Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Software Architecture > Architectural synthesis > Flashcards

Architectural synthesis Flashcards

1
Q

What is an architectural view?

A

A representation of a system from the perspective of a related set of
concerns [IEE00] (e.g. a concern in a distributed system is how the software components are allocated to network nodes). This representation is comprised of a set of system elements and the relationships associated with them [CBB+02].

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is an architectural pattern?

A

Architectural pattern = architectural style.
Pattern = focusing on problem-solution
Style = focusing on solution, not context

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a viewpoint?

A

A viewpoint focuses on relevant concerns
e.g. how is computation distributed over the nodes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

There exists 8 common used viewpoints, what are they?

A

Component interaction
Distribution
User interaction
Language extension
Adaptation
Data centered
Data flow
Layered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the layered view about?

A

In the Layered View the system is viewed as a complex heterogeneous entity that can be decomposed into interacting parts. The individual parts of the system are components that are decoupled as much as possible from one another. The interaction mechanisms between the components are implemented through
connectors that include appropriate interfaces, states, and interaction protocols.
——————————-
What are the parts that make up the whole system?
———————————–
How do these parts interact with each other?
——————————
How do the parts perform their functionality and still remain decoupled from each
other?
——————————-
How are the quality attributes of modifiability, portability, and performance
supported?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which pattern can be used with the layered view?

A

Layered architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the layered architecture pattern about?

A

A layer
- may only access the layer(s) below it
–Open = can depend on any lower layer
–Closed = only on the next one
- provides services to the layer above it through a well defined interface
- contains elements work on the same abstraction level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the data flow view about?

A

What are the elements that perform the transformations?
——————————————
What are the elements that carry the streams of data?
—————————————–
How are the two aforementioned types of elements connected to each other?
—————————————-
How are the quality attributes of modifiability, reusability, and integrability supported?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which patterns can be used with the data flow viewpoint?

A

pipes and filters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the pipes and filters pattern about?

A

a complex task is divided into several sequential subtasks. Each of these sub-tasks is implemented by a separate, independent component, a filter,
which handles only this task. Filters have a number of inputs and a number of outputs and they
are connected flexibly using pipes but they are never aware of the identity of adjacent filters.
———————————-
- transform input data
- consume and produce data incrementally
- are composed using pipes which stream data
———————————
The use of PIPES
AND FILTERS is advisable when little contextual information needs to be maintained between
the filter components and filters retain no state between invocations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the data-centered view about?

A

In the Data-centered View the system is viewed as a persistent, shared data store that is accessed and modified by a number of elements. The data store and the elements that access it are components. The data store is independent of
the components, and the components are usually independent of one another. It is possible that
there is more than one data store. The elements that transfer data written or read from the data
stores are connectors that are attached to the data store(s) and the accessors.
————————————–
* How is the shared data store created, accessed, and updated?
* How is data distributed?
* Is the data store passive or active, i.e. does it notify its accessors or are the accessors
responsible of finding data of interest to them?
* How does the data store communicate with the elements that access it?
* Do the accessor elements communicate indirectly through the shared data or also
directly with each other?
* How are the quality attributes of scalability, modifiability, reusability, and integrability
supported?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which pattern can be used with the data centered viewpoint?

A

Shared repository, active repository, blackboard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the shared repository pattern about?

A

In the SHARED REPOSITORY pattern one component of the system is used as a central data store, accessed by all other independent components. This SHARED REPOSITORY offers suitable means for accessing the data, for instance, a query API or language. The SHARED REPOSITORY must be scalable to meet the clients’ requirements, and it must ensure data consistency. It must handle problems of resource contention, for example by locking accessed data. The SHARED REPOSITORY might also introduce transaction mechanisms.
———————————————-
Advantage:
- you don’t have to send the data around (compare with micro-services?)
——————————————–
Challenges:
scalability, data consistency, resource contention handling, … as
needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the adaptation viewpoint about?

A

In the Adaptation View the system is viewed as a core part that remains invariable and an adaptable part that either changes over time or in different versions of a system. The two basic types of elements in this view are the invariable components and the adaptable
components (these are often called variation points). These two kinds of components communicate with each other through connectors that have clearly-specified interfaces.
—————————————–
* How can a system adapt to evolution over time or to multiple different versions of a basic
architecture?
* What is the system functionality that is more likely to change and what will possibly remain
invariable?
* How do the invariable parts communicate with the adaptable parts?
* How are the quality attributes of modifiability, reusability, evolvability, and integrability
supported?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which patterns can be used with the adaptation viewpoint?

