đź“–Software Architecture in Practice
- authors
- Bass, Len and Clements, Paul and Kazman, Rick
- year
- 2013
p.3
The architecture is a bridge between […] (often abstract) business goals and the final (concrete) resulting system.
p.7
System architecture is concerned with a total system, including hardware, software, and humans.
p.8
Enterprise architecture is a description of the structure and behavior of an organization’s processes, information flow, personnel, and organizational subunits aligned with organization’s core goals and strategic direction.
_
Architects design structures. They document views of those structures.
“Useful architectural structures” table on p.15
Structures (p.22):
module structures - as a set of code or data units, that have to be constructed or produced
component-and-connector - how structured as a set of elements that have runtime behavior (components) and interactions (connectors)
allocation - how system relates to non-software structures (CPUs, file systems, networks, development teams)
Software architecture allows:
enabling a system’s quality attributes
reasoning about and managing change
predicting system qualities
enhancing communication among stakeholders
carrying early design decisions
defining constraints on an implementation → Constraints as guide rails (e.g., architecture may set performance budget for each element)
influencing the organizational structure
enabling evolutionary prototyping
improving const and schedule estimates
supplying a transferable, reusable model
allowing incorporation of independently developed components
restricting the vocabulary of design alternatives
providing a basis for training
Architecture is mostly driven by quality attributes rather than functionality. → Functional requirements do not drive architecture
… the architecture mainly provides containers into which the architect places functionality. Functionality is not so much a driver for the architecture as it is a consequence of it. ---p.41
architecture steps:
making a business case for the system (why the business wants to pursue an opportunity. expected cost/benefit)
understanding architecturally significant requirements
creating or selecting the architecture
documenting and communicating the architecture
analyzing or evaluating the architecture
implementing and testing the system based on the architecture
ensuring that the implementation conforms to the architecture
Systems are usually redesigned not because they fail functional requirements, but because they lack quality attributes (too slow, insecure, etc.)
Quality attribute requirements (structure):
source of stimulus
stimulus
environment
artifact (system or element affected)
response
response measure
Requirements:
functional
quality attributes
constraints (design decisions with zero degree of freedom. i.e., already made)
_
Dependability is the ability to avoid failures that are more frequent and more severe than is acceptable. ---Avizienis (p.79)
A failure’s cause is called a fault.
availability = MTBF / (MTBF + MTTR)
Availability tactics:
Detect faults:
ping/echo
monitor
heartbeat (e.g., watchdog) (like ping/echo but component initiates (instead of monitor))
time stamp
sanity checking
condition monitoring
voting
replication
function redundancy (like voting, but copies of component are independently designed or implemented)
analytic redundancy (copies of component have different input or use different method to calculate output. e.g. aircraft altitude by GPS, barometer, etc.)
exception detection
self-test
Recover from faults:
preparation and repair
active redundancy (how spare) (two copies of the component handle every requests in parallel)
passive redundancy (warm spare) (only one copy of the component handles requests. second copy syncs state)
spare (cold spare) (second copy starts when first one fails)
exception handling
rollback
software upgrade
retry
ignore faulty behavior
degradation
reconfiguration
reintroduction
shadow
state re-synchronization
escalating restart
non-stop forwarding (NSF)
Prevent faults:
removal from service (software rejuvenation)
transactions (ACID, 2-phase commit 2PC)
predictive model
exception prevention (smart pointers, semaphores, etc.)
increase competence set (handle more cases (instead of throwing exceptions or failing))
availability checklist p.96
Interoperability tactics:
Locate:
discover service
Manage interfaces;
orchestrate
tailor interface
q
We cannot let standards drive our architectures. We need to architect systems first and the decide which standards can support desired system requirements and qualities. ---p.113
The nice thing about standards is that there are so many to choose from.
Questions to consider for modifiability
What can change?
What is the likelihood of the change?
When is the change made and who makes it?
What is the cost of the change?
