Understanding SPDMM

Sandeep M

The article provides brief outline of the maturity model used by Impetus Technologies. This maturity model has been drawn from Impetus contributions to different releases of more than 50 products.

Software Product Development Maturity Model (SPDMM) identifies and addresses all significant dimensions of software product development, for each phase of the software development life cycle at Impetus Technologies. This maturity model has been drawn from Impetus contributions to different releases of more than 50 products.

SPDMM is a suite of best practices that we have identified. These address all horizontal and infrastructure design issues.

It thus ensures that all the parameters and their implications for a given set of requirements are handled adequately and at the right time. We design software in a way it becomes easy to add new functionalities. Among the 16 different SPDMM attributes, important feature sets such as Internationalization, Access Control, Enhanced Security, Rights/License Management are all considered in the design phase in a manner such that they can be easily implemented, should they become important at a later stage.

Dimensions of SPDMM


Portability is an attribute possessed by software with respect to a specific class of environment. A software unit is called portable when it exhibits portability, across various new environments in less than the cost of redevelopment. The term environment includes platform (operating system and computing hardware) and other surroundings, which affects software.

Software can be defined as a component, subsystem, standalone application, Client Server application or a Web Application.  In case of web application, environment can be Operating System (Platforms), another software (Integration issues), hardware, remote systems (Integration Issues) and/or documentation.


Configurability is the quality that allows system behavior to be varied by a small amount of user input. Configurability is the ratio of system variation to input effort. High Configurability can be achieved by making all changeable information in an application as configurable parameters. By modifying these parameters, the application can be customized for various scenarios without change in the source code.


Usability is a measure of the quality of a user's experience interacting with a product or web site. It involves users' ability to do what they want and need with the product or site.


Upgradeability refers to the improvement in the systems or raising the quality of the systems. Most of the upgrades are driven by change in requirements after the system has been delivered. The issues that need to be taken care while upgrades are planned can be categorized into following heads-


Architectural & Design patterns

  • Architectural & Design patterns for high performance, if performance is one of the important design goals.
  • Important architectural decisions leading to division of work between Client, Web, App & database servers. A slower client machine purchased two years back may result in poor performance on fat client architecture irrespective of power of machines on server side.

Multi Tenant design

There are many names associated with these services: "lit buildings," "cyber buildings," "smart buildings," and "multi-tenant services," to name a few. Regardless of the label, service providers are centered on leveraging new technologies and an attractive business model to add strategically important, revenue generating data services to their portfolios.
The value proposition extends to a very broad audience. With the growing popularity of Web based marketing, e-commerce, and partner extranets, even the smallest business requires Internet presence to be a competitive market player. For building tenants, particularly small-business customers’ access to high-speed, business-quality data service on the day they move into a building, is a compelling advantage.

Right Sizing and Scalability

Introducing scalability
Scalability is an application's ability to support a growing data volume or growing number of users.

User Scaling: If software takes 50 milliseconds to respond to one request, how long will it take to respond to 10,000 concurrent requests? Is it somewhere under 100 ms and grows linearly or does it grow exponentially. Well-designed applications should be able to meet performance goals despite a growing number of users.

Data Scaling: If software can persist or pass on data for 10 rows of information, how does it behave when it is requested to store or to pass on 10,000 rows of information?

Scaling multi-tiered software generally involves managing the performance and capacities of each component within each tier for seen or unseen loads. The basic objectives of scaling a component/system are:

  • Increase the capacity of the component.
  • Improve the efficiency of the component.
  • The load on the component.

Ease of Monitoring

This dimension elaborates about how much information is provided to the administrator for supporting the application after it has been deployed in the production environment. The availability of proper monitoring information is very useful for keeping the application up & running and debug the problems.


Focal points of internationalization and localization efforts include:

  • Language
    • Computer-encoded text
      • Alphabets/scripts; different systems of numerals; left-to-right script vs. right-to-left scripts. Most recent systems use Unicode to solve many of these problems.
    • Graphical representations of text (printed materials, online images containing text)
    • Spoken (Audio)
    • sub-titles to video
  • Date/time format, including use of different calendars
  • Time zones (UTC in internationalized environments)
  • Currency
  • Images and colors: issues of comprehensibility and cultural appropriateness
  • Names and titles
  • Social Security numbers and passports
  • Telephone numbers, addresses and international postal codes
  • Weights and measures
  • Paper sizes

Application Integration

Introduction to Enterprise Application Integration (EAI)
The term Enterprise Application Integration (EAI) is a recent entrant into the jargon of the active software industry. EAI is a buzzword that represents the task of integrating various applications so that they may share information and processes freely. Thus, EAI is the creation of robust and elegant business solutions by combining applications using common middleware and other viable technologies. With these realizations, EAI was created by industry analysts to help information technology organizations to understand the emergence of a type of software that ease the bottlenecks of integration. EAI is the nexus of technology, method, philosophy and desire to finally address years of architectural neglect.


Robustness is the characteristic of the process output or response to be insensitive to the variation of the inputs. Setting the process targets using the process interactions increases the likelihood of the process exhibiting robustness. Unfortunately, you can not write perfect software.  There are always some tricky errors which are very hard to find - even with our best testing techniques. Therefore, they often stay in our software. A suddenly full hard disk, a nearly impossible user-behaviour or just the so called cleaner-syndrome are some of those errors which always make troubles. So design your Software as robust as possible!

System Design

This dimension covers guidelines for capturing architectural/ design requirements of a system, translating them into architectural patterns and subsequently into design patterns.

Ease & Cost of Maintenance

It is important to know that how much you are going to spend in building software and similarly it is more important to know how much you will be spending in maintaining the software.

Following are the issues, which needs to be considered from the point of view of ease of support and reducing the cost of maintenance, in various phases of SDLC.

License Management

Managing software effectively means treating it as a high value business asset. Managing software assets can be difficult to manage for two primary reasons — the increasing complexity of licensing and the lack of adequate software asset management tools. Managing multiple software contracts requires constant negotiations as different licenses require renewal at different times. There are a variety of software acquisition methods and license types which differ from vendor to vendor and even department to department. These include software preloaded on computers, software downloaded via the Internet, volume purchases made directly from publishers or through resellers and hosted applications. Further complicating matters, licensing may also include multi-user software with enterprise, transaction, processor, concurrent user or named user constraints.

Until recently, effective software asset management tools that streamline management and prevent misuse have not been available. The resulting lack of visibility into how, when and by whom software is being used causes enterprises to over-license some applications and under-license others. Faced with ongoing budget constraints, corporations increasingly recognize the value of software asset management.

Security Model 

Authentication, Authorization and Data Privacy are the three main elements of any security architecture. The security requirements cover: user authentication session, privacy, auditing, secure communications, data and system integrity, and secure administration requirements. In addition, the security of the system must also ensure that the underlying system components are secure and that security can be maintained in operational use.

Authentication services verify that a user is entitled to use a claimed identity such as a username. Authentication requirements depend on the type of application being accessed and the level of access requested. The authentication services will designate user categories and roles to be supported by the application. In addition, the service can address risk issues by supporting re-authentication at key application points (e.g., commit a transaction) and by requiring multiple authentication mechanisms within a single application. Application types should be categorized by risk profiles to determine the appropriate authentication strength required for a given service offering. The authentication service should be designed to be able to support multiple mechanisms.