Building Dependable Software
Strategic technology advice for building dependable business-critical software
Dr. Jayaraj Poroorhttp://jayaraj.poroor.com
Overview
The land of requirements
The land of dependable software
● Architecting● Analysis● Feasibility Studies● Prototyping
The gap needs to be filled by employing the right technology strategies.
Semantic gap between requirements and dependable code.
● It will take a lot of bugs to kill a typical software - but a single strategic mistake is enough.
Bugs vs Strategic Mistakes
$170 million project scrapped700,000 lines of unusable code written
“The [VCF] architecture was developed without adequate assessment of alternatives and conformance to various architectural standards.”
Assessment Report by Aerospace Corp.[IEEE Spectrum]
FBI’s Virtual Case File project
What is Software Architecture?A complex jigsaw that connects together
frameworks, libraries, modules, data stores, platforms, app servers into a robust system.
●
Functionality is only a part of the puzzle.
Functional vs Non-functional requirements
Domain
Functionality
Stability Extensibility
Performance
SecurityScalability
A system that can collapse any time
Good vs Bad Architecture
A system that can gracefully handle stress
vs
● load● attacks● changes
Benefits of proper software architecture● Stability● Scalability● Performance● Security● Reduced code complexity● Extensibility
Data architecture is especially important
“Show me your flowcharts and conceal your tables, and I shall continue to be mystified. Show me your tables, and I won't usually need your flowcharts; they'll be obvious.”
Fred BrooksComputer Pioneer & Turing Award* Winner
* Turing Award is Computer Science equivalent of Nobel Prize
Data Architecture: Good vs Bad
System Requirements
Wrong Data Architecture
System Requirements
Right Data Architecture
vs
Not all application data are equal
BasicDomainData
Time-taggedLog Data
RelationshipData
UnstructuredText
SessionData
The same application may have diverse data requirements.
Force fit all data into the same data store?● Poor performance/scalability● Complex application code
○ Slow/buggy
Application’s diverse data requirements.
A single data store won’t fit all requirements
Hybrid Data Architecture
● Use the right kind of data store for each different kind of data requirement.
Data stores: the sheer variety!
Key-value Stores
DistributedKey-value Stores
In-ProcessKey-value Stores
Un/Semi-structuredsearch databases Time-series
databasesColumn-family
databasesDocumentdatabases
Graphdatabases
Relationaldatabases
In-process SQLdatabases
XMLdatabases
Logic-baseddatabases
Frameworks are important too!
Frameworks support the code we write.
Choices are many!
Ruby on Rails
Groovyon Grails
Express(Node.js)
Spring
CakePHP
Client-side frameworks, e.g. AngularJS
Security: Protect your precious data!Security incidents result in serious financial losses
and lost credibility
Cross-siteScripting
XSRF
SQLInjection
Use of Vulnerable Libraries
Rework is costly
● Architectural mistakes are strategic mistakes - costly to correct○ e.g., migrating from a bad framework or
migrating to a new data store.
● Investment in architecture will save you time, money, and your reputation tomorrow
Strategic decisions must be based on hard data
“In God we trust; all others must bring data.”
Edward Deming*
*The man behind Japanese post-war industrial revolution
Strategic technology activities● Architecture Performance & Scalability
Study.● Framework Comparative Analysis.● Architecture Vulnerability Assessment.● Technology Feasibility Study.● Technology Prototyping.
Performance & Scalability
● Scalability is important but not everyone needs to be Google or Twitter.○ Over-architecting can be expensive. ○ Under-architecting can be disastrous.
“Premature optimization is the root of all evil.”Don Knuth.
Performance & Scalability1. Study Requirements.2. Start with a simple architecture.3. DO
Model the architecture, simulate (in AWS with actual VMs), and collect performance data.Identify bottlenecks.Incrementally modify the architecture.
ITERATE UNTILPERFORMANCE IS SUFFICIENT
You’re unsure whether to really go with framework A, B, C, or D?
How to decide? Roll a dice?
Choosing the right framework
Analyze data from various sources so that you can make an informed decision.
Framework Comparative Analysis
Concrete trend metrics
● Stable?● Active?● Growing community?● Library availability?● Support?● Security Issues?
Analysis will show framework trend metrics.
Architecture Vulnerability Assessment
Analysis should help identify security weak links in your system architecture.
Analysis should reveal whether libraries, frameworks, platforms you are using have any
serious security issues.
Using an insecure library?
When you explore fresh & challenging application domains feasibility study report will be your map.
Technology Feasibility Study
Nothing beats building an actual prototype when exploring new & challenging domains.
Technology Prototyping
“The map is not the territory.” “I do and I understand.”- - Confucious
Recommended
![© SERG Dependable Software Systems (Specification Testing) Dependable Software Systems Specification-based Testing Material drawn from [Mancoridis, Vokolos]](https://img.dokumen.tips/doc/110x75/56649ec45503460f94bcedb8/-serg-dependable-software-systems-specification-testing-dependable-software.jpg)
