A Rationale-based Model for Architecture Design Reasoning

More documents

Recommendations

Info

8.3. Other applications of ARM to ascertain its feasibility and cost. Requirements that need architectural investigations are called architectural level requirements. Requirements that do not require architectural investigations because their risks are low, become the concern of detailed system design activities. OCR and ICR depict the levels of uncertainties of a design in meeting its objectives. So they can be used to help determine whether further architecture design is required for the particular design area. Since the determination of OCR and ICR are semi-objective in nature, the acceptable level of risk becomes a semi-objective assessment and could be set to a defined acceptable level depending on projects. We choose to use 30% as a guide. Should either OCR or ICR be above this threshold, investigation or modelling at a more detailed level is required until the risk is reduced. Therefore, the following are the necessary conditions for the completeness of an architecture model: • All known non-functional requirements have been identified through requirements refinement. • All known architecture level requirements, functional and non-functional requirements, have corresponding linkages to design components through AR, directly or indirectly. • All design components have corresponding linkages through AR. • For each AR, OCR and ICR are below a defined threshold. Example 2: This is an example from the EFT system to illustrate how to complete an architecture design using risk assessment. This example follows from the payment message design illustrated in Figure 7.5. When the Alarm Service C6 0 0 is designed as a result of AR15, there is a hidden assumption that it would work for the peak loading scenario. This assumption has a risk associated with it. If the assumption is wrong, the design might not work. We quantify the risk factors using OCR. Also, there is also a gap in terms of how this mechanism could be implemented. In order to record multiple alarms, each alarm has to be identified using a unique key so that it could be associated with an expired payment message. The uncertainty of the design is a risk highlighted by ICR. Figure 8.2 shows this example and its design decision process based on risk assessments. The UNIX system call signal(2) and UNIX function call alarm(3) support the setting of a single clock alarm only, but we need multiple alarms to be set simultaneously. Furthermore, we want to be able to identify a payment message when an alarm has sounded. These two design issues indicate implementation uncertainties that need to be investigated. We found that Top End middleware provides a timeout mechanism that would resolve these 145
8.3. Other applications of ARM Figure 8.2: Risk Assessments of Alarm Services two issues. Top End can handle multiple alarm settings and when a timeout is reached, Top End can return an identifier that is associated with the timeout message. Therefore in the architecture decision AR35, we create a Alarm Receiver design (i.e. C6 0 1 ). In this design object, we have a function to set the alarm through a Top End call, passing the process identifier, the object identifier and the event identifier as parameters. We also design a function to cancel the alarm, a function to handle the alarm when it has sounded, and a function to log the alarm into the database for persistent storage. At this stage, it is clear that the architecture design is implementable without much risks. ICR is therefore set to 10%. The assumption that we initially make in AR15 is that the Alarm Services is capable of handling the performance requirements. Since we don’t know for sure, we have associated a risk factor in AR15. As shown in AR15, the outcome certainty risk is high (i.e. OCR = 40%) because we expect each service call would involve setting a Top End timeout call as well as inserting a record into the Oracle database. At this stage, we do not know whether there would be any performance issue. In order to reduce the risk that the design outcome is acceptable, we need to investigate further into the design. In decision AR35, we use requirement R2 3 2 peak load as an input to guide the decision. In order to ascertain that the use of a database table is a viable, a feasibility test was performed to ensure that 5000 records can be inserted and 5000 alarms can be set and reset by the Alarm Receiver within one hour. The feasibility test can simply be done by a prototype. The feasibility test demonstrated that such design should not create any performance problems. The OCR of AR35 is therefore set to 10%. 146
Page 1 and 2:
A Rationale-based Model for Archite
Page 3 and 4:
maintenance. These techniques can h
Page 5 and 6:
Declaration This thesis contains no
Page 7 and 8:
2.2.6 DoD Architecture Framework .
Page 9 and 10:
5.4.6 Risk assessment in architectu
Page 11 and 12:
8.2 The architecture rationalisatio
Page 13 and 14:
12.2 Contributions . . . . . . . .
Page 15 and 16:
6.10 ≪AR≫ and ≪AAR≫ Stereot
Page 17 and 18:
11.13A Process to Synchronise Chang
Page 19 and 20:
5.13 Design Rationale Helps Evaluat
Page 21 and 22:
that architecture design is highly
Page 23 and 24:
1.2. Research motivations and resea
Page 25 and 26:
1.2. Research motivations and resea
Page 27 and 28:
