Software Architecture Thoughts for the System Security Design

Similar documents
An Architect s Point of View. TSP Symposium Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213

Attribute-Driven Design

Software Architecture

Software Architectures. Lecture 6 (part 1)

Lecture 16: (Architecture IV)

Quality Attribute Driven Software Architecture Reconstruction. Version 1.0 QADSAR SATURN page 1

Current Best Practices in Software Architecture. Session 1: What Is Software Architecture? Why Is It Important?

Ch 1: The Architecture Business Cycle

WHAT IS SOFTWARE ARCHITECTURE?

ADD 3.0: Rethinking Drivers and Decisions in the Design Process

Introduction to software architecture Revision : 732

Architectural Blueprint The 4+1 View Model of Software Architecture. Philippe Kruchten

Requirements Validation and Negotiation

Architectural Blueprint

An Industry Definition of Business Architecture

Software Architecture. Lecture 5

SOFTWARE ARCHITECTURES UNIT I INTRODUCTION AND ARCHITECTURAL DRIVERS

What is Software Architecture

OG0-091 Q&As TOGAF 9 Part 1

Ch 1: The Architecture Business Cycle

Requirement Analysis

OG The Open Group OG TOGAF 9 Combined Part 1 and Part 2

Quality Attribute Design Primitives and the Attribute Driven Design Method 1

The Analysis and Proposed Modifications to ISO/IEC Software Engineering Software Quality Requirements and Evaluation Quality Requirements

ISO/IEC/ IEEE INTERNATIONAL STANDARD. Systems and software engineering Architecture description

Solving the Enterprise Data Dilemma

Maintaining & Increasing Stakeholder Confidence in IT Architecture

Requirements Specifications & Standards

Designing Software Architecture to Achieve Business Goals

Response to the. ESMA Consultation Paper:

Architecture Viewpoint Template for ISO/IEC/IEEE 42010

Roles and Responsibilities on DevOps Adoption

<<Subsystem>> Software Architecture Document

Vendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo

Module 3. Overview of TOGAF 9.1 Architecture Development Method (ADM)

Towards The Adoption of Modern Software Development Approach: Component Based Software Engineering

Business Architecture Implementation Workshop

European Component Oriented Architecture (ECOA ) Collaboration Programme: Architecture Specification Part 2: Definitions

Mathematics and Computing: Level 2 M253 Team working in distributed environments

Fundamentals to Creating Architectures using ISO/IEC/IEEE Standards

Introduction. A Brief Description of Our Journey

1 Executive Overview The Benefits and Objectives of BPDM

A Beginners Guide to UML Part II

STEP Data Governance: At a Glance

EXIN Expert in IT Service Management based on ISO/IEC Preparation Guide

SERVICE TRANSITION ITIL INTERMEDIATE TRAINING & CERTIFICATION

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Lecture 5: Requirements Specifications

SOFTWARE ARCHITECTURE & DESIGN INTRODUCTION

Nick Rozanski Andy Longshaw Eoin Woods. Sold! How to Describe, Explain and Justify your Architecture

Diseño y Evaluación de Arquitecturas de Software. Architecture Based Design Method

Briefing Date. Purpose

Requirements to models: goals and methods

Deriving safety requirements according to ISO for complex systems: How to avoid getting lost?

HP Application Lifecycle Management. Upgrade Best Practices

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

e-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013

Document Engineering

User Documentation Development Life Cycle (UDDLC)

Improving Security in the Application Development Life-cycle

BDSA Introduction to OOAD. Jakob E. Bardram

Guide to IREE Certification

Business Analysis for Practitioners - Requirements Elicitation and Analysis (Domain 3)

Software Life-Cycle Management

About HP Quality Center Upgrade... 2 Introduction... 2 Audience... 2

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

The Impact of SOA Policy-Based Computing on C2 Interoperation and Computing. R. Paul, W. T. Tsai, Jay Bayne

Test Architect A Key Role defined by Siemens

90% of data breaches are caused by software vulnerabilities.

needs, wants, and limitations

COURSE BROCHURE. ITIL - Intermediate Service Transition. Training & Certification

Architectures of Distributed Systems 2011/2012

The Confluence of Physical and Cyber Security Management

Tech Advantage Benchmarking Your Cyber Security Program. March 5, 2014

Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see

HITSP Standards Harmonization Process -- A report on progress

Requirements Gathering

Architectural Design

The software lifecycle and its documents

Government of Ontario IT Standard (GO ITS)

INFORMATION ASSURANCE DIRECTORATE

Introduction - SENG 330. Object-Oriented Analysis and Design

Lecture 8: Use Case -Driven Design. Where UML fits in

Architectural Design

ISO & ISO & ISO Cloud Documentation Toolkit

FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION

What is Software Architecture? What is Principal?

