Software Architecture Review
软件体系结构复习提纲。好久没发博客了,3、4月来第一篇竟是复习相关的文章😂……奈何事情多啊~~~
Software Architect Review
1. What is SA
1.1 Definition of SA
the SA of a system is the set of structures needed to reason about the system, which comprise software elements, relations among them, and properties of both.
1.2 Three Categories
- Module
- Component and Connector (C&C)
- Allocation
1.3 Definition of Views
A view is a representation of a coherent set of architectural elements, as written by and read by system stakeholders.
1.4 Summary
An Architecture has an impact on the architect, the organization, and potentially, the industry
2. Guiding Questions
-
What are the tactics for security?
Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people and systems that are authorized.
Three Main Characteristics – CIA
- Confidentiality
- Integrity
- Availability
Security Tactics Includes:
-
Detect Attacks
Detect Intrusion, Detect Service Denial, Verify Message Integrity, Detect Message Delay
-
Resist Attacks
Identify Actors, Authenticate Actors, Authorize Actors, Limit Access, Limit Exposure, Encrypt Data, Separate Entities, Change Default Settings
-
React to Attacks
Revoke Access, Lock Computer, Inform Actors
-
Recover from Attacks
Maintain Audit Trail, Restore
In summary: Detect, Resist, React, Recover
-
Do you know to which categories each tactic belongs?
Table 1: Tactics and Categories
Availability Modifiability Testability Usability Performance Security Interoperability Detect Faults: Monitor, Heartbeat and so on. Reduce Size of Module: Split Module Control and Observe System State: Record, Sandbox, Localize State Storage Support User initiative: Cancel, Undo and so on Control Resource Demand: Reduce Overhead, Prioritize events and so on Detect Attacks Locate: Discover Service Recover from Faults: Active Redundancy, Exception Handling, Rollback,Retry Increase Cohesion: Increase Semantic Coherence Limit Complexity: Limit Structural Complexity, Limit non-determinism(不确定性) Support System Initiative: Maintain Task Model, Maintain User Model, Maintain System Model Manage Resources: Increase Resources, Introduce Concurrency, Schedule Resources and so on Resist Attacks Manage Interfaces: Orchestrate Tailor Interface Prevent Faults: Transactions, Predictive Model Reduce Coupling: Encapsulate, Use an Intermediary, Abstract Common Services React to Attacks Defer Binding??(延迟绑定?) Recover from Attacks -
What is authentication?(认证)
authentication has a strong relationship with security, so we can find its definition in Chapter Security
Authentication means “Who you are” which verifies the identities of the parties to a transaction and checks if they are truly who they claim to be.
-
What is non-repudiation?(不可否认性)
Non-repudiation guarantees that the sender/recipient of a message cannot later deny having sent/received the message, which means “You cannot deny what you have been do”
-
What is authorization?(授权)
While authorization means “What you can do” which grants a user the privileges to perform a task.
-
What is confidentiality?(保密性)
Take an example for confidentiality, a hacker cannot access your income tax returns on a government computer.
Confidentiality is the property that data or services are protected from unauthorized access.
-
What is the example concrete scenario for security?
An unhappy employee from a remote location tries to modify the pay rate table during normal operations. The system maintains an audit trail and the correct data is restored within a day.
- Stimulus: try to modify the pay rate table.
- Source of stimulus: an unhappy employee.
- Environment: during the normal operations.
- Artifact: The System.
- Response: maintains an audit trail.
- Response measure: correct data is restored within a day.
-
What are the tactics for availability?
Availability mainly refers to three points:
- a property of software that it is there and ready to carry out its task when you need it to be.
- the ability of a system to mask or repair faults such that the cumulative service outage period does not exceed a required value over a specified time interval.
- is about minimizing service outage time by mitigating faults.
Availability tactics includes:
-
Detect Faults
Ping/Echo, Monitor, Heartbeat, Voting(投票选举法?), and so on.
-
Recover from Faults
Redundancy, Retry, Rollback, Shadow, and so on.
-
Prevent from Faults
Transactions, Predictive Model(预测模型?理解为银行家死锁避免算法?) and so on.
-
What are the tactics for performance?
Performance is about time, and the software system’s ability to meet timing requirements. Which means when events occur, the system must respond to them in time.
Performance tactics includes:
-
Control Resources Demand
Manage sampling rate, Limit event response, Prioritize events, Reduce overhead, Bound execution times and so on.
-
Manage Resources
Increase Resources, Introduce concurrency, Maintain multiple copies of data.
-
-
What questions are answered by the component-connector patterns?
Component-and-Connector explains how the system is expected to work and accomplish its job.
-
What questions are answered by allocation patterns?
Take an simple example:
Modules are assigned to teams to develop, and assigned to places in a file structure for implementation, integration, and testing.
Allocation structures describe the mapping from software structures to the system’s environments.
-
What are the components of the client server pattern?
It’s a simple question. C-S pattern must involved Comp. Client and Comp. Server.
-
What are the connectors of the client server pattern?
Request / Reply connector: a data connector employing a request / reply protocol.
-
What are the constraints of the client server pattern?
- Clients are connected to servers through request / reply connectors.