A

Microkoernel
Reflection
Interceptor
Plugin architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the Microkernel pattern about?

A

A MICROKERNEL realizes services that all systems, derived from the system family, need and
a plug-and-play infrastructure for the system-specific services. Internal servers (not visible to clients) are used to realize version-specific services and they are only accessed through the MICROKERNEL. On the other hand, external servers offer APIs and user interfaces to clients by using the MICROKERNEL. External servers are the only way for clients to access the MICROKERNEL architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the plugin architecture pattern about?

A

The core application defines a well-defined set of interfaces or extension points that plugins can hook into. These extension points represent specific areas or functionalities within the application where plugins can provide additional functionality or behavior. The plugins, on the other hand, implement the defined interfaces or extension points to extend the functionality of the application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the language extension view about?

A

In the Language Extension View the system is viewed as a part that is native to the software/hardware environment and another part that is not. The native part of the application and the non-native part are components. These communicate
indirectly through another type of component, an interpreter component that “translates” the latter into the former. The connectors between these components are data that contain the program
instructions in the non-native language, as well as the internal state of the non-native part.
————————————————–
* How can a part of the system that is written in a nonnative language be integrated
with the software system?
* How can the non-native part be translated into the native environment?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which patterns can be used with the language extension viewpoint?

A

Interpreter
virtual machine
rule-based system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the interpreter pattern about?

A

An INTERPRETER for the language is provided, which provides both parsing facilities and an
execution environment. The program that needs to be interpreted is provided in form of scripts which are interpreted at runtime. These scripts are portable to each platform realization of the INTERPRETER. For instance, the INTERPRETER can define a class per grammar rule of the language. The parser of the interpreter parses language instructions according to these rules and
invokes the interpretation classes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the user interaction view about?

A

  • How is the user interface decoupled from the application logic?
  • How are the quality attributes of usability, modifiability, and reusability supported?
  • What is the data and the application logic that is associated to the user interface?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which patterns can be used with the interaction viewpoint?

A

MVC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the MVC pattern about?

A

The system is divided into three different parts: a Model that encapsulates some application data
and the logic that manipulates that data, independently of the user interfaces; one or multiple. Views that display a specific portion of the data to the user; a Controller associated with each. View that receives user input and translates it into a request to the Model. Views and Controllers constitute the user interface. The users interact strictly through the Views and their Controllers, independently of the Model, which in turn notifies all different user interfaces about updates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the component interaction view view about?

