SlideShare uma empresa Scribd logo

Risk Centric Architecture George Fairbanks

IASA
IASA

Developers are faced with a smorgasbord of architecture activities but few models telling them which activities to use. Alternatives include the documentation package model, which advocates a complete architectural description from many perspectives, and the evolutionary design model, which advocates no up-front architectural work. This talk explains the risk-centric model, inspired by Attribute Driven Design (ADD), Global Analysis, and the Spiral model. In the risk-centric model, risks are central, so developers: (1) prioritize the risks they face, (2) choose appropriate architecture techniques to mitigate those risks, and (3) re-evaluate remaining risks. It encourages “just enough” architecture by guiding developers to a prioritized subset of architecture activities. It makes explicit the mappings between risks and corresponding architecture techniques. Like ADD and Global Analysis, and unlike the Spiral model, the risk-centric model is not a full software development process and can instead be used inside a process such as XP or RUP.

Notícias e políticaTecnologia
1 de 36
Baixar para ler offline
Risk-Centric Model of Software Architecture George Fairbanks 16 November 2009 Rhino Research Software Architecture Consulting and Training Full paper: http://rhinoresearch.com/content/risk-centric-model-software-architecture
Overview • Software architecture techniques are helpful • We cannot afford to apply them all • Important: How much should we do? • Old: Yardstick model • Old: Full description model • This talk describes a new model: Risk-Centric Model 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • It is not: Big Design Up Front • It is not: A full software development process • It is: Compatible with agile & other processes 16 November 2009 George Fairbanks – RhinoResearch.com 2
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 3
What is software architecture? The software architecture of a program or computing system is its structure or structures, which comprise software elements, the externally visible properties of those elements, and the relationships among them. [Bass, Clements, Kazman 2003] • In loose language: • It’s the macroscopic organization of the system • Must keep these ideas separate: • The job title/role “architect” • The process of architecting/designing (also: when) • The engineering artifact called the architecture • Every system has an architecture • Identify it by looking back (avoids tangling with process & roles) • E.g., “Aha, I see it is a 3-tier architecture” 16 November 2009 George Fairbanks – RhinoResearch.com 4
Every system has an architecture Viewtype Contents Module Modules, Dependencies, Layers Runtime Components, Connectors, Ports Allocation Servers, Communication channels • Three primary viewtypes: Module, Runtime, Allocation • Many views within a viewtype • Architectural styles • Big ball of mud • Client-server • Pipe-and-filter • Map-reduce • N-tier • … 16 November 2009 George Fairbanks – RhinoResearch.com 5
Architecture as skeleton • An animal’s skeleton: • Provides its overall structure • Influences what it can do • Examples • Birds fly better because of wings and light bones • Kangaroos jump because of leg structure • Convergent evolution: Bat skeletons have wings • Tradeoffs • 4 legs faster vs. 2 legs easier to use tools • Software skeleton examples • 3-tier: localize changes, concurrent transactions • Cooperating processes: isolate faults • Peer-to-peer: no central point of failure 16 November 2009 George Fairbanks – RhinoResearch.com 6
Architecture influences quality attributes • Function: Carrying apples to market • Solution 1: Use humans • Solution 2: Use horses • Both solutions work • Yet differ in their quality attributes • Quality attributes • A.k.a. extra-functional requirements, the “ities” • E.g., latency, modifiability, usability, testability • Architecture influences the system’s quality attributes • E.g., pipe and filter is reconfigurable • E.g., map-reduce is scalable 16 November 2009 George Fairbanks – RhinoResearch.com 7
Architecture orthogonal to functionality • Architecture orthogonal to functionality • Can mix-and-match architecture and functionality • Can (mostly) build any system with any architecture • Shift in thinking • No: good or bad architectures • Yes: suitable or unsuitable to supporting the functions • Architecture can help or hurt you achieve functionality • Help example: use horses to transport apples • Hurt example: use horses to stack apples 16 November 2009 George Fairbanks – RhinoResearch.com 8
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 9
Q: When do we design the architecture? The software architecture of a program or computing system is its structure or structures, which comprise software elements, the externally visible properties of those elements, and the relationships among them. [Bass, Clements, Kazman 2003] • Recall these three distinct ideas: • The job title/role “architect” • The process of architecting/designing (also: when) • The engineering artifact called the architecture • At some point, the architecture (the artifact) exists • Question: When did we decide on it? (our process) • To understand, worth considering two design styles: • Evolutionary design • Planned design 16 November 2009 George Fairbanks – RhinoResearch.com 10
Evolutionary design vs. planned design Evolutionary design Planned design • Fundamental beliefs • Fundamental beliefs • Hard to correctly decide • Possible to paint yourself early in project into a corner • Refactoring reduces cost of • Cost of change is high change • So: Defer decisions when • So: Decide now to reduce costs possible Shared ground • Cost of change is never zero • Every project has some evolutionary, some planned design 16 November 2009 George Fairbanks – RhinoResearch.com 11
Engineering failures The concept of failure is central to the design process, and it is by thinking in terms of obviating failure that successful designs are achieved. ... Although often an implicit and tacit part of the methodology of design, failure considerations and proactive failure analysis are essential for achieving success. And it is precisely when such considerations and analyses are incorrect or incomplete that design errors are introduced and actual failures occur. [Henry Petroski, Design Paradigms, 1994] Required You can choose • Considering failures • When design happens • Analyzing options • Which analyses • Designing a solution • Formality / precision • Depth 16 November 2009 George Fairbanks – RhinoResearch.com 12
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 13
How much architecture? • Situation: • Answer 1: Yardstick • Lots of architecture • E.g., spend 10% of your techniques time designing • All cost something • Not so helpful on • Cannot afford to do them all Wednesday • No technique choice • Two problems • Which techniques? • Answer 2: Documentation • When to stop? package (i.e., full design) • Expensive • Overkill for most projects • Answer 3: Ad hoc compromise • Unrepeatable Desired: A principled way to decide how much is enough 16 November 2009 George Fairbanks – RhinoResearch.com 14
Inspiration: Dad vs. mailbox • My Dad • Mechanical engineer • Capable of analyzing stresses and strains • The problem • Install new mailbox • His solution • Dig hole • Fill with concrete • Stick in post • Q: Why no mechanical engineering analyses? • A: Risk • He just wasn’t worried enough 16 November 2009 George Fairbanks – RhinoResearch.com 15
Insight #1: Prioritize using risks • At any given moment, you have worries and non-worries • Worry: Will the server scale up? • Worry: Will bad guys steal customer data? • Response time will be easy to achieve • We have plenty of RAM • Cast these worries as engineering risks • Focus on highest priority risks • Good news: prioritizing risks is easy for developers • They can tell you what they are most worried about • I.e., possible failures • Bad news: you might get blindsided • But you cannot plan for the unexpected 16 November 2009 George Fairbanks – RhinoResearch.com 16