- Server components can be clients to other servers.
-
What are the benefits of the client server pattern?
- Simple to implement.
- improve the scalability and availability by centralizing the control of large numbers of resources and services.
-
What are the major drivers of the client server pattern?
There are shared resources and services that large numbers of distributed clients wish to access, and for which we wish to control access or quality of service.
-
Which structures/views does the client-server pattern belong to?
Component&Connectors, simple.
-
What are the benefits of the layer pattern?
- Minimize the interaction among the different development organizations.
- Nice portability, modifiability and re-usability.
-
What are the major drivers of the layer pattern?
Modules of the system may be independently developed and maintained.
-
What are the components of the peer-to-peer pattern?
Peer, which is an independent component running on a network node.
-
What are the connectors of the peer-to-peer pattern?
Request / Reply connector, which is used to connect to the peer network.
-
What are the constraints of the peer-to-peer pattern?
- The number of allowable attachments to any given peer.
- The number of hops used for searching for a peer.
- Which peers know about which other peers.
- Some P2P networks are organized with star topologies, in which peers only connect to super-nodes.
-
What are the weaknesses of the peer-to-peer pattern?
- Managing data consistency, data / service availability, backup, and recovery are all more complex.
- Small P2P systems may not be able to achieve quality goals such as performance and availability.
-
What are the benefits of the peer-to-peer pattern?
- each peer can share their services with high availability and scalability.
- all peers are “equal”, they can be either client or server at the same time.
-
What are the major drivers of the peer-to-peer pattern?
Distributed computational entities need to cooperate and collaborate to provide a service to a distributed community of users.
-
Which structures/views does the publish-subscribe pattern belong to?
Pub-Sub pattern belongs to Module Structure.
-
What are the weaknesses of the publish-subscribe pattern?
- Reliability – No strong guarantee on broker to deliver content to subscriber. After a publisher publishes the event, it assumes that all corresponding subscribers would receive it.
- Potential bottleneck in brokers when subscribers and publishers overload them.
-
What are the weaknesses of the SOA pattern?
SOA means Service Oriented Architecture. The major driver of SOA is that service consumers need to be able to understand and use services without any knowledge of their implementation. SOA provides interoperability of distributed components running on different platforms and written in different implementation languages, provided by different organizations, and distributed across the Internet.
-
We can’t control the evolution of independent services
-
There is a performance overhead associated with the middle-ware, which may be performance bottlenecks, and typically do not provide performance guarantees.
-
-
Which of the patterns has ESB component?
ESB refers to Enterprise Service Bus
SOA Pattern
-
What are: ADD, ATAM, ASR, SOA?
ADD ATAM ASR SOA ADD refers to The Attribute Driven Design Method. It’s a method for designing to ASR (Architecturally Significant Requirements) ATAM refers to The Architecture Trade-off Analysis Method. And it’s designed for several situations: 1. Evaluators need not be familiar with the architecture or its business goals. 2. The system need not yet be constructed. 3. There may be a large number of stakeholders. ASR refers to Architecturally Significant Requirements. Which means a requirement that will have a profound effect on the architecture. SOA refer to Service Oriented Architecture. The goal of SOA is to let consumers understand and use services without any knowledge of implementation. -
What are the outputs of ADD?
The Steps of ADD is as follows:
-
Initialize an element of the system to design
-
Identify the ASRs for the chosen element
-
Generate a design solution for the chosen element
-
Inventory remaining requirements and select the input from Utility Tree for next Iteration.
-
Repeat steps 1-4 until all the ASRs have been satisfied.
ADD outputs Architectural elements and their relationship.
- Responsibility of elements
- Interactions
- Information flow among the elements
-
-
What are the outputs of ATAM?
- Primary Outputs of the ATAM
- A set of risks and nonrisks
- A risk is defined as an architectural decision that may lead to undesirable consequences in light of quality attribute requirements.
- A nonrisk is an architectural decision that is deemed safe
- A set of risk themes
- examines the full set of risks to look for themes that identify system weaknesses in the architecture.
- These risk themes will threaten the project’s business goals.
- A set of risks and nonrisks
- Other Outputs of the ATAM
- A concise presentation of the architecture.
- Articulation of the business goals.
- Prioritized QA requirements expressed as quality attribute scenarios.
- Mapping of architectural decisions to quality requirements.
- Primary Outputs of the ATAM
-
Who are the stakeholders?
A stakeholder is a party that has an interest in a company and can either affect or be affected by the business. The primary stakeholders in a typical corporation are its investors, employees, customers, and suppliers.
-
Which stakeholders participate in the architecture design process?
- Developers
- Testers
- Integrators
- Maintainers
- Performance engineers
- Users
- Builders of systems
- …
-
What is a trade-off in architecture?
A trade-off point is found in the architecture when a parameter of an architectural construct is host to more than one sensitivity point where the measurable quality attributes are affected differently by changing that parameter.
-
How tactics interact with each other?
- Pattern is composed of tactics.
- Each tactics has pluses and minuses (side effects). Then use another tactic to help mitigate the minuses. Then another minuses will happen.
-
What is the relationship between the tactics and quality requirements?
Tactics can help achieve quality requirements.