Numerics
2FA (two-factor authentication), 101–102, 103, 109–110
2PC (two-phase commit) algorithm, 210
A
ABAC (attribute-based access control), 94
Abbott, M. L., 140
ACID (atomicity, consistency, isolation, and durability), 61, 64, 210
ACORD (Association for Cooperative Operations Research and Development), 248
architectural decisions, 30–31
and architecture, 10
feedback loops, 44
frameworks, 10
AI (artificial intelligence), 127–128, 225, 227, 231. See also emerging technologies
chatbots, 238
benefits of an architecture-led approach, 245
for TFX, 239
Allspaw, J., 193
Amazon, 11, 56, 63, 71, 123, 124, 125, 128, 148, 155, 164, 185, 190, 198, 234, 263, 270, 286, 290, 297
API, 4, 41, 47, 48, 61, 71, 72, 74, 79, 81–84, 97, 98, 107, 108, 111, 113, 114, 121, 133, 141, 148, 149, 153, 154, 169, 171, 177, 181, 196, 197, 201, 207, 209, 211, 214–216, 250, 254, 257, 273–277, 285–287, 294
analytics, 55
microservices and serverless scalability, 147–150
performance tactics, 170
increaase resources, 172
increase resource efficiency, 171
limit rates and resources, 171
prioritize requests, 170
reduce overhead, 171
stateless and stateful services, 145–146
applying, Continuous Architecture, 16, 17–18
ArchiMate, 51
architectural decisions, 26–27, 34, 44, 168
accountability, 27
and Continuous Architecture principles, 29–30
decision log, 31
guidelines, 28
integrating with product backlog, 30
Kanban board, 53
making, 28
measurement, 44
performance, 161
and scalability, 128
architecture, 38
code, 37
definitions, 37
managing, 41
production infrastructure, 38
TFX (Trade Finance eXchange) system, 287–295
architecture, 1, 2, 7, 10, 20–22, 262. See also application architecture; Continuous Architecture
and agile, 10
application
microservices, 147
serverless scalability, 147–150
stateless and stateful services, 145–146
architecture. See also software architecture
big data, 165
conceptual integrity, 24
continuous, 12
and emerging technologies, 226
essential activities, 24, 25–26
drive architectural decisions, 25
feedback loops, 25
focus on quality attributes, 24
managing technical debt, 25
feedback loops, 44
intentional, 10
and ML (machine learning), 232, 233–234
principles, 49
and threat mitigation, 101
artificial Intelligence. See AI
ASVS (application security verification standard), 91
asynchronous communications, 201–202
ATAM utility tree, 35
authentication, 101–102, 103, 109–110
authorization, 101
automation, 25
availability, 104–105, 162–163, 189, 191–192
MTBF (mean time between failures), 192–193
RPO (recovery point objective), 193–194
RTO (recovery time objective), 193–194
and security, 89
B
Barth, D., Zero Trust Networks, 110
Bass, L., 34
Software Architecture in Practice, 160, 170
Beck, K., 8
benefits
of Continuous Architecture, 15
Benioff, M., 187
Bittner, K., xix
blockchains, 246. See also DLTs (distributed ledger technologies); shared ledger
51% attack on, 300
Bondi, A. B., Foundations of Software and System Performance Engineering: Process, Performance Modeling,Requirements, Testing, Scalability, and Practice, 168
Brooks, F., The Mythical Man Month, 24, 50
C
C4, 51
caching, 140–141, 173–174, 205–206
application object, 141
CDN (content delivery network), 142
database object, 141
lookaside, 205
precompute, 142
static, 142
CAPEC (Common Attack Pattern Enumeration and Classification), 100, 120
CDN (content delivery network), 142
chaos engineering, 218
chatbots, 238
for TFX, 239
CIA (confidentiality, integrity, availability) triad, 90–91
classification, 227
Clements, P., Software Architecture in Practice, 34, 160, 170
containers, 133
FaaS (Function as a Service), 147
horizontal scalability, 132–134
load balancers, 133
public/commercial, performance, 165–166
scalability, 127