Software Design Report

What s a BA to do with Data? Discover and define standard data elements in business terms

User-centered design and the requirement process

Requirements Validation and Negotiation

Chapter 6 Architectural Design. Chapter 6 Architectural design

The Process of Software Architecting

Jelena Roljevic Assistant Vice President, Business Intelligence Ronald Layne Data Governance and Data Quality Manager

Attribute Driven Design (ADD 3.0) Tackling complexity in the heart of Software Architecture. Luis Manuel Muegues Acosta Software Architect at Ryanair

Review of Basic Software Design Concepts. Fethi Rabhi SENG 2021

Microsoft SharePoint Server 2013 Plan, Configure & Manage

General Framework for Secure IoT Systems

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

BUILDING GOOD-QUALITY FUNCTIONAL SPECIFICATION MODEL

Transcription:

Software Architecture Thoughts for the System Security Design Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 James Ivers April 17, 2007

Role of Software Architecture If the only criterion for software was to get the right answer, we would not need architectures unstructured, monolithic systems would suffice. But other things also matter, like modifiability time of development performance coordination of work teams Quality attributes such as these are largely dependent on architectural decisions. All design involves tradeoffs among quality attributes. The earlier we reason about tradeoffs, the better. 2

Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 3

Scoping the Problem What is being defined in the architecture? New features/assets Integration between new features/assets and existing systems Recommendations for existing features/assets What constraints are we under? Business (e.g., deadlines, cost, or regulatory standards) Technical (e.g., existing assets or interfaces) What are the driving quality attributes? Security, modifiability, reliability, performance, usability, etc. How do we manage the trade-offs among qualities How will the architecture be used? Basis for implementation Detailed analyses Contract between component suppliers and acquirers 4

Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 5

The Architecture Design Process An architecture design follows (should, really!) this process: 1. Create a measurable specification of quality attribute requirements that need to be supported by the architecture 2. Evaluate if the current architecture you have fulfills those requirements 3. If not, make some changes to the architecture to improve and repeat step 2 4. If yes, Lucky you! You are done. As simple as this may sound, it creates a huge problem 6

The Dilemma of the Architect 1 Initial architecture may look like this Architect There decides are many possibilities to make the architecture better Such as this one or this one Architecture Decision A view of possible architectures 7

The Dilemma of the Architect 2 And the process repeats A view of possible architectures Until (hopefully) a solution is found Unacceptable Architecture Acceptable Architecture Solution! Decision 8

The Dilemma of the Architect 3 A view of possible architectures but and there the are perfect many more solution architectures the might project be that runs have out there of not time! been explored! Unacceptable Architecture Acceptable Architecture Solution! Decision 9

Attribute-Driven Design (ADD) Method The ADD method is an approach to defining software architectures by basing the design process on the architecture s quality attribute requirements. It follows a recursive decomposition process where, at each stage in the decomposition, tactics and architectural patterns are chosen to satisfy a set of quality attribute scenarios. Constraints Functional requirements Quality requirements ADD Decomposition of the architecture 10

Steps of the ADD Method 1. Choose the element to decompose. 2. Refine the element according to these steps: a. Choose the architectural significant requirements. b. Choose an architectural pattern that satisfies the architectural significant requirements. c. Instantiate elements and allocate functionality from the use cases using multiple views. d. Define interfaces of the child elements. e. Verify and refine use cases and quality scenarios and make them constraints for the child elements. 3. Repeat these steps for the next element. Remember that early decisions constrain later decisions. Make those with the biggest impact early. 11

Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 12

View-Based Documentation All modern approaches to software architecture creation and documentation are based on views. A general principle for documenting a software architecture is Documenting a software architecture is a matter of documenting the relevant views and then adding information that applies to more than one view. + + = 13

