main-content

## Über dieses Buch

This book constitutes the refereed proceedings of the 14th International Conference on Software Architecture, ECSA 2020, held in A’quila, Italy, in September 2020.

In the Research Track, 12 full papers presented together with 5 short papers were carefully reviewed and selected from 103 submissions. They are organized in topical sections as follows: microservices; uncertainty, self-adaptive, and open systems; model-based approaches; performance and security engineering; architectural smells and source code analysis; education and training; experiences and learnings from industrial case studies; and architecting contemporary distributed systems.

In the Industrial Track, 11 submissions were received and 6 were accepted to form part of these proceedings. In addition the book contains 3 keynote talks.

Due to the Corona pandemic ECSA 2020 was held as an virtual event.

## Inhaltsverzeichnis

### Assessing Architecture Conformance to Coupling-Related Patterns and Practices in Microservices

Abstract
Microservices are the go-to architectural style for building applications that are polyglot, support high scalability, independent development and deployment, and are rapidly adaptable to changes. Among the core tenets for a successful microservice architecture is high independence of the individual microservices, i.e. loose coupling. A number of patterns and best practices are well-established in the literature, but most actual microservice-based systems do not, as a whole or in part, conform to them. Assessing this conformance manually is not realistically possible for large-scale systems. This study aims to provide the foundations for an automated approach for assessing conformance to coupling-related patterns and practices specific for microservice architectures. We propose a model-based assessment based on generic, technology-independent metrics, connected to typical design decisions encountered in microservice architectures. We demonstrate and assess the validity and appropriateness of these metrics by performing an assessment of the conformance of real-world systems to patterns through statistical methods.
Evangelos Ntentos, Uwe Zdun, Konstantinos Plakidas, Sebastian Meixner, Sebastian Geiger

### Formal Software Architectural Migration Towards Emerging Architectural Styles

Abstract
Software systems are evolved over time to enhance various qualities of the software system by adopting new technologies and principles. The architecture design is usually required to be migrated from one architectural style to another to support this adoption, while the key functionalities still need to be preserved. This paper presents a formal approach that supports architectural migration. Our approach automates refactoring the architectural design to support the exploitation of emerging technologies such as microservices and blockchain. With our approach, the refactored architectural design can be verified to ensure that the essential functional requirements are still preserved, and the design has complied with the behavioural constraints of new architectural styles. We have evaluated the accuracy and performance of our approach. The results prove that it performs reasonably well.
Nacha Chondamrongkul, Jing Sun, Ian Warren

### Monolith Migration Complexity Tuning Through the Application of Microservices Patterns

Abstract
The microservices architecture has become mainstream for the development of business applications because it supports the adaptation of scalability to the type of demand, but, most importantly, because it fosters an agile development process based on small teams focused on the product. Therefore, there is the need to migrate the existing monolith systems to microservices. Current approaches to the identification of candidate microservices in a monolith neglect the cost of redesigning the monolith functionality due to the impact of the CAP theorem. In this paper we propose a redesign process, guided by a set of complexity metrics, that allows the software architect to analyse and redesign the monolith functionality given a candidate decomposition. Both, the redesign process and the metrics are evaluated in the context of candidate decompositions of two monolith systems.
João Franscisco Almeida, António Rito Silva

### Decentralized Architecture for Energy-Aware Service Assembly

Abstract
Contemporary application domains make more and more appealing the vision of applications built as a dynamic and opportunistic assembly of autonomous and independent resources. However, the adoption of such paradigm is challenged by: (i) the openness and scalability needs of the operating environment, which rule out approaches based on centralized architectures and, (ii) the increasing concern for sustainability issues, which makes particularly relevant, in addition to QoS constraints, the goal of reducing the application energy footprint. In this context, we contribute by proposing a decentralized architecture to build a fully functional assembly of distributed services, able to optimize its energy consumption, paying also attention to issues concerning the delivered quality of service. We suggest suitable indexes to measure from different perspectives the energy efficiency of the resulting assembly, and present the results of extensive simulation experiments to assess the effectiveness of our approach.
Mauro Caporuscio, Mirko D’Angelo, Vincenzo Grassi, Raffaela Mirandola

