The devil is in the details.

—Unknown Author



Nonfunctional Requirements

Nonfunctional Requirements (NFRs) define system attributes such as security, reliability, performance, maintainability, scalability, and usability. They serve as constraints or restrictions on the design of the system across the different backlogs.

Also known as system qualities, nonfunctional requirements are just as critical as functional Epics, Capabilities, Features, and user Stories. They ensure the usability and efficacy of the entire system. Failing to meet any one of them can result in systems that fail to satisfy internal business, user, or market needs, or that do not fulfill mandatory requirements imposed by regulatory or standards agencies.

NFRs are persistent qualities and constraints that, unlike functional requirements, are typically revisited as part of the Definition of Done (DoD) for each Iteration, Program Increment (PI), or release. NFRs exist at all SAFe backlog levels: Team, Program, Large Solution, and Portfolio.

Proper definition and implementation of NFRs is critical. Over-specify them and the Solution may be too costly to be viable; under-specify or underachieve them and the solution will be inadequate for its intended use. An adaptive and incremental approach to exploring, defining, and implementing NFRs is a key skill for Agile teams.


One way to think about all the types of requirements that affect a solution’s overall fitness for use has been the traditional industry categorization of Functionality, Usability, Reliability, Performance, and Supportability (FURPS) [5]. Functional requirements are largely expressed in user stories and in features and capabilities. This is where most of the work occurs; teams build systems that deliver functional value to the user, and most of the time and effort in solution development is devoted to that.

FURPS is the placeholder for nonfunctional requirements. Although they may be a bit subtler, NFRs are just as important to system success. NFRs can be considered constraints on new development, in that each eliminates some degree of design freedom for those building the system. For example: “We need to implement SAML-based single sign-on (SSO) for all products in the suite.” (SSO is a functional requirement. Technology based on SAML is a constraint.) NFRs can cover a wide range of business-critical issues that are often poorly addressed by functional requirements. As a reminder to system designers, a fairly comprehensive list of such potential requirements is described in [1].

NFRs Occur at All Levels

NFRs are associated with backlogs at all four configurations of SAFe, as Figure 1 illustrates.

Figure 1. Nonfunctional Requirements occur at all four configurations

Because NFRs are significant attributes of the solution that the Agile Release Train (ART) and Value Streams create, their most obvious representation is at the program and large solution levels. System and Solution Architect and Engineering are often responsible for defining and refining these NFRs.

All teams must be aware of the special attributes they’re creating for the system. Accelerating NFR testing, rather than postponing it, helps foster Built-in Quality practices. Teams include the relevant NFRs into their DoD, use them as constraints on local design and implementation decisions, and take responsibility for some level of NFR testing on their own. Otherwise, the solution may not satisfy key NFRs, and the cost of correction that occurs late in the process can be very high.

In addition, team-level NFRs can also be important, as they create constraints and performance requirements on the features and the subsystems that emerge.

The portfolio level may require certain NFRs as well. This is often the case for cross-system qualities, like the single sign-on case. Other examples include restrictions on open source usage, common security requirements, and regulatory standards. If a specific portfolio-level NFR hasn’t been achieved, it may require architectural Enablers to implement it. In other cases, portfolio-level NFRs may naturally appear in business and enabler epic success criteria.

NFRs as Backlog Constraints

In SAFe, NFRs are modeled as backlog constraints, as is illustrated in Figure 2.

Figure 2. A backlog with Nonfunctional Requirement constraints

More technically, the SAFe requirements model specifies that NFRs may constrain zero, some, or many backlog items. Further, in order to know that the system is compliant with the constraint, most NFRs require one or more system qualities tests, as is illustrated in Figure 3.

Figure 3. Association between backlog items, Nonfunctional Requirements, and system qualities tests

Many NFRs begin their lives as enablers that need to be addressed. After that, they constrain the system and all new backlog items going forward.

The Systemic and Economic Impact of NFRs on Solution Development

Nonfunctional requirements can have major impact on solution development and testing. NFRs are tricky to specify; it’s easy to go overboard. For example, a statement like “99.999 percent availability” may increase development effort exponentially more than “99.98 percent availability.” Sometimes that’s necessary, and other times it’s not. But the impact of the NFR must be well understood by those writing the specifications. Similarly, if not given enough thought, physical constraints such as weight, volume, or voltage may cause the solution to be overly complicated and costly.

The Economic Framework of the solution should contain criteria to evaluate NFRs. NFRs should be viewed in the context of trade-offs with costs and other considerations. NFRs also affect Suppliers, as declaring them incorrectly, or without the full trade-off ramifications of the economic framework, could lead to unnecessarily complex and costly systems and components.

It’s also important to reevaluate NFRs regularly. Unlike other requirements, NFRs are persistent constraints on the backlog, rather than backlog items themselves. As a result, they may not always come up during PI Planning. But NFRs do change during development, and it’s important to ensure they are addressed.

NFRs and Solution Intent

Solution Intent is the single source of truth about the solution. As such, it includes NFRs as well as functional requirements. It also includes links between NFRs, requirements they impact, and tests used to verify them. NFRs play a key role in understanding the economics of fixed versus variable solution intent.

