Download System design: addressing design goals

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
Document related concepts

Concurrency control wikipedia , lookup

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

Transcript 
Using UML, Patterns, and Java
Object-Oriented Software Engineering
Chapter 7
Addressing Design Goals
Overview
System Design I
0. Overview of System Design
1. Design Goals
2. Subsystem Decomposition
3. Refine the subsystem decomposition until all design goals are
addressed.
System Design II
3. Concurrency
4. Hardware/Software Mapping
5. Persistent Data Management
6. Global Resource Handling and Access Control
7. Software Control
8. Boundary Conditions
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
2
Redundancy in the Space Shuttle computer system
♦
1)
Unlike previous spacecraft,
the space shuttle was designed to be autonomous.
the multiple missions be longer and crews larger than on
previous Apollo missions.
the mission of this shuttle needs to tolerate before abort.
many redundant features including a fault-tolerant computer
system responsible for guidance, navigation, and altitude
control
The Saturn rocket (for launching the Apollo spacecraft) used triple
modular redundancy for guidance system
- three components
- the failure of a single component was detected when it produced a
different output than the other two.
for example, it would not have survived a massive failure, such as, the
exposition on Apollo 13.
Bernd Bruegge & Allen H. Dutoit
♦
Object-Oriented Software Engineering: Using UML, Patterns, and Java
3
The Skylab Space station took a different approach:
- the computer systems are duplicated and located at different
ends of the station.
- when one computer failed, the other will be switched on take
over.
- whereas a slow switch-over for a space station, (i.e., the space
station could loose some altitude before safety), it would not
acceptable for the space shuttle, whose computer system was
responsible for high-frequency tasks such as guidance during
take-off and landing.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
4
♦
The initial requirements By NASA, the Shuttle should be able
to expensive two consecutive failures before the mission was
aborted.
- Five identical computers running the same software,
if two individual computers failed, the last three would
constitute a triple redundancy system for landing.
if the third one failed, the last two would be enough to ensure
a safe landing.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
5
** Due to cost consideration, NASE later decided to lower its
requirement to one failure before mission abort.
- Five computers, But fifth computer for a back-up system.
- While the quadruple redundancy against H/W failure, it does
not increase reliability against software faults, as all four
computers run the same software.
However, the back-up system runs a simpler version of the
software that is only able to guide the shuttle during take-off
and landing.
How architectural decisions were made during the design of a complex computer system.
Î Driven by design goals and nonfunctional requirements.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
6
The activities of system design
that address the design goals.
Define
design goals
Define
subsystems
Implement
subsystems
Map subsystems
to hardware/
software platform
Manage
persistent data
Define access
control policies
Select a
global
control flow
Describe boundary
conditions
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
7
UML Deployment Diagram
♦
♦
♦
♦
Used to depict the relationship among run-time components
and hardware nodes.
Components are self-contained entities that provide services to
other components or actors.
Deployment Diagram focuses on the allocation of components
to different hardware nodes and provides a high-level view of
each component.
Components includes information about interfaces they provide
and the classes they contain.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
8
A UML deployment diagram representing the
allocation of components to different nodes and the
dependencies among components.
myMac:Mac
:UnixHost
dependency
:Safari
Component
:WebServer
:UnixHost
aPC:PC
:Database
:IExplorer
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
9
Refined view of the WebServer component.
WebServer
GET
URL
POST
DBQuery
HttpRequest
Classes
Bernd Bruegge & Allen H. Dutoit
File
DBResult
Object-Oriented Software Engineering: Using UML, Patterns, and Java
Interfaces
10
7.4 System Design Activities: Addressing Design Goals
♦
These activities needed to ensure that subsystem decomposition
addresses all the nonfunctional requirements and any
constraints during implementation phase.
[Section 6.4] for MyTrip
-Already identify Design Goals
- designed an initial subsystem decomposition.
♦ Refine The subsystem decomposition by
1) Mapping Subsystem to Processors and Components (7.4.1)
2) Identifying and Storing Persistent Data (7.4.2)
3) Providing Access Control (7.4.3)
4) Designing the Global Control Flow (7.4.4)
5) Reviewing the System Design Model (7.4.6)
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
11
Analysis Model for the Mytrip route planning and execution
PlanningService
RouteAssistant
Trip
Location
Direction
Crossing
Destination
Segment
Crossing: A Crossing is a geographical point where several Segments meet.
Destination: A Destination represents a location where the driver wishes to go.
Direction: Given a Crossing and an adjacent Segment, a Direction describes in
natural language how to steer the car onto the given Segment.
Location: A Location is the position of the car as known by the onboard GPS system
the number of turns of the wheels.
PlanningService: A PlanningService is a Web server that can supply a trip, linking a
number of destinations in the form of a sequence of Crossings and Segments.
RouteAssistant: A RouteAssistant givens Directions to the driver, given the current
Location and upcoming Crossing.
Segment: A Segment represents the road between two Crossings.
Trip:
A Trip is a sequence of Directions between two Destinations.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
12
Nonfunctional requirements for Myrip
1) MyTrip is in contact with the PlanningService via a wireless
modem. Assume that the wireless modem functions properly at
the initial destination.
2) Once the trip has been started. Mytrip should give a correct
directions even if modem fails to maintain a connection with
the PlanningService.
3) MyTrip should minimize connection time to reduce operation
costs.
4) Replanning is possible only if the connection to the
PlanningService is possible.
5) The PlanningService can support at least 50 different drivers
and 1,000trips.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
13
Design goals for Myrip
♦
♦
♦
♦
♦
Reliability: MyTrip should be reliable [generalization of NFR
2]
Fault Tolerance: Mytrip should give fault tolerant to loss of
connectivity with routing service [rephrased NFR 2]
Security: MyTrip should be se
cure,i.e., not allow other drivers or nonauthorized uses to
access a driver’s trips [deduced from application domain]
Modifiability: MyTrip should be modifiable to use different
routing services [anticipation of change by developers]
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
14
Mapping Subsystem to Hardware and Components
♦
Selecting a hardware configuration and a platform
♦
Allocation objects and subsystem to Hardware Nodes
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
15
Allocation of MyTrip subsystems to hardware.
The Web browsers,
safari, and Internet explorers
as a virtual machine
:OnBoardComputer
a Unix system as a virtual machine
:WebServer
RoutingSubsystem
PlanningSubsystem
(RouingSbusystem runs on the OnBoardComputer;
PlanningSubsystem runs on a WebServer.)
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
16
Revised design model for MyTrip.
PlanningSubsystem
RoutingSubsystem
RouteAssistant
PlanningService
Trip
Location
TripProxy
Destination
Direction
Crossing
SegmentProxy
Segment
Add new classes
CommunicationSubsystem
Message
Connection
Bernd Bruegge & Allen H. Dutoit
Add New subsystem
for managing
the communication
between them
Object-Oriented Software Engineering: Using UML, Patterns, and Java
17
4. Hardware Software Mapping
♦
This activity addresses two questions:
Š How shall we realize the subsystems: Hardware or Software?
Š How is the object model mapped on the chosen hardware &
software?