### Continuous Experimentation for Automotive Software on the Example of a Heavy Commercial Vehicle in Daily Operation

Abstract
As the automotive industry focuses its attention more and more towards the software functionality of vehicles, techniques to deliver new software value at a fast pace are needed. Continuous Experimentation, a practice coming from the web-based systems world, is one of such techniques. It enables researchers and developers to use real-world data to verify their hypothesis and steer the software evolution based on performances and user preferences, reducing the reliance on simulations and guesswork. Several challenges prevent the verbatim adoption of this practice on automotive cyber-physical systems, e.g., safety concerns and limitations from computational resources; nonetheless, the automotive field is starting to take interest in this technique. This work aims at demonstrating and evaluating a prototypical Continuous Experimentation infrastructure, implemented on a distributed computational system housed in a commercial truck tractor that is used in daily operations by a logistic company on public roads. The system comprises computing units and sensors, and software deployment and data retrieval are only possible remotely via a mobile data connection due to the commercial interests of the logistics company. This study shows that the proposed experimentation process resulted in the development team being able to base software development choices on the real-world data collected during the experimental procedure. Additionally, a set of previously identified design criteria to enable Continuous Experimentation on automotive systems was discussed and their validity confirmed in the light of the presented work.
Federico Giaimo, Christian Berger

### Towards Using Probabilistic Models to Design Software Systems with Inherent Uncertainty

Abstract
The adoption of machine learning (ML) components in software systems raises new engineering challenges. In particular, the inherent uncertainty regarding functional suitability and the operation environment makes architecture evaluation and trade-off analysis difficult. We propose a software architecture evaluation method called Modeling Uncertainty During Design (MUDD) that explicitly models the uncertainty associated to ML components and evaluates how it propagates through a system. The method supports reasoning over how architectural patterns can mitigate uncertainty and enables comparison of different architectures focused on the interplay between ML and classical software components. While our approach is domain-agnostic and suitable for any system where uncertainty plays a central role, we demonstrate our approach using as example a perception system for autonomous driving.
Alex Serban, Erik Poll, Joost Visser

### Empowering SysML-Based Software Architecture Description with Formal Verification: From SysADL to CSP

Abstract
Software architecture description languages (ADLs) currently adopted by industry for software-intensive systems are largely semi-formal and essentially based on SysML and specialized profiles. Despite these ADLs allow describing both structure and behavior of the architecture, there is no guarantee regarding the satisfaction of correctness properties. Due to their nature, semi-formal ADLs do not support automated verification of the specified properties, in particular those related to safety and liveness of the specified behavior. This paper proposes a novel approach for empowering SysML-based ADLs with formal verification support founded on model checking. It presents (i) how the semantics of SysADL, a SysML-based ADL, can be formalized in terms of the CSP process calculus, (ii) how correctness properties can be formally specified in CSP, and (iii) how the FDR4 refinement checker allows verifying correctness properties through model checking. The automated model transformation from SysADL architecture descriptions to CSP composite processes has been implemented as a plug-in to the Eclipse-based SysADL Studio tool. This paper also describes an application of SysADL empowered with CSP to validate its usefulness in practice.
Fagner Dias, Marcel Oliveira, Thais Batista, Everton Cavalcante, Jair Leite, Flavio Oquendo, Camila Araújo

### A Flexible Architecture for Key Performance Indicators Assessment in Smart Cities

Abstract
The concept of smart and sustainable city has been on the agenda for the last decade. Smart governance is about the use of innovation for supporting enhanced decision making and planning to make a city smart, by leveraging on Key Performance Indicators (KPIs) as procedural tools. However, developing processes and instruments able to evaluate smart cities is still a challenging task, due to the rigidity showed by the existing frameworks in the definition of KPIs and modeling of the subjects to be evaluated. Web-based platforms, spreadsheets or even Cloud-based applications offer limited flexibility, if the stakeholder is interested not only in using but also in defining the pieces of the puzzle to be composed. In this paper we present a flexible architecture supporting a model-driven approach for the KPIs assessment in smart cities. It identifies both required and optional components and functionalities needed for realizing the automatic KPIs assessment, while showing flexibility points allowing for different specification of the architecture, thus of the overall methodology.
Martina De Sanctis, Ludovico Iovino, Maria Teresa Rossi, Manuel Wimmer

### A Multi-objective Performance Optimization Approach for Self-adaptive Architectures

Abstract
This paper presents an evolutionary approach for multi-objective performance optimization of Self-Adaptive Systems, represented by a specific family of Queuing Network models, namely SMAPEA QNs. The approach is based on NSGA-II genetic algorithm and it is aimed at suggesting near-optimal alternative architectures in terms of mean response times for the different available system operational modes. The evaluation is performed through a controlled experiment with respect to a realistic case study, with the aim of establishing whether meta-heuristics are worth to be investigated as a valid support to performance optimization of Self-Adaptive Systems.
Davide Arcelli