A

In the Component Interaction View the system is viewed as a number of independent components that interact with each other in the context of a system. The components retain their independence, since they merely exchange data but do not directly
control each other. The components interact with each other through connectors that pass data
from one to another.
————————–
* How do the independent components interact with each other?
* How are the individual components decoupled from each other?
* How are the quality attributes of modifiability and integrability supported?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which patterns can be used with the component interaction viewpoint?
Client-sever peer to peer publish/subscribe implicit invocation
26
What is the client server pattern about?
Problem: two distributed components need to communicate, one needing the service of another --------------------------------------- The CLIENT-SERVER pattern distinguishes two kinds of components: clients and servers. The client requests information or services from a server. To do so it needs to know how to access the server, that is, it requires an ID or an address of the server and of course the server’s interface. The server responds to the requests of the client, and processes each client request on its own. It does not know about the ID or address of the client before the interaction takes place
27
What is the peer to peer pattern about?
Problem: how to have a network in which there is no single point of failure? -------------------------------------------- In the PEER-TO-PEER pattern each component has equal responsibilities, in particular it may act both as a client and as a server. Each component offers its own services (or data) and is able to access the services in other components. The PEER-TO-PEER network consists of a dynamic number of components. A PEER-TO-PEER component knows how to access the network. Before a component can join a network, it must get an initial reference to this network ---------------------------------- Advantage: - No single point of failure - Extremely scalable ------------------------------ Disadvantages - Clients contribute a lot of resources (prohibitive on mobile phones) - Can’t bad bad actors
28
What is the publish/subscribe pattern about?
Problem: Event consumers and producers should be decoupled. Many consumers should receive events from one producer --------------------------------------------------- PUBLISH-SUBSCRIBE allows event consumers (subscribers) to register for specific events, and event producers to publish (raise) specific events that reach a specified number of consumers. The PUBLISH-SUBSCRIBE mechanism is triggered by the event producers and automatically executes a callback-operation to the event consumers. The mechanism thus takes care of decoupling producers and consumers by transmitting events between them.
29
What is the distribution view about?
In the Distribution View the system is viewed as a number of components that are distributed among network nodes (or different processes). The components are physically located in different network nodes or processes. They interact with each other through connectors that pass invocations or data from one to another. The details of these interactions can be better explained in the Component Interaction View. ---------------------------------------- * How do the distributed components interact with each other? * How are the distributed components decoupled from each other? * How are the quality attributes of interoperability, location-transparency, performance, and modifiability supported?
30
Which patterns can be used with the distribution view?
Message queue Broker Microservices Monolith?
31
What is the Message queue pattern about?
Problem: Invocations need to be sent over a network and be robust to outages of the receiver; also asynchronous communication is needed. ---------------------------------- Producer puts request into a queue - and can continue to operate Consumer pulls requests from the queue and processes Senders and receivers are decoupled in time and space
32
What is the event broker pattern about?
Problem: how do we update a consumer about a state change while keeping them decoupled from the producers --------------------------------------- Consumers “subscribe” to events and receive notifications when they occur. ---------------------------------------- Producer is not aware of the consumer who receives it --------------------------------------- The event broker in the middle - allows both parties to scale and evolve in a loosely coupled manner - might stores events or not ---------------------------------------- Challenges: Broker should be - scalable - high performant - fault-tolerant
33
What is the microservices pattern about?
Problem: You need a highly available and scalable system / you have hundreds of developers and you need to give evolve differently ---------------------------------------------------- Services - run independently - deployed independently - can use different technologies - can be scaled independently ------------------------------------ Challenges - communication complexity (CAP theorem: consistency, availability, and partitioning… => eventual consistency) - performance - return of the monolith
34
What is a monolith?
a monolith refers to a software application or system that is built as a single, self-contained unit. It is characterized by having all of its components tightly coupled together and running within a single deployment artifact, such as a single executable or a single web application. ---------------------------------------- Key characteristics: - Single process - Tight coupling - Scalability Challenges - Deployment and versioning
35
Why is synthesis important?
- Proposed architecture defines the framework in which the rest of the development will fit in - Think monolith vs. microservices ---------------------------------- - Forces you to think deep upfront - Even if often it must be iterated (just as in real architecture)
36
What is architectural synthesis?
proposing a collection of architecture solutions to address the ASR that are identified during architectural analysis. This activity links the problem to the solution space.
