Skip to main content

Über dieses Buch

This book constitutes the refereed proceedings of the 12th European Conference on Software Architecture, ECSA 2018, held in Madrid, Spain, in September 2018. The 17 full papers presented together with 7 short papers were carefully reviewed and selected from 96 submissions. They are organized in topical sections as follows: Self-Adaptive Architectures, IoT Architectures, Embedded and Cyber-Physical Systems, Microservices Architectures, Service-Oriented Architectures, Architectural Design Decisions, Software Architecture in Practice.



Self-adaptive Architectures


A DSL for MAPE Patterns Representation in Self-adapting Systems

In architecture-based self-adaptation, the adaptation logic is usually structured in terms of MAPE-K (Monitor-Analyze-Plan-Execute over a shared Knowledge) control loops dealing with the adaptation concerns of the managed system. In case of large, complex and decentralized systems, multiple interacting MAPE loops are introduced. Some common design patterns of interactive MAPE components have been proposed in the literature; however, a well-defined way to document them and to express the semantics of their interactions is still missing.
This paper presents a domain-specific language, MAPE Specification Language (MSL), as modeling front-end to define and instantiate common patterns of interacting MAPE components when architecting the adaptation logic of a self-adaptive system. We also provide a semantic mapping (implemented by a model generator) to transform MSL descriptions of MAPE pattern instances into formal executable models based on the formalism of self-adaptive Abstract State Machines (ASMs). Such a mapping provides a link to the modeling back-end of ASMs for formally specifying and analyzing the behavior of instances of MAPE patterns.
Paolo Arcaini, Raffaela Mirandola, Elvinia Riccobene, Patrizia Scandurra

Formally Describing Self-organizing Architectures for Systems-of-Systems on the Internet-of-Things

Nowadays, the Internet-of-Things (IoT) enables the engineering of Software-intensive Systems-of-Systems (SoS), which are opportunistically created for achieving specified missions in specific operational environments.
A challenging issue in the architectural design of SoS on IoT is to conceive concepts and mechanisms for describing how an SoS architecture is able to create, on the fly, emergent behaviors from elementary IoT systems/devices.
To address this challenge, this paper investigates the theory of self-organization, which makes possible that, in an SoS, its constituent systems spontaneously create and maintain a valid SoS architecture enabling the evolutionary development of the required emergent behavior to fulfill the specified SoS mission. In particular, it describes how SosADL, a formal SoS Architecture Description Language (ADL), based on the novel π-Calculus for SoS, was enhanced to support the architectural description of self-organizing SoSs on the IoT, upwardly causing SoS emergent behaviors at run-time.
Flavio Oquendo

Guidance of Architectural Changes in Technical Systems with Varying Operational Modes

Technical systems often rely on redundant platforms. One way to increase dependability is to define various QoS modes, applied to different hardware resources. Switching between modes is limited by resource availability and causes costs for structural changes. Hence, selecting appropriate system architectures for specific resource sets and defining cost-efficient mode sequences is challenging. This short paper proposes an approach to support reconfiguration decisions for varying modes. We extend our decision graphs for traversing architectures towards multi-purpose applicability. We optimise reconfigurations within individual modes while reducing costs of mode changes simultaneously. Graph-based differentiations lead to most efficient mode sequences, transition configurations and visualisations. To respect high reconfigurability, we particularly inspect impacts of resource faults. For evaluation, we apply a subsystem of a micro satellite with multiple operational modes.
Lukas Märtin, Nils-André Forjahn, Anne Koziolek, Ralf Reussner

IoT Architectures


Applying Architecture-Based Adaptation to Automate the Management of Internet-of-Things

Architecture-based adaptation equips a software-intensive system with a feedback loop that enables the system to adapt itself at runtime to changes to maintain its required quality goals. To guarantee the required goals, existing adaptation approaches apply exhaustive verification techniques at runtime. However these approaches are restricted to small-scale settings, which often limits their applicability in practice. To tackle this problem, we introduce an innovative architecture-based adaptation approach to solve a concrete practical problem of VersaSense: automating the management of Internet-of-Things (IoT). The approach, called MARTAS, equips a software system with a feedback loop that employs Models At Run Time and Statistical techniques to reason about the system and adapt it to ensure the required goals. We apply MARTAS to a building security case system, which is a representative IoT system deployed by VersaSense. The application comprises a set of IoT devices that communicate sensor data over a time synchronized smart mess network to a central monitoring facility. We demonstrate how MARTAS outperforms a conservative approach that is typically applied in practice and a state-of-the-art adaptation approach for different quality goals, and we report lessons learned from this industrial case.
Danny Weyns, M. Usman Iftikhar, Danny Hughes, Nelson Matthys

IoT Architectural Styles

A Systematic Mapping Study
IoT components are becoming more and more ubiquitous. Thus, the necessity of architecting IoT applications is bringing a substantial attention towards software engineering community. On this occasion, different styles and patterns can facilitate shaping the IoT architectural characteristics. This study aims at defining, identifying, classifying, and re-designing a class of IoT styles and patterns at the architectural level. Conforming a systematic mapping study (SMS) selection procedure, we picked out 63 papers among over 2,300 candidate studies. To this end, we applied a rigorous classification and extraction framework to select and analyze the most influential domain-related information. Our analysis revealed the following main findings: (i) facing by various architectural styles that attempted to address various aspects of IoT systems, cloud and fog are discerned as their most important components. (ii) distributed patterns are not widely discussed for IoT architecture, however, there is foreseen a grow specially for their industrial applications. (iii) starting from the last few years on, there is still a growing scientific interest on IoT architectural styles. This study gives a solid foundation for classifying existing and future approaches for IoT styles beneficial for academic and industrial researchers. It provides a set of abstract IoT reference architectures to be applicable on various architectural styles.
Henry Muccini, Mahyar Tourchi Moghaddam

ECo-IoT: An Architectural Approach for Realizing Emergent Configurations in the Internet of Things

The rapid proliferation of the Internet of Things (IoT) is changing the way we live our everyday life and the society in general. New devices get connected to the Internet every day and, similarly, new IoT services and applications exploiting them are developed across a wide range of domains. The IoT environment typically is very dynamic, devices might suddenly become unavailable and new ones might appear. Similarly, users enter and/or leave the IoT environment while being interested in fulfilling their individual needs. These key aspects must be considered while designing and realizing IoT systems.
In this paper we propose ECo-IoT, an architectural approach to enable the automated formation and adaptation of Emergent Configurations (ECs) in the IoT. An EC is formed by a set of things, with their services, functionalities, and applications, to realize a user goal. ECs are adapted in response to (un)foreseen context changes e.g., changes in available things or due to changing or evolving user goals. In the paper, we describe: (i) an architecture and a process for realizing ECs; and (ii) a prototype we implemented for (iii) the validation of ECo-IoT through an IoT scenario that we use throughout the paper.
Fahed Alkhabbas, Romina Spalazzese, Paul Davidsson

A Catalogue of Architectural Decisions for Designing IIoT Systems

Designing Industrial IoT (IIoT) systems enforces new sets of architectural decisions on software/system architects. Although a rich set of materials for architecting enterprise software systems exist, there is a lack of reference documents on architectural decisions and alternatives that architects face to design IIoT systems. Based on our experience in designing IIoT systems in various domains such as process automation, discrete manufacturing and building automation, we provide a catalogue of architectural decisions, their impacts on the quality attributes of systems, and technology options to realize each design alternative.
Somayeh Malakuti, Thomas Goldschmidt, Heiko Koziolek

Embedded and Cyber-Physical Systems


Enabling Continuous Software Engineering for Embedded Systems Architectures with Virtual Prototypes

Continuous software engineering aims at orchestrating engineering knowledge from various disciplines in order to deal with the rapid changes within the ecosystems of which software-based systems are part of. The literature claims that one means to ensure these prompt responses is to incorporate virtual prototypes of the system as early as possible in the development process, such that requirements and architecture decisions are verified early and continuously by means of simulations. Despite the maturity of practices for designing and assessing architectures, as well as for virtual prototyping, it is still not clear how to jointly consider the practices from these disciplines within development processes, in order to address the dynamics imposed by continuous software engineering. In this regard, we discuss in this paper how to orchestrate architecture drivers and design specification techniques with virtual prototypes, to address the demands of continuous software engineering in development processes. Our proposals are based on experiences from research and industry projects in various domains such as automotive, agriculture, construction, and medical devices.
Pablo Oliveira Antonino, Matthias Jung, Andreas Morgenstern, Florian Faßnacht, Thomas Bauer, Adam Bachorek, Thomas Kuhn, Elisa Yumi Nakagawa

Abstraction Layered Architecture: Writing Maintainable Embedded Code

The brisk pace of the growth in embedded technology depends largely on how fast we can write and maintain software contained within embedded devices. Every enterprise seeks to improve its productivity through maintainability. While many avenues for improvement exist, highly maintainable code bases that can stay that way over a long time are rare. This article proposes a reference software architecture for embedded systems aimed at improving long-term maintainability. This reference architecture, called the Abstraction Layered Architecture (ALA), is built on the existing body of knowledge in software architecture and more than two decades of experience in designing embedded software at Tru-Test Group, New Zealand. ALA can be used for almost any object-oriented software project, and strongly supports domain-specific abstractions such as those found in most embedded software.
John Spray, Roopak Sinha

