A Rationale-based Model for Architecture Design Reasoning

More documents

Recommendations

Info

7.1. The EFT system In this example, we can see that the reliability requirements are realised by a number of related design decisions. The design rationale for these decisions are intertwined in that they influence each another in the implementation of design elements. For instance, the MsgFlowLog table (I2 0 1 ) is a result of two decisions (i.e. AR18 and AR21 ), and those decisions are based on common requirements R2 5 1 and R2 5 2. 7.1.5 Specialised message control process In the architecture design of the EFT system, a consideration was given to the processing scope of MCP. Should a MCP process be a generic single-instance server to process payments for all the banks, or should there be multiple instances of MCP in which each instance is responsible for a single bank only? In the former case, a generic MCP process would take payment messages from any bank for processing. In the latter case, a MCP process is dedicated to a single bank connection. Figure 7.8 shows the design reasoning of the decision. The inputs into the decision require that each message exchanged between the member bank and the system must be uniquely identifiable. The assumption is that the bank must have logged on successfully before payment messages can be exchanged. This assumption puts a constraint on the design such that payment messages cannot be exchanged if the bank has logged off, either voluntarily or by the EFT system. Figure 7.8: MCP Connection Design 117
7.1. The EFT system Therefore, in assessing whether MCP could process all payment transactions, there is a need to check if the bank is still legitimately logged on to the EFT system when the transaction is received. AR22 provides two alternative solutions. If there is a dedicated MCP server for each connection, as documented in the QLR in the AR, the server process can keep the login state in memory, hence perform much better because the login state is already kept. Alternatively, if MCP is generic, then every payment that is processed by it would need to be checked for bank login state. This is achieved either via the database or via a central authorisation server. This is documented in AAR. An individual MCP instance which is responsible for a dedicated bank connection gives a better performance for checking the message security, thus we choose this design. As a result of the decision, the MCP design needs to employ a state machine. Messages passing through it would set its state according to the events such as the successful login of a bank. Top End has to be configured to support the start-up of multiple MCPs, one for each connection. The message header would need a data element, in particular the connection session identifier, to identify a connection. 7.1.6 Centralised control The requirements R5 2 0 and R5 2 1 specify that the EFT system has to broadcast the settlement window timetable and the shutdown notification to member banks. These requirements would mean that special messages need to be sent through MCPs to all those banks that are on-line at the time. There were two relevant issues in considering the architecture design. Firstly, what mechanism should be used to notify the banks and secondly which banks should be notified. Figure 7.9 shows the motivational reasons and the design reasoning of this design. AR23 was a decision to use a centralised server to carry out the messages distribution. There was no alternative option in this decision because there is only one viable mechanism, i.e. a single process to coordinate its execution. A user would use an user interface C9 0 1 to order a message distribution such as system shutdown. The order would be sent to the Control Server (C8 0 0 ) to execute. The Control Server would determine which banks are currently logged into the EFT system and then distribute the message to the banks. When designing the control server, a parallel issue was to determine how to detect bank login states. The decision in AR24 was to make use of Session tables which logged the states of current bank connections (I2 0 4 and I2 0 5 ). It is common that a number of indirectly related decisions may exist in parallel in an architecture design. The decisions arising from the issues usually have common mo- 118
Page 1 and 2:
A Rationale-based Model for Archite
Page 3 and 4:
maintenance. These techniques can h
Page 5 and 6:
Declaration This thesis contains no
Page 7 and 8:
2.2.6 DoD Architecture Framework .
Page 9 and 10:
5.4.6 Risk assessment in architectu
Page 11 and 12:
8.2 The architecture rationalisatio
Page 13 and 14:
12.2 Contributions . . . . . . . .
Page 15 and 16:
6.10 ≪AR≫ and ≪AAR≫ Stereot
Page 17 and 18:
11.13A Process to Synchronise Chang
Page 19 and 20:
5.13 Design Rationale Helps Evaluat
Page 21 and 22:
that architecture design is highly
Page 23 and 24:
1.2. Research motivations and resea
Page 25 and 26:
1.2. Research motivations and resea
Page 27 and 28:
1.4. Structure of the thesis the ch
Page 29 and 30:
Part I Problem Analysis 10
Page 31 and 32:
2.1. Industry practice of design ra
Page 33 and 34:
2.2. Architecture frameworks and de