Insight #2: Techniques mitigate risks • Many architecture techniques exist • Protocol analysis • Component and connector modeling • Queuing theory • Schedulability analysis • Threat modeling • Techniques are not interchangeable • E.g., cannot use threat modeling on latency risks • So, must match risks with techniques • I.e., mapping from risks à techniques 16 November 2009 George Fairbanks – RhinoResearch.com 17
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 18
Risk-centric architecture • The risk-centric model: 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • Promotion of risk to prominence • Today, developers think about risks …but they think about lots of other things too • [Babar 09] describes team so functionality focused that quality attribute concerns deferred until development ceased and product was in maintenance mode. • [Kruchten08] Agile2008 keynote talk: similar story • Must balance • Wasting time on low-impact techniques • Ignoring project-threatening risks 16 November 2009 George Fairbanks – RhinoResearch.com 19
Risk-centric model applies to design • Many models organize the software development lifecycle: • Spiral, waterfall, iterative, RUP, XP • Risk-centric model applies only during design Example of use inside an iterative process Iteration 0 Iteration 1 Iteration 2 Iteration 3 … Architecture and design activities Other development activities • Q: When were (perceived) risks the highest? 16 November 2009 George Fairbanks – RhinoResearch.com 20
Risk-centric model is uncommon • I.e., You are probably not doing this today • Some test questions: • Are risks primary? • Are your risks written down? • Any developer can list the features …but list of risks seems to be made up on the spot • Are techniques decided per-project? • Most teams have standard set of techniques • Often defined by process or template • Do all projects have the same risks? • E.g., customer-facing and infrastructure 16 November 2009 George Fairbanks – RhinoResearch.com 21
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 22
Definition of risk • Simple definition Risk = probability of failure x impact of failure • But, uncertainty is inherent • Uncertain probability; uncertain impact • So, resort to educated guesses = perception • Revised definition Risk = perceived probability of failure x perceived impact of failure • Consequences of uncertainty • Can perceive risks even if none exist • Can fail to perceive risks • Risk prioritization is hard and subjective 16 November 2009 George Fairbanks – RhinoResearch.com 23
Describing risks • Schemas for describing risks • Condition-Transition-Consequence [Gulch94] • Failure scenarios (testable) • Categorical (e.g., “security risk”) • Examples • “[Cr|H]ackers exist, so sensitive data may be revealed leading to reputation and financial loss.” • “The chosen web framework may prevent us from meeting transactions-per-second requirements” 16 November 2009 George Fairbanks – RhinoResearch.com 24
Engineering risk vs. management risk Software engineering risks Project management risks • “I’m afraid that the server will • “Lead developer hit by bus” not scale to 100 users” • “Customer needs not • “Parsing of the response understood” messages may not be robust” • “Senior VP hates our manager” • “It’s working now but if we touch anything it may fall • “Competitor is first to market” apart.” Mismatches • Use PERT chart to eliminate buffer overruns • Use caching to prioritize features 16 November 2009 George Fairbanks – RhinoResearch.com 25
Canonical risks in domains • Information Technology (IT) • Complex, poorly understood problem domain • Unsure we’re solving the real problem • May choose wrong COTS software • Integration with existing, poorly understood software • Domain knowledge scattered across people • Modifiability • Systems • Composition risk—will it go together? • Performance, reliability, size, security • Concurrency • Web • Developer productivity • Security • Scalability 16 November 2009 George Fairbanks – RhinoResearch.com 26
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 27
Techniques in other fields • In mechanical engineering • Stress calculations, breaking point tests • In electrical engineering • Circuit analysis • In aerospace engineering • Thermal analysis, electrical analysis, mechanical analysis • Prototyping: everywhere 16 November 2009 George Fairbanks – RhinoResearch.com 28
Recall insight #2: Map techniques to risks • This talk: How much architecture? When to stop? • Also: Which architecture techniques? Ad hoc choices? • Desire: Choose like virtuoso? • Virtuosos solve problems intuitively • Often they can jump directly to the solution / choice • Mysterious • Aha!: Encode virtuoso judgment • Make tacit knowledge explicit • Accelerate learning • Can discuss suitability • If risk X, do technique Y • Thinking process • Tabularized data 16 November 2009 George Fairbanks – RhinoResearch.com 29
Risk à technique table Risk Technique Problem domain poorly • Create a Domain model (Problem frames, info model, understood behavior model including use cases) Others must understand • Create a context diagram our design • Create a use case model • Low fidelity UI prototyping (e.g., cards) We don’t know the • Create Module and Component & Connector view of system interfaces between our • Co-locate teams components / teams • Peer-to-peer communication not mediated by managers Problem is too big to be • Partition into components solved by one person or • Encapsulate components one team • Design for extension. Ensure style is clear (e.g., J2EE, or WinAmp plugin API) • Document architecture (all 3 viewtypes) and invariants clearly and communicate it to teams … • Just an illustrative example • Goal: general handbooks; company-specific best practices 16 November 2009 George Fairbanks – RhinoResearch.com 30
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 31
Related work • Attribute Driven Design (ADD) • Tabularizes mapping from quality attributes à patterns • E.g., availability à ping/echo pattern • Bass, Clements, Kazman, Software Architecture in Practice, 2003 • Global Analysis • Identify “Factors”, choose matching “Strategies” • Bridges engineering & management • Hoffmeister, Soni, Nord, Applied Software Architecture, 2000 • Spiral model • Specialization of iterative model that prioritizes risk • Boehm, A Spiral Model of Software Development and Enhancement, 1988 • Balancing agility and discipline • Processes: use risk to choose process rigor • Boehm and Turner, Balancing Agility and Discipline, 2003 16 November 2009 George Fairbanks – RhinoResearch.com 32
Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 33
How much architecture? • How much architecture is enough? • Time spent designing vs. time spent building • Desired: objective, quantitative decision STOP? • Old answers: Yardsticks, full design, and ad hoc • Risk-Centric Model answer • Do architecture until risks subside • But: Risks never eliminated, subjective risk estimates • So, does risk help? • Yes: Shared vocabulary (“risks”) with management • Yes: Refined evaluation ability • Subjective risk estimate better than: • Yardstick (e.g., spend 10% of your time designing) • Full design 16 November 2009 George Fairbanks – RhinoResearch.com 34
Takeaway ideas • 3 distinct ideas: • The job title/role “architect” • The process of architecting/designing • The engineering artifact called the architecture • Every project is combination of planned & evolutionary decisions • You should calibrate your project’s balance using risks • Risk is a unifying concept • Managers understand it • Engineers understand it • Architecture is compatible with agile • Agile will do more evolutionary design • Use risk to mix in architecture design • Inspiration: Dad vs. Mailbox 16 November 2009 George Fairbanks – RhinoResearch.com 35
Conclusion • Software architecture techniques are helpful • We cannot afford to apply them all • Important: How much should we do? • Old: Yardstick model • Old: Full description model • This talk describes a new model: Risk-Centric Model 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • It is not: Big Design Up Front • It is not: A full software development process • It is: Compatible with agile and other processes 16 November 2009 George Fairbanks – RhinoResearch.com 36

