The document discusses various architectural tactics that can be used to achieve different qualities like modifiability, testability, usability, availability, and performance. It defines tactics as design decisions that influence how a system responds to stimuli related to a quality attribute. For each quality, it outlines specific tactics and how they work. For example, for modifiability it discusses tactics like localizing modifications, preventing ripple effects, and deferring binding time. For testability, it covers input/output and internal monitoring tactics.
Metodología de desarrollo de software basada en componentesEmmanuel Fontán
Metodología de desarrollo de software basada en componentes, trabajo para la Cátedra de Metodología de Sistemas 1 de la Universidad Nacional de Entre Ríos, en el año 2010
Metodología de desarrollo de software basada en componentesEmmanuel Fontán
Metodología de desarrollo de software basada en componentes, trabajo para la Cátedra de Metodología de Sistemas 1 de la Universidad Nacional de Entre Ríos, en el año 2010
Testing throughout the software life cycle - Testing & Implementationyogi syafrialdi
The development process adopted for a project will depend on the project aims and goals. There are numerous development life cycles that have been developed in order to achieve different required objectives.
The development process adopted for a project will depend on the project's aims and goals.
The models specify the various stages of the process and the order in which they are carried out.
The way testing is organized must fit the development life cycle or it will fail to deliver its benefit.
In this Business Analysis Training, you will learn SDLC. Topics covered in this session are:
• SDLC (Software Development Life Cycle)
• Types of SDLC Methodologies
• Waterfall Approach
• Incremental Approach
• Iterative Approach
• Difference between Incremental and Iterative
• Prototype Approach
• Spiral Approach
For more information, click on this link:
https://www.mindsmapped.com/courses/business-analysis/sdlc-training-for-beginners/
In this Business Analysis Training, you will learn SDLC. Topics covered in this session are:
• SDLC (Software Development Life Cycle)
• Types of SDLC Methodologies
• Waterfall Approach
• Incremental Approach
• Iterative Approach
• Difference between Incremental and Iterative
• Prototype Approach
• Spiral Approach
For more information, click on this link:
https://www.mindsmapped.com/courses/business-analysis/fundamentals-of-business-analysis/
Best Practices for Implementing Automated Functional TestingJason Roy
In the fast-paced world of software development, automated functional testing has become indispensable for ensuring the quality and reliability of applications. However, implementing automated testing effectively requires careful planning, strategic execution, and adherence to best practices. This comprehensive guide explores the key principles and strategies for successfully implementing automated functional testing in your organization.
Renewable energy is energy that is collected from renewable resources that are naturally replenished on a human timescale. It includes sources such as sunlight, wind, the movement of water, and geothermal heat.[2] Although most renewable energy sources are sustainable, some are not. For example, some biomass sources are considered unsustainable at current rates of exploitation.[3][4] Renewable energy often provides energy for electricity generation to a grid, air and water heating/cooling, and stand-alone power systems.
Since 2011, the amount of renewable Energies within global production grew from 20 to 28%. Thereby fossil and nuclear production shrunk from 68 to 60% and 12 to 10%. The share of hydrogenpower decreased from 16 to 15% while power from sun and wind increased from 2 up to 10% while bio- and biothermal energies grew from 2 on 3%. There are 3.146 Gigawatt installed in 135 countries, while 156 countries have laws ruling renewable energie sector.Renewable energy technology projects are typically large-scale, but they are also suited to rural and remote areas and developing countries, where energy is often crucial in human development.[22][23] As most of the renewable energy technologies provide electricity, renewable energy is often deployed together with further electrification, which has several benefits: electricity can move heat or objects efficiently, and is clean at the point of consumption.[24][25] In addition, electrification with renewable energy is more efficient and therefore leads to significant reductions in primary energy requirements.[26] In 2021, China accounted for almost half of the global increase in renewable electricity.Renewable energy stands in contrast to fossil fuels, which are being used far more quickly than they are being replenished. Renewable energy resources and significant opportunities for energy efficiency exist over wide geographical areas, in contrast to other energy sources, which are concentrated in a limited number of countries. Rapid deployment of renewable energy and energy efficiency, and technological diversification of energy sources, would result in significant energy security and economic benefits.[17] Solar and wind power have got much cheaper.[30] In some cases it will be cheaper to transition to these sources as opposed to continuing to use the current, inefficient, fossil fuels. It would also reduce environmental pollution such as air pollution caused by the burning of fossil fuels, and improve public health, reduce premature mortalities due to pollution and save associated health costs that could amount to trillions of dollars annually.[31][32] Multiple analyses of decarbonization strategies have found that quantified health benefits can significantly offset the costs of implementing these strategies.[33][34]
Climate change concerns, coupled with the continuing fall in the costs of some renewable energy equipment, such as wind turbines and solar panels, are driving increased use.