secrets management, 108
and software architecture, 8
cluster analysis, 228
commands, 69
compensation (for database consistency), 211–212
configurability, 35
Continuous Architecture, 12, 23, 24, 25, 27, 28, 30, 31, 35, 38, 50, 51, 55, 56, 159, 167, 259, 261–262, 268
benefits, 15
cost-quality-time triangle, 15–16
feedback loops, 42
fitness function, 45
microservices, 147
versus other software architecture approaches, 14–15
schema evolution
Expand and Contract pattern, 83
intercomponent, 82
intracomponent, 83
Postel’s law, 83
and software architecture, 14
software delivery speed, 17
Corda Alastria, 299
Corda Network, 299
Corda R3, 299
cost-quality-time triangle, 15–16
CQRS (Command Query Responsibility Segregation), 69
cross-tenant analytics, 73
cryptographic hashing, 102, 246
Cunningham, W., 36
D
DaD (Disciplined Agile Delivery), 10
data, 55, 56, 65, 83, 263. See also metadata
and Continuous Architecture, 57
creating a common language, 58–60
distribution, 81
bounded contexts, 59
ubiquitous language, 59
managing, 60
NoSQL, 64
document database schema, 62, 66
graphs, 63
key-value, 62
technology type comparison, 63
wide columns, 62
polyglot persistence, 61
race conditions, 78
Expand and Contract pattern, 83
intercomponent, 82
intracomponent, 83
Postel’s law, 83
cross-tenant analytics, 73
schema on read, 70
tenant analytics, 73
data architecture, 56
databases, 67–68. See also data technology; NoSQL; TFX (Trade Finance eXchange) system
application object, 141
CDN (content delivery network), 142
database object, 141
precompute, 142
static, 142
checking, 213
performance tactics, 174
indexes, 174
materialized views, 174
replication, 73, 139–140, 212–213
DDD (Domain-Driven Design), 163, 171
denial of service, 95–97, 104–105, 111
deep learning. See DL
DevSecOps, 5
Distributed Saga pattern, 211–212
DL (deep learning), 227, 229. See also emerging technologies
neural networks, 229
DLTs (distributed ledger technologies), 246, 254–255
smart contracts, 249
Doctorow, C., 87
Domain-Driven Design, 29, 58–59
bounded contexts, 59
ubiquitous language, 59
E
elastic scalability, 166
elevation of privilege, 96
emerging technologies, 226
AI (artificial intelligence), 227, 231
and architecture, 226
blockchains, 246
DLTs (distributed ledger technologies), 246
capabilities, 249
smart contracts, 249
ML (machine learning), 227
architecture concerns, 232
document classification for TFX, 232–233
reinforcement learning, 228–229
for TFX, 230–231, 233–234–236–237, 238
training, 231
unsupervised learning, 228
and nontechnical stakeholders, 250
shared ledgers
benefits of an architecture-led approach, 256–257
comparison of technical implementations, 299–300
enterprise architects, 6–7, 12
Erder, M., Continuous Architecture: Sustainable Architecture in an Agile and Cloud-Centric World, 23, 50, 125, 147
Evans, E., 59
events, 69
Expand and Contract pattern, 83
expected maximum load testing, 169
Extreme Programming Explained, 8
F
FAANG (Facebook, Amazon, Apple, Netflix, and Google), 56, 263
FaaS (Function as a Service), 147
Facebook, 5, 56, 124, 125, 164, 190, 263
failures, 189. See also availability; resilience
learning from success, 199
MTBF (mean time between failures), 192–193
MTTR (mean time to recover), 192–193
prevention, 191
Fairbanks, G., 10
faults, 189
agile, 44
and architecture, 44
fitness function, 45
Fisher, M. T., 140
five ages of software systems, 4–5
Ford, N., Building Evolutionary Architectures, 45
frameworks, agile, 10
full-text search engines, 176–177
functional requirements, 34
G
Gamma, E., Design Patterns, 52
Gang of Four, 52
GDPR (General Data Protection Regulation), 87, 99
Gilman, E., Zero Trust Networks, 110
GitHub, 27
Google, 5, 11, 56, 110, 123, 124, 125, 152, 155, 157, 164, 166, 187, 190, 221, 223, 263, 297, 306
H
Hacking Team, 109
Helm, R., Design Patterns, 52
high availability, 189–190. See also availability; resilience
horizontal scalability, 129–132–134
I
International Federation for Information Processing (IFIP), 2
International Standards Organization and Institute of Electrical and Electronics Engineers (IEEE), 2
incident management, 202, 220–221
indexes, 174
information disclosure, 96
information integrity, 102–103
injection attacks, 113
intentional architecture, 10
intercomponent schema evolution, 82
intracomponent schema evolution, 83
ISO/IEC 25010, 32
J-K
Johnson, R., Design Patterns, 52
Kanban board, 53
Kazman, R., Software Architecture in Practice, 34, 160, 170
Keras, 227
Kersten, M., 41
key rotation, 108
key-value, 62
KMIP (key management interoperability protocol), 108
Kruchten, P., 37
L
latency, 160, 161, 167–168. See also performance
L/C (letters of credit), 58, 60, 97–98, 134, 226, 232, 270
Leffingwell, D., 10
LeSS (Large Scale Scrum), 10
M
making architectural decisions, 28
managing
data, 60
technical debt, 41
machine learning. See ML
materialized views, 174
measurement
message-based asynchronous communication, 201–202
metadata, 79
Microsoft, 3, 11, 95, 120, 171, 297, 304
minimum viable products (MVPs), 16
ML (machine learning), 225, 227. See also AI (artificial intelligence)
architecture concerns, 232
document classification for TFX, 232–233
pipelines, 233, 234, 235, 236, 238, 241
reinforcement learning, 228–229
benefits of an architecture-led approach, 238
common services, 238
model monitoring, 237
training, 231
unsupervised learning, 228
MTBF (mean time between failures), 192–193
MTTR (mean time to recover), 192–193
MVPs (minimum viable products), 16
N
Netflix, 56, 123, 124, 125, 152, 155, 164, 169, 190, 218, 223, 263
NLU (natural language understanding), 239, 241, 242, 244, 245
Nord, R., Managing Technical Debt, 37
normal load testing, 169
CAP theorem, 65
document database schema, 62, 66
eventual consistency, 65
graphs, 63
key-value, 62
technology choices, 64, 164–165
technology type comparison, 63
wide columns, 62
O
OCR (optical character recognition), 231, 233, 235
OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation), 100, 120
Open Source, 7
operational visibility, 216–217, 219
OMG (Object Management Group), 51
OWASP (Open Web Application Security Project), 91, 115, 121
Ozkaya, I., Managing Technical Debt, 37
P
Parsons, R., Building Evolutionary Architectures, 45
PASTA (Process for Attack Simulation and Threat Analysis), 100, 120
application architecture tactics, 170
increase resources, 172
increase resource efficiency, 171
limit rates and resources, 171
modeling and testing, 167, 168
prioritize requests, 170
reduce overhead, 171
databases, 174
indexes, 174
materialized views, 174
and microservice architectures, 163–164
and public/commercial clouds, 165–166
resource demand, 161
and scalability, 160
and serverless architectures, 166–167
turnaround time, 161
Postel’s law, 83
of Continuous Architecture, 13, 29–30
privacy, 87. See also security
confidentiality, 90
product backlog, integrating with architectural decisions, 30
Pureur, P., Continuous Architecture: Sustainable Architecture in an Agile and Cloud-Centric World, 23, 50, 125, 147
Q
quality attributes, 32–34, 125
and architectural tactics, 34, 213
MTBF (mean time between failures), 192–193
RPO (recovery point objective), 193–194
performance, 159–160, 174, 266
architectural concerns, 161–163
increase resources, 172
increase resource efficiency, 171
indexes, 174
limit rates and resources, 171
materialized views, 174
and microservice architectures, 163–164
and NoSQL technology, 164–165, 175–176
prioritizing requests, 170
and public/commercial clouds, 165–166
reduce overhead, 171
serverless architecture, 166–167
TFX requirements and tactics, 178–180
resilience, 187, 190, 194–195, 266–267
architectural tactics, 200
inevitability of failures, 190–191
maintaining, 216
message-based asynchronous communication, 201–202
operational visibility, 216–217
in organizations, 195
rollback and compensation, 210–212
RPO (recovery point objective), 193–194
RTO (recovery time objective), 193–194
TFX system requirements, 196–199
timeouts and circuit breakers, 208–209
scalability, 123, 124, 125–127, 162–163, 265–266
architectural context, 124
and architecture, 134
asynchronous communications, 142–145
cloud computing, 127
elastic, 166
failures caused by, 152
microservices, 147
and performance, 160
requirements, 125
stateless and stateful services, 145–146
supply-and-demand forces, 128
TFX (Trade Finance eXchange) system, 128–129, 134–137, 151–152
vertical, 129
security, 87, 88–89, 90, 92, 94, 101, 264–265
confidentiality, 90
implementation, 115
incident management, 202
information integrity, 102–103
Internet, 89
people, process, and technology, 115–116
preparing for failure, 117–118
social engineering mitigation, 109–110
specialists, 91
TFX (Trade Finance eXchange) system, 111–115
threat modeling and mitigation, 92-93, 97–98, 100, 101–102
weakest link principle, 116
working with, 35
Quorum, 299
R
ransomware attacks, 105
Rasa Open Source, 239
RBAC (role-based access control), 94, 101
relational databases, 65, 66, 68
reliability, 189, 191. See also availability
repudiation, 96
resilience, 187, 190, 194–195, 266–267
architectural tactics, 200
checks (for data consistency), 213
message-based asynchronous communication, 202–203
rollback and compensation (for data consistency), 210–212
timeouts and circuit breakers, 208–209
and continual improvement, 194–195
failures, 189, 190–191, 195–199
faults, 189
four aspects of, 191
five nines, 192
the inevitability of failure, 190–191
maintaining, 216
MTBF (mean time between failures), 192–194
MTTR (mean time to recover), 192–193
operational visibility, 216–217
in organizations, 195
types of resilience mechanisms, 198
RTO (recovery time objective), 193–194
TFX (Trade Finance eXchange) system
resources, 81
increasing efficiency, 171
limiting, 171
and performance, 161
REST (representational state transfer), 81–82, 143, 163
robustness principle, 83
RPO (recovery point objective), 193–194
RTO (recovery time objective), 193–194
RUP (Rational Unified Process), 9
S
SaaS (Software as a Service), 8
SAFe (Scaled Agile Framework), 10
scalability, 123, 124, 125–127, 162–163, 265–266
architectural context, 124
and architecture, 134
asynchronous communications, 142–145
application object, 141
CDN (content delivery network), 142
database object, 141
precompute, 142
static, 142
cloud computing, 127
elastic, 166
failures caused by, 152
microservices, 147
and performance, 160
requirements, 125
stateless and stateful services, 145–146
supply-and-demand forces, 128
TFX (Trade Finance eXchange) system, 128–129, 134–137
achieving, 151
vertical, 129
schema
Expand and Contract pattern, 83
intercomponent, 82
intracomponent, 83
Postel’s law, 83
on read, 70
Schneier, B., 118
SDM (service delivery management), 220
key rotation, 108
confidentiality, 90
implementation, 115
incident management, 202
information integrity, 102–103
Internet, 89
people, process, and technology, 115–116
preparing for failure, 117–118
social engineering mitigation, 109–110
specialists, 91
TFX (Trade Finance eXchange) system, 111–115
threat modeling and mitigation, 92–93, 100
analyze, 93
architectural tactics for mitigation, 101
authentication, authorization, and auditing, 101–102
mitigate, 94
understand, 93
threats, 92
high-impact, 99
