About
105
Publications
167,843
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
8,862
Citations
Citations since 2017
Publications
Publications (105)
DevOps is a set of practices in software engineering that is in high demand by industry. It is a dynamic field which constantly adds new methods and tools. Teaching DevOps prepares today's computer science students for best-practices in a working environment but challenges university lecturers to provide central concepts while staying up-to-date wi...
Blockchains have been applied in different domains to guarantee data integrity and provide a decentralized computational infrastructure for executing smart contracts. Multiple blockchain-related patterns have been summarized by academics and industry practitioners covering different aspects, such as engineering applications on top of a blockchain,...
The material uploaded consists of the preface, Intro to Part 1, Chapter 1 Virtualization, and Intro to Part 2 for the book Deployment and Operations for Software Engineers.
Virtualization refers both to virtualizing the hardware (Virtual Machines) and virtualizaing the operating system (containers). The chapter provides the material on virtualizati...
Rolling upgrade consists of upgrading progressively the servers of a distributed system to reduce service downtime.Upgrading a subset of servers requires a well-engineered cluster membership protocol to maintain, in the meantime, the availability of the system state. Existing cluster membership reconfigurations, like CoreOS etcd, rely on a primary...
Applications in the cloud are subject to sporadic changes due to operational activities such as upgrade, redeployment, and on-demand scaling. These operations are also subject to interferences from other simultaneous operations. Increasing the dependability of these sporadic operations is non-trivial, particularly since traditional anomaly-detectio...
In this paper, we demonstrate the feasibility of annotating a process model with assertions to detect errors in cloud provisioning in near real time. Our proposed workflow is: a) construct a process model of the desired provisioning activities using log data, b) use the process model to determine appropriate annotation triggers and annotate the pro...
When managing cloud resources, many administrators operate without a safety net. For instance, inadvertently deleting a virtual disk results in the complete loss of the contained data. The facility to undo a collection of changes, reverting to a previous acceptable state, is widely recognized as valuable support for dependability. In this paper, we...
Min Fu Liming Zhu Anna Liu- [...]
Len Bass
A large number of cloud application failures happen during sporadic operations on cloud applications, such as upgrade, deployment reconfiguration, migration and scaling-out/in. Most of them are caused by operator and process errors [1]. From a cloud consumer's perspective, recovery from these failures relies on the limited control and visibility pr...
Outages to the cloud infrastructures have been widely publicized and it would be easy to conclude that application developers only need to be concerned with large scale cloud provider infrastructure outages. Unfortunately, this is not the case. In-cloud applications heavily rely on cloud infrastructure APIs (directly or indirectly through scripts a...
Deployment choices are critical in determining the availability of applications running in a cloud. But choosing good deployment for various software application components into virtual machines is a challenging task because of potential sharing of components among applications and potential interference from multi-tenancy. This paper presents an a...
Xiwei Xu Liming Zhu Jim Li- [...]
Min Fu
Application dependability issues depend on increasingly sophisticated activities during operation time for deployment, upgrade, scaling out/in and reactions to various failures. Traditional approaches to improving application dependability focus on artifact-oriented troubleshooting and improvements. In this paper, we present an approach using proce...
Cloud consumers have a variety of deployment related techniques, such as auto-scaling policies and recovery strategies, for dealing with the uncertainties in the cloud. Uncertainties can be characterized as stochastic (such as failures, disasters, and workload spikes) and subjective (such as choice among various deployment options). Cloud consumers...
The DevOps community advocates communication between the operations staff and the development staff as a means of ensuring that the developers understand the issues associated with operations. This paper argues that “communication” is too vague and that there are a variety of specific and well known sources that developers can examine to determine...
Size and effort estimation is a significant challenge for the management of large-scale formal verification projects. We report on an initial study of relationships between the sizes of artefacts from the development of seL4, a formally-verified embedded systems microkernel. For each API function we first determined its COSMIC Function Point (CFP)...
We present the design and initial evaluation of a resilient operating system architecture that leverages HW architectures combining few resilient with many nonresilient CPU cores. To this end, we build our system around a Reliable Computing Base (RCB) ...
We describe a research program on design techniques to enable the cost-effective construction of trustworthy systems. The focus is on single-machine systems that can be formally verified to provide desired system-wide security and safety properties. Such systems are designed as compositions of small trusted components and large untrusted components...