Recomendados

Extreme Programming (XP): Revisted
Extreme Programming (XP): RevistedExtreme Programming (XP): Revisted
Extreme Programming (XP): RevistedMike Harris
 
Sa 009 add
Sa 009 addSa 009 add
Sa 009 addFrank Gielen
 
L06 Architecting Activities
L06 Architecting ActivitiesL06 Architecting Activities
L06 Architecting ActivitiesHenry Muccini
 
Model-Driven Architecture for Cloud Applications Development, A survey
Model-Driven Architecture for Cloud Applications Development, A survey Model-Driven Architecture for Cloud Applications Development, A survey
Model-Driven Architecture for Cloud Applications Development, A survey Editor IJCATR
 
Software Architecture
Software ArchitectureSoftware Architecture
Software ArchitecturePrabhat gangwar
 
I mindsx4howest v2
I mindsx4howest v2I mindsx4howest v2
I mindsx4howest v2Frank Gielen
 
Software Design - Architectural Kata
Software Design - Architectural KataSoftware Design - Architectural Kata
Software Design - Architectural KataDeniz Yavaş
 
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...Jonathan Cutrell
 

Recomendados

Extreme Programming (XP): Revisted
Extreme Programming (XP): RevistedExtreme Programming (XP): Revisted
Extreme Programming (XP): RevistedMike Harris
 
Sa 009 add
Sa 009 addSa 009 add
Sa 009 addFrank Gielen
 
L06 Architecting Activities
L06 Architecting ActivitiesL06 Architecting Activities
L06 Architecting ActivitiesHenry Muccini
 
Model-Driven Architecture for Cloud Applications Development, A survey
Model-Driven Architecture for Cloud Applications Development, A survey Model-Driven Architecture for Cloud Applications Development, A survey
Model-Driven Architecture for Cloud Applications Development, A survey Editor IJCATR
 
Software Architecture
Software ArchitectureSoftware Architecture
Software ArchitecturePrabhat gangwar
 
I mindsx4howest v2
I mindsx4howest v2I mindsx4howest v2
I mindsx4howest v2Frank Gielen
 
Software Design - Architectural Kata
Software Design - Architectural KataSoftware Design - Architectural Kata
Software Design - Architectural KataDeniz Yavaş
 
