Architectural tactics in software architecture: A systematic mapping study

Architectural tactics are a key abstraction of software architecture, and support the systematic design and analysis of software architectures to satisfy quality attributes. Since originally proposed in 2003, architectural tactics have been extended and adapted to address additional quality attributes and newer kinds of systems, making quite hard for researchers and practitioners to master this growing body of specialized knowledge. This paper presents the design, execution and results of a systematic mapping study of architectural tactics in software architecture literature. The study found 552 studies in well-known digital libraries, of which 79 were selected and 12 more were added with snowballing, giving a total of 91 primary studies. Key findings are: (i) little rigor has been used to characterize and define architectural tactics; (ii) most architectural tactics proposed in the literature do not conform to the original definition; and (iii) there is little industrial evidence about the use of architectural tactics. This study organizes and summarizes the scientific literature to date about architectural tactics, identifies research opportunities, and argues for the need of more systematic definition and description of tactics.

This study is published in the Journal of Systems and Software

Detection of COVID-19 Patients Using Machine Learning Techniques: A Nationwide Chilean Study

Epivigila is a Chilean integrated epidemiological surveillance system with more than 17,000,000 Chilean patient records, making it an essential and unique source of information for the quantitative and qualitative analysis of the COVID-19 pandemic in Chile. Nevertheless, given the extensive volume of data controlled by Epivigila, it is difficult for health professionals to classify vast volumes of data to determine which symptoms and comorbidities are related to infected patients. This paper aims to compare machine learning techniques (such as support-vector machine, decision tree and random forest techniques) to determine whether a patient has COVID-19 or not based on the symptoms and comorbidities reported by Epivigila. From the group of patients with COVID-19, we selected a sample of 10% confirmed patients to execute and evaluate the techniques. We used precision, recall, accuracy, F1 -score, and AUC to compare the techniques. The results suggest that the support-vector machine performs better than decision tree and random forest regarding the recall, accuracy, F1 -score, and AUC. Machine learning techniques help process and classify large volumes of data more efficiently and effectively, speeding up healthcare decision making.

This study is published in the International Journal of Environmental Research and Public Health.

Using Low-Resolution Non-Invasive Infrared Sensors to Classify Activities and Falls in Older Adults

The population is aging worldwide, creating new challenges to the quality of life of older adults and their families. Falls are an increasing, but not inevitable, threat to older adults. Information technologies provide several solutions to address falls, but smart homes and the most available solutions require expensive and invasive infrastructures. In this study, we propose a novel approach to classify and detect falls of older adults in their homes through low-resolution infrared sensors that are affordable, non-intrusive, do not disturb privacy, and are more acceptable to older adults. Using data collected between 2019 and 2020 with the eHomeseniors platform, we determine activity scores of older adults moving across two rooms in a house and represent an older adult fall through skeletonization. We find that our twofold approach effectively detects activity patterns and precisely identifies falls. Our study provides insights to physicians about the daily activities of their older adults and could potentially help them make decisions in case of abnormal behavior.

This study was published in the journal Sensor (MDPI) and is freely available to the public.

Standards, Processes, and Tools Used to Evaluate the Quality of Health Information Systems: Systematic Literature Review

Evaluating health information system (HIS) quality is strategically advantageous for improving the quality of patient care. Nevertheless, few systematic studies have reported what methods, such as standards, processes, and tools, were proposed to evaluate HIS quality. This study aimed to identify and discuss the existing literature that describes standards, processes, and tools used to evaluate HIS quality. We conducted a systematic literature review using review guidelines focused on software and systems. We examined seven electronic databases—Scopus, ACM (Association for Computing Machinery), ScienceDirect, Google Scholar, IEEE Xplore, Web of Science, and PubMed—to search for and select primary studies. Out of 782 papers, we identified 17 (2.2%) primary studies. We found that most of the primary studies addressed quality evaluation from a management perspective. On the other hand, there was little explicit and pragmatic evidence on the processes and tools that allowed for the evaluation of HIS quality. To promote quality evaluation of HISs, it is necessary to define mechanisms and methods that operationalize the standards in HISs. Additionally, it is necessary to create metrics that measure the quality of the most critical components and processes of HISs.

This paper was published in the Journal of Medical Internet Research.

Decision Models for Selecting Patterns and Strategies in Microservices Systems and their Evaluation by Practitioners

Researchers and practitioners have recently proposed many Microservices Architecture (MSA) patterns and strategies covering various aspects of microservices system life cycle, such as service design and security. However, selecting and implementing these patterns and strategies can entail various challenges for microservices practitioners. To this end, this study proposes decision models for selecting patterns and strategies covering four MSA design areas: application decomposition into microservices, microservices security, microservices communication, and service discovery. We used peer-reviewed and grey literature to identify the patterns, strategies, and quality attributes for creating these decision models. To evaluate the familiarity, understandability, completeness, and usefulness of the decision models, we conducted semi-structured interviews with 24 microservices practitioners from 12 countries across five continents. Our evaluation results show that the practitioners found the decision models as an effective guide to select microservices patterns and strategies.

