đź“–Software Architecture in Practice
- authors
- Bass, Len and Clements, Paul and Kazman, Rick
- year
- 2013
p.3
The architecture is a bridge between […] (often abstract) business goals and the final (concrete) resulting system.
p.7
System architecture is concerned with a total system, including hardware, software, and humans.
p.8
Enterprise architecture is a description of the structure and behavior of an organization’s processes, information flow, personnel, and organizational subunits aligned with organization’s core goals and strategic direction.
_
Architects design structures. They document views of those structures.
- “Useful architectural structures” table on p.15
- Structures (p.22):
- module structures - as a set of code or data units, that have to be constructed or produced
- component-and-connector - how structured as a set of elements that have runtime behavior (components) and interactions (connectors)
- allocation - how system relates to non-software structures (CPUs, file systems, networks, development teams)
- Software architecture allows:
- enabling a system’s quality attributes
- reasoning about and managing change
- predicting system qualities
- enhancing communication among stakeholders
- carrying early design decisions
- defining constraints on an implementation → Constraints as guide rails (e.g., architecture may set performance budget for each element)
- influencing the organizational structure
- enabling evolutionary prototyping
- improving const and schedule estimates
- supplying a transferable, reusable model
- allowing incorporation of independently developed components
- restricting the vocabulary of design alternatives
- providing a basis for training
Architecture is mostly driven by quality attributes rather than functionality. → Functional requirements do not drive architecture
… the architecture mainly provides containers into which the architect places functionality. Functionality is not so much a driver for the architecture as it is a consequence of it. ---p.41
- architecture steps:
- making a business case for the system (why the business wants to pursue an opportunity. expected cost/benefit)
- understanding architecturally significant requirements
- creating or selecting the architecture
- documenting and communicating the architecture
- analyzing or evaluating the architecture
- implementing and testing the system based on the architecture
- ensuring that the implementation conforms to the architecture
- Systems are usually redesigned not because they fail functional requirements, but because they lack quality attributes (too slow, insecure, etc.)
- Quality attribute requirements (structure):
- source of stimulus
- stimulus
- environment
- artifact (system or element affected)
- response
- response measure
- Requirements:
- functional
- quality attributes
- constraints (design decisions with zero degree of freedom. i.e., already made)
_
Dependability is the ability to avoid failures that are more frequent and more severe than is acceptable. ---Avizienis (p.79)
- A failure’s cause is called a fault.
- availability = MTBF / (MTBF + MTTR)
- Availability tactics:
- Detect faults:
- ping/echo
- monitor
- heartbeat (e.g., watchdog) (like ping/echo but component initiates (instead of monitor))
- time stamp
- sanity checking
- condition monitoring
- voting
- replication
- function redundancy (like voting, but copies of component are independently designed or implemented)
- analytic redundancy (copies of component have different input or use different method to calculate output. e.g. aircraft altitude by GPS, barometer, etc.)
- exception detection
- self-test
- Recover from faults:
- preparation and repair
- active redundancy (how spare) (two copies of the component handle every requests in parallel)
- passive redundancy (warm spare) (only one copy of the component handles requests. second copy syncs state)
- spare (cold spare) (second copy starts when first one fails)
- exception handling
- rollback
- software upgrade
- retry
- ignore faulty behavior
- degradation
- reconfiguration
- reintroduction
- shadow
- state re-synchronization
- escalating restart
- non-stop forwarding (NSF)
- preparation and repair
- Prevent faults:
- removal from service (software rejuvenation)
- transactions (ACID, 2-phase commit 2PC)
- predictive model
- exception prevention (smart pointers, semaphores, etc.)
- increase competence set (handle more cases (instead of throwing exceptions or failing))
- Detect faults:
- availability checklist p.96
- Interoperability tactics:
- Locate:
- discover service
- Manage interfaces;
- orchestrate
- tailor interface
- Locate:
q
We cannot let standards drive our architectures. We need to architect systems first and the decide which standards can support desired system requirements and qualities. ---p.113
The nice thing about standards is that there are so many to choose from.
- Questions to consider for modifiability
- What can change?
- What is the likelihood of the change?
- When is the change made and who makes it?
- What is the cost of the change?