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...
Attribute Driven Styles: The Good, the Bad, and the Unknown (SassConf 2015 Di...Jonathan Cutrell
 
Quality Attributes Workshop
Quality Attributes WorkshopQuality Attributes Workshop
Quality Attributes WorkshopCS, NcState
 
Sa 008 patterns
Sa 008 patternsSa 008 patterns
Sa 008 patternsFrank Gielen
 
Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5Sudarshan Dhondaley
 
Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs Asanka Dilruk
 
4+1 View Model of Software Architecture
4+1 View Model of Software Architecture4+1 View Model of Software Architecture
4+1 View Model of Software Architecturebashcode
 
How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!Louis Henry
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architectureHimanshu
 
Spm unit 1
Spm unit 1Spm unit 1
Spm unit 1sweetyammu
 
Spm unit 5
Spm unit 5Spm unit 5
Spm unit 5sweetyammu
 
Final Project Closing
Final Project ClosingFinal Project Closing
Final Project Closingmegat zainurul anuar
 
Democratising Software Architecture
Democratising Software ArchitectureDemocratising Software Architecture
Democratising Software ArchitectureEoin Woods
 
The Role of the Architect
The Role of the ArchitectThe Role of the Architect
The Role of the ArchitectJonathan Holloway
 
Chap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.pptChap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.pptkhalidnawaz39
 
Chap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptxChap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptxssuser0ed5b4
 
Agile 2008 Retrospective
Agile 2008 RetrospectiveAgile 2008 Retrospective
Agile 2008 RetrospectiveCraig Smith
 
Architecture Haiku
Architecture HaikuArchitecture Haiku
Architecture HaikuMatthew McCullough
 
Apt agile methodology
Apt agile methodologyApt agile methodology
Apt agile methodologyIndra
 
Ten Advices for Architects
Ten Advices for ArchitectsTen Advices for Architects
Ten Advices for ArchitectsEberhard Wolff
 
10 Hinweise für Architekten
10 Hinweise für Architekten10 Hinweise für Architekten
10 Hinweise für Architektenadesso AG
 
Designing and prototyping
Designing and prototypingDesigning and prototyping
Designing and prototypingAndres Baravalle
 
The Journey to Master Code Design
The Journey to Master Code DesignThe Journey to Master Code Design
The Journey to Master Code DesignAlexandru Bolboaca
 
CEN6016-Chapter1.ppt
CEN6016-Chapter1.pptCEN6016-Chapter1.ppt
CEN6016-Chapter1.pptSumitVishwambhar
 

Mais conteúdo relacionado

Destaque

Quality Attributes Workshop
Quality Attributes WorkshopQuality Attributes Workshop
Quality Attributes WorkshopCS, NcState
 
Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5Sudarshan Dhondaley
 
Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs Asanka Dilruk
 
4+1 View Model of Software Architecture
4+1 View Model of Software Architecture4+1 View Model of Software Architecture
4+1 View Model of Software Architecturebashcode
 
How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!Louis Henry
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architectureHimanshu
 

Destaque (10)

Quality Attributes Workshop
Quality Attributes WorkshopQuality Attributes Workshop
Quality Attributes Workshop
 
Sa 008 patterns
Sa 008 patternsSa 008 patterns
Sa 008 patterns
 
Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5Designing and documenting software architecture unit 5
Designing and documenting software architecture unit 5
 
Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs Software architecture quality attributes & Trade-offs
Software architecture quality attributes & Trade-offs
 
4+1 View Model of Software Architecture
4+1 View Model of Software Architecture4+1 View Model of Software Architecture
4+1 View Model of Software Architecture
 
How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!How To Close-Out Your Project Successfully!
How To Close-Out Your Project Successfully!
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architecture
 
Spm unit 1
Spm unit 1Spm unit 1
Spm unit 1
 
Spm unit 5
Spm unit 5Spm unit 5
Spm unit 5
 
Final Project Closing
Final Project ClosingFinal Project Closing
Final Project Closing
 

Semelhante a Risk Centric Architecture George Fairbanks

Democratising Software Architecture
Democratising Software ArchitectureDemocratising Software Architecture
Democratising Software ArchitectureEoin Woods
 
Chap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.pptChap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.pptkhalidnawaz39
 
Chap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptxChap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptxssuser0ed5b4
 
Agile 2008 Retrospective
Agile 2008 RetrospectiveAgile 2008 Retrospective
Agile 2008 RetrospectiveCraig Smith
 
Apt agile methodology
Apt agile methodologyApt agile methodology
Apt agile methodologyIndra
 
Ten Advices for Architects
Ten Advices for ArchitectsTen Advices for Architects
Ten Advices for ArchitectsEberhard Wolff
 
10 Hinweise für Architekten
10 Hinweise für Architekten10 Hinweise für Architekten
10 Hinweise für Architektenadesso AG
 
The Journey to Master Code Design
The Journey to Master Code DesignThe Journey to Master Code Design
The Journey to Master Code DesignAlexandru Bolboaca
 
CEN6016-Chapter1.ppt
CEN6016-Chapter1.pptCEN6016-Chapter1.ppt
CEN6016-Chapter1.pptNelsonYanes6
 
Getting Started with Architecture Decision Records
Getting Started with Architecture Decision RecordsGetting Started with Architecture Decision Records
Getting Started with Architecture Decision RecordsMichael Keeling
 
DrupalCon Austin: Planning for Performance
DrupalCon Austin: Planning for PerformanceDrupalCon Austin: Planning for Performance
DrupalCon Austin: Planning for PerformanceJeff Beeman
 