weakest link, 116
SEI (Software Engineering Institute), 27, 35, 38, 64, 121, 176, 185, 231, 256
Semantic Web, 80
serverless architecture
shared ledgers, 225. See also DLTs (distributed ledger technologies); emerging technologies
benefits of an architecture-led approach, 256–257
comparison of technical implementations, 299–300
L/C issuance using a DLT, 251–254
L/C payment using a DLT, 254–255
smart contracts, 249
social engineering mitigation, 109–110
software architecture, 1–2, 11–12, 225, 259. See also Continuous Architecture
cloud computing, 8
focus on business content, 6
perception of architects as not adding value, 6–7
slow architectural practices, 7–8
Continuous Architecture, 14–15
definitions, 2
deployment, 5
five ages of software systems, 4–5
future directions, 11
and the Internet, 4
trends
patterns and styles, 52
principles as architecture guidelines, 48–49
team-owned architecture, 49–50
value of, 261
software delivery life cycle (SDLC), 15
software industry, 3
software systems
AI (artificial intelligence), 127–128
cloud computing, 166
functional requirements, 34
and architectural tactics, 34
working with, 35
scalability, 128
software supply chain, 89
spoofing, 96
sprints, 30
SSO (single sign on), 94
stress testing, 137, 138, 139, 169
SWIFT (Society for Worldwide Interbank Financial Telecommunication), 248, 257
T
tampering, 96
team-owned architecture, 49–50
architecture, 38
code, 37
definitions, 37
managing, 41
production infrastructure, 38
technology singularity, 39
tenant analytics, 73
TFX (Trade Finance eXchange) system, 19–20, 23, 47, 55, 59, 66, 99, 159, 214, 226, 270. See also security; trade finance case study
achieving performance, 178–180
achieving resilience, 214
achieving scalability, 151
architectural decisions, 287–295
architectural description, 271–272
authentication, authorization, and auditing, 101–102
and availability, 105
chatbots, 239
database technology choices, 65
data distribution, replication, and partitioning, 139–140
technology choices, 64, 164–165
domain events, 69
federated architecture, 243–245
natural language interface, 241–242
performance and scalability, 242–243
query handling, 243
Good Tracking Service, 66
horizontal scalability, 129–132
information privacy and integrity, 103
L/C (letters of credit), 270
letter of credit use cases, 20–22
message bus, 144
ML (machine learning), 230–231
architecture approach, 233–234
common services, 238
document classification, 232–233
model monitoring, 237
performance
increasing concurrency, 172–173
increasing resource efficiency, 171
increasing resources, 172
limiting rates and resources, 171
prioritizing requests, 170
reducing overhead, 171
requirements and tactics, 178–180
quality attribute requirements, 297
RPO (recovery point objective), 194
RTO (recovery time objective), 194
achieving, 151
asynchronous communications, 142–145
bottlenecks, 136
failures caused by, 152
stateless and stateful services, 145–146
L/C issuance using a DLT, 251–254
L/C payment using a DLT, 254–255
timeouts and circuit breakers, 209
threat modeling and mitigation, 92–93, 100. See also STRIDE
analyze, 93
architectural tactics for mitigation, 101
authentication, authorization, and auditing, 101–102
high-impact threats, 99
injection attacks, 113
mitigate, 94
ransomware attacks, 105
understand, 93
throughput, 160, 161. See also performance
U-V-W
UML (Unified Modeling Language), 51, 208, 214
URIs (uniform resource identifiers), 59
VAST (Visual Agile and Simple Threat) modeling, 100, 120
vertical scalability, 129
von Neumann, J., 39
Web Service Definition Language (WSDL), 147
weakest link principle, 116
Weir, C., 120
Workday, 11
X-Y-Z
XP (Extreme Programming), 8, 9
Yates, A., 38
zones of trust, 110
3.133.109.30