37
Why is it that we cannot have a rational design process?
Stakeholders do not necessarily know what they want or are unable to tell all they know.
38
What can we do to a rational design process?
We can fake it. Fake end result = appears as if a rational process was followed: - Requirements are clear, - design is well-described, - it is argued that design meets requirements
39
What is the 5 steps in the fake synthesis process
1. Choose architectural style(s)/patterns according to quality requirements --------------------------------------------------- 2. Create overall, tentative structure Q1: What is the context of the system? Describe tentatively the other systems and actors the system interacts with Q2: What functionality is needed? Describe tentatively components (i.e. functionality) & connectors Describe where components are to be deployed Q3: How do you divide the work of implementing functionality? Describe tentative modules (e.g. packages). The result of (2) is the set of initial architectural UML models corresponding to the 3+1 approach ------------------------------------------------- 3. Refine initial structure through quality attribute scenarios: For each quality attribute scenario apply architectural tactics for the main quality attribute. Consider applying tactics also for quality attributes for which you do not have scenarios. (The result of (3) are refined UML models) ----------------------------------------------------- 4. Consider architectural and business qualities. Conceptual integrity – Could you increase integrity by doing similar things in similar ways? Correctness and completeness - Do you cover functional requirements correctly? Feasibility - With the resources available, is it possible to realize the system? ---------------------------------------------------- 5. Maintain an architectural backlog * For each step, note questions and uncertainty in the backlog * Many decisions might need to be taken when more information is available – Detailed design, architectural prototyping, implementation …
40
What is architectural tactics?
Architectural decisions that influence the achievement of quality attribute. They directly affect system’s response to a stimulus. Collection of tactics = strategy E.g., Heartbeat to control availability ----------------------- If no pattern exists for a given goal, tactics can construct a solution from “first principles”
41
Which categories of tactics exists? There is 7
1. Availability 2. Modifiability 3. Performance 4. Security 5. Testability 6. Usability 7. Interoperability
42
What is availbility tactics about?
Availability tactics, therefore, are designed to enable a system to endure system faults so that a service being delivered by the system remains compliant with its specification ------------------------- Availability tactics … keep *faults* from becoming *failures*!
43
What is a failure?
when the system no longer delivers a service consistent with its specification – observable by the users
44
What is a fault?
A fault is a malfunction that has the potential to cause a failure.
45
Which 3 sub categories are there of availbility tactics?
Detect faults Recover from faults Prevent faults
46
In availability tactics which approaches exist to detect faults?
Monitor Ping/Echo Heartbeat Timestamp Condition Monitoring Sanity checking Voting Exception Detection Self-Test
47
In availability tactics which approaches exist to recover from faults?
Preparation and repair --> Redundant spare rollback exception handling software upgrade retry ignore faulty behavior graceful degradation reconfiguration ------------------------------------ reintroduction --> shadow state resynchronization escalating restart nonstop forwarding
48
In availability tactics which approaches exist to prevent faults?
Removal from service transaction predictive model exception prevention increase competence set
49
In detect faults explain the following tactics; ping/echo, heartbeat, monitor, voting, exception detection, self-test, timestamp, sanity checking
Ping/echo: request/response message pair exchanged between nodes, used to determine reachability and the round-trip delay through the associated network path. ------------------ Heartbeat: a periodic message exchange between a system monitor and a process being monitored. ---------------- Monitor: a component used to monitor the state of health of other parts of the system. A system monitor can detect failure or congestion in the network or other shared resources, such as from a denial-of-service attack. -------------------- Voting: to check that replicated components are producing the same results. Comes in various flavors: replication, functional redundancy, analytic redundancy. ------------------ Exception Detection: detection of a system condition that alters the normal flow of execution, e.g. system exception, parameter fence, parameter typing, timeout. --------------------- Self-test: procedure for a component to test itself for correct operation. ---------------------- Timestamp: used to detect incorrect sequences of events, primarily in distributed message- passing systems. --------------------------- Sanity Checking: checks the validity or reasonableness of a component’s operations or outputs; typically based on a knowledge of the internal design, the state of the system, or the nature of the information under scrutiny.
50
In Recover from Faults explain the following tactics; active redundancy, passive redundancy, spare, exception handling, rollback, retry. ignore faulty behavior, degradation, shadow, escalating restart