♦
Mapping Objects onto Reality: Processor, Memory, Input/Output
Mapping Associations onto Reality: Connectivity
Much of the difficulty of designing a system comes from
meeting externally-imposed hardware and software constraints.
Š Certain tasks have to be at specific locations
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
18
Mapping the Objects
♦
Processor issues:
Š Is the computation rate too demanding for a single processor?
Š Can we get a speedup by distributing tasks across several
processors?
Š How many processors are required to maintain steady state load?
♦
Memory issues:
Š Is there enough memory to buffer bursts of requests?
♦
I/O issues:
Š Do you need an extra piece of hardware to handle the data
generation rate?
Š Does the response time exceed the available communication
bandwidth between subsystems or a task and a piece of hardware?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
19
Mapping the Subsystems Associations: Connectivity
♦
Describe the physical connectivity of the hardware
Š Often the physical layer in ISO’s OSI Reference Model


♦
Which associations in the object model are mapped to physical
connections?
Which of the client-supplier relationships in the analysis/design model
correspond to physical connections?
Describe the logical connectivity (subsystem associations)
Š Identify associations that do not directly map into physical
connections:
 How should these associations be implemented?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
20
Typical Informal Example of a Connectivity Drawing
Application
Client
Application
Client
Physical
Connectivity
Application
Client
TCP/IP
Ethernet
LAN
Logical
Connectivity
Communication
Agent for
Application Clients
Communication
Agent for
Application Clients
LAN
Communication
Agent for Data
Server
Backbone Network
Communication
Agent for Data
Server
Bernd Bruegge & Allen H. Dutoit
OODBMS
Global
Data
Server
LAN
Local Data
Server
Global
Data
Server
RDBMS
Global Data
Server
Object-Oriented Software Engineering: Using UML, Patterns, and Java
21
Logical vs Physical Connectivity and the relationship
to Subsystem Layering
Application Layer
Application Layer
Presentation Layer
Presentation Layer
Session Layer
Transport Layer
Session Layer
Bidirectional associations for each layer
Transport Layer
Network Layer
Network Layer
Data Link Layer
Data Link Layer
Physical Layer
Physical Layer
Processor 1
Processor 2
Bernd Bruegge & Allen H. Dutoit
Logical
Connectivity
Layers
Object-Oriented Software Engineering: Using UML, Patterns, and Java
Physical
Connectivity
22
Subsystem 1
Subsystem 2
Layer 1
Layer 2
Layer 1
Layer 3
Layer 2
Layer 4
Layer 3
Application Layer
Application Layer
Presentation Layer
Presentation Layer
Session Layer
Session Layer
Transport Layer
Bidirectional associations for each layer
Transport Layer
Network Layer
Network Layer
Data Link Layer
Data Link Layer
Hardware
Hardware
Processor 1
Bernd Bruegge & Allen H. Dutoit
Processor 2
Object-Oriented Software Engineering: Using UML, Patterns, and Java
23
Hardware/Software Mapping Questions
♦
What is the connectivity among physical units?
Š Tree, star, matrix, ring
♦
What is the appropriate communication protocol between the
subsystems?
Š Function of required bandwidth, latency and desired reliability,
desired quality of service (QOS)
♦
♦
Is certain functionality already available in hardware?
Do certain tasks require specific locations to control the
hardware or to permit concurrent operation?
Š Often true for embedded systems
♦
General system performance question:
Š What is the desired response time?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
24
Connectivity in Distributed Systems
♦
♦
If the architecture is distributed, we need to describe the network
architecture (communication subsystem) as well.
Questions to ask
Š What are the transmission media? (Ethernet, Wireless)
Š What is the Quality of Service (QOS)? What kind of communication
protocols can be used?
Š Should the interaction asynchronous, synchronous or blocking?
Š What are the available bandwidth requirements between the
subsystems?