Towards Preserving Information Flow Security on Architectural Composition of Cyber-Physical Systems

A key challenge of component-based software engineering is to preserve extra-functional properties such as security when composing the software architecture from individual components. Previous work in this area does not consider specific characteristics of cyber-physical systems like asynchronous message passing, real-time behavior, or so-called feedback composition with two-way communication. Thereby, a composition of secure components might lead to insecure architectures with undetected information leaks. In this paper, we address the preservation of information flow security on composition of cyber-physical systems, taking the above characteristics into account. We refine security policies during the architectural decomposition, and outline a compositional verification approach that checks the security of individual components against their refined policies. On composition of secure components, our approach preserves security and thereby enables the design of secure software architectures. We give a proof of concept using a component-based software architecture of a cyber-manufacturing system.
Christopher Gerking, David Schubert

Microservices Architectures


A Quantitative Approach for the Assessment of Microservice Architecture Deployment Alternatives by Automated Performance Testing

Microservices have emerged as an architectural style for developing distributed applications. Assessing the performance of architectural deployment alternatives is challenging and must be aligned with the system usage in the production environment. In this paper, we introduce an approach for using operational profiles to generate load tests to automatically assess scalability pass/fail criteria of several microservices deployment alternatives. We have evaluated our approach with different architecture deployment alternatives using extensive lab studies in a large bare metal host environment and a virtualized environment. The data presented in this paper supports the need to carefully evaluate the impact of increasing the level of computing resources on performance. Specifically, for the case study presented in this paper, we observed that the evaluated performance metric is a non-increasing function of the number of CPU resources for one of the environments under study.
Alberto Avritzer, Vincenzo Ferme, Andrea Janes, Barbara Russo, Henning Schulz, André van Hoorn

Crunch: Automated Assessment of Microservice Architecture Assignments with Formative Feedback

Microservice architectures and the DevOps development practices have become essential as companies strive to provide reliable and robust software systems supporting millions of users at the same time as new features are released and defects corrected and deployed in hours rather in months or years. It is therefore relevant to teach the microservice architectural style as well as the DevOps practices to our students. A central tenet of DevOps is fast feedback which pose a problem when it comes to providing formative feedback on exercises handed in by students. In this paper, we present the architectural design challenges in assessing student solutions embodying microservice systems as well as our analysis and solutions to them. We present our implementation, Crunch, and present student and instructor evaluation of having this support in a concrete course.
Henrik Bærbak Christensen

Beethoven: An Event-Driven Lightweight Platform for Microservice Orchestration

The microservice architecture provides an efficient manner to allocate computational resources since each microservice can be individually scaled. Despite its benefits, there are still challenges regarding the cooperation among different microservices in order to provide elaborated business processes. In this paper, we propose Beethoven, an event-driven lightweight platform for microservice orchestration that eases the creation of complex applications that use microservice data flows. The platform is composed of a reference architecture and an orchestration language. The reference architecture has been instantiated by using the Spring Cloud Netflix ecosystem. To demonstrate the feasibility of the Beethoven platform, an example application has been developed. All artifacts produced as part of this work are available.
Davi Monteiro, Rômulo Gadelha, Paulo Henrique M. Maia, Lincoln S. Rocha, Nabor C. Mendonça

Service-Oriented Architectures


A Platform for the Automated Provisioning of Architecture Information for Large-Scale Service-Oriented Software Systems

Providing valid architecture information to stakeholders remains a challenge, as the effort required for documenting and maintaining this information over a longer period of time is very high. Automatically and continuously extracting architecture information from the system implementation makes it possible to document and keep architecture information up-to-date. In large software systems, architecture extraction has to deal with the continuous and efficient extraction of architectural information from very large code bases. In cooperation with a company from the financial sector, we have developed over several years a platform for the automatic extraction and provision of architectural information for large-scale service-oriented software systems. The platform was evaluated in a real industrial environment. The results of this evaluation show that it can provide up-to-date architectural information for large code bases on a daily basis. It also provides information on the trustworthiness of the extracted information and how it can be improved.
Georg Buchgeher, Rainer Weinreich, Heinz Huber

Providing Context as a Service Using Service-Oriented Mobile Indie Fog and Opportunistic Computing