Software Testing Strategies, General Characteristics of Strategic Testing, Verification and Validation, Organizing for Software Testing, A Strategy for Testing Conventional Software, Levels of Testing for Conventional Software, Testing Strategy applied to Conventional Software, Startegic Issues-Ensuring a Successful Software Test Strategy, Fundamentals of Software Engineering
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
2. Introduction
• We are interested in how the architect achieves
particular qualities
• Our interest is in the tactics used by the
architect to create a design using design
patterns, architectural patterns, or architectural
strategies
• the tactics chosen will guide the architectural
decisions.
• The connection between quality attribute
requirements and architectural decisions is the
subject of this chapter.
3. Introducing Tactics
• A tactic is a design decision that influences the
control of a quality attribute response
• We call a collection of tactics an architectural
strategy
• Each tactic is a design option for the architect
Tactics to Control
Response
Stimulus Response
4. Introducing Tactics
• Tactics can refine other tactics
▫ For each quality attribute that we discuss, we
organize the tactics as a hierarchy
• Patterns package tactics
▫ e.g., A pattern that supports availability will likely
use both a redundancy tactic and a
synchronization tactic
• We are not inventing tactics here, just capturing
what architects do in practice
5. Modifiability Tactics
• Tactics have their goal controlling the time and
cost to implement, test, and deploy changes
• We organize the tactics for modifiability in sets
according to their goals.
Tactics to Control
Modifiability
Change Arrives Changes Mode, Tested
and Deployed Within
Time and Budget
6. Localize Modifications
• Its goal reducing the number of modules that
are directly affected by a change.
• Restricting modifications to a small set of
modules will generally reduce the cost.
• It is to assign responsibilities to modules during
design such that anticipated changes will be
limited in scope.
▫ Maintain semantic coherence
▫ Anticipate expected changes
▫ Generalize the module
▫ Limit possible options
7. Localize Modifications
Maintain semantic coherence
• Semantic coherence refers to the relationships
among responsibilities in a module.
• The goal is to ensure that all of these
responsibilities work together without excessive
reliance on other modules.
• Providing abstract common services.
▫ Modifications to them will need to be made only
once rather than in each module where the
services are used
▫ Examples : the use of application frameworks and
the use of other middleware software.
8. Localize Modifications
Anticipate expected changes
• Considering the set of envisioned changes
provides a way to evaluate a particular
assignment of responsibilities
• How is this different from semantic coherence?
▫ Assigning responsibilities based on semantic
coherence assumes that expected changes will be
semantically coherent
▫ Anticipate expected changes does not concern
itself with the coherence of a module's
responsibilities but rather with minimizing the
effects of the changes
10. Localize Modifications
Limit possible options
• Modifications may be far ranging and hence
affect many modules.