Views An architecture is a multidimensional construct, too involved to be seen all at once. Systems are composed of many structures that show modules, their composition/decomposition and mapping to code units processes and how they synchronize programs and how they call or send data to each other how software is deployed on hardware how teams cooperate to build the system how components and connectors work at runtime Views are representations of structures. We use them to manage complexity by separating concerns. 14

What Is the Right Set of Views? Unlike approaches that prescribe a fixed set of views, we take a more general approach: Choose the best views for each situation. Which views are right depends on 1. the structures that are inherent in the software 2. who the stakeholders are and how they will use the documentation How do stakeholders use documentation? education introducing people to the project communication especially among stakeholders architect to developers architect to (current or future) architect analysis assuring quality attributes 15

But Which Views to Consider? Module Uses Decomposition Class/Generalization Layered Allocation Work Assignment Deployment Implementation 16

Producing Documentation Documenting individual views Unambiguous notations Enough information to support purpose Rationale! Mapping between views Reconciling different perspectives to avoid inconsistencies Many analyses require information found in different views Standards compliance IEEE 1471, ISO/IEC 42010:2007 Etc. 17

Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 18

Why Evaluate an Architecture? Because so much is riding on it! An unsuitable architecture can precipitate disaster. Architecture determines the structure of the project. Because we can! Repeatable, structured methods offer a low-cost risk mitigation capability that can be employed early in the development life cycle. Making sure an architecture is the right one simply makes good sense. Architecture evaluation should be a standard part of every architecture-based development methodology. 19

Evaluation Techniques There are a variety of techniques for performing architecture evaluations, each having a different cost and providing different information. These techniques fall into two broad categories: 1. questioning techniques - are applied to evaluate an architecture for any given reason 2. measuring techniques - are applied to answer questions about specific quality attributes 20

Conceptual Flow of the ATAM Business Drivers Quality Attributes Scenarios Software Architecture Architectural Approaches Architectural Decisions Analysis Tradeoffs impacts Sensitivity Points Risk Themes distilled into Non-Risks Risks 21

Typical Output from Evaluations Set of ranked issues, risks, risk themes, or problem areas that have supporting data are contained in a formal report are used as feedback to the project Set of scenarios, questions, or checklists for future use Identification of potentially reusable components Enhanced system documentation Estimation of the evaluation s costs and benefits of the evaluation Improvements to the evaluation technique or process 22

A cco u n t S e rve r-m a in KEY C om p one nt Ty pe s: C lie nt S e rv er D at ab as e D at ab as e A p plic atio n C lie n t Teller 1 A cco u nt D at ab a se A c cou n t S e rve r-b a cku p ASTER Gateway A d m in istra tive A tta c hm e nt C o n n e c to r T y p es : P u blis h -S u sc rib e C lie n t-s erv e r R e qu es t /R e p ly D atabase Access SYBASE Repository RPC V0 Gateway DS Component Exposed RPC Interface Maintenance Tool SQL Exposed SQL Interface SEI Software Architecture Methods & Techniques QAW Patterns and tactics Sketches of candidate views, determined by patterns <<layer>> B <<layer>> A <<allowed to <<layer>> use>> A <<allowed to <<allowed use>> to <<layer>> use>> A Chosen, combined views plus documentation beyond views KEY <<layer>> B <<segment>> <<segment>> <<segment>> B1 B2<<allowed to <<allowed B3 use>> to use>> <<allowed <<layer>> to use>> B <<segment>> <<segment>> <<segment>> B1 B2<<allowed to B3 use>> <<allowed to use>> <<segment>> <<segment>> <<segment>> <<layer>> CB1 B2 B3 <<allowed to use>> <<layer>> C <<layer>> C ADD Prioritized QA scenarios Views & Beyond (VaB) ATAM Requirements Stakeholders 23

For More Information James Ivers Email: jivers@sei.cmu.edu World Wide Web: http://www.sei.cmu.edu/architecture Technical reports Case studies Tools & templates Software Architecture in Practice, 2 nd Edition Documenting Software Architectures: Views and Beyond Evaluating Software Architectures: Methods and Case Studies 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback