Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT...

52
Instructors: Rick Linger 301-926-4858 Tom Longstaff 412-268-7074 Nancy Mead 412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie Mellon University rlinger, tal, [email protected] Schedule: Wednesday 5:30-8:20 PM HBH 1003 95-750 Security Architecture and Analysis Fall 2001
  • date post

    20-Dec-2015
  • Category

    Documents

  • view

    214
  • download

    0

Transcript of Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT...

Page 1: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Instructors:

Rick Linger 301-926-4858Tom Longstaff 412-268-7074Nancy Mead 412-268-5756CERT Coordination CenterSoftware Engineering InstituteCarnegie Mellon Universityrlinger, tal, [email protected]

Schedule:

Wednesday 5:30-8:20 PMHBH 1003

95-750 Security Architecture and AnalysisFall 2001

Page 2: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

ArchitectureDefinition &Analysis

SurvivableNetworkAnalysis

Security Architectures

Security Architecture Analysis: Course Roadmap

Architecture DevelopmentManagement

Session 1 (Linger)What: Methods for defining and reasoning about system architectures.Why: The architecture level is cost-effective and intellectually manageable for analysis and design of system security and survivability capabilities.

Session 2, 3a (Linger)What: Survivability analysis improves preservation of critical mission capabilities.Why: No amount of security can guarantee that systems will not be compromised; essential services and assets must be maintained.

Sessions 4, 6, 7. 9, 11 (Longstaff)What: Analysis of vulnerabilities and methods for improving system security.Why: System security can be improved by a variety of techniques at the network, operating system, and application level.

Session 13 (Linger)What: Architecture development with COTS componentsWhy: Most security vulnerabilities are the result of poor system development and acquisition practices. From a security perspective, good practices and management methods are critically important.

Plus:• Student team project in survivability analysis (Mead)• Guest lectures on special topics• Student presentations

Page 3: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Course Objectives

• Understand how to reason about system architectures

• Understand security strategies at the architecture level

• Understand and apply survivability concepts and strategies

• Understand impact of development life cycle practices and management processes on security and survivability

• Gain experience in summarizing and presenting material

Page 4: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Your presentations

• Why is this important? In the work environment you will be called upon to:

Evaluate and articulate situations Explain and defend your ideas

• A presentation strategy: What is the problem?What is the current state-of-practice?What is the solution?

• Am I explaining this well?Can I summarize the article in one sentence?What is the “elevator conversation?”You are the teacher

• Presentation target: 15 minutes/cut off at 20 minutes

Page 5: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Security Architecture and Analysis: Session 1a

• Concepts of System Architectures

• Enterprise/Architecture Matchup

• Architecture and the System Development Life Cycle

• Architectural Styles and Properties

• Architecture Representation

• Architecture Impact of COTS Products

• Architecture Trade-offs

• Reuse and Product Line Architectures

• An Architecture Framework

Page 6: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Concepts of System Architectures

Architecture Definitions:

Architecture: The organizational structure of a system ofcomponents [IEEE Glossary]

The architecture of a system defines that system in terms ofcomputational components and interactions among thosecomponents. Components are such things as clients and servers,databases, filters, and layers in a hierarchical system. Interactionsamong components at this level of design can be simple andfamiliar, such as procedure call and shared variable access. Butthey can also be complex and semantically rich, such as client-server protocols, database accessing protocols, asynchronousevent multicast, and piped streams. [Shaw and Garlan]

The software architecture of a program or computing system is thestructure or structures of the system, which comprise softwarecomponents, the externally visible properties of those components,and the relationships among them. [Bass, Clements, Kazman]

Architectural design: The process of defining a collection ofhardware and software components and their interfaces toestablish the framework for the development of a computersystem. [IEEE Glossary]

Page 7: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Concepts of System Architectures

Other viewpoints [Bass]

Architecture is high-level design (more to it than that)

Architecture is the overall structure of the system (what structure)

Architecture is the structure of the components of a program orsystem, their interrelationships, and principles and guidelinesgoverning their design and evolution over time (process-centric,includes guidelines and principles)

Architecture is components and connectors (what kinds ofconnectors, runtime?)

Architecture is components, connectors, and constraints (lacksnotion of externally visible properties)

Page 8: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Concepts of System Architectures

• Architectures are comprised of components and connectors:

• Components (Computation)Hardware:

Workstations, servers, mainframes, printers, sensors, actuators, …Software:

Operating systems, data base systems, middleware, browsers, applications, utilities, firewalls, ...

• Connectors (Communication)Hardware:

Communication links: routers, switches, public telephone network, leased lines, virtual private networks, …

Software:Communication protocols: TCP/IP, SNMP, HTTP, FTP …, Linkageconventions: procedure calls, remote procedure calls, thread initiation, ...

