Software Development Architecture Review Process

Guidelines for Architecture Reviews

The Software Engineering Institute has produced a variety of whitepapers and publications in the area of Architecture Evaluation. In this case, we're suggesting the approach outlined in Software Architecture in Practice. The main concern of an Architecture Review is to establish if all those qualities of a system that are orthogonal to the funcionality are considered and some mechanism has been suggested to address the particular attribute. Most projects will discover their own Non-Functional Requirements and this is always a good place to start. Just keep in mind that because of the particular scope of a project, these requirements may not cover all the Quality Attributes that are desirable in the architecture. Our review should attempt to evaluate even those that were not defined in the scope.

Because many interpretations are possible, we suggest adopting the approach of describing scenarios where each attribute can be observed, making sure each scenario includes the particular condition and the response considered.

Architecture Quality Attributes along with some typical scenarios observed in web applications:

• Availability
  • A power outage during normal operation forces the database to become unavailable. Static areas of the site remain available during the power outage.
  • A hardware failure during normal operation forces one of the web servers to crash. Degraded performance of the overall infrastructure until the server is fixed.

• Modifiability
  • A business user requests a copy change to a particular page while the site is running. Change is completed with no side-effects within one business day.

• Performance
  • An average load of 1000 concurrent sessions are served by the site under normal conditions. Site serves all sessions with an average latency of five seconds.

• Scalability
  • Growth forecast indicates that average load will surpass current capacity. Additional servers are added to the infrastructure without requiring modification to the application within two days.

• Security (Authentication, Authorization, Storage and Transmission Encryption)
  • A non-authenticated users attempts to request a protected page. Site responds by presenting login page before serving the page.

• Testability
  • A developer attempts to introduce a new feature to the application. An automated test suite indicates if the new feature breaks functionality in other areas.

• Usability
  • A new user attempts to complete a transaction under normal conditions. The user is capable of reaching the end point of the transaction within 5 minutes without requiring assistance.

Although the list above may be augmented, make sure you understand the concept of Quality Attributes and their difference from specific tactics.

What follows is a list of elements that need to be analyzed in this context to decide if they belong in the list above:

• Deployment Automation Concerns
• Internationalization / Localization
• Administration interfaces (sysop and super users)
• External Interface Definition and Testability
• Legacy data migration / cutover strategy

In addition to Quality Attributes, the Architecture Review should evaluate how well a project is leveraging existing frameworks, at the same time that is collaborating to the improvement of the Blast Radius service offering.