### Data Stream Operations as First-Class Entities in Component-Based Performance Models

Abstract
Data streaming applications are an important class of data-intensive systems. Performance is an essential quality of such systems. It is, for example, expressed by the delay of analysis results or the utilization of system resources. Architecture-level decisions such as the configuration of sources, sinks and operations, their deployment or the choice of technology impact the performance. Current component-based performance prediction approaches cannot accurately predict the performance of those systems, because they do not support the metrics that are specific to data streaming applications and only approximate the behavior of data stream operations instead of expressing it explicitly. In particular, operations that group multiple data events and thus introduce timing dependencies between different calls to the system are not represented sufficiently. In this paper, we present an approach for modeling networks of data stream operations including their parameters with the goal of predicting the performance of the resulting composed data streaming application. The approach is based on a component-based performance model with queueing semantics for processing resources. Our evaluation shows that our model can more accurately express the behavior of the system, resulting in a more expressive performance model compared to a well-encapsulated component-based model without data stream operations.
Dominik Werle, Stephan Seifermann, Anne Koziolek

### Architecture-Centric Support for Integrating Security Tools in a Security Orchestration Platform

Abstract
Security Operation Centers (SOC) leverage a number of tools to detect, thwart and deal with security attacks. One of the key challenges of SOC is to quickly integrate security tools and operational activities. To address this challenge, an increasing number of organizations are using Security Orchestration, Automation and Response (SOAR) platforms, whose design needs suitable architectural support. This paper presents our work on architecture-centric support for designing a SOAR platform. Our approach consists of a conceptual map of SOAR platform and the key dimensions of an architecture design space. We have demonstrated the use of the approach in designing and implementing a Proof of Concept (PoC) SOAR platform for (i) automated integration of security tools and (ii) automated interpretation of activities to execute incident response processes. We also report a preliminary evaluation of the proposed architectural support for improving a SOAR’s design.

### VisArch: Visualisation of Performance-based Architectural Refactorings

Abstract
Evaluating the performance characteristics of software architectures is not trivial since many factors, such as workload fluctuations and service failures, contribute to large variations. To reduce the impact of these factors, architectures are refactored so that their design becomes more robust and less prone to performance violations. This paper proposes an approach for visualizing the impact, from a performance perspective, of different performance-based architectural refactorings that are inherited by the specification of performance antipatterns. A case study including 64 performance-based architectural refactorings is adopted to illustrate how the visual representation supports software architects in the evaluation of different architecture design alternatives.
Catia Trubiani, Aldeida Aleti, Sarah Goodwin, Pooyan Jamshidi, Andre van Hoorn, Samuel Gratzl

### An Initial Study on the Association Between Architectural Smells and Degradation

Abstract
It is generally assumed that architectural smells are associated with software architectural degradation. Treating smells could hence help treating degradation. This article investigates the association between three types of architectural smells and the existence of architecture-violating dependencies as manifestation of architectural degradation in software.
We gathered data about architectural smells and violations from a single system with a validated prescriptive architecture. The data was analysed to identify and characterise associations between architectural smells and violations. Statistically relevant associations were identified for two of three smells, namely cyclic dependencies and unstable dependencies. Effect sizes were small for both though.
These results provide evidence for cyclic and unstable dependencies having a larger risk of including architectural violations. The small effect sizes indicate that the presence of architectural smells cannot explain architectural degradation alone. This shows that complementing methods and techniques are required for exhaustive treatment of both phenomena.
Sebastian Herold

### Architectural Technical Debt: A Grounded Theory

Abstract
Architectural technical debt in a software-intensive system is driven by design decisions about its structure, frameworks, technologies, languages, etc. Unlike code-level technical debt, which can be readily detected by static analysers, and can often be refactored with minimal efforts, architectural debt is hard to detect, and its remediation is wide-ranging, daunting, and often avoided. The objective of this study is to develop a better understanding of how software development organisations conceptualize their architectural debt, and how they deal with it, if at all. We used a grounded theory method, eliciting qualitative data from software architects and senior technical staff from a wide range of software development organizations. The result of the study, i.e., the theory emerging from the collected data, constitutes an encompassing conceptual theory of architectural debt, identifying and relating concepts such as symptoms, causes, consequences, and management strategies. By grounding the findings in empirical data, the theory provides researchers and practitioners with evidence of which crucial factors of architectural technical debt are experienced in industrial contexts.
Roberto Verdecchia, Philippe Kruchten, Patricia Lago