This research was accepted at the 44th International Conference on Software Engineering (ICSE) – Software Engineering in Practice (SEIP) track.

A Decision Model for Selecting Patterns and Strategies to Decompose Applications into Microservices

Microservices Architecture (MSA) style is a promising design approach to develop software applications consisting of multiple small and independently deployable services. Over the past few years, researchers and practitioners have proposed many MSA patterns and strategies covering various aspects of microservices design, such as application decomposition. However, selecting appropriate patterns and strategies can entail various challenges for practitioners. To this end, this study proposes a decision model for selecting patterns and strategies to decompose applications into microservices. We used peer-reviewed and grey literature to collect the patterns, strategies, and quality attributes for creating this decision model.

This paper was co-authored with Muhammad Waseem, Peng Liang, Mojtaba Sahin, Arif Ali Khan and Aakash Ahmad. The paper will be presented at the International Conference on Service Oriented Computing (ICSOC 2021)

Design, Monitoring, and Testing of Microservices Systems: The Practitioners’ Perspective

We conducted a mixed-methods study with 106 survey responses and 6 interviews from microservices practitioners. The main findings are: (1) a combination of domain-driven design and business capability is the most used strategy to decompose an application into microservices, (2) over half of the participants used architecture evaluation and architecture implementation when designing microservices systems, (3) API gateway and Backend for frontend patterns are the most used MSA patterns, (4) resource usage and load balancing as monitoring metrics, log management and exception tracking as monitoring practices are widely used, (5) unit and end- to-end testing are the most used testing strategies, and (6) the complexity of microservices systems poses challenges for their design, monitoring, and testing, for which there are no dedicated solutions.

This study will be published in the Journal of Systems and Software. Pre-print available here

Evaluating Dissemination and Implementation Strategies to Develop Clinical Software

We know that building software presents several challenges. But, in healthcare, these challenges can be increased by the complexity of clinical processes. In an article presented at SEH@ICSE, we presented a study exploring the opinions of clinicians regarding clinical software. This software was built using a methodology that involves stakeholders and clinicians along with implementation and dissemination strategies used in healthcare. These strategies were key to engaging clinicians in software development. The results obtained indicate that the software studied has a high acceptance by clinicians because it operationalizes the clinical activities demanded by clinicians in a timely and seamless manner in clinical processes.

Security in Microservice-Based Systems: A Multivocal Literature Review

In this study we described the design and results of a systematic multivocal literature mapping of the security solutions that have been proposed for microservice-based systems. The study yielded 370 academic articles and 620 grey literature; duplicates removal and the application of exclusion criteria left 36 from the academic literature and 34 from the grey literature. The security solution(s) proposed in each article were classified into variations of standard security mechanisms (e.g., Access Control) and scopes (Info Management, Threat Modeling, etc), and were associated to security contexts (detect, mitigate/stop, react, recover from attack). Our research questions addressed frequency of publications, research methodologies, security mechanisms, and security contexts. Key findings were that (1) both kinds of literature differ in their preferred empirical research strategies (examples, experiments and case studies); (2) The solutions proposed in the 70 selected articles correspond to 15 classifications of security mechanisms and analyses; (3) the most mentioned security mechanisms are Authentication and Authorization; (4) around 2/3 of solutions focused on Mitigate/Stop attacks, but none on reacting and recovering from them, and (5) the methodologies used are mostly block diagrams and code, with little use of models or analysis. These findings hold for both grey and academic literature. This study is a first step towards providing secure software researchers and practitioners a comprehensive catalog of security solutions and mechanisms, and where the clear identification of the most used security solutions will simplify their reuse to address security problems while designing microservice-based systems.

This study is published in the Computer & Security journal

Involving stakeholders in the design and development of microservice architectures

We know that microservice-based systems promote agility and rapid business development. Some features, such as fast time-to-market, scalability and optimal response times, have encouraged stakeholders to get more involved in the development and implementation of microservices architectures in order to translate their business vision into the implementation of the architecture. We realized some techniques allow the inclusion of the stakeholders’ perspective in the design of microservice architectures, few proposals consider such perspectives in the selection and evaluation of technologies that implement microservice architectures. Indeed, the qualities that characterize microservice-based systems strongly depend on the suitable selection of technologies, such as application frameworks and platforms. We have proposed a collaborative technique that includes stakeholders and software architects to select and evaluate application frameworks and platforms to implement microservice-based systems. We evaluated the technique in an industrial case of design and implementation of an Ambient-Assisted Living (AAL) system, which combines microservice architecture and Internet-of-Medical-Things (IoMT) sensors.

This work has been published in the IEEE Access journal