is suitable for color blindness | FEA110 Enhance color contrast for color blindness |
| ACCTEST005 | Verify that the branding has been changed to match the team and JAMK | FEA112 Change branding to team and JAMK brand |
| ACCTEST006 | Verify that the displayed information is clear and understandable | FEA304 Localization for Swedish |
| ACCTEST007 | Verify that the displayed information is clear and understandable | FEA305 Localization for Norwegian |
| ACCTEST008 | Verify that the code has been scanned and that it doesn't have any issues | FEA403 Regularly scan for known security vulnerabilities |
| ACCTEST009 | Verify that pipeline is working and it dosen't have any security threats | FEA405 Implement automated security testing pipeline |
| ACCTEST010 | Verify that access to containers has been limited | FEA406 Harden all the containers |
| ACCTEST011 | Verify that only team members have access to the server | FEA407 Control access to the server |
| ACCTEST012 | Verify that firewall is running and it can stop or detect common web-based attacks | FEA409 Protect applications with Web Application Firewall |
Software architecture, placement view, database description, and integrations
This section will describe the software architecture. See the link below for more information.
- Link to Software architecture
Deployment diagram
The initial deployment diagram can be seen below:
Integrations with other systems
This section will describe the integration of the software with other systems. To be edited when development begins.
Standards and sources
| ID | Category |
|---|---|
| ISO-IEC | Standards |
| CSC (cPouta) | Cloud Platform |
| General Data Protection Regulation (GDPR) | Regulation |
| Directive on the legal protection of databases ('Database Directive') | Directive |
| Digital contract rules | Rules |
| Directive on the enforcement of intellectual property right ('IPRED') | Directive |
| EU Cybersecurity Act | Act |
| SO 9241-11 | Usability |
| ePrivacy Directive | Directive |
| WCAG (Web Content Accessibility Guidelines) | Accessibility Guidelines |
| Directive on the legal protection of computer programs ('Software Directive') | Directive |
| ISO9001 | Quality management |
| OWASP Top 10 | Security Best Practices |
| Leaflet.js | Tool/Library |
| React | Frontend JavaScript library/framework |
| Geoman.io | Tool/Library |
| Redis.io | Database |
| MongoDB | Database |
| TypeScript | Programming language |
| Docker | Containerization platform |
| Digitraffic | External data source |