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Chapter 3 Related work in design ra
Page 45 and 46:
3.2. Why do we need design rational
Page 47 and 48:
3.2. Why do we need design rational
Page 49 and 50:
3.3. Existing methods for capturing
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
3.4. Other related studies 3.3.7 Qu
Page 59 and 60:
3.4. Other related studies evolutio
Page 61 and 62:
3.5. How well design rationale meth
Page 63 and 64:
3.5. How well design rationale meth
Page 65 and 66:
Chapter 4 Research methodology and
Page 67 and 68:
4.1. Software engineering research
Page 69 and 70:
4.2. The chosen research and valida
Page 71 and 72:
Part II Architecture Design Rationa
Page 73 and 74:
on a regular basis. Their inputs ha
Page 75 and 76:
5.1. Architecture rationale in the
Page 77 and 78:
5.2. Survey methodology data collec
Page 79 and 80:
5.3. Survey findings experience). I
Page 81 and 82:
5.3. Survey findings Table 5.1: Fre
Page 83 and 84:
5.3. Survey findings Business Goals
Page 85 and 86: 5.3. Survey findings 5.3.5 Document
Page 87 and 88: 5.3. Survey findings Table 5.8 summ
Page 89 and 90: 5.3. Survey findings We used Spearm
Page 91 and 92: 5.3. Survey findings previous desig
Page 93 and 94: 5.4. Discussion of findings Since t
Page 95 and 96: 5.4. Discussion of findings or cons
Page 97 and 98: 5.5. Limitations and use design rat
Page 99 and 100: Part III The Representation and App
Page 101 and 102: 6.1. A conceptual model for design
Page 103 and 104: 6.2. Architecture Rationale and Ele
Page 105 and 106: 6.2. Architecture Rationale and Ele
Page 107 and 108: 6.3. Architecture elements Figure 6
Page 109 and 110: 6.4. Architecture rationale Figure
Page 111 and 112: 6.4. Architecture rationale • ris
Page 113 and 114: 6.4. Architecture rationale depicts
Page 115 and 116: 6.5. The extended AREL To prevent c
Page 117 and 118: 6.6. A UML representation of AREL a
Page 119 and 120: 6.6. A UML representation of AREL a
Page 121 and 122: 6.7. AREL usability AE by ≪AEsupe
Page 123 and 124: 6.8. Summary The AREL model is exte
Page 125 and 126: 7.1. The EFT system reasoning, a co
Page 127 and 128: 7.1. The EFT system The processing
Page 129 and 130: 7.1. The EFT system not chosen beca
Page 131 and 132: 7.1. The EFT system Figure 7.5: Int
Page 133 and 134: 7.1. The EFT system sequence checki
Page 135: 7.1. The EFT system Figure 7.7: Dec
Page 139 and 140: 7.1. The EFT system Figure 7.10: De
Page 141 and 142: 7.2. An empirical study to validate
Page 151 and 152: 7.3. Summary The case study is spec
Page 153 and 154: 8.1. Background Based on these assu
Page 155 and 156: 8.2. The architecture rationalisati
Page 163 and 164: 8.3. Other applications of ARM As d
Page 165 and 166: 8.3. Other applications of ARM Figu
Page 167 and 168: 8.3. Other applications of ARM area
Page 169 and 170: Chapter 9 Architecture rationale an
Page 171 and 172: 9.1. Background 9.1 Background In t
Page 173 and 174: 9.2. Traceability of architecture r
Page 175 and 176: 9.4. AREL and eAREL traceability ap
Page 185 and 186: Chapter 10 Architecture decision de
Page 187 and 188:
10.1. Background 10.1.2 Introductio
Page 189 and 190:
10.2. Building a BBN to represent a
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
10.3. Reasoning about change impact
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
10.5. Summary design object may cau
Page 211 and 212:
11.1. Capturing architecture design
Page 213 and 214:
11.1. Capturing architecture design
Page 215 and 216:
11.2. Checking AREL models Figure 1
Page 217 and 218:
11.3. Tracing AREL models Figure 11
Page 219 and 220:
11.4. Analysing AREL with BBN • S
Page 221 and 222:
11.5. Limitations Figure 11.13: A P
Page 223 and 224:
Chapter 12 Conclusions 12.1 Summary
Page 225 and 226:
12.2. Contributions reasoning metho
Page 227 and 228:
12.2. Contributions implementations
Page 229 and 230:
12.3. Future work architecture deci
Page 231 and 232:
12.3. Future work to examine the co
Page 233 and 234:
BIBLIOGRAPHY [10] B. W. Boehm, Soft
Page 235 and 236:
BIBLIOGRAPHY [37] A. Eden and R. Ka
Page 237 and 238:
BIBLIOGRAPHY [62] J. D. Herbsleb an
Page 239 and 240:
BIBLIOGRAPHY [89] N. Lassing, D. Ri
Page 241 and 242:
BIBLIOGRAPHY [115] D. L. Parnas,
Page 243 and 244:
BIBLIOGRAPHY [142] Z. Simsek and J.
Page 245 and 246:
BIBLIOGRAPHY [167] W. F. Tichy, N.
Page 247 and 248:
Appendix A AREL Tool User Manual 1
Page 249 and 250:
4.1 AREL Check Model When the Check
Page 251 and 252:
4.2 AREL Model Tracing AREL model t
Page 253 and 254:
Figure 9 - result of downward trace
Page 255 and 256:
To initiate the graph’s creation,
Page 257 and 258:
onto the diagram 14 Assign values t
Page 259 and 260:
Useful Definitions The following ar
Page 261 and 262:
) Some projects only c) Not at all
Page 263 and 264:
19. I revisit architecture design d
Page 265 and 266:
Complaint Procedure If you have any
Page 267 and 268:
Privacy Protection Only investigato
Page 269 and 270:
B. Exploring design reasoning. 1. W
Page 271 and 272:
3. Why does the system use asynchro
Page 273 and 274:
C. General Comments on AREL Modelli
Page 275:
IEEE Computer Society Press. A. Tan
show all

A Rationale-based Model for Architecture Design Reasoning

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?