Month: November 2018

Architectural Tactics and Patterns in Microservices

There is no doubt that microservices are becoming an essential industrial standard to develop complex systems. But, How developers and architects are building this kind of architecture? In ICSE (International Conference on Software Engineering) 2018, we presented a work-in-process article that shows architectural tactics and pattern in microservices reported in academia and industry. We realized that many architectural patterns are re-used knowledge from SOA.

On the other hand, we find poor evidence of architectural tactics in microservices. Architectural tactics are reusable architectural design-time solutions that satisfy quality attributes stimulus. For example, if a system component fails to respond to a particular input, then a possible architectural tactic to detect this fault is a heartbeat.

We are planning to investigate how these two areas impact the microservices research. We already published results in conferences like CibSE and journal like IEEE Latin America Transactions.

Security Tactics Selection Poker (TaSPeR)

Today, facing security issues in organizations is a crucial task to achieve business success. There are different procedures, techniques, methodologies, and others; proposed by academia and industry that answer the “big” question: how to make my organization less vulnerable to security attacks?

Avoid completely the vulnerabilities is (almost) impossible, especially if the most security leaks come from stakeholders. For this reason, we propose TaSPeR, a card game-based technique and consensus-building technique (based on Planning Poker) that allows development team members to identify, argue for, and choose among architectural security tactics according to objectives and priorities. We presented this technique in ECSA (12th European Conference on Software Architecture) 2018.

This technique involves the participation of all stakeholders in order to provide ideas and feedback about what they think about security. Our research establishes that including stakeholders in the security design of crucial software systems may provide other points of views that experts in security did not consider (at first glance). We tested this technique using subjects with different profiles (students, practitioners, and security experts) getting interesting results in the security decision-making.

Finally, we provided a more “social” technique aiming to help to face one of the most important and critical challenges in the industry, cyber-security.

A pattern​ language for scalable microservices-based systems

In our article presented in ECSA (12th European Conference on Software Architecture) 2018, we show a pattern language for scalable microservices-based systems. This research is focused on organizing the existing design patterns for scalability of microservice-based systems. The following figure represents our pattern language:

Screen Shot 2018-11-04 at 11.41.16 PM

The main idea to create this pattern language is to understand how architectural patterns satisfy the scalability dimensions. We realized that communication and services are the most significant components related to scalability.

We used out pattern language in a Chilean in a real-time vehicle position capturing project, obtaining encouraging results. As future work, we want to expand this pattern language considering specific design-time solutions (aka architectural tactics) as a part of the language.