1.4. Structure of the thesis the ch
Page 29 and 30:
Part I Problem Analysis 10
Page 31 and 32:
2.1. Industry practice of design ra
Page 33 and 34:
2.2. Architecture frameworks and de
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Chapter 3 Related work in design ra
Page 45 and 46:
3.2. Why do we need design rational
Page 47 and 48:
3.2. Why do we need design rational
Page 49 and 50:
3.3. Existing methods for capturing
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
3.4. Other related studies 3.3.7 Qu
Page 59 and 60:
3.4. Other related studies evolutio
Page 61 and 62:
3.5. How well design rationale meth
Page 63 and 64:
3.5. How well design rationale meth
Page 65 and 66:
Chapter 4 Research methodology and
Page 67 and 68:
4.1. Software engineering research
Page 69 and 70:
4.2. The chosen research and valida
Page 71 and 72:
Part II Architecture Design Rationa
Page 73 and 74:
on a regular basis. Their inputs ha
Page 75 and 76:
5.1. Architecture rationale in the
Page 77 and 78:
5.2. Survey methodology data collec
Page 79 and 80:
5.3. Survey findings experience). I
Page 81 and 82:
5.3. Survey findings Table 5.1: Fre
Page 83 and 84:
5.3. Survey findings Business Goals
Page 85 and 86:
5.3. Survey findings 5.3.5 Document
Page 87 and 88:
5.3. Survey findings Table 5.8 summ
Page 89 and 90:
5.3. Survey findings We used Spearm
Page 91 and 92:
5.3. Survey findings previous desig
Page 93 and 94:
5.4. Discussion of findings Since t
Page 95 and 96:
5.4. Discussion of findings or cons
Page 97 and 98:
5.5. Limitations and use design rat
Page 99 and 100:
Part III The Representation and App
Page 101 and 102:
6.1. A conceptual model for design
Page 103 and 104:
6.2. Architecture Rationale and Ele
Page 105 and 106:
6.2. Architecture Rationale and Ele
Page 107 and 108:
6.3. Architecture elements Figure 6
Page 109 and 110:
6.4. Architecture rationale Figure
Page 111 and 112:
6.4. Architecture rationale • ris
Page 113 and 114: 6.4. Architecture rationale depicts
Page 115 and 116: 6.5. The extended AREL To prevent c
Page 117 and 118: 6.6. A UML representation of AREL a
Page 119 and 120: 6.6. A UML representation of AREL a
Page 121 and 122: 6.7. AREL usability AE by ≪AEsupe
Page 123 and 124: 6.8. Summary The AREL model is exte
Page 125 and 126: 7.1. The EFT system reasoning, a co
Page 127 and 128: 7.1. The EFT system The processing
Page 129 and 130: 7.1. The EFT system not chosen beca
Page 131 and 132: 7.1. The EFT system Figure 7.5: Int
Page 133 and 134: 7.1. The EFT system sequence checki
Page 135 and 136: 7.1. The EFT system Figure 7.7: Dec
Page 137 and 138: 7.1. The EFT system Therefore, in a
Page 139 and 140: 7.1. The EFT system Figure 7.10: De
Page 141 and 142: 7.2. An empirical study to validate
Page 151 and 152: 7.3. Summary The case study is spec
Page 153 and 154: 8.1. Background Based on these assu
Page 155 and 156: 8.2. The architecture rationalisati
Page 163: 8.3. Other applications of ARM As d
Page 167 and 168: 8.3. Other applications of ARM area
Page 169 and 170: Chapter 9 Architecture rationale an
Page 171 and 172: 9.1. Background 9.1 Background In t
Page 173 and 174: 9.2. Traceability of architecture r
Page 175 and 176: 9.4. AREL and eAREL traceability ap
Page 185 and 186: Chapter 10 Architecture decision de
Page 187 and 188: 10.1. Background 10.1.2 Introductio
Page 189 and 190: 10.2. Building a BBN to represent a
Page 197 and 198: 10.3. Reasoning about change impact
Page 209 and 210: 10.5. Summary design object may cau
Page 211 and 212: 11.1. Capturing architecture design
Page 213 and 214: 11.1. Capturing architecture design
Page 215 and 216:
11.2. Checking AREL models Figure 1
Page 217 and 218:
11.3. Tracing AREL models Figure 11
Page 219 and 220:
11.4. Analysing AREL with BBN • S
Page 221 and 222:
11.5. Limitations Figure 11.13: A P
Page 223 and 224:
Chapter 12 Conclusions 12.1 Summary
Page 225 and 226:
12.2. Contributions reasoning metho
Page 227 and 228:
12.2. Contributions implementations
Page 229 and 230:
12.3. Future work architecture deci
Page 231 and 232:
12.3. Future work to examine the co
Page 233 and 234:
BIBLIOGRAPHY [10] B. W. Boehm, Soft
Page 235 and 236:
BIBLIOGRAPHY [37] A. Eden and R. Ka
Page 237 and 238:
BIBLIOGRAPHY [62] J. D. Herbsleb an
Page 239 and 240:
BIBLIOGRAPHY [89] N. Lassing, D. Ri
Page 241 and 242:
BIBLIOGRAPHY [115] D. L. Parnas,
Page 243 and 244:
BIBLIOGRAPHY [142] Z. Simsek and J.
Page 245 and 246:
BIBLIOGRAPHY [167] W. F. Tichy, N.
Page 247 and 248:
Appendix A AREL Tool User Manual 1
Page 249 and 250:
4.1 AREL Check Model When the Check
Page 251 and 252:
4.2 AREL Model Tracing AREL model t
Page 253 and 254:
Figure 9 - result of downward trace
Page 255 and 256:
To initiate the graph’s creation,
Page 257 and 258:
onto the diagram 14 Assign values t
Page 259 and 260:
Useful Definitions The following ar
Page 261 and 262:
) Some projects only c) Not at all
Page 263 and 264:
19. I revisit architecture design d
Page 265 and 266:
Complaint Procedure If you have any
Page 267 and 268:
Privacy Protection Only investigato
Page 269 and 270:
B. Exploring design reasoning. 1. W
Page 271 and 272:
3. Why does the system use asynchro
Page 273 and 274:
C. General Comments on AREL Modelli
Page 275:
IEEE Computer Society Press. A. Tan
show all

A Rationale-based Model for Architecture Design Reasoning

Create successful ePaper yourself

Delete template?

Save as template?