Active Redundancy (hot spare): all nodes in a protection group receive and process identical inputs in parallel, allowing redundant spare(s) to maintain synchronous state with the active node(s). ------------------------------ Passive Redundancy (warm spare): only the active members of the protection group process input traffic; one of their duties is to provide the redundant spare(s) with periodic state updates ------------------------------. Spare (cold spare): redundant spares of a protection group remain out of service until a fail-over occurs, at which point a power-on-reset procedure is initiated on the redundant spare prior to its being placed in service ----------------------- Exception Handling: dealing with the exception by reporting it or handling it, potentially masking the fault by correcting the cause of the exception and retrying. -------------------- Rollback: revert to a previous known good state, referred to as the “rollback line”. --------------------- Retry: where a failure is transient retrying the operation may lead to success. ------------------- Ignore Faulty Behavior: ignoring messages sent from a source when it is determined that those messages are spurious. ------------------- Degradation: maintains the most critical system functions in the presence of component failures, dropping less critical functions. ----------------------- Shadow: operating a previously failed or in-service upgraded component in a “shadow mode” for a predefined time prior to reverting the component back to an active role. ------------------ Escalating Restart: recover from faults by varying the granularity of the component(s) restarted and minimizing the level of service affected.
51
In prevent faults explain the following tactics;
Removal From Service: temporarily placing a system component in an out-of-service state for the purpose of mitigating potential system failures -------------------- Transactions: bundling state updates so that asynchronous messages exchanged between distributed components are atomic, consistent, isolated, and durable. --------------------- Predictive Model: monitor the state of health of a process to ensure that the system is operating within nominal parameters; take corrective action when conditions are detected that are predictive of likely future faults.
52
What is modifiability tactic about?
Tactics to control modifiability have as their goal controlling the complexity of making changes, as well as the time and cost to make changes.
53
What 3 sub categories exists in modifiability tactics?
Increase cohesion Reduce Coupling Defer Binding
54
In modifiability tactics which approaches exist to increase cohesion?
Split module Redistribute responsibilities
55
In modifiability tactics which approaches exist to reduce coupling?
Encapsulate Use an intermediary Abstract Common services Restrict Dependencies
56
In modifiability tactics which approaches exist to defer binding?
Component replacement Couple-time parameterization Aspects Configuration-time binding resource files discovery interpret parameters shared repositories polymorphism
57
In Increase cohesion explain the following tactics; split modules, increase semantic coherence
Split Module: If the module being modified includes a great deal of capability, the modification costs will likely be high. Refining the module into several smaller modules should reduce the average cost of future changes. ------------------------------------------------- Increase Semantic Coherence: If the responsibilities A and B in a module do not servethe same purpose, they should be placed in different modules. This may involve creating a new module or it may involve moving a responsibility to an existing module.
58
In reduce coupling explain the following tactics; encapsulate, use an intermediary, restrict dependencies
Encapsulate: Encapsulation introduces an explicit interface to a module. This interface includes an API and its associated responsibilities, such as “perform a syntactic transformation on an input parameter to an internal representation.” ---------------------- Use an Intermediary: Given a dependency between responsibility A and responsibility B (for example, carrying out A first requires carrying out B), the dependency can be broken by using an intermediary. ------------------------- Restrict Dependencies: restricts the modules which a given module interacts with or depends on
59
In defer binding In general, the later in the life cycle we can bind values, the better for modifiability
* Runtime registration * Configuration files * Polymorphism * Component replacement * Adherence to defined protocols
60
What is performance tactic about?
The goal of performance tactics is to generate a response to an event arriving at the system within some time-based constraint. The event can be single or a stream and is the trigger to perform computation. Performance tactics control the time within which a response is generated
61
What 2 sub categories exist in performance tactics?
Control Resource Demand Manage Resources
62
In performance tactics which approaches exist to Control Resource Demand?
Manage work requests Limit event response Prioritize events Reduce computational overhead Bound execution Times Increase efficiency
63
In performance tactics which approaches exist to manage resources?
Increase resources Introduce concurrency Maintain multiple copies of computations Maintain multiple copies of data Bound queue sizes Schedule resources
64
In Control resource demands explain the following tactics; Manage sampling rate, Limit event response, prioritize events, reduce overhead, bound execution times
Manage Sampling Rate: If it is possible to reduce the sampling frequency at which a stream of data is captured, then demand can be reduced, typically with some loss of fidelity. -------------------- Limit Event Response: process events only up to a set maximum rate, thereby ensuring more predictable processing when the events are actually processed. ------------------- Prioritize Events: If not all events are equally important, you can impose a priority scheme that ranks events according to how important it is to service them. ---------------------- Reduce Overhead: The use of intermediaries (important for modifiability) increases the resources consumed in processing an event stream; removing them improves latency. (e.g. Eclipse) ----------------------- Bound Execution Times: Place a limit on how much execution time is used to respond to an event. (e.g. finding bugs)
65
In Mangage resources explain the following tactics; Increase resources, Increase concurrency, Maintain multiple copies of computations, Maintain multiple copies of data, Schedule resources