Minimum Viable Architecture - Good Enough is Good Enough
Minimum Viable Architecture - Good Enough is Good EnoughMinimum Viable Architecture - Good Enough is Good Enough
Minimum Viable Architecture - Good Enough is Good EnoughRandy Shoup
 
Extreme Programming Deployed
Extreme Programming DeployedExtreme Programming Deployed
Extreme Programming DeployedSteve Loughran
 
Preparing for a technical interview
Preparing for a technical interviewPreparing for a technical interview
Preparing for a technical interviewpocketgems
 

Semelhante a Risk Centric Architecture George Fairbanks (20)

Democratising Software Architecture
Democratising Software ArchitectureDemocratising Software Architecture
Democratising Software Architecture
 
The Role of the Architect
The Role of the ArchitectThe Role of the Architect
The Role of the Architect
 
Chap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.pptChap 6 - Software Architecture Part 1.ppt
Chap 6 - Software Architecture Part 1.ppt
 
Chap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptxChap 6 - Software Architecture Part 1.pptx
Chap 6 - Software Architecture Part 1.pptx
 
Agile 2008 Retrospective
Agile 2008 RetrospectiveAgile 2008 Retrospective
Agile 2008 Retrospective
 
Architecture Haiku
Architecture HaikuArchitecture Haiku
Architecture Haiku
 
Apt agile methodology
Apt agile methodologyApt agile methodology
Apt agile methodology
 
Ten Advices for Architects
Ten Advices for ArchitectsTen Advices for Architects
Ten Advices for Architects
 
10 Hinweise für Architekten
10 Hinweise für Architekten10 Hinweise für Architekten
10 Hinweise für Architekten
 
Designing and prototyping
Designing and prototypingDesigning and prototyping
Designing and prototyping
 
The Journey to Master Code Design
The Journey to Master Code DesignThe Journey to Master Code Design
The Journey to Master Code Design
 
CEN6016-Chapter1.ppt
CEN6016-Chapter1.pptCEN6016-Chapter1.ppt
CEN6016-Chapter1.ppt
 
CEN6016-Chapter1.ppt
CEN6016-Chapter1.pptCEN6016-Chapter1.ppt
CEN6016-Chapter1.ppt
 
It's XP, Stupid
It's XP, StupidIt's XP, Stupid
It's XP, Stupid
 
5-CEN6016-Chapter1.ppt
5-CEN6016-Chapter1.ppt5-CEN6016-Chapter1.ppt
5-CEN6016-Chapter1.ppt
 
Getting Started with Architecture Decision Records
Getting Started with Architecture Decision RecordsGetting Started with Architecture Decision Records
Getting Started with Architecture Decision Records
 
DrupalCon Austin: Planning for Performance
DrupalCon Austin: Planning for PerformanceDrupalCon Austin: Planning for Performance
DrupalCon Austin: Planning for Performance
 
Minimum Viable Architecture - Good Enough is Good Enough
Minimum Viable Architecture - Good Enough is Good EnoughMinimum Viable Architecture - Good Enough is Good Enough
Minimum Viable Architecture - Good Enough is Good Enough
 
Extreme Programming Deployed
Extreme Programming DeployedExtreme Programming Deployed
Extreme Programming Deployed
 
Preparing for a technical interview
Preparing for a technical interviewPreparing for a technical interview
Preparing for a technical interview
 

Mais de IASA

Building Feedback Loops
Building Feedback LoopsBuilding Feedback Loops
Building Feedback LoopsIASA
 
Resource-Oriented Architecture (ROA) and REST
Resource-Oriented Architecture (ROA) and RESTResource-Oriented Architecture (ROA) and REST
Resource-Oriented Architecture (ROA) and RESTIASA
 
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4IASA
 
Domain Driven Design Up And Running
Domain Driven Design Up And RunningDomain Driven Design Up And Running
Domain Driven Design Up And RunningIASA
 
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...IASA
 
Database Refactoring With Liquibase
Database Refactoring With LiquibaseDatabase Refactoring With Liquibase
Database Refactoring With LiquibaseIASA
 
Rethinking Object Orientation
Rethinking Object OrientationRethinking Object Orientation
Rethinking Object OrientationIASA
 
Making Architecture Business Value Driven
Making Architecture Business Value DrivenMaking Architecture Business Value Driven
Making Architecture Business Value DrivenIASA
 

Mais de IASA (8)

Building Feedback Loops
Building Feedback LoopsBuilding Feedback Loops
Building Feedback Loops
 
Resource-Oriented Architecture (ROA) and REST
Resource-Oriented Architecture (ROA) and RESTResource-Oriented Architecture (ROA) and REST
Resource-Oriented Architecture (ROA) and REST
 
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4
Cloud Computing Bootcamp On The Google App Engine For Iasa V1.2.4
 
Domain Driven Design Up And Running
Domain Driven Design Up And RunningDomain Driven Design Up And Running
Domain Driven Design Up And Running
 
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...
Business and Strategic Alignment in EA – Practical Guidelines Based on Indust...
 