- Modifiability tactics:
- Reduce the size of a module
- split module
- Increase cohesion
- increase semantic coherance
- Reduce coupling
- encapsulate
- use an intermediary
- restrict dependencies
- refactor
- abstract common services
- Defer binding
- compile/build time
- component replacement
- compile-time parameterization
- aspects
- deployment time
- configuration-time binding
- startup/initialization
- resource files
- runtime
- runtime registration
- dynamic lookup
- interpret parameters
- startup time binding
- name servers
- plug-ins
- publish-subscribe
- shared repositories
- polymorphism
- compile/build time
- Reduce the size of a module
- Performance events:
- periodic = regular time intervals
- stochastic = probabilistic distribution
- sporadic = neither periodic, nor stochastic (still could be described)
- Response characteristics:
- latency
- deadlines in processing
- throughput
- jitter = allowable variability in latency
- number of events not processed
- Tactics for Performance:
- Control resource demand
- manage sampling rate
- limit event response (add a bounded queue and process event up to a set maximum rate)
- prioritize events
- reduce overhead
- bound execution times
- increase resource efficiency
- Manage resources
- increase resources
- introduce concurrency
- maintain multiple copies of computations (replicas + load balancer)
- maintain multiple copies of data (caching, data replication, predictive processing)
- bound queues sizes
- schedule resources
- Control resource demand
- Pattern-Oriented Software Architecture (book recommendation)
- Tactics for Security:
- Detect attacks
- detect intrusion (track internal network traffic, detect anomalies, require signatures)
- detect service denial (compare incoming traffic for previous DoS attack patterns)
- verify message integrity
- detect message delay (possibly detects MitM attacks)
- Resist attacks
- identify actors
- authenticate actors
- authorize actors
- limit access
- limit exposure (security by obscurity, or distribute critical resources)
- encrypt data
- separate entities
- change default settings
- React to attacks
- revoke access
- lock computer
- inform actors
- Recover from attacks
- audit trail
- restore = see availability
- Detect attacks
- Testability tactics:
- Control and Observe System State
- specialized interfaces (special methods for testing that expose internal state. might break incapsulation)
- record/playback
- localize state storage
- abstract data sources (easier mocking)
- sandbox
- executable assertions
- Limit complexity
- limit structural complexity
- limit nondeterminism
- Control and Observe System State
- Tactics for Usability
- Support user initiative
- cancel
- undo
- pause/resume
- Support system initiative
- maintain task model
- maintain user model (customization. e.g., control amount of assistance user needs)
- maintain system model (progress bars estimate time required)
- Support user initiative
- X-ability (how to add own)
- capture scenarios
- assemble design approaches
- model
- assemble a set of tactics
- construct design checklist
_
Tactics are atoms and patterns are molecules. ---p.204
- Patterns:
- Module patterns:
- Layered
- other
- component and connector patterns
- broker pattern
- MVC (MVVM, MVP)
- pipe and filters
- client-server
- peer-to-peer
- service-oriented
- publish-subscribe
- shared-data
- allocation patterns
- map-reduce
- multi-tier
- Module patterns:
- “Pattern-Oriented Software Architecture” by Buschmann #book
- Patterns can be further refined with tactics
- Decision trees for examining tactics and trade-offs (p.243)
- To avoid analysis paralysis:
- “time boxing” discussions
- do not spend more cost on analyzing a problem, compared to a probable problem cost. i.e., do not spend too much time discussing minor or unlikely issues.
- Fairbanks2010
- Quality attribute workshop (p.294)
- Gathering ASRs (Architecturally Significant Requirements):
- from requirement documents
- interview stakeholders
from business goals
Every quality attribute requirement should originate from some higher purpose that can be described in terms of added value. ---p.296
- PALM method for capturing business goals --- p.305
- Attribute-Driven Design (ADD) p.318
- choose an element of the system to design
- identify ASRs for the chosen element
- generate a design solution for the chosen element (generate and test)
- inventory remaining requirements and select the input for the next iteration
- repeat steps 1-4 until all the ASRs have been satisfied
- add legends to drawings
- views:
- module
- component and connectors (components have interfaces --- ports)
- allocation
- documentation for a view:
- the primary presentation (usually, a diagram or a table)
- the element catalog
- elements and their properties
- relations and their properties
- element interfaces
- element behavior
- context diagram
- variability guide
- rationale
- documentation beyond views:
- documentation roadmap
- how a view is documented
- system overview
- mapping between views
- rationale
- directory index, glossary, acronym list
- Documenting Software Architectures by Clements #book
- Software Architecture reconstruction: (ch. 20)
- raw view extraction
- database construction
- view fusion
- architecture analysis
- manager takes care of communicating with external entities, architect handles internal issues
- cross-functional teams are only one of possibilities in resource allocation