### Does BERT Understand Code? – An Exploratory Study on the Detection of Architectural Tactics in Code

Abstract
Quality-driven design decisions are often addressed by using architectural tactics that are re-usable solution options for certain quality concerns. Creating traceability links for these tactics is useful but costly. Automating the creation of these links can help reduce costs but is challenging as simple structural analyses only yield limited results. Transfer-learning approaches using language models like BERT are a recent trend in the field of natural language processing. These approaches yield state-of-the-art results for tasks like text classification. In this paper, we experiment with treating detection of architectural tactics in code as a text classification problem. We present an approach to detect architectural tactics in code by fine-tuning BERT. A 10-fold cross-validation shows promising results with an average $$F_1$$-Score of 90%, which is on a par with state-of-the-art approaches. We additionally apply our approach on a case study, where the results of our approach show promising potential but fall behind the state-of-the-art. Therefore, we discuss our approach and look at potential reasons as well as downsides and future work.
Jan Keim, Angelika Kaplan, Anne Koziolek, Mehdi Mirakhorli

### Teaching Students Software Architecture Decision Making

Abstract
Making the right decisions is challenging for architects on all levels of seniority. Less experienced architects in particular perceive the transition from design problems to their solutions as hard; it is not always clear how to find suitable concepts and technologies, how to compare alternatives, and how to build consensus. Lack of experience makes it difficult to train software engineering students in the identification, selection, and collective evaluation of design alternatives. Moreover, human factors such as cognitive bias make “soft” topics like architecture decisions rather hard to teach. To overcome these issues and let students gain the required experience, a Spanish University ran two experiments. Undergraduate computer science students assumed different roles in collaborative decision-making tasks and design activities. They used a novel decision-modeling tool to capture and challenge the relevant design decisions. This paper describes this new teaching setup and reports on lessons learned.
Rafael Capilla, Olaf Zimmermann, Carlos Carrillo, Hernán Astudillo

### The PDEng Program on Software Technology

Experience Report on a Doctorate Level Architecture Training Program
Abstract
Attention for software architecture in higher education used to be limited to a few (or a single) courses in the later years of a Master program. In this paper we share our experience on a unique educational program in the Netherlands in which education and training on architecture is an integrated theme: the PDEng Software Technology program. The paper provides background information for the program focusing on its history and demand from industry. The program design adhering to the European Qualification Level (EQF) level 8 while satisfying industrial requirements is presented in some detail. The way we evaluate and monitor the quality of the program by Dutch government, industry partners, and alumni is discussed. In sharing the experience of the past 30 years of training architects and designers, the program has dealt with many changes and complexities on both academia and industry.
Ad T. M. Aerts, Yanja Dajsuren

### Architectural Concerns for Digital Twin of the Organization

Abstract
Employing a Digital Twin of the Organization would help enterprises to change and innovate, thus enhancing their organization’s sustainability. However, the lack of engineering best practices for developing and operating a Digital Twin of the Organization makes it difficult for enterprises to fully benefit from it. Many companies are currently investigating the potential use of it, but available solutions are often context-dependent or system-specific, and challenging to adapt, extend, and reuse. Therefore, digitalization is perceived as a slow, resource-demanding, and extremely expensive process whose outcome is uncertain. To this extent, enterprises seek solutions allowing them to gently introduce a Digital Twin of the Organization into their organization and to evolve it according to the changing needs and situations. This paper reports a first attempt on architecting a Digital Twin of an Organization, and discusses some architectural concerns to be addressed in order to facilitate its development and evolution.
Mauro Caporuscio, Farid Edrisi, Margrethe Hallberg, Anton Johannesson, Claudia Kopf, Diego Perez-Palacin

### Quick Evaluation of a Software Architecture Using the Decision-Centric Architecture Review Method: An Experience Report