Database Refactoring With Liquibase
Database Refactoring With LiquibaseDatabase Refactoring With Liquibase
Database Refactoring With Liquibase
 
Rethinking Object Orientation
Rethinking Object OrientationRethinking Object Orientation
Rethinking Object Orientation
 
Making Architecture Business Value Driven
Making Architecture Business Value DrivenMaking Architecture Business Value Driven
Making Architecture Business Value Driven
 

Último

*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...anjanibaddipudi1
 
05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdf05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...Andy (Avraham) Blumenthal
 
10052024_First India Newspaper Jaipur.pdf
10052024_First India Newspaper Jaipur.pdf10052024_First India Newspaper Jaipur.pdf
10052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
The political system of the united kingdom
The political system of the united kingdomThe political system of the united kingdom
The political system of the united kingdomlunadelior
 
China's soft power in 21st century .pptx
China's soft power in 21st century .pptxChina's soft power in 21st century .pptx
China's soft power in 21st century .pptxYasinAhmad20
 
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...IT Industry
 
06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024Insiger
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...Faga1939
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...hyt3577
 
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...srinuseo15
 
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...tewhimanshu23
 
422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdflambardar420420
 
declarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfdeclarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfssuser5750e1
 
04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Politician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsPolitician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsVoterMood
 
Dubai Call Girls Pinky O525547819 Call Girl's In Dubai
Dubai Call Girls Pinky O525547819 Call Girl's In DubaiDubai Call Girls Pinky O525547819 Call Girl's In Dubai
Dubai Call Girls Pinky O525547819 Call Girl's In Dubaikojalkojal131
 

Último (20)

*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
 
05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdf05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdf
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
 
10052024_First India Newspaper Jaipur.pdf
10052024_First India Newspaper Jaipur.pdf10052024_First India Newspaper Jaipur.pdf
10052024_First India Newspaper Jaipur.pdf
 
The political system of the united kingdom
The political system of the united kingdomThe political system of the united kingdom
The political system of the united kingdom
 
China's soft power in 21st century .pptx
China's soft power in 21st century .pptxChina's soft power in 21st century .pptx
China's soft power in 21st century .pptx
 
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
 
06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf
 
Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024
 
call girls inMahavir Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls inMahavir Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls inMahavir Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls inMahavir Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
 
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
 
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...
Unveiling the Characteristics of Political Institutions_ A Comprehensive Anal...
 
422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf
 
declarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfdeclarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdf
 
04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf
 
Politician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsPolitician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full Details
 
Dubai Call Girls Pinky O525547819 Call Girl's In Dubai
Dubai Call Girls Pinky O525547819 Call Girl's In DubaiDubai Call Girls Pinky O525547819 Call Girl's In Dubai
Dubai Call Girls Pinky O525547819 Call Girl's In Dubai
 

