Skip Ribbon Commands
Skip to main content
Sign In Skip to Content

Advice for teachers -
Applied Computing

​Unit 4: Software Development

Overview

Area of Study 1 builds on the programming skills learned in Unit 3 Area of Study 1. Students develop their preferred designs into a software solution to meet the identified need or opportunity. Area of Study 2 involves examining the current software development security practices of an organisation, identifying the risks and consequences of ineffective strategies and recommending a risk management plan to improve current practices.

Area of Study 1: Software development: development and evaluation

In this area of study, students develop and evaluate a software solution that meets the identified need or opportunity that they analysed and designed in Unit 3 Outcome 2. Students need to be allocated time to develop the software solution and to carry out a range of testing strategies to ensure the software solution meets requirements. It is important that teachers provide suitable time for students to complete part 2 of the SAT.
Students are required to select a suitable programming language that meets the programming requirements as part of this area of study. A Programming requirements document is available on the Software Development study page that details the requirements of the selected programming requirements to be used. The programming language selected does not need to be the same programming language studied in Unit 3 Area of Study 1.

The development and evaluation stages in this area of study need to be monitored by the student as part of their project plan in order to remain on track with meeting all the identified milestones throughout the School-assessed Task.

If the detailed design generated and assessed in Unit 3 Area of Study 2 is incomplete or contains significant errors, students have the opportunity to make adjustments to their design. However, it cannot be reassessed. Teachers can provide feedback on the quality of the designs but the adjustments must be initiated by the student and not directed by the teacher. While the modified design is not reassessed, this opportunity prevents negative consequential effects in the development stage in this area of study. This process can also be discussed as part of the evaluation stage of the School-assessed Task.

Within this study, testing techniques include, but are not limited to:

  • debugging during the development process
  • constructing appropriate test data
  • ensuring the solution functions as expected and meets requirements
  • ensuring the solution is usable for the intended users of the software solution.

Students are expected to document the testing process through the use of test tables and trace tables. Test tables include the feature being tested, test data being used, expected result/output and the actual result/output. Trace tables have separate columns for each variable within the algorithm and are used to monitor how the value of each variable changes as the instructions within the algorithm are performed. They can also be used to identify the presence of logical errors within an algorithm.

Evaluation is a key component of this area of study and encompasses the:

  • efficiency and effectiveness of the software solution
  • effectiveness of the selected development model 
  • effectiveness of project plans in managing the project.

In preparing students for this area of study, teachers should provide them with opportunities to evaluate familiar solutions by providing case studies, such as: point-of-sales systems, public transport ticketing or information systems or social media systems. Students should be given opportunities to apply both teacher-provided and student-generated criteria to these solutions. When evaluating solutions, project plans or development models, students should learn how to interpret the available data and evidence in order to quantify and substantiate conclusions within their evaluations.

Area of Study 2: Cybersecurity: software security

In this area of study, students examine the software development security strategies of an organisation. Key elements involve a practical knowledge of security controls, types of risks and vulnerabilities and strategies for minimising risks. Further knowledge involves the key legislation that effect organisations and the ethical issues arising during the process of software development and the use of software solutions. It is important that teachers provide activities and time for students to understand the main security-related concepts and strategies.

Teachers should discuss the key knowledge in the context of real case studies of software development and the security of software solutions, the need for privacy and data integrity, and the different software development security strategies undertaken by a broad selection of organisations.

Risk management strategies within this study should include identifying security risks in the organisation, how these risks might be mitigated, the individuals responsible for managing identified and emerging risks, classification of the risk (high, medium, low) as well as risk minimisation approaches. Students should have opportunities to analyse risk management documentation in familiar organisations (for example, supermarkets, department stores, financial institutions or sporting organisations). They should develop their own risk management strategies using teacher-provided case studies.

Teachers may explore a range of security vulnerabilities, risks and controls; however, particular focus must be given to those listed in the key knowledge. In relation to security vulnerabilities, attention should be given to the characteristics of the vulnerability, their technical underpinnings, how they are detected and the potential impact on users or organisations. In relation to security controls, attention should be given to the characteristics of the control, their technical underpinnings and the justification of their use within particular solutions or as part of a risk management strategy. Teachers may discuss other privacy legislation in class (for example, the European Union’s General Data Protection Regulation (GDPR)); however, they must ensure that students are aware that only legislation listed in the key knowledge is examinable. 

Other considerations that should be taken into account when developing a program for this area of study are in relation to the local ICT permissions and policies in place in schools, which may limit the practical nature of demonstrations possible in class. Conversations with ICT or network support staff within the school may be beneficial in advance to ensure that all intended activities are able to be conducted.

The assessment task is to be either a case study with structured questions, a report in written format or a report in multimedia format. It is important that the case study contains sufficient scope for students to complete the task; for example, by focusing on a large organisation rather than a small-scale one with low staff numbers and small projects. 

When developing assessment criteria or a marking scheme, teachers are recommended to use the VCAA performance descriptors for Unit 4 Outcome 2.