Page 9: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

• Modern enterprise system architectures integrate computation and communication:

EnterpriseSystem

Architectures

Computation Communication

• Metcalf’s Law • Speed and Cost

• WAN• LAN• SAN

• Moore’s Law • MIPS• Processing Costs• Storage Size and Costs

• Main Memory• Secondary Storage

Concepts of System Architectures

Page 10: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Concepts of System Architectures

Architecture properties:

• Functional propertiesMust satisfy domain-specific functional requirementsand specifications

• Non-functional properties (the “ilities”)Must satisfy performance, availability, reliability, safety, security, survivability, maintainability, usability, manageability, … properties

Architecture trade-offs:

• Properties can conflict

• Trade-offs seek optimal combinations of properties based on cost/benefit analysis

Page 11: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

The Cost of Downtime:

Business Industry Hourly Costs Brokerage Operations Finance $6,450,000 Credit Card / Sales Authorizations Finance $2,600,000 Pay-per-View Media $150,000 Home Shopping Retail $113,000 Catalog Sales Retail $90,000 Airline Reservations Transportation $90,000 Tele-ticket Sales Media $69.000 Package Shipping Transportation $28,000 ATM Fees Finance $14,500

Source: Fibre Channel Association

Concepts of System Architectures

Page 12: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

The Stages of Enterprise Information System Architectures:

• Batch – 60s and 70s– SW enabler: programming languages, job control– Business motivation: automate clerical tasks

• On-line transaction processing – 80s– SW enabler: networking, databases, transaction monitors– Business motivation: automate the front office

• Integrated systems – 90s– SW enabler: internet standards, middleware, components– Business motivation: opening the business to the web

• Web services – 00s– A possible fourth in the near future– SW enabler: standards for data and services, composability– Business motivation: efficiency, reduce IT costs?

Concepts of System Architectures

Page 13: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: The Flameout Candle Company Existing System:

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File Transfer

File TransferEDI

RPC

Static Documents

Enterprise/Architecture Matchup

Page 14: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Initial thought - Amazon.com wannabe

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server

Enterprise/Architecture Matchup

Source: C. Britton, IT Architectures and Midddleware, Addison-Wesley, 2000.

Page 15: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

But … What about ?

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server Delivery information ?

On-linePayment ?

CollectingCustomerInformation ?

Enterprise/Architecture Matchup

Page 16: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

User issue: What happened to my order ?

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server

Limbo Limbo

Enterprise/Architecture Matchup

Page 17: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

User issue: System lets me order products that don’t exist !

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server

Enterprise/Architecture Matchup

Page 18: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

User issue: They keep sending my stuff to the wrong address !

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server

Enterprise/Architecture Matchup

Page 19: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

…and looking even further ahead

WebServer

OrderProcessing

Marketing andCustomer data

Warehouse

Delivery

Billing

Accounts

Suppliers

File Transfer

File Transfer

File TransferEDI

RPC

Static Documents

WebCommerce

Server One-to-oneMarketing

VoiceInterface

WAPPortals

B2B

Enterprise/Architecture Matchup

Page 20: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

A better architecture for the Flameout enterprise business model:

Enterprise/Architecture Matchup

DatabaseLayer

Business LogicLayer

UI Presentation Layer

Customers:

Web

Voice

WAP

Portals

B2B

Ordering

Delivery

Marketing

Billing

Accounting

Warehousing

Customers

Orders

Accounts

Inventory

Suppliers

Page 21: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architecture and the System Development Life Cycle

Define concept of operations for the enterprise/ business mission and the system requirements

Specification

Architecture

Design

Implementa-tion

Operations

Requirements

Define required system external behavior

(Effective life cycle processes areincremental and iterative)

Define component designs or acquire components

Develop code

Testing

Execute the business mission

Exercise code against specifications

Define components and their connections

(Architecture is the right level for analysis and design of security and survivability)

External behaviorSoftware and dataHardware and network

Page 22: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architectural Styles (Shaw and Garlan: “Common Styles”)

• Dataflow systemsBatch sequentialPipes and filters

• Call-and-return systemsMain program and subroutineOO systemsHierarchical layers

• Independent componentsCommunicating processesEvent systems

• Virtual machinesInterpretersRule-based systems

• Data-centered systemsDatabasesHypertext systemsBlackboards

Page 23: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architectural Styles: Why are They Important?

• An architectural style conveys:

A mental image of a system

A structural template for components and connections

A set of behaviors

A set of constraints

• An architectural style can be instantiated in a variety of contexts

Page 24: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architectural Styles

To understand any architecture, it is critical to know:

For every component:• Who are its users? (people and/or other components)• What do its users expect?• What are its inputs?• Where do they come from?• What are its outputs? • Where do they go to?• What is its transition function?

What software does it run? What does it do to its inputs to produce its outputs?