Modifiability tactics:
Reduce the size of a module
split module
Increase cohesion
increase semantic coherance
Reduce coupling
encapsulate
use an intermediary
restrict dependencies
refactor
abstract common services
Defer binding
compile/build time
component replacement
compile-time parameterization
aspects
deployment time
configuration-time binding
startup/initialization
resource files
runtime
runtime registration
dynamic lookup
interpret parameters
startup time binding
name servers
plug-ins
publish-subscribe
shared repositories
polymorphism
Performance events:
periodic = regular time intervals
stochastic = probabilistic distribution
sporadic = neither periodic, nor stochastic (still could be described)
Response characteristics:
latency
deadlines in processing
throughput
jitter = allowable variability in latency
number of events not processed
Tactics for Performance:
Control resource demand
manage sampling rate
limit event response (add a bounded queue and process event up to a set maximum rate)
prioritize events
reduce overhead
bound execution times
increase resource efficiency
Manage resources
increase resources
introduce concurrency
maintain multiple copies of computations (replicas + load balancer)
maintain multiple copies of data (caching, data replication, predictive processing)
bound queues sizes
schedule resources
Pattern-Oriented Software Architecture (book recommendation)
Tactics for Security:
Detect attacks
detect intrusion (track internal network traffic, detect anomalies, require signatures)
detect service denial (compare incoming traffic for previous DoS attack patterns)
verify message integrity
detect message delay (possibly detects MitM attacks)
Resist attacks
identify actors
authenticate actors
authorize actors
limit access
limit exposure (security by obscurity, or distribute critical resources)
encrypt data
separate entities
change default settings
React to attacks
revoke access
lock computer
inform actors
Recover from attacks
audit trail
restore = see availability
Testability tactics:
Control and Observe System State
specialized interfaces (special methods for testing that expose internal state. might break incapsulation)
record/playback
localize state storage
abstract data sources (easier mocking)
sandbox
executable assertions
Limit complexity
limit structural complexity
limit nondeterminism
Tactics for Usability
Support user initiative
cancel
undo
pause/resume
Support system initiative
maintain task model
maintain user model (customization. e.g., control amount of assistance user needs)
maintain system model (progress bars estimate time required)
X-ability (how to add own)
capture scenarios
assemble design approaches
model
assemble a set of tactics
construct design checklist
_
Tactics are atoms and patterns are molecules. ---p.204
Patterns:
Module patterns:
Layered
other
component and connector patterns
broker pattern
MVC (MVVM, MVP)
pipe and filters
client-server
peer-to-peer
service-oriented
publish-subscribe
shared-data
allocation patterns
map-reduce
multi-tier
“Pattern-Oriented Software Architecture” by Buschmann #book
Patterns can be further refined with tactics
Decision trees for examining tactics and trade-offs (p.243)
To avoid analysis paralysis:
“time boxing” discussions
do not spend more cost on analyzing a problem, compared to a probable problem cost. i.e., do not spend too much time discussing minor or unlikely issues.
Quality attribute workshop (p.294)
Gathering ASRs (Architecturally Significant Requirements):
from requirement documents
interview stakeholders
from business goals
Every quality attribute requirement should originate from some higher purpose that can be described in terms of added value. ---p.296
PALM method for capturing business goals --- p.305
Attribute-Driven Design (ADD) p.318
choose an element of the system to design
identify ASRs for the chosen element
generate a design solution for the chosen element (generate and test)
inventory remaining requirements and select the input for the next iteration
repeat steps 1-4 until all the ASRs have been satisfied
add legends to drawings
views:
module
component and connectors (components have interfaces --- ports)
allocation
documentation for a view:
the primary presentation (usually, a diagram or a table)
the element catalog
elements and their properties
relations and their properties
element interfaces
element behavior
context diagram
variability guide
rationale
documentation beyond views:
documentation roadmap
how a view is documented
system overview
mapping between views
rationale
directory index, glossary, acronym list
Documenting Software Architectures by Clements #book
Software Architecture reconstruction: (ch. 20)
raw view extraction
database construction
view fusion
architecture analysis
manager takes care of communicating with external entities, architect handles internal issues
cross-functional teams are only one of possibilities in resource allocation