Abstract
Software architecture evaluations allow systematic checking of software architecture fitness regarding the context and business. However, selecting and using an evaluation method always have some challenges and issues. This article reports an architecture review while developing an innovation projects support platform for a Chilean R&D and engineering institution. We chose DCAR (Decision-Centric Architecture Review) because it has lightweight requirements on documentation and resources, it can evaluate a project already running, and it did not impact a schedule where architecture reviews had not been considered from the start. We describe the review of three accepted and one rejected decisions. Lessons learned and benefits observed include recording decisions’ rationale, visibilization of some technological issues, and rethinking of some previously made architectural decisions. Finally, we recommend making frequent mini-reviews of architecture decisions, to understand the architecture, formalize it with its resulting reports, and raise its visibility in the team itself.
Pablo Cruz, Luis Salinas, Hernán Astudillo

### The Quest for Introducing Technical Debt Management in a Large-Scale Industrial Company

Abstract
The long lifetime and the evolving nature of industrial products make them subject to technical debt management at different levels such as architecture and code. Although the classical steps to perform technical debt management are known, in a study that we have been performing in a large-scale industrial company as our client, we realized that finding a starting point, which leads to the desired outcome, is in fact a major challenge. This paper elaborates on various causes that we have identified for this challenge, and discusses our stepwise approach to address them so that the software quality can be improved. We believe that our experiences can be beneficial for both practitioners and researchers to gain more insight into applying quality improvement in practice as well as indicating open areas for further research.
Somayeh Malakuti, Sergey Ostroumov

### Determining Microservice Boundaries: A Case Study Using Static and Dynamic Software Analysis

Abstract
A number of approaches have been proposed to identify service boundaries when decomposing a monolith to microservices. However, only a few use systematic methods and have been demonstrated with replicable empirical studies. We describe a systematic approach for refactoring systems to microservice architectures that uses static analysis to determine the system’s structure and dynamic analysis to understand its actual behavior. A prototype of a tool was built using this approach (MonoBreaker) and was used to conduct a case study on a real-world software project. The goal was to assess the feasibility and benefits of a systematic approach to decomposition that combines static and dynamic analysis. The three study participants regarded as positive the decomposition proposed by our tool, and considered that it showed improvements over approaches that rely only on static analysis.
Tiago Matias, Filipe F. Correia, Jonas Fritzsch, Justus Bogner, Hugo S. Ferreira, André Restivo

### IAS: An IoT Architectural Self-adaptation Framework

Abstract
This paper develops a generic approach to model control loops and their interaction within the Internet of Things (IoT) environments. We take advantage of MAPE-K loops to enable architectural self-adaptation. The system’s architectural setting is aligned with the adaptation goals and the components run-time situation and constraints. We introduce an integrated framework for IoT Architectural Self-adaptation (IAS) where functional control elements are in charge of environmental adaptation and autonomic control elements handle the functional system’s architectural adaptation. A Queuing Networks (QN) approach was used for modeling the IAS. The IAS-QN can model control levels and their interaction to perform both architectural and environmental adaptations. The IAS-QN was modeled on a smart grid system for the Melle-Longchamp area (France). Our architectural adaptation approach successfully set the propositions to enhance the performance of the electricity transmission system. This industrial use-case is a part of CPS4EU European industrial innovation project (CPS4EU is a three years project funded by the H2020-ECSEL-2018-IA. The project develops four vital IoT technologies, namely computing, connectivity, sensing, and cooperative systems. It incorporates those IoT technologies through pre-integrated architectures and design tools. It instantiates the architectures in dedicated use-cases from a strategic application viewpoint for automotive, smart grid, and industrial automation https://​cps4eu.​eu).
Mahyar T. Moghaddam, Eric Rutten, Philippe Lalanda, Guillaume Giraud

### A Comparison of MQTT Brokers for Distributed IoT Edge Computing

Abstract
Many enterprise IoT application scenarios, such as connected cars, smart cities, and cloud-connected industrial plants require distributed MQTT brokers to achieve high scalability and availability. With a market of over 20 MQTT brokers, it is hard for software architects to make a good selection. Existing MQTT comparisons often include only non-distributed brokers, focus exclusively on performance, or are difficult to generalize. We compared three distributed MQTT brokers for performance, scalability, resilience, security, extensibility, and usability in an enterprise IoT scenario deployed to an edge gateway cluster. We found that EMQX provided the best performance (28K msg/s), while only HiveMQ showed no message loss in our test scenario. VerneMQ offers similar features as the other brokers but is fully available as open source. The paper includes decision guidance for software architects, listing six major decision points regarding MQTT brokers.
Heiko Koziolek, Sten Grüner, Julius Rückert

### Backmatter

Weitere Informationen