Software systems exist to fulfill the business goals of organizations – developing organizations, purchasing organizations, user organizations, and others – and these goals turn out to be a significant source of requirements. These requirements are not currently well understood and are seldom captured explicitly, yet they can have a profound effect...
This paper describes an analysis of some of the challenges facing one portion of the Electrical Smart Grid in the United States - residential Demand Response (DR) systems. The purposes of this paper are twofold: 1) to discover risks to residential DR systems and 2) to illustrate an architecture-based analysis approach to uncovering risks that span...
Many open source projects are lacking architectural documentation that describes the major pieces of the system, how they are structured, and how they interact. We have produced architectural documentation for the Hadoop Distributed File System (HDFS), a major open source project. This paper describes our process and experiences in developing this...
Business goals constitute an important kind of knowledge for a software product line. They inform the product line’s business
case and they inform its architecture and quality attribute requirements. This paper establishes the connection between business
goals and a product line’s business case and architecture. It then presents a set of common bus...
In this paper we argue that business goals constitute an important type of architectural knowledge. Quality attributes are often the primary drivers (shaping forces) behind an architecture, but quality attributes derive from an organization's business goals, whether the organization is the one developing or acquiring the software system. We introdu...
Software design decisions are usually made at early stages but have far-reaching effects regarding system organization, quality, and cost. When doing design, developers apply their technical knowledge to decide among multiple solutions, seeking a reasonable balance between functional and quality-attribute requirements. Due to the complexity of this...
The Software Engineering Institute (SEI) annually undertakes several independent research and development (IRAD) projects. These projects serve to (1) support feasibility studies investigating whether further work by the SEI would be of potential benefit and (2) support further exploratory work to determine whether there is sufficient value in even...
This is a report of a workshop on Leadership and Management in Software Architecture held at ICSE on May 19, 2009.
Software architecture, in education and practice, is primarily concerned with technical issues associated with the quality of software architecture and design. However, as project size increases, leadership, management skills, and the organizational context of the architect become more important, to the point where the non-technical duties of the p...
This report summarizes a workshop on architecture competence that was held at the Carnegie Mellon(R) Software Engineering Institute (SEI) in June of 2008. The SEI invited accomplished practitioners from government, academia, and industry to discuss key issues in assessing the competence of organizations that use architecture to produce software-rel...
Usability-supporting architectural patterns (USAPs) were developed as a way to explicitly connect the needs of architecturally-sensitive usability concerns to the design of software architecture. In laboratory studies, the Cancellation USAP was shown to significantly improve the quality of architecture designs for supporting the ability to cancel a...
This paper addresses the problem of supporting usability in the early stages of a product line architecture design. The product line used as an example is intended to support a variety of different products each with a radically different user interface. The development cycles for new products varies between three years and five years and usability...
A practical approach for documenting software architectures is presented. The approach is based on the well-known architectural concept of views, and holds that documentation consists of documenting the relevant views and then documenting the information that applies to more than one view. Views can be usefully grouped into viewtypes, corresponding...
Techniques,and,tools for specific quality-attribute issues are becoming,a mainstream,in architecture design. This approach,is practical for evaluating the architecture in early stages but also for planning improvements for it. Thus, we believe that one challenge is the integration of the individual capabilities of quality-attribute techniques. This...
This is a report of the Leadership and Management in Software Architecture workshop that took place at ICSE 2008. The workshop focused on the non-technical aspects of software architecture. In particular, it focused on the skills that a software architect should have as well as the type of support an organization should provide for the architect.
Quality attribute requirements are important both in terms of customer and end-user satisfaction and in driving software system design. Yet asserting the importance of quality attribute requirements raises many other questions particularly, how to use quality attribute information in practice. This article considers two aspects of using quality att...
An organization is architecturally competent if it has the ability to acquire, use and sustain the skills and knowledge necessary to carry out architecture-related practices that lead to systems that serve the organization's business goals. This paper presents some principles of architecture competence, based on four models that aid in explaining,...
Usability supporting architectural patterns (USAPs) have been shown to provide developers with useful guidance for producing a software architecture design that supports usability in a laboratory setting (7). In close collaboration between researchers and software developers in the real world, the concepts were proven useful (2). However, this proc...