Stock Price Change -> Broker
Icy Road Detector -> ABS System
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
25
Drawing Hardware/Software Mappings in UML
♦
System design must model static and dynamic structures:
Š Component Diagrams for static structures

show the structure at design time or compilation time
Š Deployment Diagram for dynamic structures

♦
show the structure of the run-time system
Note the lifetime of components
Š Some exist only at design time
Š Others exist only until compile time
Š Some exist at link or runtime
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
26
Identifying and Storing Persistent Objects
♦
Identifying persistent objects
♦
Selecting a Storage a management strategy
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
27
Subsystem decomposition of MyTrip after deciding on
the issue of data stores.
RoutingSubsystem
PlanningSubsystem
CommunicationSubsystem
TripFileStoreSubsystem
MapDBStoreSubsystem
TripFileStoreSubsystem: responsible for storing trips in files on the onboard computer.
because this functionality is only used for storing trips when the car shuts down,
this subsystem only supports the fast storage and loading of the whole trips.
MapDBStoreSubsystem: responsible for storing maps and trips in database for
the PlanningSubsystem. This subsystem supports multiple concurrent Drivers and
Planning agents
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
28
5. Data Management
♦
Some objects in the models need to be persistent
Š Provide clean separation points between subsystems with welldefined interfaces.
♦
A persistent object can be realized with one of the following
Š Data structure

If the data can be volatile
Š Files



Cheap, simple, permanent storage
Low level (Read, Write)
Applications must add code to provide suitable level of abstraction
Š Database


Powerful, easy to port
Supports multiple writers and readers
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
29
File or Database?
♦
When should you choose a file?
Š
Š
Š
Š
♦
Are the data voluminous (bit maps)?
Do you have lots of raw data (core dump, event trace)?
Do you need to keep the data only for a short time?
Is the information density low (archival files,history logs)?
When should you choose a database?
Š Do the data require access at fine levels of details by multiple users?
Š Must the data be ported across multiple platforms (heterogeneous
systems)?
Š Do multiple application programs access the data?
Š Does the data management require a lot of infrastructure?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
30
Database Management System
♦
♦
♦
Contains mechanisms for describing data, managing persistent
storage and for providing a backup mechanism
Provides concurrent access to the stored data
Contains information about the data (“meta-data”), also called
data schema.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
31
Issues To Consider When Selecting a Database
♦
Storage space
Š Database require about triple the storage space of actual data
♦
Response time
Š Mode databases are I/O or communication bound (distributed databases).
Response time is also affected by CPU time, locking contention and delays
from frequent screen displays
♦
Locking modes
Š Pessimistic locking: Lock before accessing object and release when object
access is complete
Š Optimistic locking: Reads and writes may freely occur (high concurrency!)
When activity has been completed, database checks if contention has
occurred. If yes, all work has been lost.
♦
Administration
Š Large databases require specially trained support staff to set up security
policies, manage the disk space, prepare backups, monitor performance,
adjust tuning.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
32
Object-Oriented Databases
♦
Support all fundamental object modeling concepts
Š Classes, Attributes, Methods, Associations, Inheritance
♦
Mapping an object model to an OO-database
Š
Š
Š
Š
Determine which objects are persistent.
Perform normal requirement analysis and object design
Create single attribute indices to reduce performance bottlenecks
Do the mapping (specific to commercially available product).
Example:

In ObjectStore, implement classes and associations by preparing C++
declarations for each class and each association in the object model
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
33
Relational Databases
♦
♦
Based on relational algebra
Data is presented as 2-dimensional tables. Tables have a
specific number of columns and and arbitrary numbers of rows
Š Primary key: Combination of attributes that uniquely identify a
row in a table. Each table should have only one primary key
Š Foreign key: Reference to a primary key in another table
♦
♦
SQL is the standard language defining and manipulating tables.
Leading commercial databases support constraints.
Š Referential integrity, for example, means that references to entries
in other tables actually exist.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
34
Data Management Questions
♦
♦
♦
♦
♦
♦
♦
♦
♦
♦
Should the data be distributed?
Should the database be extensible?
How often is the database accessed?
What is the expected request (query) rate? In the worst case?
What is the size of typical and worst case requests?
Do the data need to be archived?
Does the system design try to hide the location of the databases
(location transparency)?
Is there a need for a single interface to access the data?
What is the query format?
Should the database be relational or object-oriented?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
35
3. Concurrency
♦
♦
Identify concurrent threads and address concurrency issues.
Design goal: response time, performance.
♦
Threads
Š A thread of control is a path through a set of state diagrams on
which a single object is active at a time.
Š A thread remains within a state diagram until an object sends an
event to another object and waits for another event
Š Thread splitting: Object does a nonblocking send of an event.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
36
Providing Access Control
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
37
Defining Access Control
♦
In multi-user systems different actors have access to different
functionality and data.
Š During analysis we model these different accesses by associating
different use cases with different actors.
Š During system design we model these different accesses by examing
the object model by determining which objects are shared among actors.

Depending on the security requirements of the system, we also define how
actors are authenticated to the system and how selected data in the system
should be encrypted.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
38
Access Matrix
♦
We model access on classes with an access matrix.
Š The rows of the matrix represents the actors of the system
Š The column represent classes whose access we want to control.
♦
Access Right: An entry in the access matrix. It lists the
operations that can be executed on instances of the class by the
actor.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
39
Access Matrix Implementations
♦
Global access table: Represents explicitly every cell in the
matrix as a (actor,class, operation) tuple.
Š Determining if an actor has access to a specific object requires
looking up the corresponding tuple. If no such tuple is found, access
is denied.
♦
Access control list associates a list of (actor,operation) pairs
with each class to be accessed.
Š Every time an object is accessed, its access list is checked for the
corresponding actor and operation.
Š Example: guest list for a party.
♦
A capability associates a (class,operation) pair with an actor.
Š A capability provides an actor to gain control access to an object of
the class described in the capability.
Š Example: An invitation card for a party.
♦
Which is the right implementation?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
40
Global Resource Questions
♦
♦
Does the system need authentication?
If yes, what is the authentication scheme?
Š User name and password? Access control list
Š Tickets? Capability-based
♦
♦
♦
What is the user interface for authentication?
Does the system need a network-wide name server?
How is a service known to the rest of the system?
Š At runtime? At compile time?
Š By port?
Š By name?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
41
7. Decide on Software Control
Choose implicit control (non-procedural, declarative languages)
Š Rule-based systems
Š Logic programming
Choose explicit control (procedural languages): Centralized or
decentralized
Centralized control: Procedure-driven or event-driven
♦ Procedure-driven control
Š Control resides within program code. Example: Main program
calling procedures of subsystems.
Š Simple, easy to build, hard to maintain (high recompilation costs)
♦
Event-driven control
Š Control resides within a dispatcher calling functions via callbacks.
Š Very flexible, good for the design of graphical user interfaces, easy
to extend
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
42
Concurrency (continued)
♦
Two objects are inherently concurrent if they can receive
events at the same time without interacting
♦
Inherently concurrent objects should be assigned to different
threads of control
♦
Objects with mutual exclusive activity should be folded into a
single thread of control (Why?)
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
43
Concurrency Questions
♦
♦
♦
♦
Which objects of the object model are independent?
What kinds of threads of control are identifiable?
Does the system provide access to multiple users?
Can a single request to the system be decomposed into multiple
requests? Can these requests be handled in parallel?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
44
Implementing Concurrency
♦
Concurrent systems can be implemented on any system that
provides
Š physical concurrency (hardware)
or
Š logical concurrency (software): Scheduling problem
(Operating systems)
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
45
Designing Global Control Flow
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
46
Global Resource Questions
♦
♦
Does the system need authentication?
If yes, what is the authentication scheme?
Š User name and password? Access control list
Š Tickets? Capability-based
♦
♦
♦
What is the user interface for authentication?
Does the system need a network-wide name server?
How is a service known to the rest of the system?
Š At runtime? At compile time?
Š By port?
Š By name?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
47
7. Decide on Software Control
Choose implicit control (non-procedural, declarative languages)
Š Rule-based systems
Š Logic programming
Choose explicit control (procedural languages): Centralized or
decentralized
Centralized control: Procedure-driven or event-driven
♦ Procedure-driven control
Š Control resides within program code. Example: Main program
calling procedures of subsystems.
Š Simple, easy to build, hard to maintain (high recompilation costs)
♦
Event-driven control
Š Control resides within a dispatcher calling functions via callbacks.
Š Very flexible, good for the design of graphical user interfaces, easy
to extend
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
48
Event-Driven Control Example: MVC
♦
Model-View-Controller Paradigm (Adele Goldberg, Smalltalk
80)
:Control
Update
Model has changed
Update
:Model
Bernd Bruegge & Allen H. Dutoit
:View
Update
:View
:View
Object-Oriented Software Engineering: Using UML, Patterns, and Java
49
Software Control (continued)
♦
Decentralized control
Š Control resides in several independent objects.
Š Possible speedup by mapping the objects on different processors,
increased communication overhead.
Š Example: Message based system.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
50
Centralized vs. Decentralized Designs
♦
Should you use a centralized or decentralized design?
Š Take the sequence diagrams and control objects from the analysis
model
Š Check the participation of the control objects in the sequence
diagrams


♦
If sequence diagram looks more like a fork: Centralized design
The sequence diagram looks more like a stair: Decentralized design
Centralized Design
Š One control object or subsystem ("spider") controls everything


♦
Pro: Change in the control structure is very easy
Con: The single conctrol ojbect is a possible performance bottleneck
Decentralized Design
Š Not a single object is in control, control is distributed, That means,
there is more than one control object


Con: The responsibility is spread out
Pro: Fits nicely into object-oriented development
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
51
Identifying Boundary Conditions
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
52
8. Boundary Conditions
♦
♦
Most of the system design effort is concerned with steady-state
behavior.
However, the system design phase must also address the
initiation and finalization of the system. This is addressed by a
set of new uses cases called administration use cases
Š Initialization

Describes how the system is brought from an non initialized state to
steady-state ("startup use cases”).
Š Termination

Describes what resources are cleaned up and which systems are
notified upon termination ("termination use cases").
Š Failure


Many possible causes: Bugs, errors, external problems (power supply).
Good system design foresees fatal failures (“failure use cases”).
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
53
Example: Administrative Use cases for MyTrip
♦
♦
♦
Administration use cases for MyTrip (UML use case diagram).
An additional subsystems that was found during system design
is the server. For this new subsystem we need to define use
cases.
ManageServer includes all the functions necessary to start
up and shutdown the server.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
54
ManageServer Use Case
<<include>>
StartServer
<<include>>
PlanningService
Administrator
ManageServer
ShutdownServer
<<include>>
ConfigureServer
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
55
Boundary Condition Questions
♦
8.1 Initialization
Š How does the system start up?
 What data need to be accessed at startup time?
 What services have to registered?
Š What does the user interface do at start up time?
 How does it present itself to the user?
♦
8.2 Termination
Š Are single subsystems allowed to terminate?
Š Are other subsystems notified if a single subsystem terminates?
Š How are local updates communicated to the database?
♦
8.3 Failure
Š How does the system behave when a node or communication link fails? Are
there backup communication links?
Š How does the system recover from failure? Is this different from initialization?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
56
Modeling Boundary Conditions
♦
♦
♦
Boundary conditions are best modeled as use cases with actors
and objects.
Actor: often the system administrator
Interesting use cases:
Š
Š
Š
Š
♦
Start up of a subsystem
Start up of the full system
Termination of a subsystem
Error in a subystem or component, failure of a subsystem or
component
Task:
Š Model the startup of the ARENA system as a set of use cases.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
57
4. Hardware Software Mapping
♦
This activity addresses two questions:
Š How shall we realize the subsystems: Hardware or Software?
Š How is the object model mapped on the chosen hardware &
software?


♦
Mapping Objects onto Reality: Processor, Memory, Input/Output
Mapping Associations onto Reality: Connectivity
Much of the difficulty of designing a system comes from
meeting externally-imposed hardware and software constraints.
Š Certain tasks have to be at specific locations
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
58
Mapping the Objects
♦
Processor issues:
Š Is the computation rate too demanding for a single processor?
Š Can we get a speedup by distributing tasks across several
processors?
Š How many processors are required to maintain steady state load?
♦
Memory issues:
Š Is there enough memory to buffer bursts of requests?
♦
I/O issues:
Š Do you need an extra piece of hardware to handle the data
generation rate?
Š Does the response time exceed the available communication
bandwidth between subsystems or a task and a piece of hardware?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
59
Mapping the Subsystems Associations: Connectivity
♦
Describe the physical connectivity of the hardware
Š Often the physical layer in ISO’s OSI Reference Model


♦
Which associations in the object model are mapped to physical
connections?
Which of the client-supplier relationships in the analysis/design model
correspond to physical connections?
Describe the logical connectivity (subsystem associations)
Š Identify associations that do not directly map into physical
connections:
 How should these associations be implemented?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
60
Typical Informal Example of a Connectivity Drawing
Application
Client
Application
Client
Physical
Connectivity
Application
Client
TCP/IP
Ethernet
LAN
Logical
Connectivity
Communication
Agent for
Application Clients
Communication
Agent for
Application Clients
LAN
Communication
Agent for Data
Server
Backbone Network
Communication
Agent for Data
Server
Bernd Bruegge & Allen H. Dutoit
OODBMS
Global
Data
Server
LAN
Local Data
Server
Global
Data
Server
RDBMS
Global Data
Server
Object-Oriented Software Engineering: Using UML, Patterns, and Java
61
Logical vs Physical Connectivity and the relationship
to Subsystem Layering
Application Layer
Application Layer
Presentation Layer
Presentation Layer
Session Layer
Transport Layer
Session Layer
Bidirectional associations for each layer
Transport Layer
Network Layer
Network Layer
Data Link Layer
Data Link Layer
Physical Layer
Physical Layer
Processor 1
Processor 2
Bernd Bruegge & Allen H. Dutoit
Logical
Connectivity
Layers
Object-Oriented Software Engineering: Using UML, Patterns, and Java
Physical
Connectivity
62
Subsystem 1
Subsystem 2
Layer 1
Layer 2
Layer 1
Layer 3
Layer 2
Layer 4
Layer 3
Application Layer
Application Layer
Presentation Layer
Presentation Layer
Session Layer
Session Layer
Transport Layer
Bidirectional associations for each layer
Transport Layer
Network Layer
Network Layer
Data Link Layer
Data Link Layer
Hardware
Hardware
Processor 1
Bernd Bruegge & Allen H. Dutoit
Processor 2
Object-Oriented Software Engineering: Using UML, Patterns, and Java
63
Hardware/Software Mapping Questions
♦
What is the connectivity among physical units?
Š Tree, star, matrix, ring
♦
What is the appropriate communication protocol between the
subsystems?
Š Function of required bandwidth, latency and desired reliability,
desired quality of service (QOS)
♦
♦
Is certain functionality already available in hardware?
Do certain tasks require specific locations to control the
hardware or to permit concurrent operation?
Š Often true for embedded systems
♦
General system performance question:
Š What is the desired response time?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
64
Connectivity in Distributed Systems
♦
♦
If the architecture is distributed, we need to describe the network
architecture (communication subsystem) as well.
Questions to ask
Š What are the transmission media? (Ethernet, Wireless)
Š What is the Quality of Service (QOS)? What kind of communication
protocols can be used?
Š Should the interaction asynchronous, synchronous or blocking?
Š What are the available bandwidth requirements between the
subsystems?


Stock Price Change -> Broker
Icy Road Detector -> ABS System
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
65
Drawing Hardware/Software Mappings in UML
♦
System design must model static and dynamic structures:
Š Component Diagrams for static structures

show the structure at design time or compilation time
Š Deployment Diagram for dynamic structures

♦
show the structure of the run-time system
Note the lifetime of components
Š Some exist only at design time
Š Others exist only until compile time
Š Some exist at link or runtime
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
66
Component Diagram
♦
Component Diagram
Š A graph of components connected by dependency relationships.
Š Shows the dependencies among software components

♦
source code, linkable libraries, executables
Dependencies are shown as dashed arrows from the client
component to the supplier component.
Š The kinds of dependencies are implementation language specific.
♦
A component diagram may also be used to show dependencies
on a façade:
Š Use dashed arrow the corresponding UML interface.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
67
Component Diagram Example
Scheduler
reservations
UML Component
UML Interface
Planner
update
GUI
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
68
Deployment Diagram
♦
Deployment diagrams are useful for showing a system design
after the following decisions are made
Š Subsystem decomposition
Š Concurrency
Š Hardware/Software Mapping
♦
A deployment diagram is a graph of nodes connected by
communication associations.
Š Nodes are shown as 3-D boxes.
Š Nodes may contain component instances.
Š Components may contain objects (indicating that the object is part
of the component)
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
69
Deployment Diagram Example
Compile Time
Dependency
:HostMachine
<<database>>
meetingsDB
:Scheduler
Runtime
Dependency
:PC
:Planner
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
70
5. Data Management
♦
Some objects in the models need to be persistent
Š Provide clean separation points between subsystems with welldefined interfaces.
♦
A persistent object can be realized with one of the following
Š Data structure

If the data can be volatile
Š Files



Cheap, simple, permanent storage
Low level (Read, Write)
Applications must add code to provide suitable level of abstraction
Š Database


Powerful, easy to port
Supports multiple writers and readers
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
71
File or Database?
♦
When should you choose a file?
Š
Š
Š
Š
♦
Are the data voluminous (bit maps)?
Do you have lots of raw data (core dump, event trace)?
Do you need to keep the data only for a short time?
Is the information density low (archival files,history logs)?
When should you choose a database?
Š Do the data require access at fine levels of details by multiple users?
Š Must the data be ported across multiple platforms (heterogeneous
systems)?
Š Do multiple application programs access the data?
Š Does the data management require a lot of infrastructure?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
72
Database Management System
♦
♦
♦
Contains mechanisms for describing data, managing persistent
storage and for providing a backup mechanism
Provides concurrent access to the stored data
Contains information about the data (“meta-data”), also called
data schema.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
73
Issues To Consider When Selecting a Database
♦
Storage space
Š Database require about triple the storage space of actual data
♦
Response time
Š Mode databases are I/O or communication bound (distributed databases).
Response time is also affected by CPU time, locking contention and delays
from frequent screen displays
♦
Locking modes
Š Pessimistic locking: Lock before accessing object and release when object
access is complete
Š Optimistic locking: Reads and writes may freely occur (high concurrency!)
When activity has been completed, database checks if contention has
occurred. If yes, all work has been lost.
♦
Administration
Š Large databases require specially trained support staff to set up security
policies, manage the disk space, prepare backups, monitor performance,
adjust tuning.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
74
Object-Oriented Databases
♦
Support all fundamental object modeling concepts
Š Classes, Attributes, Methods, Associations, Inheritance
♦
Mapping an object model to an OO-database
Š
Š
Š
Š
Determine which objects are persistent.
Perform normal requirement analysis and object design
Create single attribute indices to reduce performance bottlenecks
Do the mapping (specific to commercially available product).
Example:

In ObjectStore, implement classes and associations by preparing C++
declarations for each class and each association in the object model
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
75
Relational Databases
♦
♦
Based on relational algebra
Data is presented as 2-dimensional tables. Tables have a
specific number of columns and and arbitrary numbers of rows
Š Primary key: Combination of attributes that uniquely identify a
row in a table. Each table should have only one primary key
Š Foreign key: Reference to a primary key in another table
♦
♦
SQL is the standard language defining and manipulating tables.
Leading commercial databases support constraints.
Š Referential integrity, for example, means that references to entries
in other tables actually exist.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
76
Data Management Questions
♦
♦
♦
♦
♦
♦
♦
♦
♦
♦
Should the data be distributed?
Should the database be extensible?
How often is the database accessed?
What is the expected request (query) rate? In the worst case?
What is the size of typical and worst case requests?
Do the data need to be archived?
Does the system design try to hide the location of the databases
(location transparency)?
Is there a need for a single interface to access the data?
What is the query format?
Should the database be relational or object-oriented?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
77
6. Global Resource Handling
♦
♦
♦
Discusses access control
Describes access rights for different classes of actors
Describes how object guard against unauthorized access
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
78
Defining Access Control
♦
In multi-user systems different actors have access to different
functionality and data.
Š During analysis we model these different accesses by associating
different use cases with different actors.
Š During system design we model these different accesses by examing
the object model by determining which objects are shared among actors.

Depending on the security requirements of the system, we also define how
actors are authenticated to the system and how selected data in the system
should be encrypted.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
79
Access Matrix
♦
We model access on classes with an access matrix.
Š The rows of the matrix represents the actors of the system
Š The column represent classes whose access we want to control.
♦
Access Right: An entry in the access matrix. It lists the
operations that can be executed on instances of the class by the
actor.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
80
Access Matrix Implementations
♦
Global access table: Represents explicitly every cell in the
matrix as a (actor,class, operation) tuple.
Š Determining if an actor has access to a specific object requires
looking up the corresponding tuple. If no such tuple is found, access
is denied.
♦
Access control list associates a list of (actor,operation) pairs
with each class to be accessed.
Š Every time an object is accessed, its access list is checked for the
corresponding actor and operation.
Š Example: guest list for a party.
♦
A capability associates a (class,operation) pair with an actor.
Š A capability provides an actor to gain control access to an object of
the class described in the capability.
Š Example: An invitation card for a party.
♦
Which is the right implementation?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
81
Global Resource Questions
♦
♦
Does the system need authentication?
If yes, what is the authentication scheme?
Š User name and password? Access control list
Š Tickets? Capability-based
♦
♦
♦
What is the user interface for authentication?
Does the system need a network-wide name server?
How is a service known to the rest of the system?
Š At runtime? At compile time?
Š By port?
Š By name?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
82
7. Decide on Software Control
Choose implicit control (non-procedural, declarative languages)
Š Rule-based systems
Š Logic programming
Choose explicit control (procedural languages): Centralized or
decentralized
Centralized control: Procedure-driven or event-driven
♦ Procedure-driven control
Š Control resides within program code. Example: Main program
calling procedures of subsystems.
Š Simple, easy to build, hard to maintain (high recompilation costs)
♦
Event-driven control
Š Control resides within a dispatcher calling functions via callbacks.
Š Very flexible, good for the design of graphical user interfaces, easy
to extend
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
83
Event-Driven Control Example: MVC
♦
Model-View-Controller Paradigm (Adele Goldberg, Smalltalk
80)
:Control
Update
Model has changed
:Model
Bernd Bruegge & Allen H. Dutoit
Update
:View
:View
Update
:View
Object-Oriented Software Engineering: Using UML, Patterns, and Java
84
Software Control (continued)
♦
Decentralized control
Š Control resides in several independent objects.
Š Possible speedup by mapping the objects on different processors,
increased communication overhead.
Š Example: Message based system.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
85
Centralized vs. Decentralized Designs
♦
Should you use a centralized or decentralized design?
Š Take the sequence diagrams and control objects from the analysis
model
Š Check the participation of the control objects in the sequence
diagrams


