Building Dependable Software

Strategic technology advice for building dependable business-critical software

Dr. Jayaraj Poroorhttp://jayaraj.poroor.com

Overview

The land of requirements

The land of dependable software

● Architecting● Analysis● Feasibility Studies● Prototyping

The gap needs to be filled by employing the right technology strategies.

Semantic gap between requirements and dependable code.

● It will take a lot of bugs to kill a typical software - but a single strategic mistake is enough.

Bugs vs Strategic Mistakes

$170 million project scrapped700,000 lines of unusable code written

“The [VCF] architecture was developed without adequate assessment of alternatives and conformance to various architectural standards.”

Assessment Report by Aerospace Corp.[IEEE Spectrum]

FBI’s Virtual Case File project

What is Software Architecture?A complex jigsaw that connects together

frameworks, libraries, modules, data stores, platforms, app servers into a robust system.

●

Functionality is only a part of the puzzle.

Functional vs Non-functional requirements

Domain

Functionality

Stability Extensibility

Performance

SecurityScalability

A system that can collapse any time

Good vs Bad Architecture

A system that can gracefully handle stress

vs

● load● attacks● changes

Benefits of proper software architecture● Stability● Scalability● Performance● Security● Reduced code complexity● Extensibility

Data architecture is especially important

“Show me your flowcharts and conceal your tables, and I shall continue to be mystified. Show me your tables, and I won't usually need your flowcharts; they'll be obvious.”

Fred BrooksComputer Pioneer & Turing Award* Winner

* Turing Award is Computer Science equivalent of Nobel Prize

Data Architecture: Good vs Bad

System Requirements

Wrong Data Architecture

System Requirements

Right Data Architecture

vs

Not all application data are equal

BasicDomainData

Time-taggedLog Data

RelationshipData

UnstructuredText

SessionData

The same application may have diverse data requirements.

Force fit all data into the same data store?● Poor performance/scalability● Complex application code

○ Slow/buggy

Application’s diverse data requirements.

A single data store won’t fit all requirements

Hybrid Data Architecture

● Use the right kind of data store for each different kind of data requirement.

Data stores: the sheer variety!

Key-value Stores

DistributedKey-value Stores

In-ProcessKey-value Stores

Un/Semi-structuredsearch databases Time-series

databasesColumn-family

databasesDocumentdatabases

Graphdatabases

Relationaldatabases

In-process SQLdatabases

XMLdatabases

Logic-baseddatabases

Frameworks are important too!

Frameworks support the code we write.

Choices are many!

Ruby on Rails

Groovyon Grails

Express(Node.js)

Spring

CakePHP

Client-side frameworks, e.g. AngularJS

Security: Protect your precious data!Security incidents result in serious financial losses

and lost credibility

Cross-siteScripting

XSRF

SQLInjection

Use of Vulnerable Libraries

Rework is costly

● Architectural mistakes are strategic mistakes - costly to correct○ e.g., migrating from a bad framework or

migrating to a new data store.

● Investment in architecture will save you time, money, and your reputation tomorrow

Strategic decisions must be based on hard data

“In God we trust; all others must bring data.”

Edward Deming*

*The man behind Japanese post-war industrial revolution

Strategic technology activities● Architecture Performance & Scalability

Study.● Framework Comparative Analysis.● Architecture Vulnerability Assessment.● Technology Feasibility Study.● Technology Prototyping.

Performance & Scalability

● Scalability is important but not everyone needs to be Google or Twitter.○ Over-architecting can be expensive. ○ Under-architecting can be disastrous.

“Premature optimization is the root of all evil.”Don Knuth.

Performance & Scalability1. Study Requirements.2. Start with a simple architecture.3. DO

Model the architecture, simulate (in AWS with actual VMs), and collect performance data.Identify bottlenecks.Incrementally modify the architecture.

ITERATE UNTILPERFORMANCE IS SUFFICIENT

You’re unsure whether to really go with framework A, B, C, or D?

How to decide? Roll a dice?

Choosing the right framework

Analyze data from various sources so that you can make an informed decision.

Framework Comparative Analysis

Concrete trend metrics

● Stable?● Active?● Growing community?● Library availability?● Support?● Security Issues?

Analysis will show framework trend metrics.

Architecture Vulnerability Assessment

Analysis should help identify security weak links in your system architecture.

Analysis should reveal whether libraries, frameworks, platforms you are using have any

serious security issues.

Using an insecure library?

When you explore fresh & challenging application domains feasibility study report will be your map.

Technology Feasibility Study

Nothing beats building an actual prototype when exploring new & challenging domains.

Technology Prototyping

“The map is not the territory.” “I do and I understand.”- - Confucious

Thank You

jayaraj.poroor@gmail.comhttp://jayaraj.poroor.com

Peace of mind with dependable software.