• Restricting the possible options will reduce the
effect of these modifications
• Example : Restricting processor changes to
members of the same family limits the possible
options
11. Prevent the ripple effect
• A ripple effect from a modification is the
necessity of making changes to modules not
directly affected by it
• its goal limiting modifications to the localized
modules
• We begin our discussion by discussing the
various types of dependencies that one module
can have on another
12. Prevent the ripple effect
Various types of dependencies
• Syntax of - data ,service
• Semantics of – data , service
• Sequence of - data , service
• Identity of an interface of A
• Location of A
• Quality of service/data provided by A
• Existence of A
• Resource behavior of A
13. Prevent the ripple effect
Hide Information
• choosing which information/responsibilities to
make private and which to make public
• The public responsibilities are available through
specified interfaces
• It is strongly related to "anticipate expected
changes" because it uses those changes as the
basis for decomposition.
14. Prevent the ripple effect
Maintain existing interface
• Maintaining the interface of A and its syntax
allows B to remain unchanged.
• This tactic will not necessarily work if B has a
semantic dependency on A
• Interface stability can also be achieved by
separating the interface from the
implementation
• Patterns that implement this tactic include
▫ Adding interfaces
▫ Adding adapter
▫ Providing a stub
15. Prevent the ripple effect
Restrict communication paths
• Restrict the modules with which a given module
shares data.
• That is, reduce the number of modules that
consume data produced by the given module
and the number of modules that produce data
consumed by it
16. Prevent the ripple effect
Use an intermediary
• it is possible to insert an intermediary between B and A that
manages activities associated with the dependency.
• an intermediary cannot compensate for semantic changes
• The intermediaries are
▫ data (syntax). Repositories act as intermediaries between the producer
and consumer of data. Some publish/subscribe patterns can also
convert the syntax into that assumed by B.
▫ service (syntax). The facade, bridge, mediator, strategy, proxy, and
factory patterns all provide intermediaries that convert the syntax of a
service from one form into another.
▫ identity of an interface of A. A broker pattern can be used to mask
changes in the identity of an interface.
▫ location of A (runtime). A name server enables the location of A to be
changed without affecting B.
▫ resource behavior of A or resource controlled by A. A resource manager
is an intermediary that is responsible for resource allocation.
▫ existence of A. The factory pattern has the ability to create instances as
needed, and thus the dependence of B on the existence of A is satisfied
by actions of the factory.
17. Defer binding time
• Its goal controlling deployment time and cost
• We discuss Decisions that affect deployment
time
• The deployment of a system is dictated by some
process
• Binding at runtime means that the system has
been prepared for that binding and all of the
testing and distribution steps have been
completed
• Deferring binding time also supports allowing
the end user or system administrator to make
settings or provide input that affects behavior.
18. Defer binding time
• Many tactics are intended to have impact at
loadtime or runtime , such as the following
▫ Runtime registration
▫ Configuration files
▫ Polymorphism
▫ Component replacement
▫ Adherence to defined protocols
20. Testability Tactics
• The goal of tactics for testability is to allow for easier
testing when an increment of software development is
completed
• Executing the test procedures requires some software to
provide input to the software being tested and to
capture the output. This is called a test harness
• We discuss two categories of tactics for testing:
▫ providing input and capturing output
▫ and internal monitoring.
Tactics to Control
Testability
Completion of Faults Detected
an increment
21. Testability Tactics
input/output
• There are three tactics for managing input and
output for testing
• Record/playback
▫ refers to both capturing information crossing an
interface and using it as input into the test harness
• Separate interface from implementation
▫ allows substitution of implementations for various
testing purposes
▫ allows the remainder of the system to be tested in the
absence of the component being stubbed
• Specialize access routes/interfaces
▫ allows the capturing of variable values for a
component through a test harness as well as
independently from its normal execution
22. Testability Tactics
Internal Monitoring
• A component can implement tactics based on
internal state to support the testing process
• Built-in monitors
▫ The component can maintain information and
accessible through an interface
state,
performance load,
capacity,
security,
other information
▫ This interface can be
a permanent interface of the component
introduced temporarily via an instrumentation technique
such as aspect-oriented programming or preprocessor
macros
24. Usability Tactics
• Two types of tactics support usability,
▫ Runtime, those that support the user during
system execution.
▫ Design time , those that supports the interface
developer at design time.
