The activities performed during this phase result in a specification of the problem solution. The solution provides a specific high-level definition including information aggregates, information flows and logical processing steps, as well as all major interfaces and their inputs and outputs.
The purpose is to refine, resolve deficiencies, define additional details, and package the solution. The detailed design specifications describe the physical solution (algorithms and data structures) in such a way that it can be implemented in code with little or no need for additional analysis.
Agencies should define and approve security specifications prior to acquiring or starting formal development of the applications. The validation and verification goals are also identified during this phase, and a plan for achieving these goals is developed.
The project plan (schedules, budgets, deliverables, etc.) and risk analysis are reviewed and revised as required given the scope and complexity of the solution formulated.