Risk Centric Architecture George Fairbanks

  • 1. Risk-Centric Model of Software Architecture George Fairbanks 16 November 2009 Rhino Research Software Architecture Consulting and Training Full paper: http://rhinoresearch.com/content/risk-centric-model-software-architecture
  • 2. Overview • Software architecture techniques are helpful • We cannot afford to apply them all • Important: How much should we do? • Old: Yardstick model • Old: Full description model • This talk describes a new model: Risk-Centric Model 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • It is not: Big Design Up Front • It is not: A full software development process • It is: Compatible with agile & other processes 16 November 2009 George Fairbanks – RhinoResearch.com 2
  • 3. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 3
  • 4. What is software architecture? The software architecture of a program or computing system is its structure or structures, which comprise software elements, the externally visible properties of those elements, and the relationships among them. [Bass, Clements, Kazman 2003] • In loose language: • It’s the macroscopic organization of the system • Must keep these ideas separate: • The job title/role “architect” • The process of architecting/designing (also: when) • The engineering artifact called the architecture • Every system has an architecture • Identify it by looking back (avoids tangling with process & roles) • E.g., “Aha, I see it is a 3-tier architecture” 16 November 2009 George Fairbanks – RhinoResearch.com 4
  • 5. Every system has an architecture Viewtype Contents Module Modules, Dependencies, Layers Runtime Components, Connectors, Ports Allocation Servers, Communication channels • Three primary viewtypes: Module, Runtime, Allocation • Many views within a viewtype • Architectural styles • Big ball of mud • Client-server • Pipe-and-filter • Map-reduce • N-tier • … 16 November 2009 George Fairbanks – RhinoResearch.com 5
  • 6. Architecture as skeleton • An animal’s skeleton: • Provides its overall structure • Influences what it can do • Examples • Birds fly better because of wings and light bones • Kangaroos jump because of leg structure • Convergent evolution: Bat skeletons have wings • Tradeoffs • 4 legs faster vs. 2 legs easier to use tools • Software skeleton examples • 3-tier: localize changes, concurrent transactions • Cooperating processes: isolate faults • Peer-to-peer: no central point of failure 16 November 2009 George Fairbanks – RhinoResearch.com 6
  • 7. Architecture influences quality attributes • Function: Carrying apples to market • Solution 1: Use humans • Solution 2: Use horses • Both solutions work • Yet differ in their quality attributes • Quality attributes • A.k.a. extra-functional requirements, the “ities” • E.g., latency, modifiability, usability, testability • Architecture influences the system’s quality attributes • E.g., pipe and filter is reconfigurable • E.g., map-reduce is scalable 16 November 2009 George Fairbanks – RhinoResearch.com 7
  • 8. Architecture orthogonal to functionality • Architecture orthogonal to functionality • Can mix-and-match architecture and functionality • Can (mostly) build any system with any architecture • Shift in thinking • No: good or bad architectures • Yes: suitable or unsuitable to supporting the functions • Architecture can help or hurt you achieve functionality • Help example: use horses to transport apples • Hurt example: use horses to stack apples 16 November 2009 George Fairbanks – RhinoResearch.com 8
  • 9. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 9
  • 10. Q: When do we design the architecture? The software architecture of a program or computing system is its structure or structures, which comprise software elements, the externally visible properties of those elements, and the relationships among them. [Bass, Clements, Kazman 2003] • Recall these three distinct ideas: • The job title/role “architect” • The process of architecting/designing (also: when) • The engineering artifact called the architecture • At some point, the architecture (the artifact) exists • Question: When did we decide on it? (our process) • To understand, worth considering two design styles: • Evolutionary design • Planned design 16 November 2009 George Fairbanks – RhinoResearch.com 10
  • 11. Evolutionary design vs. planned design Evolutionary design Planned design • Fundamental beliefs • Fundamental beliefs • Hard to correctly decide • Possible to paint yourself early in project into a corner • Refactoring reduces cost of • Cost of change is high change • So: Defer decisions when • So: Decide now to reduce costs possible Shared ground • Cost of change is never zero • Every project has some evolutionary, some planned design 16 November 2009 George Fairbanks – RhinoResearch.com 11
  • 12. Engineering failures The concept of failure is central to the design process, and it is by thinking in terms of obviating failure that successful designs are achieved. ... Although often an implicit and tacit part of the methodology of design, failure considerations and proactive failure analysis are essential for achieving success. And it is precisely when such considerations and analyses are incorrect or incomplete that design errors are introduced and actual failures occur. [Henry Petroski, Design Paradigms, 1994] Required You can choose • Considering failures • When design happens • Analyzing options • Which analyses • Designing a solution • Formality / precision • Depth 16 November 2009 George Fairbanks – RhinoResearch.com 12
  • 13. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 13
  • 14. How much architecture? • Situation: • Answer 1: Yardstick • Lots of architecture • E.g., spend 10% of your techniques time designing • All cost something • Not so helpful on • Cannot afford to do them all Wednesday • No technique choice • Two problems • Which techniques? • Answer 2: Documentation • When to stop? package (i.e., full design) • Expensive • Overkill for most projects • Answer 3: Ad hoc compromise • Unrepeatable Desired: A principled way to decide how much is enough 16 November 2009 George Fairbanks – RhinoResearch.com 14
  • 15. Inspiration: Dad vs. mailbox • My Dad • Mechanical engineer • Capable of analyzing stresses and strains • The problem • Install new mailbox • His solution • Dig hole • Fill with concrete • Stick in post • Q: Why no mechanical engineering analyses? • A: Risk • He just wasn’t worried enough 16 November 2009 George Fairbanks – RhinoResearch.com 15
  • 16. Insight #1: Prioritize using risks • At any given moment, you have worries and non-worries • Worry: Will the server scale up? • Worry: Will bad guys steal customer data? • Response time will be easy to achieve • We have plenty of RAM • Cast these worries as engineering risks • Focus on highest priority risks • Good news: prioritizing risks is easy for developers • They can tell you what they are most worried about • I.e., possible failures • Bad news: you might get blindsided • But you cannot plan for the unexpected 16 November 2009 George Fairbanks – RhinoResearch.com 16
  • 17. Insight #2: Techniques mitigate risks • Many architecture techniques exist • Protocol analysis • Component and connector modeling • Queuing theory • Schedulability analysis • Threat modeling • Techniques are not interchangeable • E.g., cannot use threat modeling on latency risks • So, must match risks with techniques • I.e., mapping from risks à techniques 16 November 2009 George Fairbanks – RhinoResearch.com 17
  • 18. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 18
  • 19. Risk-centric architecture • The risk-centric model: 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • Promotion of risk to prominence • Today, developers think about risks …but they think about lots of other things too • [Babar 09] describes team so functionality focused that quality attribute concerns deferred until development ceased and product was in maintenance mode. • [Kruchten08] Agile2008 keynote talk: similar story • Must balance • Wasting time on low-impact techniques • Ignoring project-threatening risks 16 November 2009 George Fairbanks – RhinoResearch.com 19