It is strongly related to the modifiability tactics
already presented
Tactics to Control
Response
User Request User Given
Appropriate
Feedback and
Assistance
25. Usability Tactics
Runtime tactics / user initiative
• The architect must enumerate the responsibilities of
the system to respond to the user command.
▫ cancel, undo, aggregate, and show multiple views
• To use the cancel example: When the user issues a
cancel command
▫ the system must be listening for it (thus, there is the
responsibility to have a constant listener that is not
blocked by the actions of whatever is being canceled);
▫ the command to cancel must be killed;
▫ any resources being used by the canceled command
must be freed;
▫ and components that are collaborating with the
canceled command must be informed so that they can
also take appropriate action
26. Usability Tactics
Runtime tactics / system initiative
• When the system takes the initiative, it must
rely on some information
• The system initiative tactics are those that
identify the models the system uses to predict
either its own behavior or the user's intention
• Maintain a model of the task.
▫ The task model is used to determine context so
the system can have some idea of what the user
is attempting to do and provide various kinds of
assistance
27. Usability Tactics
Runtime tactics / system initiative
• Maintain a model of the user
▫ It determines the user's knowledge of the system
▫ The user's behavior in terms of expected response
time
• Maintain a model of the system
▫ It determines the expected system behavior so
that appropriate feedback can be given to the
user
▫ The system model predicts items such as the time
needed to complete current activity
28. Usability Tactics
Design time tactics
• User interfaces are typically revised frequently
during the testing process.
• Separate the user interface from the rest of the
application.
▫ maintaining the user interface code separately will
localize changes to it.
▫ The software architecture patterns developed to
implement this tactic are:
Model-View-Controller
Presentation-Abstraction-Control
Seeheim
Arch/Slinky
30. Availability Tactics
• Recovery or repair is an important aspect of
availability.
• The tactics we discuss in this section will keep
faults from becoming failures or at least bound
the effects of the fault and make repair possible
• We first consider fault detection. We then
consider fault recovery and finally, briefly, fault
prevention
Tactics to Control
Response
Fault Fault Masked or
Repair Made
31. Fault Detection
• Three widely used tactics for recognizing faults
are
▫ Ping/echo
▫ Heartbeat
▫ Exceptions
32. Fault Detection
Ping/Echo
• One component issues a ping and expects to
receive back an echo, within a predefined time.
• It can also used be used by clients to ensure
that a server object and the communication path
to the server are operating within the expected
performance bounds
33. Fault Detection
Heartbeat (dead man timer)
• One component emits a heartbeat message
periodically and another component listens for
it.
• If the heartbeat fails, the originating component
is assumed to have failed and a fault correction
component is notified.
• The heartbeat can also carry data
34. Fault Detection
Exceptions
• Exception, which is raised when one of the fault
classes is recognized.
• The exception handler typically executes in the
same process that introduced the exception
35. Fault Recovery
• Fault recovery consists of preparing for recovery
and making the system repair
▫ Voting
▫ Active Redundancy
▫ Passive Redundancy
▫ Spare
36. Fault Recovery
Voting
• Processes running on redundant processors each
take equivalent input and compute a simple output
value that is sent to a voter
• This method is often used in control systems
• Diversity has no downtime when a failure occurs
since the voter continues to operate
• Synchronization among the redundant components
is automatic since they are all assumed to be
computing on the same set of inputs in parallel
• If the consequence of a failure is extreme, such as
potential loss of life, the redundant components can
be diverse.
37. Fault Recovery
Active redundancy
• All redundant components respond to events in parallel.
• Consequently, they are all in the same state.
• The response from only one component is used (usually
the first to respond), and the rest are discarded.
• When a fault occurs, the downtime of systems is usually
milliseconds
• Active redundancy is often used in a client/server
configuration
• The redundancy may be in the communication paths
• Synchronization is performed by ensuring that all
messages to any redundant component are sent to all
redundant components , use receive checksum , and
resend until treshold.