The increasing number of sensor-embedded mobile devices has motivated the research of mobile Sensing as a Service in which mobile devices can host Web servers to serve sensory data to the Internet of Things systems, urban crowd sensing systems and big data acquisition systems. Further, the improved processing power of modern mobile devices indicates the mobile devices are not only capable of serving sensory data but also capable of providing Context as a Service (CaaS) based on requesters’ own interpretation algorithms. In order to demonstrate mobile CaaS, this paper proposes a service-oriented mobile Indie Fog server architecture, which enables dynamic algorithm execution and also supports distributed CaaS processing among mobile devices. Moreover, in order to optimise the process distribution, the proposed framework also encompasses a resource-aware process assignment scheme known as MIRA. Finally, the authors have implemented and evaluated the proposed framework on a number of real devices. Accordingly, the evaluation results show that the MIRA scheme can improve the process assignment in the collaborative mobile CaaS environment.
Chii Chang, Satish Narayana Srirama

Spotlighting Use Case Specific Architectures

Most of the time a large software system implies a complex architecture. However, at some point of the system’s execution, its components are not necessarily all running. Indeed, some components may not be concerned by a given use case, and therefore they do not consume/use or register the declared services. Thus, these architectural elements (components and their services) represent a “noise” in the architecture model of the system. Their elimination from the architecture model may greatly reduce its complexity, and consequently helps developers in their maintenance tasks. In our work, we argue that a large service-oriented system has, not only one, but several architectures, which are specific to its runtime use cases. Indeed, each architecture reflects the services, and thereby the components, which are really useful for a given use case. In this paper, we present an approach for recovering such use case specific architectures of service-oriented systems. Architectures are recovered both through a source code analysis and by querying the runtime environment and the service registry. The first built architecture (the core architecture) is composed of the components that are present in all the use cases. Then, depending on a particular use case, this core architecture will be enriched with only the needed components.
Mohamed Lamine Kerdoudi, Chouki Tibermacine, Salah Sadou

Architectural Design Decisions


Empirical Insights into the Evolving Role of Architects in Decision-Making in an Agile Context

The transition to agile software development changes the decision-making power in organizations. This study aims to provide researchers and practitioners with empirical insights into how the participation in decision-making by enterprise, solution and system architects evolves due to this transition. For this purpose, a case study was conducted to examine the participation of and challenges for architects in decision-making in agile projects. A mixed-method research approach was used comprising observations, conversations, interviews, literature study and a survey. We found that 101 decision types are used prior to and in agile iterations, in which architects and stakeholders collaborate to make these decisions. The projection of these types of decisions over 25 different actors in the case study organization demonstrates that decision-making is a group effort in which solution and system architects are highly involved. Architecture and agility can indeed co-exist. Another finding of this case study is that stakeholders in agile teams perceive less architecture involvement in decision-making and expect less design decisions up front. Architects are challenged to become team players, to make design decisions only when they are necessary, and finally, to document, communicate, and share design decisions more effectively.
Femke Heijenk, Martin van den Berg, Henrik Leopold, Hans van Vliet, Raymond Slot

Using Informal Knowledge for Improving Software Quality Trade-Off Decisions

To deliver high-quality software, in a software development process a variety of quality attributes must be considered such as performance, usability or security. In particular, quality attributes such as security and usability are difficult to analyze quantitatively. Knowledge about such quality attributes is often only informally available and therefore cannot be processed in structured and formalized decision-making approaches to optimize the software architecture. In this paper, we have defined a framework in order to make use of informally available knowledge in automated design decision support processes. We connect qualitative reasoning models with models for quantitative quality estimation to optimize software architectures regarding both knowledge representation models together. By our approach quality attributes for which no quantitative evaluation model is available can now be used in automated software architecture optimization approaches. For evaluating our approach, we demonstrate its benefits using a real-world case study and an example that is related to a real-world system.
Yves Schneider, Axel Busch, Anne Koziolek

Understanding Architecture Decisions in Context

An Industry Case Study of Architects’ Decision-Making Context
Many organizations struggle with efficient architecture decision-making approaches. Often, the decision-making approaches are not articulated or understood. This problem is particularly evident in large, globally distributed organizations with multiple large products and systems. The significant architecture decisions of a system are a critical organization knowledge asset, as well as a determinant of success. However, the environment in which decisions get made, recorded, and followed-up on often confounds rather than helps articulation and execution of architecture decisions. This paper looks at aspects of architecture decision-making, drawing from an industry-based case study. The data represents findings from a qualitative case study involving a survey and three focus groups across multiple organizations in a global technology company. Architects in this organization are responsible for multiple products and systems, where individual products can include up to 50+ teams. The impact is not just on others in the system; architecture decisions also impact other decisions and other architects. The findings suggest recommendations for organizations to improve how they make and manage architecture decisions. In particular, this paper notes the relevance of group decision-making, decision scope, and social factors such as trust in effective architecture decision-making.
Ken Power, Rebecca Wirfs-Brock