  • 20. Risk-centric model applies to design • Many models organize the software development lifecycle: • Spiral, waterfall, iterative, RUP, XP • Risk-centric model applies only during design Example of use inside an iterative process Iteration 0 Iteration 1 Iteration 2 Iteration 3 … Architecture and design activities Other development activities • Q: When were (perceived) risks the highest? 16 November 2009 George Fairbanks – RhinoResearch.com 20
  • 21. Risk-centric model is uncommon • I.e., You are probably not doing this today • Some test questions: • Are risks primary? • Are your risks written down? • Any developer can list the features …but list of risks seems to be made up on the spot • Are techniques decided per-project? • Most teams have standard set of techniques • Often defined by process or template • Do all projects have the same risks? • E.g., customer-facing and infrastructure 16 November 2009 George Fairbanks – RhinoResearch.com 21
  • 22. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 22
  • 23. Definition of risk • Simple definition Risk = probability of failure x impact of failure • But, uncertainty is inherent • Uncertain probability; uncertain impact • So, resort to educated guesses = perception • Revised definition Risk = perceived probability of failure x perceived impact of failure • Consequences of uncertainty • Can perceive risks even if none exist • Can fail to perceive risks • Risk prioritization is hard and subjective 16 November 2009 George Fairbanks – RhinoResearch.com 23
  • 24. Describing risks • Schemas for describing risks • Condition-Transition-Consequence [Gulch94] • Failure scenarios (testable) • Categorical (e.g., “security risk”) • Examples • “[Cr|H]ackers exist, so sensitive data may be revealed leading to reputation and financial loss.” • “The chosen web framework may prevent us from meeting transactions-per-second requirements” 16 November 2009 George Fairbanks – RhinoResearch.com 24
  • 25. Engineering risk vs. management risk Software engineering risks Project management risks • “I’m afraid that the server will • “Lead developer hit by bus” not scale to 100 users” • “Customer needs not • “Parsing of the response understood” messages may not be robust” • “Senior VP hates our manager” • “It’s working now but if we touch anything it may fall • “Competitor is first to market” apart.” Mismatches • Use PERT chart to eliminate buffer overruns • Use caching to prioritize features 16 November 2009 George Fairbanks – RhinoResearch.com 25
  • 26. Canonical risks in domains • Information Technology (IT) • Complex, poorly understood problem domain • Unsure we’re solving the real problem • May choose wrong COTS software • Integration with existing, poorly understood software • Domain knowledge scattered across people • Modifiability • Systems • Composition risk—will it go together? • Performance, reliability, size, security • Concurrency • Web • Developer productivity • Security • Scalability 16 November 2009 George Fairbanks – RhinoResearch.com 26
  • 27. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 27
  • 28. Techniques in other fields • In mechanical engineering • Stress calculations, breaking point tests • In electrical engineering • Circuit analysis • In aerospace engineering • Thermal analysis, electrical analysis, mechanical analysis • Prototyping: everywhere 16 November 2009 George Fairbanks – RhinoResearch.com 28
  • 29. Recall insight #2: Map techniques to risks • This talk: How much architecture? When to stop? • Also: Which architecture techniques? Ad hoc choices? • Desire: Choose like virtuoso? • Virtuosos solve problems intuitively • Often they can jump directly to the solution / choice • Mysterious • Aha!: Encode virtuoso judgment • Make tacit knowledge explicit • Accelerate learning • Can discuss suitability • If risk X, do technique Y • Thinking process • Tabularized data 16 November 2009 George Fairbanks – RhinoResearch.com 29
  • 30. Risk à technique table Risk Technique Problem domain poorly • Create a Domain model (Problem frames, info model, understood behavior model including use cases) Others must understand • Create a context diagram our design • Create a use case model • Low fidelity UI prototyping (e.g., cards) We don’t know the • Create Module and Component & Connector view of system interfaces between our • Co-locate teams components / teams • Peer-to-peer communication not mediated by managers Problem is too big to be • Partition into components solved by one person or • Encapsulate components one team • Design for extension. Ensure style is clear (e.g., J2EE, or WinAmp plugin API) • Document architecture (all 3 viewtypes) and invariants clearly and communicate it to teams … • Just an illustrative example • Goal: general handbooks; company-specific best practices 16 November 2009 George Fairbanks – RhinoResearch.com 30
  • 31. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 31
  • 32. Related work • Attribute Driven Design (ADD) • Tabularizes mapping from quality attributes à patterns • E.g., availability à ping/echo pattern • Bass, Clements, Kazman, Software Architecture in Practice, 2003 • Global Analysis • Identify “Factors”, choose matching “Strategies” • Bridges engineering & management • Hoffmeister, Soni, Nord, Applied Software Architecture, 2000 • Spiral model • Specialization of iterative model that prioritizes risk • Boehm, A Spiral Model of Software Development and Enhancement, 1988 • Balancing agility and discipline • Processes: use risk to choose process rigor • Boehm and Turner, Balancing Agility and Discipline, 2003 16 November 2009 George Fairbanks – RhinoResearch.com 32
  • 33. Talk outline • Architecture essentials • When do we design the architecture? • How much architecture should we do? • Risk-centric model • Risks • Techniques • Processes & related work • Conclusion 16 November 2009 George Fairbanks – RhinoResearch.com 33
  • 34. How much architecture? • How much architecture is enough? • Time spent designing vs. time spent building • Desired: objective, quantitative decision STOP? • Old answers: Yardsticks, full design, and ad hoc • Risk-Centric Model answer • Do architecture until risks subside • But: Risks never eliminated, subjective risk estimates • So, does risk help? • Yes: Shared vocabulary (“risks”) with management • Yes: Refined evaluation ability • Subjective risk estimate better than: • Yardstick (e.g., spend 10% of your time designing) • Full design 16 November 2009 George Fairbanks – RhinoResearch.com 34
  • 35. Takeaway ideas • 3 distinct ideas: • The job title/role “architect” • The process of architecting/designing • The engineering artifact called the architecture • Every project is combination of planned & evolutionary decisions • You should calibrate your project’s balance using risks • Risk is a unifying concept • Managers understand it • Engineers understand it • Architecture is compatible with agile • Agile will do more evolutionary design • Use risk to mix in architecture design • Inspiration: Dad vs. Mailbox 16 November 2009 George Fairbanks – RhinoResearch.com 35
  • 36. Conclusion • Software architecture techniques are helpful • We cannot afford to apply them all • Important: How much should we do? • Old: Yardstick model • Old: Full description model • This talk describes a new model: Risk-Centric Model 1. Identify and prioritize risks 2. Apply relevant architecture activities 3. Re-evaluate • It is not: Big Design Up Front • It is not: A full software development process • It is: Compatible with agile and other processes 16 November 2009 George Fairbanks – RhinoResearch.com 36