38. Fault Recovery
Passive redundancy
• One component (the primary) responds to
events and informs the other components (the
standbys) of state updates they must make
• When a fault occurs, the system must first
ensure that the backup state is sufficiently fresh
before resuming services
• This approach is also used in control systems
• Synchronization is the responsibility of the
primary component, which may use atomic
broadcasts to the secondaries to guarantee
synchronization.
39. Fault Recovery
Spare
• A standby spare computing platform is
configured to replace many different failed
components
• It must be rebooted to the appropriate software
configuration and have its state initialized when
a failure occurs
• This is often used as the standby client
workstation.
• The downtime for this tactic is usually minutes
40. Fault Recovery
Reintroduction
• There are tactics for repair that rely on component
reintroduction.
• When a redundant component fails, it may be
reintroduced after it has been corrected.
▫ Shadow operation
A previously failed component may be run in "shadow
mode" for a short time to make sure that it mimics the
behavior of the working components before restoring it
to service
▫ State resynchronization
The passive and active redundancy tactics require the
component being restored to have its state upgraded
before its return to service.
▫ Checkpoint/rollback
A checkpoint is a recording of a consistent state created
either periodically or in response to specific events
41. Fault Prevention
• The following are some fault prevention tactics
• Removal from service
▫ This tactic removes a component of the system from
operation to undergo some activities to prevent
anticipated failures
• Transactions
▫ Transactions are used to prevent any data from being
affected if one step in a process fails and also to
prevent collisions among several simultaneous threads
accessing the same data.
• Process monitor
▫ a monitoring process can delete the nonperforming
process and create a new instance of it
43. Performance Tactics
• Performance tactics control the time within
which a response is generated.
• Latency is the time between the arrival of an
event and the generation of a response to it.
• This leads to the two basic contributors to the
response time: resource consumption and
blocked time.
Tactics to Control
Events Arrive Performance Response
Generated
Within Time
Constraints
44. Performance
Resource consumption
• Resources include CPU, data stores, network
communication bandwidth, and memory
• When event arrives , it goes through a
processing sequence
• Each of these consumption contributes to the
overall latency of the processing of that event.
45. Performance
Blocked time
• A computation can be blocked from using a resource
because of
▫ Contention for resources
this depends on how the contention is arbitrated and
how individual requests are treated by the arbitration
mechanism.
▫ Availability of resources
Unavailability may be caused by the resource being
offline or by failure of the component or for some other
reason
▫ Dependency of other computation
A computation must synchronize with the results of
another computation
A computation is waiting for the results of a computation
that it initiated
46. Performance Tactics
Resource Demand
• Two characteristics of demand are
▫ the time between events in a resource stream
▫ how much of a resource is consumed by each
request
• To reduce the resources required for processing
▫ Increase computational efficiency
Improving the algorithms
Processor , disk
▫ Reduce computational overhead
The use of intermediaries increases the resources
consumed in processing an event stream, and so
removing them improves latency.
This is a classic modifiability/performance tradeoff.
47. Performance Tactics
Resource Demand
• To reduce the number of events processed
▫ Manage event rate
reduce the sampling frequency at which environmental
variables are monitored
▫ Control frequency of sampling
queued requests can be sampled at a lower frequency
• Controlling the use of resources
▫ Bound execution times.
limiting the number of iterations is a method for
bounding execution times
▫ Bound queue sizes
controls the maximum number of queued arrivals and
consequently the resources used to process the arrivals
48. Performance Tactics
Resource Management
• The management of demanded resources
affects response times
• Introduce concurrency
▫ If requests can be processed in parallel, the
blocked time can be reduced
▫ Appropriately allocating the threads to resources
(load balancing) is important
• Maintain multiple copies of either data or
computations
▫ Clients in a client-server pattern are replicas of the
computation
▫ Caching is a tactic in which data is replicated
49. Performance Tactics
Resource Management
• Increase available resources
▫ Faster processors
▫ Additional processors
▫ Additional memory
▫ Faster networks
▫ Cost is usually a consideration in the choice of
resources
50. Performance Tactics
Resource Arbitration
• Whenever there is contention for a resource, the
resource must be scheduled.