Figure 4. Solution Intent

Early on, some of the functionality is unclear and will need to be tested and negotiated with Customers during development. The same goes for NFRs. Some are fixed and well known in advance; others will evolve with the solution.

By imposing constraints, NFRs may impact a wide range of system functionality. Therefore, they’re an important factor in Agile analysis:

  • Analyzing business epics, capabilities, and features
  • Planning and building the Architectural Runway
  • Refactoring to better reflect increasing solution domain knowledge
  • Imposing DevOps constraints by manufacturing, deployment, support, installation, maintainability, etc.

The tools used to help develop solution intent provide some mechanisms to establish an economic approach to define and implement NFRs:

  • Compliance – This is the proof that the system or solution meets regulatory, industry, and other relevant standards and guidelines
  • Model-Based Systems Engineering (MBSE) – MBSE can be used to simulate the effect of NFRs and can link to the tests that validate them
  • Set-based Design (SBD) – SBD provides different options for achieving NFRs and can guide a range of edge-case testing to support design decisions

Specifying NFRs

Considering the following criteria helps define NFRs:

  • Bounded – When they lack bounded context, some NFRs are irrelevant (or even harmful). For example, performance considerations can be extremely important for the main application but unnecessary or too expensive for administration and support applications.
  • Independent – NFRs should be independent of each other so that they can be evaluated and tested without consideration of or impact from other system qualities.
  • Negotiable – Understanding NFR business drivers and bounded context mandates negotiability.
  • Testable – NFRs must be stated with objective, measurable, and testable criteria, because if you can’t test it, you can’t ship it.

Implementation Approaches

Many NFRs prescribe that some additional work must be done—either now or in the future—to satisfy them. Sometimes the NFR must be implemented all at once; other times the teams can take a more incremental approach. The trade-offs described in the economic framework should impact the implementation approach. Implementation should be built in a way that will allow several learning cycles to ascertain the right level of NFR.

  • All at once – Some NFRs appear as new, immediate concerns and just have to be implemented immediately. For example, a new regulatory rule for derivative trading, if not immediately accommodated, could take the company completely out of the market or cause a regulatory violation.
  • Incremental story-by-story path – At other times, the teams have options. For example, the need for substantially improved performance can be dealt with over time, one story at a time, as Figure 5 illustrates.
Figure 5. Introducing a Nonfunctional Requirement to the solution incrementally

NFR implementation is also impacted by the way ARTs have been organized. ARTs built around architectural layers will find it challenging to implement and test an NFR in its entirety. ARTs organized around capabilities, however, will find it easier to implement, test, and maintain systemic NFRs.

Using Agile Architecture, which provides a combination of intentional architecture and emergent design, supports the development of NFRs and helps maintain flexibility as the requirements evolve.

Testing Nonfunctional Requirements

Of course, in order to know that a system meets NFRs, it must be tested against them. Testing NFRs is most easily viewed from the perspective of the four Agile testing quadrants, as shown in Figure 6 [2, 3].

Figure 6. Agile testing quadrants (adapted from (2) and (3))

Quadrant 4, System Qualities Tests, is the home of most NFR tests. Due to their scope and importance, NFR tests often require collaboration between the System Team and the Agile Teams. To prevent the growth of unexpected technical debt, teams should automate wherever possible, so that these tests can be run continuously, or at least on demand.

Over time, however, the increasing number of regression tests, even when automated, may consume too much processing time and too many resources. Worse, it can mean that NFR testing may be practical only on occasion or only with specialty resources or personnel. To ensure practicality and continuous use, teams often need to create reduced test suites and test data, as illustrated in Figure 7.

Figure 7. Collaboration of the System Team and Agile teams to create a more practical Nonfunctional Requirement testing strategy

Although partial testing sounds less than ideal, it can actually be beneficial in increasing system quality:

  • When teams are able to apply reduced test suites locally, they may spot inconsistencies in the test data or the testing approach
  • Teams may create new and unique tests, some of which may be adopted by the System Team to help build the larger set
  • Testing infrastructure and configurations will likely improve continuously
  • Teams gain a practical understanding of the impact of NFRs, which helps improve estimating of business and architectural features

Even so, in some cases the environment where the NFRs can be tested may not be available on a daily basis (ex., field testing of vehicle guidance software). In these instances, the following approaches can be used [4]:

  • Using virtualized hardware
  • Creating simulators
  • Creating similar environments

In all cases, efficiently testing NFRs requires some thought and creativity. A lack of NFR testing, on the other hand, may increase the risk of substantial technical debt or, worse, system failure.

Learn More


[2] Leffingwell, Dean. Agile Software Requirements: Lean Requirements Practices for Teams, Programs, and the Enterprise. Addison-Wesley, 2011.

[3] Crispin, Lisa and Janet Gregory. Agile Testing: A Practical Guide for Testers and Agile Teams. Addison-Wesley, 2009.

[4] Larman, Craig and Bas Vodde. Practices for Scaling Lean & Agile Development: Large, Multisite, and Offshore Product Development with Large-Scale Scrum. Addison-Wesley, 2010.

[5] Leffingwell, Dean and Don Widrig. Managing Software Requirements: A Use Case Approach (second edition). Addison-Wesley, 2003.

Last update: 19 October, 2017