For every communication link:• What traffic does it carry?• What is the volume of traffic?• What is the distribution of traffic?

Page 25: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: A Data Management SystemStyle: Pipeline, pipes and filters, batch sequential, data flow

Validate Sort Update Report

Source data Report

Architectural Styles

Users

Page 26: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: A compilerStyle: Pipeline, pipes and filters, batch sequential, data flow

LexicalAnalysis

Parsing Semantic Analysis

Code Generation

Severe ErrorHandling

Source code Object

code

Architectural Styles

Users

Page 27: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: An Aircraft Avionics System Style: Bus, message passing

FlightManagement Computer

Bus

Engine ManagementComputer

DisplayManagementComputer

SensorInput

...

DataLink I/O

Pilot

Navigation/GPS Input

...

ActuatorOutput

... ... ...

NavigationComputer

Architectural Styles

Users

Page 28: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: Software Tools System Style: Data-centric, blackboard

Tool 1

Blackboard(project dictionaryand artifacts)

Architectural Styles

Tool 8

Tool 7 Tool 6 Tool 5

Tool 4

Tool 3Tool 2

Users

Users

Users

Users

Users

Users

Users

Users

Page 29: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: Automobile Cruise ControlStyle: Control, feedback

Controller

Architectural Styles

Driver

Active/inactive toggle

Desired speed

Wheel speed

Wheels

Sensor

Engine

Users

Page 30: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: Aircraft Flight SimulatorStyle: Control, feedback

Architectural Styles

EnvironmentDynamic Model

AircraftDynamic Model

Cockpit Display System

VisualCueingSystem

MotionCueing System

AudioCueingSystem

Crew Cockpit Controls

Instructor Station

Users

Instructor

Page 31: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: WWW Client-Server PairStyle: Layered

PresentationManager

Architectural Styles

ExternalViewer

CacheManager

UIManager

ProtocolManager

AccessManager

StreamManager

FileServer

HTTPServer

CommonGatewayInterface

AccessControl

PathResolver

StreamManager

WWW client

WWW server

HTTP

Users

Users

Users

Page 32: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Example: A heterogeneous network (the Internet)Style: All possible subarchitectures, network topology unknown and unknowable, dynamic changes

...

...

......

...

...

...

......

...

...

...

...

...

...

Architectural Styles

...

Page 33: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architectural Styles

Example: A Bank ATM SystemStyle: Hierarchical, client server, layered

ATM ATM ATM ATM... ATM ATM ATM ATM... ATM ATM ATM ATM...

Server Server...

Mainframe

Server

Users

Users

Users

...

Presentation/User Interface Layer

Infrastructure/ CommunicationsLayer

Domain/Enterprise Logic/ Data Layer

Page 34: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architectural Styles

ATM ATM ATM ATM... ATM ATM ATM ATM...

Server Server

Mainframe Mainframe

ATM ATM ATM ATM...

Server Server Server ... Server

Example: A Bank ATM System Style: Hierarchical, client server, layered, with redundant components

Users

Users

...

Page 35: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

PresentationBusiness Rules

Data Access

DBMS

Fat ClientTwo Tiers

Desktop:

Server(s):

PresentationBusiness Rules

Data AccessDBMS

Plump ClientTwo Tiers

Presentation

Thin ClientMulti-tier

Ultra-Thin ClientMulti-tier

Browser

Business RulesData Access

DBMS

Business RulesData Access

DBMS

Architectural Styles

Gartner’s Two-Tier and Multi-Tier Enterprise Architectures:

Page 36: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

1) The communications link2) The protocol

3) Software and applications 4) The API5) A common format for data

6) Security 7) Administration8) Configuration management

Architectural Styles

Putting two nodes together: Lots to consider:

Users Users

Page 37: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architecture Representation

• Informal diagramsBoxes and arrowsGood for quick, high-level communicationImplied semanticsAbstract out details (that are important to understanding)Ineffective as design basis

• Architecture languagesWell-defined semantics and syntaxGenerally difficult to useEffective as design basisEssential where stakes are highExamples: Wright (CMU), Z (University of Oxford)

• AdviceYou will see thousands of box and arrow diagrams in your professional careers. Treat them as useful, but also as “artists conceptions” that lack important information.

Page 38: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Architecture Impact of COTS (Commercial Off The Shelf) Products

• Long historyStarted with environment support

Operating systems, data bases, language processors, …Moving up the food chain

Specialized applications, middleware, network services, ...

• Most architectures today are “assembled” from COTS productsDomain-specific vendorsBend business processes to match software capabilities“Glue code” ties incompatible products together

COTS characteristics:• Ties your system capability and evolution to vendors• Cost savings possible, but risks must be managed• Functionality and security are what vendor says they are

Actual capabilities may differ• Source code usually not available• Knowledge of quality and reliability difficult to acquire• Acceptance testing and configuration management are critical

Page 39: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

Reuse and Product Line Architectures

• ReuseObjective

Make new use of existing components in new environmentsMotivation

Avoid cost of new developmentLeverage previous investments

ProblemsCost of generalizing components for potential reuse Architectural mismatch in reuse

• Product Line ArchitecturesObjective

Generalize architectures and components for future variations

MotivationReduce costs of subsequent product development

ProblemsHow should generalization be done?Will future product variations come to fruition?

Page 40: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

A Bank ATM System: 10 Minute Exercise

For a server node, define:• its users• inputs and their source• outputs and their destination

(Make up your answers based on personal knowledge. 90% of system development is making sure nothing is left out!)

ATM ATM ATM ATM... ATM ATM ATM ATM... ATM ATM ATM ATM...

Server Server...

Mainframe

Server

Users

Users

...

Presentation/User Interface Layer

Infrastructure/ CommunicationsLayer

Domain/Enterprise Logic/ Data Layer

Page 41: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

A Bank ATM System: 10 Minute Exercise

Users:

Outputs Source Inputs Dest.

Page 42: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

System Environment: enterprise architecture, business models, system usage and evolution

SYSTEM ARCHITECTURE

Page 43: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

System Environment: enterprise architecture, business models, system usage and evolution

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 44: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 45: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 46: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 47: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 48: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Best Practices:

Enterprise modeling and requirements specification

Application analysis and design

Data analysis and design

System integration

Network analysis and design

Incremental system development

Processes for Developing

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 49: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Best Practices:

Enterprise modeling and requirements specification

Application analysis and design

Data analysis and design

System integration

Network analysis and design

Incremental system development

Client Environment:

Client relations, people, and culture

Enterprise architectures, business models, workflows, & legacy systems

Functional, non-functional, & usage requirements and constraints

Processes for Developing

Goals for Developing

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 50: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Best Practices:

Enterprise modeling and requirements specification

Application analysis and design

Data analysis and design

System integration

Network analysis and design

Incremental system development

Client Environment:

Client relations, people, and culture

Enterprise architectures, business models, workflows, & legacy systems

Functional, non-functional, & usage requirements and constraints

Processes for Developing

Goals for Developing

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

Marketplace Environment:

Partners and alliances

COTS and component products

Service and consultation offerings

User groups and standards

Parts for Developing

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 51: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Best Practices:

Enterprise modeling and requirements specification

Application analysis and design

Data analysis and design

System integration

Network analysis and design

Incremental system development

Domain Architectures:

EAI architectures

E-commerce architectures

Directory architectures

System management architectures

Middleware architectures

Industry standard architectures

Client Environment:

Client relations, people, and culture

Enterprise architectures, business models, workflows, & legacy systems

Functional, non-functional, & usage requirements and constraints

Processes for Developing

Framework for Developing

Goals for Developing

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

Marketplace Environment:

Partners and alliances

COTS and component products

Service and consultation offerings

User groups and standards

Parts for Developing

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE

Page 52: Instructors: Rick Linger 301-926-4858 Tom Longstaff412-268-7074 Nancy Mead412-268-5756 CERT Coordination Center Software Engineering Institute Carnegie.

An Architecture Framework

Architecture Best Practices:

Enterprise modeling and requirements specification

Application analysis and design

Data analysis and design

System integration

Network analysis and design

Incremental system development

Enabling Technologies:

Computing & comm. components

Microsoft technologies

JAVA technologies

Web technologies

XML technologies

Security technologies

Architecture patterns

Development methods and tools

Domain Architectures:

EAI architectures

E-commerce architectures

Directory architectures

System management architectures

Middleware architectures

Industry standard architectures

Client Environment:

Client relations, people, and culture

Enterprise architectures, business models, workflows, & legacy systems

Functional, non-functional, & usage requirements and constraints

Processes for Developing

Tools for Developing

Framework for Developing

Goals for Developing

Architecture Fundamentals:

Architecture role and life cycle

Architecture representation and reasoning

Architecture processes and work products

Architecture analysis and design

Architecture modeling and validation

Architecture patterns and properties

COTS evaluation and integration

Ability to Develop

Marketplace Environment:

Partners and alliances

COTS and component products

Service and consultation offerings

User groups and standards

Parts for Developing

System Environment: enterprise architecture, business models, system usage and evolution

External Behavior View (System Specification):

User tasks and workflows

Function and information

Stimulus/response behavior

Data and Software View (Logical Infrastructure):

Middleware and applications

Databases and storage systems

Operating systems

Hardware and Network View (Physical Infrastructure):

Computing hardware: servers, mainframes, PCs,mass storage, …

Networks, wired & wireless: media, devices, topology, protocols

System Requirements: function, and properties of reliability, performance, scalability, security, usability, cost, …

SYSTEM ARCHITECTURE