• A scheduling policy conceptually has two parts:
a priority assignment and dispatching
• All scheduling policies assign priorities
• Some common scheduling policies are
• First-in/First-out
▫ treat all requests for resources as equals
• Fixed-Priority scheduling
▫ assigns each requests a particular priority and
assigns the resources in that priority order
53. Security Tactics
• Tactics for achieving security can be divided into
▫ those concerned with resisting attacks
▫ those concerned with detecting attacks
▫ those concerned with recovering from attacks.
• All three categories are important
Tactics to Control
Security
Attack System Detects, Resists,
or Recovers from Attacks
54. Security Tactics
Resisting Attacks
• Authenticate users.
▫ Passwords, one-time passwords, digital certificates,
and biometric identifications provide authentication.
• Authorize users
▫ Ensuring that user has the rights to access and
modify either data or services
▫ Access control can be by user groups, user roles, lists
of individuals
• Maintain data confidentiality
▫ Applying some form of encryption to data and to
communication links
▫ The link can be implemented by Virtual private
network (VPN) , Secure Sockets layer (SSL)
▫ Encryption can be symmetric or asymmetric
55. Security Tactics
Resisting Attacks
• Maintain integrity
▫ Data should be delivered as intended
▫ It can have redundant information encoded in it,
such as checksums or hash results
• Limit exposure
▫ The architect can design the allocation of services
to hosts so that limited services are available on
each host.
• Limit access
▫ Firewalls restrict access based on message source
or destination port
56. Security Tactics
Detecting Attacks
• The detection of an attack is usually through an
intrusion detection system
• Such systems work by comparing network traffic
patterns to a database
• Intrusion detectors must have
▫ some sort of sensor to detect attacks
▫ managers to do sensor fusion
▫ databases for storing events for later analysis
▫ tools for offline reporting and analysis
▫ a control console so that the analyst can modify
intrusion detection actions
57. Security Tactics
Recovering Attacks
• Can be divided into
▫ those concerned with restoring state
▫ those concerned with attacker identification
• Restoring state
• These tactics overlap with those used for
availability ,One difference is that special
attention is paid to maintaining redundant
copies of system administrative data such as
▫ passwords
▫ access control lists
▫ domain name services
▫ user profile data.
58. Security Tactics
Recovering Attacks
• Identifying an attacker
• The tactic is to maintain an audit trail
• An audit trail is a copy of each transaction
applied to the data in the system together with
identifying information
• Audit information can be used to trace the
actions of an attacker, support nonrepudiation ,
support system recovery
• Audit trails are often attack targets themselves
60. Architectural Patterns and Styles
• Any pattern implements serveral tactics
• It consists of a few key features and rules for combining them
so that architectural integrity is preserved.
• An architectural pattern is determined by:
▫ A set of element types
e.g., a data repository or a component that computes a
mathematical function.
▫ A topological layout of the elements indicating their
interrelationships.
▫ A set of semantic constraints
e.g., filters in a pipe-and-filter style are pure data transducers—
they incrementally transform their input stream into an output
stream, but do not control either upstream or downstream
elements.
▫ A set of interaction mechanisms
e.g., subroutine call, event-subscriber, blackboard
that determine how the elements coordinate through the allowed
topology.
61. Architectural Patterns and Styles
A small catalog of architectural patterns, organized by is-a relations
62. Summary
• Our interest here was in the tactics used by the
architect to create a design using architectural
patterns and strategies.
• We provided a list of well-known tactics for
achieving the six quality attributes
• For each we discussed the tactics that are available
and widely practiced.
• As we discussed, in relating tactics to patterns the
architect's task has only just begun when the tactics
are chosen.
• Any design uses multiple tactics, and understanding
what attributes are achieved by them, what their
side effects are, and the risks of not choosing other
tactics is essential to architecture design.