Software architecture, in education and practice, is primarily concerned with technical issues associated with the quality of software architecture and design. However, as project size increases, leadership, management skills, and the organizational context of the architect become more important, to the point where the non-technical duties of the p...
One of the premises of conceptual design is that the designer must evaluate a range of candidate solutions before selecting the final solution. Tool support is critical to aid designers in that exploration, because the design space is usually large and involves multiple constraints. A modality of assistance is that the tool criticizes the current d...
This paper explores some of the implications of having a single platform that suffices for all of the mobile computing needs of an individual. It examines a mobile computing scenario from the perspective of designing the user interface software, and potential reliability and security issues.
An architectural tactic is a design decision that affects how well a software architecture addresses a particular quality attribute. This report describes how tactics are based on the parameters of quality attribute models. Tactics provide an architectural means of adjusting those parameters, which, in turn, can improve the quality-attribute-specif...
The Architecture Expert (ArchE) tool serves as a software architecture design assistant. It embodies knowledge of quality attributes and the relation between the achievement of quality attribute requirements and architecture design. This technical note describes the use of a pre-alpha release of ArchE in a graduate-level software architecture class...
Extensive instructional materials have been developed and used for courses in specific software architecture topics offered at the Software Engineering Institute (SEI) at Carnegie Mellon University, to support the instructional goals laid out by the creators of the SEI's professional education program and the designers of the individual courses. Ho...
The Architecture Expert (ArchE) is a software architecture design assistant under development at the Software Engineering Institute (SEI). It embodies knowledge of quality attributes and the relation between the achievement of quality attribute requirements and architecture design. In this paper, we describe the use of ArchE in a graduate level sof...
The use of embodied agents, defined as visual human-like representations accompanying a computer interface, is becoming prevalent in applications ranging from educational software to advertisements. In the current work, we assimilate previous empirical ...
This report revises the Attribute-Driven Design (ADD) method that was developed by the Carnegie Mellon Software Engineering Institute. The motivation for revising ADD came from practitioners who use the method and want ADD to be easier to learn, understand, and apply. The ADD method is an approach to defining a software architecture in which the de...
We define a framework for the evaluation of user interface construction tools in terms of six software engineering qualities. These qualities are understood in terms of who judges the quality — developer or end user; and what artifact is judged — the development tool itself or the systems it produces. We identify four classes of evaluation techniqu...
A software architecture is a key asset for any organization that builds complex software-intensive systems. Because of an architecture's central role as a project blueprint, organizations should analyze the architecture before committing resources to it. An analysis helps to ensure that sound architectural decisions are made. Over the past decade a...
This paper presents a technique developed at the Software Engineering Institute (SEI) for encapsulating quality attribute knowledge for use in the design and validation of software architectures. A reasoning framework, our encapsulation mechanism, can be used by nonexperts to analyze a specific quality (e.g., performance, modifiability, availabilit...
A controlled experiment was performed to assess the usefulness of portions of a usability-supporting architectural pattern (USAP) in modifying the design of software architectures to support a specific usability concern. Results showed that participants using a complete USAP produced modified designs of significantly higher quality than participant...
Design patterns have been claimed to facilitate modification and improve understanding in software design. A controlled experiment was performed to assess the usefulness of portions of a usability-supporting architectural pattern (USAP) in modifying the design of software architectures to support a specific usability concern. Software engineering a...
Architecture analysis and design methods such as ATAM, QAW, ADD and CBAM have enjoyed modest success and are being adopted by many companies as part of their standard software development processes. They are used in the lifecycle, as a means of understanding business goals and stakeholders concerns, mapping these onto an architectural representatio...
Software architects have techniques to deal with many quality attributes such as performance, reliability, and maintainability. Usability, however, has traditionally been concerned primarily with presentation and not been a concern of software architects beyond separating the user interface from the remainder of the application. In this paper, we i...
Two different models for variability are used to enable selections among various architectural choices to achieve variability.
A cost model is used to justify and rationalize choices among architectural mechanisms intended to defer the binding time.
A dependency model is used to justify and rationalize architectural choices intended to keep a varia...
Software architects have techniques to deal with many quality attributes such as performance, reliability, and maintainability. Usability, however, has traditionally been concerned primarily with presentation and not been a concern of software architects beyond separating the user interface from the remainder of the application. In this paper, we p...
The Second International Workshop on the Relationships between Software Engineering and Human-Computer Interaction was held on May 24-25, 2004 as part of the 2004 International Conference on Software Engineering, in Edinburgh, Scotland This workshop was the second at ICSE and the fourth in a series held at international conferences in the past two...
how it can derive the tactics and architectural aspects already described. In practice, one would, of course, begin with the quality requirements, apply the method, derive the architecture, and, in the process, identify the candidate aspects. We conclude with a postulation of the benefits associated with aspect identification during architecture de...
Usability is an important quality attribute to be considered during software architecture design. Up to this point, usability has been served only by separating a system’s user interface from its functionality to support iterative design. However, this has the effect of pushing revisions to achieve usability toward the end of the software developme...
Quality attribute models are proposed as the linkage between a specification of a quality attribute requirement and a design fragment that is focused on achieving that requirement. Each quality attribute model has a collection of parameters that must be specified in order to determine from the model whether a requirement will be met. These paramete...
This is one of several reports that provide the current status on the work being done by the Software Engineering Institute (SEIsm) to understand the relationship between quality requirements and architectural design. The ultimate objective of this work is to provide analysis-based guidance to designers so that the quality attributes of generated d...
A system that supports the user's ability to cancel a command should be designed to achieve particular results. These results include the responses the system should make to the user, such as providing feedback to the user about the command's receipt, predicting the time the cancellation should take (for long-running cancellations), and indicating...
From the Book:For all but the most trivial software systems, you cannot hope to succeed without paying careful attention to its architecture: the way the system is decomposed into constituent parts and the ways those parts interact with each other. Without an architecture that is appropriate for the problem being solved the project will fail. Even...
This paper discusses the understanding of quality attributes and their application to the design of a software architecture.
We present an approach to characterizing quality attributes and capturing architectural patterns that are used to achieve
these attributes. For each pattern, it is important not only how the pattern achieves a quality attribu...
This report represents a milestone of a work in progress. That work is a comprehensive handbook on how to produce high-quality documentation for software architectures. The handbook, tentatively entitled Documenting Software Architectures,1 will be published in early 2002 by Addison Wesley Longman as part of the SEI Series on Software Engineering....
iii Preface to the Special Report v Preface to Software Architecture Documentation in Practice vii 1 Documenting Software Architectures 1 1.1 Rules for Sound Documentation 2 1.2 Views 6 1.3 Uses of Architecture Documentation 8 2 The Layered View 11 2.1
This paper discusses the understanding of quality attributes and their application to the design of a software architecture. We present an approach to characterizing quality attributes and capturing architectural patterns that are used to achieve these attributes. For each pattern, it is important not only how the pattern achieves a quality attribu...
Quality attribute requirements such as those for performance, security, modifiability, reliability, and usability have a significant influence on the software architecture of a system. At the Software Engineering Institute, we are studying and codifying the relationship between quality attribute requirements and the architectural design strategies...
The role of software architecture with respect to usability has evolved over the past 20 years. The architectures of the 1980s and early 1990s assumed that usability was primarily a property of the presentation of information. Therefore, simply separating the presentation from the dialogue and application made it easy to modify that presentation af...
Design decisions at the architecture level can have far-reaching effects on the qualities of a computer system. Recent developments in software engineering link architectural styles to quality attribute analysis techniques to predict the effects of architectural design decisions on the eventual manifestation of quality. An Attribute-Based Architect...
This report focuses on the quality attribute aspects of mechanisms. An architectural mechanism is a 'structure whereby objects collaborate to provide some behavior that satisfies a requirement of the problem'. The authors identity mechanisms that significantly affect quality attribute behavior and have sufficient content for analysis. Codifying suc...
The Architecture-Based Design (ABD) Method is a method for designing the software architecture of a product line of systems. It has previously been described in the technical report, The Architecture Based Design Method (CMU/SEI-2000-TR-001) Bachmann 00. This report elaborates an example of the application of this method to designing the software a...
This paper presents the Architecture Based Design (ABD) method for designing the high-level software architecture for a product line or long-lived system. Designing an architecture for a product line or long-lived system is difficult because detailed requirements are not known in advance. The ABD method fulfills functional, quality, and business re...