Software Architecture in Practice


Software Architecture Measurement—Experiences from a Multinational Company

In this paper, we present our 4-year experience of creating, evolving, and validating an automated software architecture measurement system within Huawei. This system is centered around a comprehensive scale called the Standard Architecture Index (SAI), which is composed of a number of measures, each reflecting a recurring architecture problem. Development teams use this as a guide to figure out how to achieve a better score by addressing the underlying problems. The measurement practice thus motivates desired behaviors and outcomes. In this paper, we present our experience of creating and validating SAI 1.0 and 2.0, which has been adopted as the enterprise-wide standard, and our directions towards SAI 3.0. We will describe how we got the development teams to accept and apply SAI through pilot studies, constantly adjusting the formula based on feedback, and correlating SAI scores with productivity measures. Our experience shows that it is critical to guide development teams to focus on the underlying problems behind each measure within SAI, rather than on the score itself. It is also critical to introduce state-of-the-art technologies to the development teams. In doing so they can leverage these technologies to pinpoint and quantify architecture problems so that better SAI scores can be achieved, along with better quality and productivity.
Wensheng Wu, Yuanfang Cai, Rick Kazman, Ran Mo, Zhipeng Liu, Rongbiao Chen, Yingan Ge, Weicai Liu, Junhui Zhang

Identifying and Prioritizing Architectural Debt Through Architectural Smells: A Case Study in a Large Software Company

Architectural technical debt can have a huge impact on software maintainability and evolution. Hence, different architectural violations, detected as architectural smells, need to be identified and refactored. In this paper, we conducted a multiple case-study on several architectural smells detected in four industrial projects. We conducted an in-depth investigation with a questionnaire, interviews and thorough inspection of the code with the practitioners. We evaluated the negative impact of the technical debt detected by the architectural smells, their difficulty to be refactored and the usefulness of the detection tool. The results show that practitioners appreciated the help of automatic detection, and that they prioritize refactoring architectural debt that causes more negative impact despite the higher refactoring effort.
Antonio Martini, Francesca Arcelli Fontana, Andrea Biaggi, Riccardo Roveda

Software Migration and Architecture Evolution with Industrial Platforms: A Multi-case Study

The software industry increasingly needs to consider architecture evolution in the context of industrial ecosystem platforms. These environments feature a large number third-party offerings with a high variety and complexity of design and technology options. The software architects working on platform migration and in-platform evolution scenarios in such environments require support to find and utilize optimal offerings, ensure design compatibility with various technical and non-technical constraints, and optimize architectures. Based on a multi-case study of three industrial cases, we have derived an architecture knowledge model that provides a basis for supporting software architects in platform migration and in-platform evolution scenarios.
Konstantinos Plakidas, Daniel Schall, Uwe Zdun

Security and Data Architectures


Two Architectural Threat Analysis Techniques Compared

In an initial attempt to systematize the research field of architectural threat analysis, this paper presents a comparative study of two threat analysis techniques. In particular, the controlled experiment presented here compares two variants of Microsoft’s STRIDE. The two variants differ in the way the analysis is performed. In one case, each component of the software system is considered in isolation and scrutinized for potential security threats. In the other case, the analysis has a wider scope and considers the security threats that might occur in a pair of interacting software components. The study compares the techniques with respect to their effectiveness in finding security threats (benefits) as well as the time that it takes to perform the analysis (cost). We also look into other human aspects which are important for industrial adoption, like, for instance, the perceived difficulty in learning and applying the techniques as well as the overall preference of our experimental participants.
Katja Tuma, Riccardo Scandariato

Executing Architectural Models for Big Data Analytics

With recent big data analytics (BDA) proliferation, enterprises collect and transform data to perform predictive analyses in a scale that few years ago were not possible. BDA methodologies involve business, analytics and technology domains. Each domain deals with different concerns at different abstraction levels, but current BDA development does not consider the formal integration among these domains. Hence, deployment procedure usually implies rewriting code to be deployed on specific IT infrastructures to obtain software aligned to functional and non-functional requirements. Moreover, previous surveys have reported a high cost and error-prone transition between analytics development (data lab) and productive environments. This paper presents ACCORDANT, a domain specific model (DSM) approach to design and generate data analytics solutions bridging the gap between analytics and IT architecture domains. To validate the proposal’s feasibility and usability, a proof of concept is developed and evaluated.
Camilo Castellanos, Dario Correal, Juliana-Davila Rodriguez


Weitere Informationen

Premium Partner