♦
If sequence diagram looks more like a fork: Centralized design
The sequence diagram looks more like a stair: Decentralized design
Centralized Design
Š One control object or subsystem ("spider") controls everything


♦
Pro: Change in the control structure is very easy
Con: The single conctrol ojbect is a possible performance bottleneck
Decentralized Design
Š Not a single object is in control, control is distributed, That means,
there is more than one control object


Con: The responsibility is spread out
Pro: Fits nicely into object-oriented development
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
86
8. Boundary Conditions
♦
♦
Most of the system design effort is concerned with steady-state
behavior.
However, the system design phase must also address the
initiation and finalization of the system. This is addressed by a
set of new uses cases called administration use cases
Š Initialization

Describes how the system is brought from an non initialized state to
steady-state ("startup use cases”).
Š Termination

Describes what resources are cleaned up and which systems are
notified upon termination ("termination use cases").
Š Failure


Many possible causes: Bugs, errors, external problems (power supply).
Good system design foresees fatal failures (“failure use cases”).
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
87
Example: Administrative Use cases for MyTrip
♦
♦
♦
Administration use cases for MyTrip (UML use case diagram).
An additional subsystems that was found during system design
is the server. For this new subsystem we need to define use
cases.
ManageServer includes all the functions necessary to start
up and shutdown the server.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
88
ManageServer Use Case
<<include>>
StartServer
<<include>>
PlanningService
Administrator
ManageServer
ShutdownServer
<<include>>
ConfigureServer
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
89
Boundary Condition Questions
♦
8.1 Initialization
Š How does the system start up?
 What data need to be accessed at startup time?
 What services have to registered?
Š What does the user interface do at start up time?
 How does it present itself to the user?
♦
8.2 Termination
Š Are single subsystems allowed to terminate?
Š Are other subsystems notified if a single subsystem terminates?
Š How are local updates communicated to the database?
♦
8.3 Failure
Š How does the system behave when a node or communication link fails? Are
there backup communication links?
Š How does the system recover from failure? Is this different from initialization?
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
90
Modeling Boundary Conditions
♦
♦
♦
Boundary conditions are best modeled as use cases with actors
and objects.
Actor: often the system administrator
Interesting use cases:
Š
Š
Š
Š
♦
Start up of a subsystem
Start up of the full system
Termination of a subsystem
Error in a subystem or component, failure of a subsystem or
component
Task:
Š Model the startup of the ARENA system as a set of use cases.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
91
Summary
In this lecture, we reviewed the activities of system design :
♦ Concurrency identification
♦ Hardware/Software mapping
♦ Persistent data management
♦ Global resource handling
♦ Software control selection
♦ Boundary conditions
Each of these activities revises the subsystem decomposition to
address a specific issue. Once these activities are completed,
the interface of the subsystems can be defined.
Bernd Bruegge & Allen H. Dutoit
Object-Oriented Software Engineering: Using UML, Patterns, and Java
92
Related documents
Document
Document
Lecture for Chapter 12, Software Life Cycle
Lecture for Chapter 12, Software Life Cycle
Visitor Design Pattern
Visitor Design Pattern
ARENA case - Columbia College
ARENA case - Columbia College
Chapter 13 handout
Chapter 13 handout
Chapter 9, Object Design: Specifying Interfaces - ICAR
Chapter 9, Object Design: Specifying Interfaces - ICAR
Sandwich testing - ICAR
Sandwich testing - ICAR
System Testing - ICAR
System Testing - ICAR
Lecture 1 for Chapter 9, Testing - Computer Science and Engineering
Lecture 1 for Chapter 9, Testing - Computer Science and Engineering
Project Organization L1
Project Organization L1
Lecture 1 for Chapter 9, Testing
Lecture 1 for Chapter 9, Testing