Increase Resources: Faster processors, additional processors, additional memory, and faster networks all have the potential for reducing latency. -------------------------- Increase Concurrency: If requests can be processed in parallel, the blocked time can be reduced. Concurrency can be introduced by processing different streams of events on different threads or by creating additional threads to process different sets of activities. ---------------------------- Maintain Multiple Copies of Computations: The purpose of replicas is to reduce the contention that would occur if all computations took place on a single server. -------------------------------- Maintain Multiple Copies of Data: keeping copies of data (possibly one a subset of the other) on storage with different access speeds. (E.g. in-memory caching) ------------------------ Schedule Resources: When there is contention for a resource, the resource must be scheduled. – FIFO – Fixed-priority scheduling – Dynamic priority scheduling – Static scheduling
66
Security has 3 main characteristics, what are they?
CIA - Confidentiality is the property that data or services are protected from unauthorized access - Integrity is the property that data or services are not subject to unauthorized manipulation - Availability is the property that the system will be available for legitimate use.
67
What is security tactic about?
One method for thinking about how to achieve security in a system is to think about physical security. Secure installations have limited access (e.g., by using security checkpoints), have means of detecting intruders (e.g., by requiring legitimate visitors to wear badges), have deterrence mechanisms such as armed guards, have reaction mechanisms such as automatic locking of doors, and have recovery mechanisms such as off-site backup
68
What 4 sub categories exist in security tactics?
Detect Attacks Resist Attacks React to Attacks Recover from Attacks
69
In security tactics which approaches exist to Detect attacks?
Detect intrusion Detect Service Denial Verify Message Integrity Detect Message Delivery Anomalies
70
In security tactics which approaches exist to Resist attack?
Identify actors Authenticate Actors Authorize Actors Limit access Limit Exposure Encrypt Data Separate entities Validate input Change credential settings
71
In security tactics which approaches exist to React to attacks?
Revoke Access Restrict login Inform actors
72
In security tactics which approaches exist to Recover from attacks?
Audit Nonrepudiation
73
In detect attacks explain the following tactics; detect intrustion, detect service denial, verify message integrity
Detect Intrusion: compare network traffic or service request patterns within a system to a set of signatures or known patterns of malicious behavior stored in a database. ----------- Detect Service Denial: comparison of the pattern or signature of network traffic coming into a system to historic profiles of known Denial of Service (DoS) attacks. ---------- Verify Message Integrity: use techniques such as checksums or hash values to verify the integrity of messages, resource files, deployment files, and configuration files.
74
In resist attacks explain the following tactics; authenticate actors, authorize actors, limit access, encrypt data
Authenticate Actors: ensure that an actor (user or a remote computer) is actually who or what it purports to be. -------------------- Authorize Actors: ensuring that an authenticated actor has the rights to access and modify either data or services. --------------------- Limit Access: limiting access to resources such as memory, network connections, or access points (e.g. not every user should be able to delete tables from DB) ----------------------- Encrypt Data: apply some form of encryption to data and to communication.
75
In react to attacks explain the following tactics; revoke access, inform actors
Revoke Access: limit access to sensitive resources, even for normally legitimate users and uses, if an attack is suspected. ------------ Inform Actors: notify operators, other personnel, or cooperating systems when an attack is suspected or detected.
76
In recover from attacks explain the following tactics; audit
Audit: keep a record of user and system actions and their effects, to help trace the actions of, and to identify, an attacker.
77
What is testability tactic about?
The goal of tactics for testability is to allow for easier testing when an increment of software development is completed
78
What 2 sub categories exist in testability tactics?
Control and observe system state Limit complexity
79
In testability tactics which approaches exist to contorl and observe system state?
Specialized interfaces record/playback localize state storage abstract data sources sandbox executable assertions
80
In testability tactics which approaches exist to limit complexity?
Limit structural complexity Limit nondeterminism
81
What is usability tactic about?
usability is concerned with how easy it is for the user to accomplish a desired task, as well as the kind of support the system provides to the user. Researchers in human-computer interaction have used the terms user initiative, system initiative, and mixed initiative to describe which of the human-computer pair takes the initiative in performing certain actions and how the interaction proceeds.
82
What 2 sub categories exist in usability tactics?
Support user initiative Support system initiative
83
In usability tactics which approaches exist to support user initiative?
Cancel Undo Pause/Resume Aggregate
84
In usability tactics which approaches exist to support system initiative?
Maintan Task Model Maintain User Model Maintain System Model
85
What is interoperability tactic about?
Interoperability is the ability of systems or components to exchange and interpret data or services correctly, regardless of their differences in implementation, platforms, or technologies.
86
What 2 sub categories exist in interoperability tactics?
Locate Manage interfaces
87
In interoperability tactics which approaches exist to locate?
Discover service
88
In interoperability tactics which approaches exist to Manage interfaces?
Orchestrate Tailor Interface

Software Architecture (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions