Software Architecture For Developers by Simon Brown
Software Architecture For Developers by Simon Brown
Software Architecture For Developers by Simon Brown
This is a Leanpub book. Leanpub empowers authors and publishers with the Lean
Publishing process. Lean Publishing is the act of publishing an in-progress ebook using
lightweight tools and many iterations to get reader feedback, pivot until you have the right
book and build traction once you do.
2012 - 2015 Simon Brown
Contents
Preface . . . . . . . . . . . . . . . . . . . . . .
Software architecture has a bad reputation
Agile aspirations . . . . . . . . . . . . . . .
So you think youre an architect? . . . . . .
The frustrated architect . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
i
i
ii
ii
iii
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
iv
iv
v
vi
ix
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xi
. . . . . . . . . . . . . . . .
1.
What is architecture? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
As a noun . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
As a verb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
3
3
2.
Types of architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
What do they all have in common? . . . . . . . . . . . . . . . . . . . . . . . . .
4
5
3.
6
6
6
CONTENTS
Software architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Enterprise architecture - strategy rather than code . . . . . . . . . . . . . . . . .
7
8
4.
Architecture vs design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Making a distinction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding significance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9
9
10
5.
.
.
.
.
12
12
13
13
6.
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
14
II
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . 15
7.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
16
16
17
17
18
18
19
19
20
20
8.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
22
22
23
23
23
24
24
25
9.
26
26
26
CONTENTS
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
27
28
29
30
31
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
32
32
33
33
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
34
34
35
35
36
37
38
39
39
40
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
41
41
41
42
42
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
43
43
43
44
45
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
46
47
47
47
CONTENTS
.
.
.
.
49
49
49
50
52
52
53
19. Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
54
III
Designing software
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . 55
56
56
56
56
57
57
58
61
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
62
62
62
63
23. Constraints . . . . . . . . . .
Time and budget constraints .
Technology constraints . . . .
People constraints . . . . . . .
Organisational constraints . .
Are all constraints bad? . . . .
Constraints can be prioritised .
Listen to the constraints . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
65
65
65
67
67
67
68
68
24. Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Development principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
69
69
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
Architecture principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Beware of best practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25. Technology is not an implementation detail . . . .
1. Do you have complex non-functional requirements?
2. Do you have constraints? . . . . . . . . . . . . . . .
3 Do you want consistency? . . . . . . . . . . . . . .
Deferral vs decoupling . . . . . . . . . . . . . . . . .
Every decision has trade-offs . . . . . . . . . . . . . .
.
.
.
.
.
.
72
72
73
73
73
74
75
76
76
78
78
80
80
.
.
.
.
.
.
82
82
82
83
83
83
30. Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
84
IV
Communicating design .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
69
71
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . 85
86
86
88
89
89
89
90
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
90
91
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
92
92
93
94
95
96
97
98
99
101
102
103
103
104
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
105
105
107
107
108
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
110
110
110
112
112
113
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
115
115
115
118
118
118
CONTENTS
Intent . . .
Structure .
Motivation
Audience .
Example .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
121
121
123
124
124
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
126
127
127
127
127
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
128
128
129
129
130
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
132
132
133
133
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
134
134
135
135
136
137
138
139
141
141
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
143
143
145
147
148
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
155
155
156
156
157
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
159
159
159
160
160
161
162
162
162
163
164
164
165
45. C4++ . . . . . . . . . . . . . . . . . . .
Enterprise context . . . . . . . . . . . .
User interface mockups and wireframes
Domain model . . . . . . . . . . . . . .
Sequence and collaboration diagrams .
Business process and workflow models
Infrastructure model . . . . . . . . . .
Deployment model . . . . . . . . . . .
And more . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
166
166
166
167
167
167
167
168
168
46. C4 - FAQ . . . . . . . . . . . . . . . . . . . . . . .
System names on context diagrams . . . . . . . .
Should I use actors or boxes for external systems?
Mixing levels of abstraction . . . . . . . . . . . . .
Shared components . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
169
169
169
169
170
CONTENTS
Documenting software .
. . . . . . . . . . . . . . . . . . . . . . 172
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
177
177
179
179
180
180
181
182
50. Context .
Intent . . .
Structure .
Motivation
Audience .
Required .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
183
183
183
183
183
183
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
184
184
184
185
185
185
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
186
186
186
187
187
188
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
53. Constraints
Intent . . . .
Structure . .
Motivation .
Audience . .
Required . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
189
189
189
190
190
190
54. Principles
Intent . . .
Structure .
Motivation
Audience .
Required .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
191
191
191
192
192
192
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
193
193
193
194
194
194
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
195
195
196
196
196
196
57. Code . . .
Intent . . .
Structure .
Motivation
Audience .
Required .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
197
197
198
198
198
198
58. Data . . .
Intent . . .
Structure .
Motivation
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
199
199
199
200
.
.
.
.
.
.
CONTENTS
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
59. Infrastructure Architecture
Intent . . . . . . . . . . . . .
Structure . . . . . . . . . . .
Motivation . . . . . . . . . .
Audience . . . . . . . . . . .
Required . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
201
201
201
202
202
203
60. Deployment
Intent . . . .
Structure . .
Motivation .
Audience . .
Required . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
204
204
204
205
205
205
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
206
206
206
206
207
207
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
208
208
208
208
209
209
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
218
218
218
219
220
221
221
222
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
223
223
225
226
227
228
68. Agility . . . . . . . . . . . . . . . . . . . . . . .
Understanding agility . . . . . . . . . . . . . .
A good architecture enables agility . . . . . . . .
Agility as a quality attribute . . . . . . . . . . .
Creating agile software systems in an agile way .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
230
230
231
233
233
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
235
235
236
237
239
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
CONTENTS
VII
VIII
247
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . 242
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
243
243
244
244
Preface
The IT industry is either taking giant leaps ahead or its in deep turmoil. On the one
hand were pushing forward, reinventing the way that we build software and striving for
craftsmanship at every turn. On the other though, were continually forgetting the good of
the past and software teams are still screwing up on an alarmingly regular basis.
Software architecture plays a pivotal role in the delivery of successful software yet its
frustratingly neglected by many teams. Whether performed by one person or shared amongst
the team, the software architecture role exists on even the most agile of teams yet the balance
of up front and evolutionary thinking often reflects aspiration rather than reality.
Preface
ii
development, with people often being pushed into a role that they are not prepared for. These
same organisations often tend to see software architecture as a rank rather than a role too.
Agile aspirations
Agile might be over ten years old, but its still the shiny new kid in town and many software
teams have aspirations of becoming agile. Agile undoubtedly has a number of benefits
but it isnt necessarily the silver bullet that everybody wants you to believe it is. As with
everything in the IT industry, theres a large degree of evangelism and hype surrounding
it. Start a new software project today and its all about self-organising teams, automated
acceptance testing, continuous delivery, retrospectives, Kanban boards, emergent design and
a whole host of other buzzwords that youve probably heard of. This is fantastic but often
teams tend to throw the baby out with the bath water in their haste to adopt all of these cool
practices. Non-functional requirements not sounding cool isnt a reason to neglect them.
Whats all this old-fashioned software architecture stuff anyway? Many software teams
seem to think that they dont need software architects, throwing around terms like selforganising team, YAGNI (you arent going to need it), evolutionary architecture and
last responsible moment instead. If they do need an architect, theyll probably be on the
lookout for an agile architect. Im not entirely sure what this term actually means, but I
assume that it has something to do with using post-it notes instead of UML or doing TDD
(test-driven development) instead of drawing pictures. That is, assuming they get past the
notion of only using a very high level system metaphor and dont use emergent design as
an excuse for foolishly hoping for the best.
Preface
iii
testing, basic functionality problems, broken hyperlinks and a complete lack of documentation. And that was just my external view of the software, who knows what the code looked
like. If youre undertaking the software architecture role and youre delivering stuff like this,
youre doing it wrong. This isnt software architecture, its also foolishly hoping for the best.
This collection of essays knocks down traditional ivory towers, blurring the line between
software development and software architecture in the process. It will teach you about
software architecture, technical leadership and the balance with agility.
moving into my first software architecture roles. Sure, there are lots of software
architecture books out there, but they seem to be written from a different perspective. I
found most of them very research oriented or academic in nature, yet I was a software
developer looking for real-world advice. I wanted to write the type of book that I would
have found useful at that stage in my career - a book about software architecture aimed
at software developers.
2. All software projects need software architecture: I like agile approaches, I really
do, but the lack of explicit regard for software architecture in many of the approaches
doesnt sit well with me. Agile approaches dont say that you shouldnt do any up front
design, but they often dont explicitly talk about it either. Ive found that this causes
people to jump to the wrong conclusion and Ive seen the consequences that a lack of
any up front thinking can have. I also fully appreciate that big design up front isnt the
answer either. Ive always felt that theres a happy medium to be found where some
up front thinking is done, particularly when working with a team that has a mix of
experiences and backgrounds. I favour a lightweight approach to software architecture
that allows me to put some building blocks in place as early as possible, to stack the
odds of success in my favour.
3. Lightweight software architecture practices: Ive learnt and evolved a number of
practices over the years, which Ive always felt have helped me to perform the software
architecture role. These relate to the software design process and identifying technical
risks through to communicating and documenting software architecture. Ive always
assumed that these practices are just common sense, but Ive discovered that this isnt
the case. Ive taught these practices to thousands of people over the past few years and
Ive seen the difference they can make. A book helps me to spread these ideas further,
with the hope that other people will find them useful too.
vi
vii
Ill teach you about software architecture, technical leadership and the balance with agility.
The video of my Software Architecture & the balance with agility talk from the Software
Architect 2013 conference provides a good overview of what the course is all about. My
courses and workshops have been run in more than twenty countries across Europe, the
Middle East and the United States.
There are a number of course configurations and delivery options, which include private
courses at your own offices. See http://www.codingthearchitecture.com/training/ or e-mail
simon.brown@codingthearchitecture.com for further details.
Acknowledgements
Although this book has my name on the front, writing a book is never a solo activity. Its
really the product of a culmination of ideas that have evolved and discussions that have taken
place over a number of years. For this reason, there are a number of people to thank.
First up are Kevin Seal, Robert Annett and Sam Dalton for lots of stuff; ranging from
blog posts on Coding the Architecture and joint conference talks through to the software
architecture user group that we used to run at Skills Matter (London) and for the many tech
chats over a beer. Kevin also helped put together the first version of the training course that, I
think, we initially ran at the QCon Conference in London, which then morphed into a 2-day
training course that we have today. His classic sound-bite icon in the slide deck still gets
people talking today. :-)
Ive had discussions about software architecture with many great friends and colleagues over
the years, both at the consulting companies where Ive worked (Synamic, Concise, Evolution
and Detica) and the customers that weve built software for. There are too many people to
name, but you know who you are.
Id also like to thank everybody who has attended one of my talks or workshops over the
past few years, as those discussions also helped shape what you find in the book. Youve all
helped; from evolving ideas to simply helping me to explain them better.
Thanks also to Junilu Lacar and Pablo Guardiola for providing feedback, spotting typos, etc.
And I should finally thank my family for allowing me to do all of this, especially when a
hectic travel schedule sometimes sees me jumping from one international consulting gig,
workshop or conference to the next. Thank you.
1. What is architecture?
The word architecture means many different things to many different people and there are
many different definitions floating around the Internet. Ive asked hundreds of people over
the past few years what architecture means to them and a summary of their answers is as
follows. In no particular order
What is architecture?
No wonder its hard to find a single definition! Thankfully there are two common themes here
architecture as a noun and architecture as a verb, with both being applicable regardless of
whether were talking about constructing a physical building or a software system.
As a noun
As a noun then, architecture can be summarised as being about structure. Its about the
decomposition of a product into a collection of components/modules and interactions. This
needs to take into account the whole of the product, including the foundations and infrastructure services that deal with cross-cutting concerns such as power/water/air conditioning
(for a building) or security/configuration/error handling (for a piece of software).
As a verb
As a verb, architecture (i.e. the process, architecting) is about understanding what you need
to build, creating a vision for building it and making the appropriate design decisions. All
of this needs to be based upon requirements because requirements drive architecture.
Crucially, its also about communicating that vision and introducing technical leadership
so that everybody involved with the construction of the product understands the vision and
is able to contribute in a positive way to its success.
2. Types of architecture
There are many different types of architecture and architects within the IT industry alone.
Here, in no particular order, is a list of those that people most commonly identify when
asked
Infrastructure
Security
Technical
Solution
Network
Data
Hardware
Enterprise
Application
System
Integration
IT
Database
Information
Process
Business
Software
The unfortunate thing about this list is that some of the terms are easier to define than
others, particularly those that refer to or depend upon each other for their definition. For
example, what does solution architecture actually mean? For some organisations solution
architect is simply a synonym for software architect whereas others have a specific role
that focusses on designing an overall solution to a problem, but stopping before the level
at which implementation details are discussed. Similarly, technical architecture is vague
enough to refer to software, hardware or a combination of the two.
Interestingly, software architecture typically appears near the bottom of the list when I
ask people to list the types of IT architecture theyve come across. Perhaps this reflects the
confusion that surrounds the term.
Types of architecture
Application architecture
Application architecture is what we as software developers are probably most familiar with,
especially if you think of an application as typically being written in a single technology
(e.g. a Java web application, a desktop application on Windows, etc). It puts the application in
focus and normally includes things such as decomposing the application into its constituent
classes and components, making sure design patterns are used in the right way, building or
using frameworks, etc. In essence, application architecture is inherently about the lower-level
aspects of software design and is usually only concerned with a single technology stack (e.g.
Java, Microsoft .NET, etc).
The building blocks are predominantly software based and include things like programming
languages and constructs, libraries, frameworks, APIs, etc. Its described in terms of classes,
components, modules, functions, design patterns, etc. Application architecture is predominantly about software and the organisation of the code.
System architecture
I like to think of system architecture as one step up in scale from application architecture.
If you look at most software systems, theyre actually composed of multiple applications
across a number of different tiers and technologies. As an example, you might have a
software system comprised of a mobile app communicating via JSON/HTTPS to a Java web
application, which itself consumes data from a MySQL database. Each of these will have
their own internal application architecture.
For the overall software system to function, thought needs to be put into bringing all of
those separate applications together. In other words, you also have the overall structure of
the end-to-end software system at a high-level. Additionally, most software systems dont
live in isolation, so system architecture also includes the concerns around interoperability
and integration with other systems within the environment.
The building blocks are a mix of software and hardware, including things like programming
languages and software frameworks through to servers and infrastructure. Compared to
application architecture, system architecture is described in terms of higher levels of
abstraction; from components and services through to sub-systems. Most definitions of
system architecture include references to software and hardware. After all, you cant have a
successful software system without hardware, even if that hardware is virtualised somewhere
out there on the cloud.
Software architecture
Unlike application and system architecture, which are relatively well understood, the term
software architecture has many different meanings to many different people. Rather
than getting tied up in the complexities and nuances of the many definitions of software
architecture, I like to keep the definition as simple as possible. For me, software architecture
is simply the combination of application and system architecture.
In other words, its anything and everything related to the significant elements of a software
system; from the structure and foundations of the code through to the successful deployment
of that code into a live environment. When were thinking about software development as
software developers, most of our focus is placed on the code. Here, were thinking about
things like object oriented principles, classes, interfaces, inversion of control, refactoring,
automated unit testing, clean code and the countless other technical practices that help us
build better software. If your team consists of people who are only thinking about this, then
who is thinking about the other stuff?
Sometimes you need to step back, away from the code and away from your development
tools. This doesnt mean that the lower-level detail isnt important because working software
is ultimately about delivering working code. No, the detail is equally as important, but the
big picture is about having a holistic view across your software to ensure that your code is
working toward your overall vision rather than against it.
4. Architecture vs design
If architecture is about structure and vision, then whats design about? If youre creating a
solution to solve a problem, isnt this just design? And if this is the case, whats the difference
between design and architecture?
Making a distinction
Grady Booch has a well cited definition of the difference between architecture and design
that really helps to answer this question. In On Design, he says that
As a noun, design is the named (although sometimes unnameable) structure or
behavior of a system whose presence resolves or contributes to the resolution of
a force or forces on that system. A design thus represents one point in a potential
decision space.
If you think about any problem that youve needed to solve, there are probably a hundred
and one ways in which you could have solved it. Take your current software project for
example. There are probably a number of different technologies, deployment platforms and
design approaches that are also viable options for achieving the same goal. In designing your
software system though, your team chose just one of the many points in the potential decision
space.
Grady then goes on to say that
All architecture is design but not all design is architecture.
This makes sense because creating a solution is essentially a design exercise. However, for
some reason, theres a distinction being made about not all design being architecture, which
he clarifies with the following statement.
Architecture represents the significant design decisions that shape a system,
where significance is measured by cost of change.
Architecture vs design
10
Essentially, hes saying that the significant decisions are architecture and that everything
else is design. In the real world, the distinction between architecture and design isnt as
clear-cut, but this definition does provide us with a basis to think about what might be
significant (i.e. architectural) in our own software systems. For example, this could include:
The shape of the system (e.g. client-server, web-based, native mobile client, distributed,
asynchronous, etc)
The structure of the software system (e.g. components, layers, interactions, etc)
The choice of technologies (i.e. programming language, deployment platform, etc)
The choice of frameworks (e.g. web MVC framework, persistence/ORM framework,
etc)
The choice of design approach/patterns (e.g. the approach to performance, scalability,
availability, etc)
The architectural decisions are those that you cant reverse without some degree of effort.
Or, put simply, theyre the things that youd find hard to refactor in an afternoon.
Understanding significance
Its often worth taking a step back and considering whats significant with your own software
system. For example, many teams use a relational database, the choice of which might
be deemed as significant. In order to reduce the amount of rework required in the event
of a change in database technology, many teams use an object-relational mapping (ORM)
framework such as Hibernate or Entity Framework. Introducing this additional ORM layer
allows the database access to be decoupled from other parts of the code and, in theory, the
database can be switched out independently without a large amount of effort.
This decision to introduce additional layers is a classic technique for decoupling distinct parts
of a software system; promoting looser coupling, higher cohesion and a better separation
of concerns. Additionally, with the ORM in place, the choice of database can probably
be switched in an afternoon, so from this perspective it may no longer be deemed as
architecturally significant.
However, while the database may no longer be considered a significant decision, the choice
to decouple through the introduction of an additional layer should be. If youre wondering
why, have a think about how long it would take you to swap out your current ORM or web
MVC framework and replace it with another. Of course, you could add another layer over
the top of your chosen ORM to further isolate your business logic and provide the ability
Architecture vs design
11
to easily swap out your ORM but, again, youve made another significant decision. Youve
introduced additional layering, complexity and cost.
Although you cant necessarily make significant decisions disappear entirely, you can use
a number of different tactics such as architectural layering to change what those significant
decisions are. Part of the process of architecting a software system is about understanding
what is significant and why.
13
6. Questions
1. Do you know what architecture is all about? Does the rest of your team? What about
the rest of your organisation?
2. There are a number of different types of architecture within the IT domain. What do
they all have in common?
3. Do you and your team have a standard definition of what software architecture
means? Could you easily explain it to new members of the team? Is this definition
common across your organisation?
4. What does it mean if you describe a software architecture as being agile? How do
you design for agility?
5. Can you make a list of the architectural decisions on your current software project? Is
it obvious why they were deemed as significant?
6. If you step back from the code, what sort of things are included in your software
systems big picture?
7. What does the technical career path look like in your organisation? Is enterprise
architecture the right path for you?
8. Is software architecture important? Why and what are the benefits? Is there enough
software architecture on your software project? Is there too much?
1. Architectural Drivers
The first part of the role is about understanding the business goals and managing the
architectural drivers, which includes the requirements (both functional and non-functional)
and the constraints of the environment. Software projects often get caught up on asking users
what features they want, but rarely ask them what non-functional requirements (or quality
attributes) that they need. Sometimes the stakeholders will tell us that the system must be
fast, but thats far too subjective. Non-functional requirements and constraints often have
17
a huge influence on the software architecture, so explicitly including them as a part of the
software architecture role helps to ensure that they are considered and taken into account.
2. Designing Software
It should come as no surprise that the process of designing software is a part of the software
architecture role. This is about understanding how youre going to solve the problems posed
by the architectural drivers, creating the overall structure of the software system and a vision
for the delivery. Despite how agile you to strive to be, you probably do need some time to
explicitly think about how your architecture is going to solve the problems set out by the
stakeholders because your software system isnt going to do this itself.
A key part of designing software is technology selection, which is typically a fun exercise but
it does have its fair set of challenges. For example, some organisations have a list of approved
technologies that you are forced to choose from, while others have rules in place that dont
allow open source technology with a specific licence to be used. Then you have all of the
other factors such as cost, licensing, vendor relationships, technology strategy, compatibility,
interoperability, support, deployment, upgrade policies, end-user environments and so on.
The sum of these factors can often make a simple decision of choosing something like a
rich client technology into a complete nightmare. Somebody needs to take ownership of
the technology selection process and this falls squarely within the remit of the software
architecture role.
3. Technical Risks
What weve looked at so far will help you focus on building a good solution, but it doesnt
guarantee success. Simply throwing together the best designs and the best technologies
doesnt necessary mean that the overall architecture will be successful. Theres also the
question of whether the technology choices youve made will actually work. Many teams
have a buy over build strategy and use products (commercial or open source) because of
the potential cost savings on offer. However, many teams also get burnt because they believe
the hype from vendor websites or sales executives in expensive suits. Few people seem to ask
whether the technology actually works the way it is supposed to, and fewer prove that this
is the case.
Technology selection is all about managing risk; reducing risk where there is high complexity
or uncertainty and introducing risk where there are benefits to be had. All technology
decisions need to be made by taking all factors into account, and all technology decisions
18
need to be reviewed and evaluated. This potentially includes all of the major building blocks
for a software project right down to the libraries and frameworks being introduced during
the development.
The question that you need to ask yourself is whether your architecture works. For me,
an architecture works if it satisfies the non-functional requirements, works within the given
environmental constraints, provides the necessary foundations for the rest of the code and
works as the platform for solving the underlying business problem. One of the biggest
problems with software is that its complex and abstract. The result being that its hard to
visualise the runtime characteristics of a piece of software from diagrams or even the code
itself. Furthermore, I dont always trust myself to get it right first time. Your mileage may
vary though!
Throughout the software development life cycle, we undertake a number of different types
of testing in order to give us confidence that the system we are building will work when
delivered. So why dont we do the same for our architecture? If we can test our architecture,
we can prove that it works. And if we can do this as early as possible, we can reduce the
overall risk of project failure. Like good chefs, architects should taste what they are producing.
In a nutshell, this is about proactively identifying, mitigating and owning the high priority
technical risks so that your project doesnt get cancelled and you dont get fired.
4. Architecture Evolution
More often than not, software is designed and then the baton is passed over to a development
team, effectively treating software development as a relay sport. This is counterproductive
because the resulting software architecture needs to be taken care of. Somebody needs to
look after it, evolving it throughout the delivery in the face of changing requirements and
feedback from the team. If an architect has created an architecture, why shouldnt they own
and evolve that architecture throughout the rest of the delivery too? This is about continuous
technical leadership rather than simply being involved at the start of the life cycle and hoping
for the best.
5. Coding
Most of the best software architects I know have a software development background, but
for some reason many organisations dont see this as a part of the software architecture
role. Being a hands-on software architect doesnt necessarily mean that you need to get
involved in the day-to-day coding tasks, but it does mean that youre continuously engaged
19
in the delivery, actively helping to lead and shape it. Having said that, why shouldnt the
day-to-day coding activities be a part of the software architecture role?
Many software architects are master builders, so it makes sense to keep those skills up to date.
In addition, coding provides a way for the architect(s) to share the software development
experience with the rest of the team, which in turn helps them better understand how the
architecture is viewed from a development perspective. Many companies have policies that
prevent software architects from engaging in coding activities because their architects are
too valuable to undertake commodity coding work. Clearly this is the wrong attitude. Why
let your software architects put all that effort into designing software if youre not going to
let them contribute to its successful delivery?
Of course, there are situations where its not practical to get involved at the code level. For
example, a large project generally means a bigger big picture to take care of and there may
be times when you just dont have the time for coding. But, generally speaking, a software
architect who codes is a more effective and happier architect. You shouldnt necessarily rule
out coding just because youre an architect.
6. Quality Assurance
Even with the best architecture in the world, poor delivery can cause an otherwise successful
software project to fail. Quality assurance should be a part of the software architecture role,
but its more than just doing code reviews. You need a baseline to assure against, which could
mean the introduction of standards and working practices such as coding standards, design
principles and tools. Quality assurance also includes ensuring that the architecture is being
implemented consistently across the team. Whether you call this architectural compliance or
conformance is up to you, but the technical vision needs to be followed.
Its safe to say that most projects dont do enough quality assurance, and therefore you
need to figure out whats important and make sure that its sufficiently assured. For me,
the important parts of a project are anything that is architecturally significant, business
critical, complex or highly visible. You need to be pragmatic though and realise that you
cant necessarily assure everything.
Collaborate or fail
Its unusual for a software system to reside in isolation and there are a number of people
that probably need to contribute to the overall architecture process. This ranges from the
20
immediate development team who need to understand and buy in to the architecture, right
through to the extended team of those people who will have an interest in the architecture
from a security, database, operations, maintenance or support point of view. If youre
undertaking the software architecture role, youll need to collaborate with such people to
ensure that the resulting software system will successfully integrate with its environment. If
you dont collaborate, expect to fail.
21
Although the need for thinking about software architecture is usually acknowledged, the
responsibilities of the software architecture role often arent clear. In my experience, this
can lead to a situation where there is nobody undertaking the role, or where somebody is
assigned the role but doesnt really understand how they should undertake it. If the role
isnt understood, its not going to get done and we have little hope of growing the software
architects of tomorrow.
Regardless of what you call it (e.g. Architect, Tech Lead, Principal Designer, etc), my advice
is simple. If you dont have something that you can point at and say, this is what we expect
of our software architects, take some time to create something. Start by agreeing what is
expected of the software architecture role on your team and then move to standardise it
across your organisation if you see benefit in doing so.
Writing code
My recommendation is to make coding a part of your role as a software architect. You can do
this by simply being an integral part of the software development team. In other words, you
have a software architecture hat and a coding hat. You dont need to be the best coder on the
team, but the benefits of being hands-on and engaged in the delivery process are huge. After
all, theres a difference between knowing and doing.
Appreciating that youre going to be contributing to the coding activities often provides
enough incentive to ensure that your designs are grounded in reality. If they arent, youll
soon experience that pain once you understand the problems from a developers perspective.
In addition to the obvious benefits associated with creating a software architecture that can
actually be implemented by real people, contributing to the coding activities helps you build
rapport with the rest of the team, which in turn helps to reduce the gap between architects
and developers that you see on many software teams. To quote Rachel Davies and Liz Sedley
from their Agile Coaching book:
If you know how to program, its often tempting to make suggestions about
how developers should write the code. Be careful, because you may be wasting
your time - developers are likely to ignore your coding experience if youre not
programming on the project. They may also think that youre overstepping your
role and interfering in how they do their job, so give such advice sparingly.
23
24
play with technology. Assuming you can keep your eyes open after a hard day at work, of
course!
25
My take on this is yes, absolutely, you can continue to code. For me, its quite frustrating to
hear people say, well, I understand that Ill have to give up coding to become an architect
or to progress further up the career path. There are lots of organisations where this is the
expectation and its reassuring that Im not the only person to have been told that coding
doesnt have a place in the senior ranks of an organisation.
As a software architect, you take on a great deal of responsibility for satisfying the nonfunctional requirements, performing technical quality assurance, making sure the software
is fit for purpose, etc. Its a leadership role and coding (leading by example) is one of the very
best ways to make sure the project is successful. And besides, if software architects dont
remain technical, who is growing the software architects of tomorrow?
Back in time
If you trace the word architect back to its roots in Latin (architectus) and Greek (arkhitekton), it basically translates to chief builder and, as indicated by the name, these people were
masters of their craft. In medieval times, the term architect was used to signify those people
who were master masons, where mason refers to stonemasons because thats what the
majority of the buildings were constructed from at the time. This quote summarises the role
well:
27
28
Ivory towers?
If this is starting to sound familiar, wait until you hear how the teams used to work:
Every lesser mason followed the directions set by the master and all decisions
with regard to major structural, or aesthetic, problems were his domain.
Its certainly easy to see the parallels here in the way that many software teams have been
run traditionally, and its not surprising that many agile software development teams aspire
to adopt a different approach. Instead of a single dedicated technical leader that stays away
from the detail, many modern software development teams attempt to share the role between
a number of people. Of course, one of the key reasons that many architects stay away from
the detail is because they simply dont have the time. This typically leads to a situation where
the architect becomes removed from the real-world day-to-day reality of the team and slowly
becomes detached from them. It turns out that the master masons suffered from this problem
too:
If, as seems likely, this multiplicity of tasks was normal it is hardly surprising
that master masons took little part in the physical work (even had their status
permitted it). Testimony of this supposition is supplied by a sermon given in
1261 by Nicholas de Biard railing against the apparent sloth of the master mason
who ordains by word alone.
This quote from Agile Coaching (by Rachel Davies and Liz Sedley) highlights a common
consequence of this in the software industry:
If you know how to program, its often tempting to make suggestions about
how developers should write the code. Be careful, because you may be wasting
your time - developers are likely to ignore your coding experience if youre not
programming on the project. They may also think that youre overstepping your
role and interfering in how they do their job, so give such advice sparingly.
29
To cap this off, many people see the software architecture role as an elevated position/rank
within their organisation, which further exaggerates the disconnect between developer and
architect. It appears that the same is true of master masons too:
In order to avoid the sort of struggle late Renaissance artists had to be recognised
as more than mere artisans it would seem that master masons perpetuated a
myth (as I see it) of being the descendants of noblemen. Further to this, by
shrouding their knowledge with secrecy they created a mystique that separated
them from other less arcane or noble professions.
30
In essence, the traditional architect role has diverged into two roles. One is the structural
engineer, who ensures that the building doesnt fall over. And the other is the architect,
who interacts with the client to gather their requirements and design the building from an
aesthetic perspective. Martin Fowlers bliki has a page that talks about the purpose of and
difference between the roles.
A software architect is seen as a chief designer, someone who pulls together
everything on the project. But this is not what a building architect does. A
building architect concentrates on the interaction with client who wants the
building. He focuses his mind on issues that matter to the client, such as the
building layout and appearance. But theres more to a building than that.
Building is now seen as an engineering discipline because of the huge body of knowledge
behind it, which includes the laws of physics and being able to model/predict how materials
will behave when they are used to construct buildings. By comparison, the software
development industry is still relatively young and moves at an alarmingly fast pace. Buildings
today are mostly built using the same materials as they were hundreds of years ago, but it
seems like were inventing a new technology every twenty minutes. We live in the era of
Internet time. Until our industry reaches the point where software can be built in the same
way as a predictive engineering project, its crucial that somebody on the team keeps up to
date with technology and is able to make the right decisions about how to design software. In
other words, software architects still need to play the role of structural engineer and architect.
31
the supervision of somebody else and gradually, as I gained more experience, started to
take on larger and larger design tasks. Unlike the medieval building industry though, the
software development industry lacks an explicit way for people to progress from being junior
developers through to software architects. We dont have a common apprenticeship model.
33
Broadening the T
35
Breadth of knowledge
And that brings me onto why its important for software architects to have a breadth of
technology knowledge too. Sure, they may be specialists in Java or Oracle, but the role
demands more. For example, the people in the software architecture role should be able to
answer the following types of questions too:
Is the technology that weve chosen the most appropriate given the other options
available?
What are the other options for the design and build of this system?
Is there a common architectural pattern that we should be using?
Do we understand the trade-offs of the decisions that were making?
Have we catered for the desired quality attributes?
How can we prove that this architecture will work?
Broadening the T
36
etc
Although general design knowledge, techniques, patterns and approaches often apply to a
number of different technologies, not understanding how to apply them successfully at a
low-level of detail can cause issues. Does this mean that the software architect should be an
expert in all of the technologies that are in use on any give software system? No. Instead
collaboration is key. Find somebody that does understand the things you dont and work
with them closely. Nothing says that the software architecture role cant be shared, and often
appreciating the gaps in your own knowledge is the first step to creating a more collaborative
working environment. Pair programming has benefits, so why not pair architecting?
Soft skills
38
Political: There are always politics at play in every organisation. My mantra is to steer
clear of getting involved as far as possible, but you should at least understand whats
going on around you so that you can make more informed decisions.
Responsibility: You cant necessarily blame the rest of the software development
team for failure and its important that you have a sense of responsibility. Its your
problem if your software architecture doesnt satisfy the business goals, deliver the
non-functional requirements or the technical quality is poor.
Delegation: Delegation is an important part of any leadership role and theres a fine
line between delegating everything and doing everything yourself. You should learn
to delegate where appropriate but remember that its not the responsibility youre
delegating.
Stay positive
As a software architect, which is a leadership role however you look at it, youre likely to be
an important role model for a number of people on the development team. The reason for
this? Many of the team are probably aspiring software architects themselves. Although this
is a flattering situation to be in, there are some major downsides if you take your eye off the
ball.
Whether youve recognised it or not, youre in a very influential position and the eyes of
the development team are likely to be watching your every move. For this reason alone, you
have the power to change the whole dynamic of the team, whether you like it or not. If youre
motivated, the development team is likely to be motivated. If youre enthusiastic about the
work, the rest of the team is likely to be enthusiastic about the work. If youre optimistic that
everything will pan out, the development team will be too.
You can almost think of this as a self-supporting loop of positive energy where your
enthusiasm drives the team, and their enthusiasm drives you. This is all fantastic but its
not hard to see the damage that can be caused by a slip-up on your behalf. Any degree of
lethargy, apathy or pessimism will rub onto your team quicker than you can say but well
be okay and youll start spiralling towards a vicious circle of negativity.
We dont often talk about the softer side of being a software architect but the soft skills
are sometimes more important than being technically strong. A happy team is a team that
delivers. As a leader, its your responsibility to keep the team positive and your role in the
overall team dynamics shouldnt be underplayed.
Solution Architects
There are a lot of people out there, particularly in larger organisations, calling themselves
solution architects or technical architects, who design software and document their
solutions before throwing them over the wall to a separate development team. With the
solution done, the architect will then move on to do the same somewhere else, often not
even taking a cursory glimpse at how the development team is progressing. When you throw
not invented here syndrome into the mix, theres often a tendency for that receiving team to
not take ownership of the solution and the architecture initially created becomes detached
from reality.
Ive met a number of such architects in the past and one particular interview I held epitomises
this approach to software development. After the usual tell me about your role and recent
projects conversation, it became clear to me that this particular architect (who worked
for one of the large blue chip consulting firms) would create and document a software
architecture for a project before moving on elsewhere to repeat the process. After telling
me that he had little or no involvement in the project after he handed over the solution, I
asked him how he knew that his software architecture would work. Puzzled by this question,
he eventually made the statement that this was an implementation detail. He confidently
viewed his software architecture as correct and it was the development teams problem if
they couldnt get it to work. In my view, this was an outrageous thing to say and it made
40
him look like an ass during the interview. His approach was also AaaS Architecture as a
Service!
42
44
45
47
48
that you find many teams teaching or practicing though. With many technical mentors
disappearing thanks to the typical corporate career ladder, where do developers gain this
experience? Where are the software architects of tomorrow going to come from?
Everybody is an architect
In Extreme Programming Annealed, Glenn Vanderburg discusses the level at which the
Extreme Programming practices work, where he highlights the link between architecture
and collective ownership. When we talk about collective ownership, were usually referring
to collectively owning the code so that anybody on the team is empowered to make changes.
In order for this to work, theres an implication that everybody on the team has at least some
basic understanding of the big picture. Think about your current project; could you jump
into any part of the codebase and understand what was going on?
Imagine if you did have a team of experienced software developers that were all able to
switch in and out of the big picture. A team of genuinely hands-on architects. That team
would be amazing and all of the elements you usually associate with software architecture
(non-functional requirements, constraints, etc) would all get dealt with and nothing would
slip through the gaps. From a technical perspective, this is a self-organising team.
50
Roy categorises the maturity of teams using a simple model, with each level requiring a
different style of leadership.
1. Survival model (chaos): requires a more direct, command and control leadership style.
2. Learning: requires a coaching leadership style.
3. Self-organising: requires facilitation to ensure the balance remains intact.
As I said, a team where everybody is an experienced software developer and architect would
be amazing but this isnt something Ive seen happen. Most projects dont have anybody on
the team with experience of the big picture stuff and this is evidenced by codebases that
dont make sense (big balls of mud), designs that are unclear, systems that are slow and so on.
This type of situation is the one I see the most and, from a technical perspective, I recommend
that one person on the team takes responsibility for the software architecture role.
Roy uses the ScrumMaster role as an example. Teams in the initial stages of their maturity
will benefit from a single person undertaking the ScrumMaster role to help drive them in
the right direction. Self-organising teams, on the other hand, dont need to be told what to
do. The clue is in the name; they are self-organising by definition and can take the role upon
themselves. I would say that the same is true of the software architecture, and therefore
technical leadership, role.
51
With collective code ownership, everybody needs to be able to work at the architecture level
and so everybody is an architect to some degree. Teams that arent at the self-organising
stage will struggle if they try to run too fast though. Despite peoples aspirations to be agile,
collective code ownership and a distribution of the architecture role are likely to hinder
chaotic teams rather than help them. Chaotic teams need a more direct leadership approach
and they will benefit from a single point of responsibility for the technical aspects of the
software project. In other words, they will benefit from a single person looking after the
software architecture role. Ideally this person will coach others so that they too can help
with this role.
One software architect or many? Single point of responsibility or shared amongst the team?
Agile or not, the software architecture role exists. Only the context will tell you the right
answer.
Domain knowledge
A good working knowledge of the business domain is essential. If youre working within
the finance industry, you should know something about how your particular part of the
finance industry works (e.g. funds management, investment banking, retail banking, etc).
Most business domains are more complex than they really should be and even seemingly
simple domains can surprise you. I remember the first time that I saw the ferry and hotel
domains, which surprisingly arent simply about booking seats on boats or rooms in hotels.
Having an appreciation of the business domain helps you to better understand the goals and
create successful software products.
And this raises an interesting question. A deep knowledge of the business domain only comes
from working within that domain for an extended period of time but most consultants move
between different customers, teams and business domains on a regular basis. Is it therefore
fair to expect consultants to possess deep domain knowledge?
There are a couple of approaches that Ive seen people take. The first is to restrict yourself
to working within a single business domain as a consultant so that you do gain a deep
working knowledge of the business domain. As an example, a number of the IT consulting
organisations that Ive worked for have specialised in the investment banking industry, with
consultants moving from bank to bank within that industry. This is certainly an effective way
to ensure that consultants do understand the business domain, but its not an approach that
I particularly like. Some of the consultants who Ive worked with in the past have actually
taken offence when offered a consulting role outside of investment banking. These people
53
usually saw their deep business domain knowledge as a key differentiator or unique selling
point when compared to other consultants.
A look at my bookshelf will reveal that my interests lie far more with technology than any
business domain. If I wanted to work for a bank, Id work for a bank rather than a consulting
organisation. As a result, Im happy to regularly switch between business domains and this
provides a degree of variety that you cant necessarily get from working in a single domain. I
also find it interesting to see how other industries solve similar problems, and this itself leads
to a number of opportunities for the cross-pollination of ideas. The downside, of course, is
that my domain knowledge of any particular domain isnt as deep as somebody who works
full-time in that business domain.
To prevent this being an issue, I believe that theres a skill in being able to understand enough
about a new business domain to become proficient quickly. And thats really my approach.
If youre a undertaking the software architecture role on a consulting basis, you need razor
sharp analysis skills to understand the key parts of the business domain without getting
trapped in a cycle of analysis paralysis.
Authority
The degree of control that the software architecture role needs to introduce depends on the
type of software development team that you work with. Often the team can present another
set of challenges though, especially if youre working as a consultant software architect with
a team of your customers in-house developers.
If youre responsible for the software architecture and technical delivery of a software system,
you must have the authority to make decisions. If you have the responsibility but not the
authority, and are therefore continually seeking permission to make decisions, you could be
in for a bumpy ride.
The software architecture role is about technical leadership and part of this means that you
need to get the whole team heading in the same direction. Dictating instructions to a team
of software developers isnt likely to be very effective if youre not their immediate line
manager, which is often the case if youre supplementing a customer team. This is where the
soft skills come into play, particularly those related to building relationships, creating trust
and motivating the team. Ive found that being a hands-on, coding architect goes a long way
to getting a successful outcome too.
19. Questions
1. Whats the difference between the software architecture and software developer roles?
2. What does the software architecture role entail? Is this definition based upon your
current or ideal team? If its the latter, what can be done to change your team?
3. Why is it important for anybody undertaking the software architecture role to
understand the technologies that they are using? Would you hire a software architect
who didnt understand technology?
4. If youre the software architect on your project, how much coding are you doing? Is
this too much or too little?
5. If, as a software architect, youre unable to code, how else can you stay engaged in the
low-level aspects of the project. And how else can you keep your skills up to date?
6. Why is having a breadth and depth of technical knowledge as important?
7. Do you think you have all of the required soft skills to undertake the software
architecture role? If not, which would you improve, why and how?
8. Does your current software project have enough guidance and control from a software
architecture perspective? Does it have too much?
9. Why is collaboration an important part of the software architecture role? Does your
team do enough? If not, why?
10. Is there enough coaching and mentoring happening on your team? Are you providing
or receiving it?
11. How does the software architecture role fit into agile projects and self-organising
teams?
12. What pitfalls have you fallen into as somebody new to the software architecture role?
13. Is there a well-defined terms of reference for the software architecture in your team
or organisation? If so, does everybody understand it? If not, is there value in creating
one to make an architects role and responsibilities explicit?
1. Functional requirements
In order to design software, you need to know something about the goals that it needs to
satisfy. If this sounds obvious, its because it is. Having said that, I have seen teams designing
software (and even building it) without a high-level understanding of the features that the
software should provide to the end-users. Some might call this being agile, but I call it foolish.
Even a rough, short list of features or user stories (e.g. a Scrum product backlog) is essential.
Requirements drive architecture.
2. Quality Attributes
Quality attributes are represented by the non-functional requirements and reflect levels of
service such as performance, scalability, availability, security, etc. These are mostly technical
in nature and can have a huge influence over the resulting architecture, particularly if
youre building high performance systems or you have desires to operate at Google scale.
The technical solutions to implementing non-functional requirements are usually crosscutting and therefore need to be baked into the foundations of the system youre building.
Retrofitting high performance, scalability, security, availability, etc into an existing codebase
is usually incredibly difficult and time-consuming.
3. Constraints
We live in the real world and the real world has constraints. For example, the organisation
that you work for probably has a raft of constraints detailing what you can and cant do with
respect to technology choice, deployment platform, etc.
Architectural drivers
57
4. Principles
Where constraints are typically imposed upon you, principles are the things that you want to
adopt in order to introduce consistency and clarity into the resulting codebase. These may be
development principles (e.g. code conventions, use of automated testing, etc) or architecture
principles (e.g. layering strategies, architecture patterns, etc).
Performance
Performance is about how fast something is, usually in terms of response time or latency.
Response time: the time it takes between a request being sent and a response being
received, such as a user clicking a hyperlink on a web page or a button on a desktop
application.
Latency: the time it takes for a message to move through your system, from point A
to point B.
Even if youre not building high performance software systems, performance is applicable
to pretty much every software system that youll ever build, regardless of whether they are
web applications, desktop applications, service-oriented architectures, messaging systems,
etc. If youve ever been told that your software is too slow by your users, youll appreciate
why some notion of performance is important.
Scalability
Scalability is basically about the ability for your software to deal with more users, requests,
data, messages, etc. Scalability is inherently about concurrency and therefore dealing with
more stuff in the same period of time (e.g. requests per second).
59
Availability
Availability is about the degree to which your software is operational and, for example,
available to service requests. Youll usually see availability measured or referred to in terms
of nines, such as 99.99% (four nines) or 99.999% (five nines). These numbers refer to the
uptime in terms of a percentage. The flip side of this coin is the amount of downtime that
can be tolerated. An uptime of 99.9% (three nines) provides you with a downtime window
of just over 1 minute per day for scheduled maintenance, upgrades and unexpected failure.
Security
Security covers everything from authentication and authorisation through to the confidentiality of data in transit and storage. As with performance, theres a high probability that
security is important to you at some level. Security should be considered for even the most
basic of web applications that are deployed onto the Internet. The Open Web Application
Security Project (OWASP) is a great starting point for learning about security.
Disaster Recovery
What would happen if you lost a hard disk, server or data centre that your software was
running on? This is what disaster recovery is all about. If your software system is mission
critical, youll often hear people talking about business continuity processes too, which state
what should happen in the event of a disaster in order to retain continued operation.
Accessibility
Accessibility usually refers to things like the W3C accessibility standards, which talk about
how your software is accessible to people with disabilities such as visual impairments.
Monitoring
Some organisations have specific requirements related to how software systems should be
monitored to ensure that they are running and able to service requests. This could include
integrating your software with platform specific monitoring capabilities (e.g. JMX on the
Java platform) or sending alerts to a centralised monitoring dashboard (e.g. via SNMP) in the
event of a failure.
60
Management
Monitoring typically provides a read-only view of a software system and sometimes there
will be runtime management requirements too. For example, it might be necessary to expose
functionality that will allow operational staff to modify the runtime topology of a system,
modify configuration elements, refresh read-only caches, etc.
Audit
Theres often a need to keep a log of events (i.e. an audit log) that led to a change in data or
behaviour of a software system, particularly where money is involved. Typically such logs
need to capture information related to who made the change, when the change was made
and why the change was made. Often there is a need retain the change itself too (i.e. before
and after values).
Flexibility
Flexibility is a somewhat overused and vague term referring to the flexibility of your
software to perform more than a single task, or to do that single task in a number of different
ways. A good example of a flexibility requirement would be the ability for non-technical
people to modify the business rules used within the software.
Extensibility
Extensibility is also overused and vague, but it relates to the ability to extend the software to
do something it doesnt do now, perhaps using plugins and APIs. Some off-the-shelf products
(e.g. Microsoft Dynamics CRM) allow non-technical end-users to extend the data stored and
change how other users interact with that data.
Maintainability
Maintainability is often cited as a requirement but what does this actually mean? As software
developers we usually strive to build maintainable software but its worth thinking about
who will be maintaining the codebase in the future. Maintainability is hard to quantify, so
Id rather think about the architecture and development principles that well be following
instead because they are drivers for writing maintainable code.
61
Internationalisation (i18n)
Many software systems, particularly those deployed on the Internet, are no longer delivered
in a single language. Internationalisation refers to the ability to have user-facing elements of
the software delivered in multiple languages. This is seemingly simple until you try to retrofit
it to an existing piece of software and realise that some languages are written right-to-left.
Localisation (L10n)
Related to internationalisation is localisation, which is about presenting things like numbers,
currencies, dates, etc in the conventions that make sense to the culture of the end-user.
Sometimes internationalisation and localisation are bundled up together under the heading
of globalisation.
Capture
Ive spent most of my 15+ year career in software development working in a consulting
environment where weve been asked to build software for our customers. In that time, I
can probably count on one hand the number of times a customer has explicitly given us
information about the non-functional requirements. Ive certainly received a large number
of requirements specifications or functional wish-lists, but rarely do these include any
information about performance, scalability, security, etc. In this case, you need to be proactive
and capture them yourself.
And herein lies the challenge. If you ask a business sponsor what level of system availability
they want, youll probably get an answer similar to 100%, 24 by 7 by 365 or yes please,
we want all of it.
Refine
Once youve started asking those tricky questions related to non-functional requirements, or
youve been fortunate enough to receive some information about them, youll probably need
to refine them.
On the few occasions that Ive received a functional requirements specification that did include some information about non-functional requirements, theyve usually been unhelpfully
vague. As an example, I once received a 125 page document from a potential customer that
detailed the requirements of the software system. The majority of the pages covered the
functional requirements in quite some detail and the last half page was reserved for the nonfunctional requirements. It said things like:
Performance: The system must be fast.
63
Challenge
With this in mind, we all know what response well get if we ask people whether they need
something. Theyll undoubtedly say, yes. This is why prioritising functional requirements,
user stories, etc is hard. Regardless of the prioritisation scale that you use (MoSCoW,
High/Medium/Low, etc), everything will end up as a must have on the first attempt at
prioritisation. You could create a super-must have category, but we know that everything
will just migrate there.
64
A different approach is needed and presenting the cost implications can help focus the mind.
For example:
Architect: You need a system with 100% uptime. Building that requires lots of
redundancy to remove single points of failure and we would need two of everything
plus a lot of engineering work for all of the automatic failover. It will cost in the region
of $1,000,000. Alternatively we can build you something simpler, with the caveat that
some components would need to be monitored and restarted manually in the event of
a failure. This could cost in the region of $100,000. Which one do you need now?
Sponsor: Oh, if thats the case, I need the cheaper solution.
Anything is possible but everything has a trade-off. Explaining those trade-offs can help find
the best solution for the given context.
23. Constraints
Everything that we create as software developers lives in the real world, and the real
world has constraints. Like quality attributes, constraints can drive, shape and influence the
architecture of a software system. Theyre typically imposed upon you too, either by the
organisation that you work for or the environment that you work within. Constraints come
in many different shapes and sizes.
Technology constraints
There are a number of technology related constraints that we often come up against when
building software, particularly in large organisations:
Approved technology lists: Many large organisations have a list of the technologies
they permit software systems to be built with. The purpose of this list is to restrict
the number of different technologies that the organisation has to support, operate,
maintain and buy licenses for. Often there is a lengthy exceptions process that you
need to formally apply for if you want to use anything off list. Ive still seen teams
use Groovy or Scala on Java projects through the sneaky inclusion of an additional
JAR file though!
Existing systems and interoperability: Most organisations have existing systems that
you need to integrate your software with and youre often very limited in the number
of ways that you can achieve this. At other times, its those other systems that need
to integrate with whatever youre building. If this is the case, you may find that there
are organisation-wide constraints dictating the protocols and technologies you can
use for the integration points. A number of the investment banks Ive worked with
have had their own internal XML schemas for the exchange of trading information
between software systems. Concise and easy to use werent adjectives that we used
to describe them!
Constraints
66
Constraints
67
use, despite whether they actually work properly. I recently heard of one organisation
that built their own CORBA implementation.
People constraints
More often than not, the people around you will constrain the technologies and approaches
that are viable to use when developing software. For example:
There will be an overhead if you ask a Java team to build a Microsoft .NET solution, so you
do need to take people into account whenever youre architecting a software system.
Organisational constraints
There are sometimes other constraints that youll need to be aware of, including:
Is the software system part of a tactical or strategic implementation? The answer to
this question can either add or remove constraints.
Organisational politics can sometimes prevent you from implementing the solution
that you really want to.
Constraints
68
24. Principles
While constraints are imposed upon you, principles are the things that you want to adopt
in order to introduce standard approaches, and therefore consistency, into the way that you
build software. There are a number of common principles, some related to development and
others related to architecture.
Development principles
The principles that many software developers instantly think of relate to the way in which
software should be developed. For example:
Coding standards and conventions: We will adopt our in-house coding conventions
for [Java|C#|etc], which can be found on our corporate wiki.
Automated unit testing: Our goal is to achieve 80% code coverage for automated
unit tests across the core library, regardless of whether that code is developed using a
test-first or test-last approach.
Static analysis tools: All production and test code must pass the rules defined in
[Checkstyle|FxCop|etc] before being committed to source code control.
etc
Architecture principles
There are also some principles that relate to how the software should be structured. For
example:
Layering strategy: A layered architecture usually results in a software system that
has a high degree of flexibility because each layer is isolated from those around it.
For example, you may decompose your software system into a UI layer, a business
layer and a data access layer. Making the business layer completely independent
of the data access layer means that you can (typically) switch out the data access
implementation without affecting the business or UI layers. You can do this because the
Principles
70
data access layer presents an abstraction to the business layer rather than the business
layer directly dealing with the data storage mechanism itself. If you want to structure
your software this way, you should ensure that everybody on the development team
understands the principle. No data access logic in the UI components or domain
objects is a concrete example of this principle in action.
Placement of business logic: Sometimes you want to ensure that business logic
always resides in a single place for reasons related to performance or maintainability.
In the case of Internet-connected mobile apps, you might want to ensure that as much
processing as possible happens on the server. Or if youre integrating with a legacy
back-end system that already contains a large amount of business logic, you might
want to ensure that nobody on the team attempts to duplicate it.
High cohesion, low coupling, SOLID, etc: There are many principles related to the
separation of concerns, focussing on building small highly cohesive building blocks
that dont require too many dependencies in order to do their job.
Stateless components: If youre building software that needs to be very scalable, then
designing components to be as stateless as possible is one way to ensure that you
can horizontally scale-out your system by replicating components to share the load. If
this is your scalability strategy, everybody needs to understand that they must build
components using the same pattern. This will help to avoid any nasty surprises and
scalability bottlenecks in the future.
Stored procedures: Stored procedures in relational databases are like Marmite - you
either love them or you hate them. There are advantages and disadvantages to using
or not using stored procedures, but I do prefer it when teams just pick one approach
for data access and stick to it. There are exceptions to every principle though.
Domain model - rich vs anaemic: Some teams like having a very rich domain model
in their code, building systems that are very object-oriented in nature. Others prefer a
more anaemic domain model where objects are simply data structures that are used by
coarse-grained components and services. Again, consistency of approach goes a long
way.
Use of the HTTP session: If youre building a website, you may or may not want to
use the HTTP session for storing temporary information between requests. This can
often depend on a number of things including what your scaling strategy is, where
session-backed objects are actually stored, what happens in the event of a server failure,
whether youre using sticky sessions, the overhead of session replication, etc. Again,
everybody on the development team should understand the desired approach and stick
to it.
Always consistent vs eventually consistent: Many teams have discovered that they
often need to make trade-offs in order to meet complex non-functional requirements.
Principles
71
For example, some teams trade-off data consistency for increased performance and/or
scalability. Provided that we do see all Facebook status updates, does it really matter
if we all dont see them immediately? Your context will dictate whether immediate or
delayed consistency is appropriate, but a consistent approach is important.
the [risk system] solution is simple and can be built with any technology.
we dont want to force a solution on developers.
its an implementation detail.
we follow the last responsible moment principle.
I firmly believe that technology choices should be included on architecture diagrams but
theres a separate question here about why people dont feel comfortable making technology
decisions. Saying that it can be built with any technology doesnt mean that it should.
Heres why.
73
Deferral vs decoupling
Its worth briefly talking about deferring technology decisions and waiting until the last
responsible moment to make a decision. Lets imagine that youre designing a software system where there arent any particularly taxing non-functional requirements or constraints.
74
Does it matter which technologies you choose? And shouldnt a good architecture let you
change your mind at a later date anyway?
Many people will say, for example, that it really doesnt matter which relational database
you use, especially if you decouple the code that you write from a specific database implementation using an object-relational mapping layer such as Hibernate, Entity Framework or
ActiveRecord. If you dont have any significant non-functional requirements or constraints,
and you truly believe that all relational databases are equal, then it probably doesnt matter
which you use. So yes, you can decouple the database from your code and defer the
technology decision. But dont forget, while your choice of database is no longer a significant
decision, your choice of ORM is. You can decouple your code from your ORM by introducing
another abstraction layer, but again youve made a significant decision here in terms of the
structure of your software system.
Decoupling is a great approach for a number of reasons plus it enables technology decisions
to be deferred. Of course, this doesnt mean that you should defer decisions though, especially
for reasons related to the presence of non-functional requirements and constraints.
76
While I dont disagree that Silverlight applications arent hard to build, the vital question
the group hadnt addressed was where the data was going to come from. As always, there
are options; from accessing the database directly through to exposing some data services in
a middle-tier. The group had already considered deploying some Windows Communication
Foundation (WCF) services into the IIS web server as the mechanism for exposing the data,
but this led to yet further questions.
1. What operations do you need to expose to the Silverlight client?
2. Which technology binding and protocol would you use?
3. How do you ensure that people cant plug in their own bespoke WCF client and
consume the services?
4. How do you deploy and test it?
5. etc
Non-functional requirements
In the context of the case study, the third question is important. The data should only be
accessible by a small number of people and we really dont want to expose a web service
that anybody with access to a development tool could consume.
Most security conscious organisations have their self-hosted public facing web servers
firewalled away in a DMZ, yet Ive seen some software systems where those same secured
web servers subsequently access unsecured web services residing on servers within the
regular corporate LAN. Assuming that I can connect a laptop to the corporate LAN, theres
usually nothing to stop me firing up a development tool such as Microsoft Visual Studio,
locating the service definition (e.g. a WSDL file) and consuming the web service for my own
misuse. In this case, thought needs to be given to authentication and authorisation of the
data service as well as the Silverlight client. A holistic view of security needs to be taken.
77
more work designing, developing, testing and deploying. Despite what vendor marketing
hype might say, nothing is ever free and you need to evaluate the pros and cons of
adding additional layers into a design, particularly if they result in additional inter-process
communication.
79
its too late. One of the key reasons I prefer using a whiteboard to design software is because
it encourages a more collaborative approach than somebody sitting on their own in front of
their favourite modelling tool on a laptop. If youre collaborating, youre also communicating
and challenging each other.
Like pair programming, collaborating is an effective way to approach the software design
process, particularly if its done in a lightweight way. Collaboration increases quality plus it
allows us to discuss and challenge some of the common assumptions that we make based our
own knowledge, experience and preferences. It also paves the way for collective ownership
of the code, which again helps to break down the silos that often form within software
development teams. Everybody on the team will have different ideas and those different
ideas need to meet.
81
Current development team: The current team need to understand the architecture
and be aware of the drivers so that they produce a solution that is architecturally
consistent and works.
Future development team: Any future development/maintenance teams need to have
the same information to hand so that they understand how the solution works and are
able to modify it in a consistent way.
Other teams: Often your software needs to integrate with other systems within the
environment, from bespoke software systems through to off-the-shelf vendor products,
so its crucial that everybody agrees on how this will work.
Database administrators: Some organisations have separate database teams that need
to understand how your solution uses their database services (e.g. from design and
optimisation through to capacity planning and archiving).
Operations/support staff: Operational staff typically need to understand how to run
and support your system (e.g. configuration and deployment through to monitoring
and problem diagnostics).
Compliance, risk and audit: Some organisations have strict regulations that they need
to follow and people in your organisation may need to certify that youre following
them too.
Security team: Likewise with security; some organisations have dedicated security
teams that need to review systems before they are permitted into production environments.
These are just some of the stakeholders that may have an interest in your architecture, but
there are probably others depending on your organisation and the way that it works. If you
think you can put together a software architecture in an ivory tower on your own, youre
probably doing it wrong. Software architectures dont live in isolation and the software
design process is a platform for conversation. A five minute conversation now could help
capture those often implied architectural drivers and improve your chance of a successful
delivery.
83
30. Questions
1. What are the major factors that influence the resulting architecture of a software
system? Can you list those that are relevant to the software system that you are
working on?
2. What are non-functional requirements and why are they important? When should you
think about non-functional requirements?
3. Time and budget are the constraints that most people instantly relate to, but can you
identify more?
4. Is your software development team working with a well-known set of architectural
principles? What are they? Are they clearly understood by everybody on the team?
5. How do you approach the software design process? Does your team approach it in
the same way? Can it be clearly articulated? Can you help others follow the same
approach?
IV Communicating design
This part of the book is about visualising software architecture using a collection of
lightweight, yet effective, sketches.
Abandoning UML
If you cast your mind back in time, structured processes provided a reference point for both
the software design process and how to communicate the resulting designs. Some well-known
examples include the Rational Unified Process (RUP) and Structured Systems Analysis And
Design Method (SSADM). Although the software development industry has moved on in
many ways, we seem to have forgotten some of the good things that these prior approaches
gave us.
As an industry, we do have the Unified Modelling Language (UML), which is a formal
standardised notation for communicating the design of software systems. However, while
87
you can argue about whether UML offers an effective way to communicate software designs
or not, thats often irrelevant because many teams have already thrown out UML or simply
dont know it. Such teams typically favour informal boxes and lines style sketches instead
but often these diagrams dont make much sense unless they are accompanied by a detailed
narrative, which ultimately slows the team down. Next time somebody presents a software
design to you focussed around one or more informal sketches, ask yourself whether they
are presenting whats on the sketches or whether they are presenting whats in their head
instead.
Boxes and lines sketches can work very well, but there are many pitfalls associated with communicating
software architecture in this way
Abandoning UML is all very well but, in the race for agility, many software development
teams have lost the ability to communicate visually. The example software architecture
sketches (pictured) illustrate a number of typical approaches to communicating software
architecture and they suffer from the following types of problems:
Colour coding is usually not explained or is often inconsistent.
The purpose of diagram elements (i.e. different styles of boxes and lines) is often not
explained.
Key relationships between diagram elements are sometimes missing or ambiguous.
Generic terms such as business logic are often used.
88
Boxes and lines sketches can work very well, but there are many pitfalls associated with
communicating software architecture in this way. My approach is to use a collection of simple
diagrams each showing a different part of the same overall story, paying close attention to
the diagram elements if Im not using UML.
90
1. Many teams instantly think of UML but theyve dropped it as a communication method
or never understood it in the first place. After all, apparently UML isnt cool.
2. Many teams dont do class design in a visual way anymore because they prefer TDD
instead.
91
Ineffective sketches
93
Theres a Unix box and a Windows box, with some additional product selections that include
JBoss (a Java EE application server) and Microsoft SQL Server. The problem is, I dont know
what those products are doing and there seems to be a connection missing between the Unix
box and the Windows box. Since responsibilities and interactions are not shown, this diagram
probably would have been better presented as a bulleted list.
Ineffective sketches
94
This is a three-tier solution (I think) that uses the Microsoft technology stack. Theres an
ASP.NET web thing at the top, which I assume is being used for some sort of user interaction,
although thats not shown on the diagram. The bottom section is labelled SQL Server and
there are lots of separate database cans. To be honest though, Im left wondering whether
these are separate database servers, schemas or tables.
Finally, in the middle, is a collection of boxes, which I assume are things like components,
services, modules, etc. From one perspective, its great to see how the middle-tier of the
overall solution has been decomposed into smaller chunks and these are certainly the types
of components/services/modules that I would expect to see for such a solution. But again,
there are no responsibilities and no interactions. Software architecture is about structure,
which is about things (boxes) and how they interact (lines). This diagram has one, but not
the other. Its telling a story, but not the whole story.
Ineffective sketches
95
Essentially the group that produced this diagram has simply documented their functional
decomposition of the solution into things, which I again assume are components, services,
modules, etc but I could be wrong. Imagine a building architect drawing you a diagram of
your new house that simply had a collection of boxes labelled Cooking, Eating, Sleeping,
Relaxing, etc.
This diagram suffers from the same problem as the previous diagram (no responsibilities and
no interactions) plus we additionally have a colour coding to decipher. Can you work out
what the colour coding means? Is it related to input vs output functions? Or perhaps its
business vs infrastructure? Existing vs new? Buy vs build? Or maybe different people simply
had different colour pens! Who knows. I often get asked why the central Risk Assessment
Processor box has a noticeably thicker border than the other boxes. I honestly dont know,
but I suspect its simply because the marker pen was held at a different angle.
Ineffective sketches
96
The central spine of this diagram is great because it shows how data comes in from the
source data systems (TDS and RDS) and then flows through a series of steps to import the
data, perform calculations, generate reports and finally distribute them. Its a super-simple
activity diagram that provides a nice high-level overview of what the system is doing. But
then it all goes wrong.
I think the green circle on the right of the diagram is important because everything is pointing
to it, but Im not sure why. And theres also a clock, which I assume means that something
is scheduled to happen at a specific time. Lets hope its not a time-bomb!
The left of the diagram is equally confusing, with various lines of differing colours and styles
zipping across one another. If you look carefully youll see the letters UI upside-down.
Perhaps this diagram makes more sense if you fold it like an Origami challenge?
Generically true
This is another very common style of diagram. Next time somebody asks you to produce a
software architecture diagram of a system, present them this photo and youre done!
Ineffective sketches
97
Its a very Software Architecture 101 style of diagram where most of the content is generic.
Ignoring the source data systems at the top of the diagram (TDS and RDS), we have boxes
generically labelled transport, archive, audit, report generation, error handling and arrows
labelled error and action. Oh and look at the box in the centre - its labelled business logic.
Do you ever build software that implements business logic?
There are a number of ways in which this diagram can be made more effective, but simply
replacing the business logic box with financial risk calculator at least highlights the
business domain in which we are operating. In Screaming Architecture, Uncle Bob Martin
says that the organisation of a codebase should scream something about the business domain.
The same is true of software architecture diagrams.
Ineffective sketches
98
Ineffective sketches
99
If you look at the Unix box in the centre of the diagram, youll see two smaller boxes labelled
Risk Analysis System and Data Import Service. If you look closely, youll see that both
boxes are annotated JAR, which is the deployment mechanism for Java code (Java ARchive).
Basically this is a ZIP file containing compiled Java bytecode. The equivalent in the .NET
world is a DLL.
And herein lies the ambiguity. What happens if you put a JAR file on a Unix box? Well,
the answer is not very much other than it takes up some disk space. And cron (the Unix
scheduler) doesnt execute JAR files unless they are really standalone console applications,
the sort that have a public static void main method as a program entry point. By deduction
then, I think both of those JAR files are actually standalone applications and thats what Id
like to see on the diagram. Rather than the deployment mechanism, I want to understand the
execution context.
Ineffective sketches
100
The lines between the web server and the application server have no information about how
this communication occurs. Is it SOAP? RESTful services? XML over HTTP? Remote method
invocation? Windows Communication Foundation? Asynchronous messaging? Its not clear
and this concerns me for three reasons:
1. Constraints: If youre working in an environment with existing constraints, the
technology choices may have be made for you already. For example, perhaps you have
standards about inter-process communication or firewalls that only permit certain
types of traffic through them.
2. Non-functional requirements: The choice of technology and protocol may have an
impact on whether you meet your non-functional requirements, particularly if you are
dealing with high performance, scalability or security.
3. Complexity: Ive worked with software teams who have never created an n-tier
architecture before and they are often under the illusion that this style of architecture
can be created for free. In the real world, more layers means more complexity.
Granted there are many options and often teams dont like committing early without putting
together some prototypes. No problem, just annotate those lines on the diagram with the list
of potential options instead so we can at least have a better conversation.
Ineffective sketches
101
In the bottom left of the diagram is a SQL Server database, and at the top left of the diagram is
a box labelled Application. Notice how that same box is also annotated (in green) ConsoleC#. Basically, this system seems to be made up of a C# console application and a database.
But what about the other boxes?
Well, most of them seem to be C# components, services, modules or objects and theyre
much like what weve seen on some of the other diagrams. Theres also a data access box
and a logger box, which could be frameworks or architectural layers. Do all of these boxes
represent the same level of granularity as the console application and the database? Or are
they actually part of the application? I suspect the latter, but the lack of boundaries makes
this diagram confusing. Id like to draw a big box around most of the boxes to say all of
these things live inside the console application. I want to give those boxes a home. Again, I
do want to understand how the system has been decomposed into smaller components, but
I also want to know about the execution context too.
Ineffective sketches
102
Its a little like those choose your own adventure books that I used to read as a kid.
You would start reading at page 1 and eventually arrive at a fork in the story where you
decide what should happen next. If you want to attack the big scary creature youve just
encountered, you turn to page 47. If you want to run away like a coward, its page 205 for
you. You keep making similar choices and eventually, and annoyingly, your character ends
up dying and you have to start over again.
This diagram is the same. You start at the top and weave your way downwards through what
is a complex asynchronous and event-driven style of architecture. You often get to make a
choice - should you follow the fail event or the complete event? As with the books, all
paths eventually lead to the (SNMP) trap on the left of the diagram.
The diagram is complex, its trying to show everything and the single colour being used
doesnt help. Removing some information and/or using colour coding to highlight the
different paths through the architecture would help tremendously.
Ineffective sketches
103
Stormtroopers
To pick up on something you may have noticed from previous sketches, I regularly see
diagrams that include unlabelled users/actors. Essentially they are faceless clones.
Ineffective sketches
104
106
Assuming an OO programming language, the way that I like to think about structure is as
follows a software system is made up of a number of containers, which themselves are
made up of a number of components, which in turn are implemented by one or more classes.
Its a simple hierarchy of logical building blocks that can be used to model most software
systems.
Classes: for most of us in an OO world, classes are the smallest building blocks of our
software systems.
Components: a component can be thought of as a logical grouping of one or more
classes. For example, an audit component or an authentication service that is used
by other components to determine whether access is permitted to a specific resource.
Components are typically made up of a number of collaborating classes, all sitting
behind a higher level contract.
Containers: a container represents something in which components are executed or
where data resides. This could be anything from a web or application server through
to a rich client application or database. Containers are typically executables that are
started as a part of the overall system, but they dont have to be separate processes in
their own right. For example, I treat each Java EE web application or .NET website as
a separate container regardless of whether they are running in the same physical web
server process. The key thing about understanding a software system from a containers
107
108
a prescriptive standard. The goal here is to help teams communicate their software designs
in an effective and efficient way rather than creating another comprehensive modelling
notation.
UML provides both a common set of abstractions and a common notation to describe them,
but I rarely find teams who use either effectively. Id rather see teams able to discuss their
software systems with a common set of abstractions in mind rather than struggling to
understand what the various notational elements are trying to show. For me, a common
set of abstractions is more important than a common notation.
Most maps are a great example of this principle in action. They all tend to show roads,
rivers, lakes, forests, towns, churches, etc but they often use different notation in terms of
colour-coding, line styles, iconography, etc. The key to understanding them is exactly that
- a key/legend tucked away in a corner somewhere. We can do the same with our software
architecture diagrams.
Its worth reiterating that informal boxes and lines sketches provide flexibility at the expense
of diagram consistency because youre creating your own notation rather than using a
standard like UML. My advice here is to be conscious of colour-coding, line style, shapes,
etc and let a consistent notation evolve naturally within your team. Including a simple
key/legend on each diagram to explain the notation will help. Oh, and if naming really is
the hardest thing in software development, try to avoid a diagram that is simply a collection
of labelled boxes. Annotating those boxes with responsibilities helps to avoid ambiguity while
providing a nice at a glance view.
109
requires little ongoing effort to keep those diagrams up to date. You never know, people might
even understand them too.
Intent
A context diagram helps you to answer the following questions.
1. What is the software system that we are building (or have built)?
2. Who is using it?
3. How does it fit in with the existing IT environment?
Structure
Draw a simple block diagram showing your system as a box in the centre, surrounded by its
users and the other systems that it interfaces with. For example, if you were diagramming
a solution to the financial risk system, you would draw the following sort of diagram.
Detail isnt important here as its your wide angle view showing a big picture of the system
landscape. The focus should be on people and systems rather than technologies and protocols.
111
Context diagram
Example context diagrams for the financial risk system (see appendix)
These example diagrams show the risk system sitting in the centre, surrounded by its users
and the other IT systems that the risk system has a dependency on.
IT systems
Depending on the environment and chosen solution, the other IT systems you might want
to show on a context diagram for the risk system include:
Context diagram
112
Microsoft SharePoint or another content/document management system (for distributing the reports)
Microsoft Exchange (for sending e-mails to users)
Interactions
Its useful to annotate the interactions (user <-> system, system <-> system, etc) with some
information about the purpose rather than simply having a diagram with a collection of boxes
and ambiguous lines connecting everything together. For example, when Im annotating user
to system interactions, Ill often include a short bulleted list of the important use cases/user
stories to summarise how that particular type of user interacts with the system.
Motivation
You might ask what the point of such a simple diagram is. Heres why its useful:
It makes the context explicit so that there are no assumptions.
It shows what is being added (from a high-level) to an existing IT environment.
Its a high-level diagram that technical and non-technical people can use as a starting
point for discussions.
It provides a starting point for identifying who you potentially need to go and talk to
as far as understanding inter-system interfaces is concerned.
A context diagram doesnt show much detail but it does help to set the scene and is a starting
point for other diagrams. Finally, a context diagram should only take a couple of minutes to
draw, so there really is no excuse not to do it.
Audience
Technical and non-technical people, inside and outside of the immediate software
development team.
Context diagram
113
Example
Lets look at an example. The techtribes.je website provides a way to find people, tribes
(businesses, communities, interest groups, etc) and content related to the tech, IT and digital
sector in Jersey and Guernsey, the two largest of the Channel Islands. At the most basic level,
its a content aggregator for local tweets, news, blog posts, events, talks, jobs and more. Heres
a context diagram that provides a visual summary of this.
Again, detail isnt important here as this is your zoomed out view. The focus should be on
Context diagram
114
people (actors, roles, personas, etc) and software systems rather than technologies, protocols
and other low-level details.
Intent
A container diagram helps you answer the following questions.
1.
2.
3.
4.
5.
Structure
Draw a simple block diagram showing your key technology choices. For example, if you were
diagramming a solution to the financial risk system, depending on your solution, you would
draw the following sort of diagram.
Container diagram
116
Example container diagrams for the financial risk system (see appendix)
These example diagrams show the various web servers, application servers, standalone
applications, databases, file systems, etc that make up the risk system. To enrich the diagram,
often its useful to include some of the concepts from the context diagram diagram, such as
users and the other IT systems that the risk system has a dependency on.
Containers
By containers, I mean the logical executables, applications or processes that make up your
software system; such as:
Web servers and applications (e.g. Apache HTTP Server, Apache Tomcat, Microsoft
IIS, WEBrick, etc)
Application servers (e.g. IBM WebSphere, BEA/Oracle WebLogic, JBoss AS, etc)
Enterprise service buses and business process orchestration engines (e.g. Oracle Fusion
middleware, etc)
SQL databases (e.g. Oracle, Sybase, Microsoft SQL Server, MySQL, PostgreSQL, etc)
NoSQL databases (e.g. MongoDB, CouchDB, RavenDB, Redis, Neo4j, etc)
If multiple Java EE web applications or .NET websites are part of the same software system, they are usually executed
in separate classloaders or AppDomains so I show them as separate containers because they are independent and require
inter-process communication (e.g. remote method invocation, SOAP, REST, etc) to collaborate.
Container diagram
117
Interactions
Typically, inter-container communication is inter-process communication. Its very useful to
explicitly identify this and summarise how these interfaces will work. As with any diagram,
its useful to annotate the interactions rather than simply having a diagram with a collection
of boxes and ambiguous lines connecting everything together. Useful information to add
includes:
The purpose of the interaction (e.g. reads/writes data from, sends reports to, etc).
Communication method (e.g. Web Services, REST, Java Remote Method Invocation,
Windows Communication Foundation, Java Message Service).
Communication style (e.g. synchronous, asynchronous, batched, two-phase commit,
etc)
Protocols and port numbers (e.g. HTTP, HTTPS, SOAP/HTTP, SMTP, FTP, RMI/IIOP,
etc).
Container diagram
118
System boundary
If you do choose to include users and IT systems that are outside the scope of what youre
building, it can be a good idea to draw a box around the appropriate containers to explicitly
demarcate the system boundary. The system boundary corresponds to the single box that
would appear on a context diagram (e.g. Risk System).
Motivation
Where a context diagram shows your software system as a single box, a container diagram
opens this box up to show whats inside it. This is useful because:
It makes the high-level technology choices explicit.
It shows where there are relationships between containers and how they communicate.
It provides a framework in which to place components (i.e. so that all components have
a home).
It provides the often missing link between a very high-level context diagram and (what
is usually) a very cluttered component diagram showing all of the logical components
that make up the entire software system.
As with a context diagram, this should only take a couple of minutes to draw, so there really
is no excuse not to do it either.
Audience
Technical people inside and outside of the immediate software development team;
including everybody from software developers through to operational and support
staff.
Example
The following diagram shows the logical containers that make up the techtribes.je website.
Container diagram
119
Put simply, techtribes.je is made up of an Apache Tomcat web server that provides users with
information, and that information is kept up to date by a standalone content updater process.
All data is stored either in a MySQL database, a MongoDB database or the file system. Its
worth pointing out that this diagram says nothing about the number of physical instances
of each container. For example, there could be a farm of web servers running against a
MongoDB cluster, but this diagram doesnt show that level of information. Instead, I show
physical instances, failover, clustering, etc on a separate deployment diagram. The containers
diagram shows the high-level shape of the software architecture and how responsibilities are
Container diagram
120
distributed across it. It also shows the major technology choices and how the containers
communicate with one another. Its a simple, high-level technology focussed diagram that is
useful for software developers and support/operations staff alike.
Intent
A component diagram helps you answer the following questions.
1. What components/services is the system made up of?
2. It is clear how the system works at a high-level?
3. Do all components/services have a home (i.e. reside in a container)?
Structure
Whenever people are asked to draw architecture diagrams, they usually end up drawing
diagrams that show the logical components that make up their software system. That is
basically what this diagram is about, except we only want to see the components that reside
within a single container at a time. Here are some examples of component diagrams if you
were designing a solution to the financial risk system.
Component diagram
122
Example component diagrams for the financial risk system (see appendix)
Whenever I draw a component diagram, it typically only shows the components that reside
within a single container. This is by no means a rule though and, for small software systems,
often you can show all of the components across all of the containers on a single diagram. If
that diagram starts to become too cluttered, maybe its time to break it apart.
Components
If you were designing a solution to the financial risk system, you might include components
like:
Component diagram
123
These components are the coarse-grained building blocks of your system and you should
be able to understand how a use case/user story/feature can be implemented across one or
more of these components. If you can do this, then youve most likely captured everything.
If, for example, you have a requirement to audit system access but you dont have an audit
component or responsibilities, then perhaps youve missed something.
For each of the components drawn on the diagram, you could specify:
Name: The name of the component (e.g. Risk calculator, Audit component, etc).
Technology: The technology choice for the component (e.g. Plain Old [Java|C#|Ruby|etc]
Object, Enterprise JavaBean, Windows Communication Foundation service, etc).
Responsibilities: A very high-level statement of the components responsibilities (e.g.
either important operation names or a brief sentence describing the responsibilities).
Interactions
To reiterate the same advice given for other types of diagram, its useful to annotate the
interactions between components rather than simply having a diagram with a collection
of boxes and ambiguous lines connecting them all together. Useful information to add the
diagram includes:
The purpose of the interaction (e.g. uses, persists trade data through, etc)
Communication style (e.g. synchronous, asynchronous, batched, two-phase commit,
etc)
Motivation
Decomposing your software system into a number of components is software design at a
slightly higher level of abstraction than classes and the code itself. An audit component might
be implemented using a single class backing onto a logging framework (e.g. log4j, log4net,
etc) but treating it as a distinct component lets you also see it for what it is, which is a key
building block of your architecture. Working at this level is an excellent way to understand
how your system will be internally structured, where reuse opportunities can be realised,
where you have dependencies between components, where you have dependencies between
components and containers, and so on. Breaking down the overall problem into a number of
separate parts also provides you with a basis to get started with some high-level estimation,
which is great if youve ever been asked for ballpark estimates for a new project.
Component diagram
124
A component diagram shows the logical components that reside inside each of the containers.
This is useful because:
It shows the high-level decomposition of your software system into components with
distinct responsibilities.
It shows where there are relationships and dependencies between components.
It provides a framework for high-level software development estimates and how the
delivery can be broken down.
Designing a software system at this level of abstraction is something that can be done in a
number of hours or days rather than weeks or months. It also sets you up for designing/coding
at the class and interface level without worrying about the overall high-level structure.
Audience
Technical people within the software development team.
Example
As illustrated by the container diagram, techtribes.je includes a standalone process that pulls
in content from Twitter, GitHub and blogs. The following diagram shows the high-level
internal structure of the content updater in terms of components.
Component diagram
125
This diagram shows how the content updater is divided into components, what each of those
components are, their responsibilities and the technology/implementation details.
The Logging Component is used by everything, but I didnt want to draw the lines to it from
every component because the resulting diagram looks very cluttered. Instead, Ive used an
asterisk to denote this.
Shneidermans mantra
127
129
Asking people why their diagrams dont show any technology decisions results in a number
of different responses:
the [financial risk system] solution is simple and can be built with any technology.
we dont want to force a solution on developers.
its an implementation detail.
we follow the last responsible moment principle.
130
be conceptual in nature.
One of the reasons that software architecture has a bad reputation is because of the stereotype
of ivory tower architects drawing very high-level pictures to describe their grandiose visions.
Im sure youve seen examples of diagrams with a big box labelled Enterprise Service
Bus connected to a cloud, or perhaps diagrams showing a functional decomposition with
absolutely no consideration as to whether the vision is implementable. If you truly believe
that software architecture diagrams should be fluffy and conceptual in nature, my advice is
to hire people that dont know about technology. That should do the trick.
Back to the real world, I like to see software architecture have a grounding in reality and
technology choice shouldnt be an implementation detail. One way to ensure that technology
is considered is to simply show the technology choices by including them on software
architecture diagrams.
131
As for technology decisions cluttering the diagrams, there are a number of strategies for
dealing with this concern, including the use of a container diagram to separately show the
major technology decisions.
Technology choices can help bring an otherwise ideal and conceptual software design back
down to earth so that it is grounded in reality once again, while communicating the entirety
of the big picture rather than just a part of it. Oh, and of course, the other side effect of
adding technology choices to diagrams, particularly during the software design process, is
that it helps to ensure the right people are drawing them.
Shared components
Imagine that youre designing a 3-tier software system that makes use of a web server, an
application server and a database. While thinking about the high-level components that
reside in each of these containers, its not uncommon to hear a conversation like this:
Attendee: Should we draw the logging component outside of the web server and the
application server, since its used by both?
Me: Would you code it that way? Will the logging component be running outside of
both the web server and application server? For example, will it really be a separate
standalone process?
Attendee: Well no, it would probably be a shared component in a [JAR file|DLL|etc]
that we would deploy to both servers.
Me: Great, then lets draw it like that too. Include the logging component inside
of each server and label it as a shared component with an annotation, stereotype or
symbol.
If youre going to implement something like a shared logging component that will be
deployed to a number of different servers, make sure that your diagram reflects this rather
than potentially confusing people by including something that might be mistaken for a
separate centralised logging server. If in doubt, always ask yourself how you would code
it.
133
Layering strategies
Imagine youre designing a web application that is internally split up into a UI layer, a services
layer and a data access layer.
Attendee: Should we show that all communication to the database from the UI goes
through the services layer?
Me: Is that how youre going to implement it? Or will the UI access the database
directly?
Attendee: We were thinking of perhaps adopting the CQRS pattern, so the UI could
bypass the services layer and use the data access layer directly.
Me: In that case, draw the diagram as youve just explained, with lines from the UI to
both the services and data access layers. Annotate the lines to indicate the intent and
rationale.
Again, the simple way to answer this type of question is to understand how you would code
it.
135
most enterprise object-oriented systems. Abstractions help us to reason about a big and/or
complex software system.
136
This all sounds very sensible and relatively easy to do but, in my experience, I rarely see
teams doing this. Instead we do something different.
Package by layer
Lets assume that were building a web application based upon the Web-MVC pattern.
There are a number of ways that we can organise our source code. Packaging code by
layer is typically the default approach because, after all, thats what the books, tutorials and
framework samples tell us to do. If you do a search on the web for tutorials related to Spring
MVC or ASP.NET MVC, for example, youll likely see this in the example code used. I spent
most of my career building software systems in Java and I too used the same packaging
approach for the majority of the codebases that I worked on.
Here were organising code by grouping things of the same type. In other words, youll have
a package for domain classes, one for web controllers/views, one for business services, one
for data access, another for integration points and so on. Im using the Java terminology of
a package here, but the same is applicable to namespaces in C#, etc.
Layers are the primary organisation mechanism for the code. Terms such as separation of
concerns are thrown around to justify this approach and layered architectures are generally
thought of as a good thing. Need to switch out the data access mechanism? No problem,
everything is in one place. Each layer can also be tested in isolation to the others around
137
it, using appropriate mocking techniques, etc. The problem with layered architectures is that
they often turn into a big ball of mud because, in Java anyway, you need to mark your classes
as public for much of this to work. And once you mark classes as public, without discipline,
code in any other layer of your architecture can use them.
Organising a codebase by layer makes it easy to see the overall structure of the software but
there are trade-offs. For example, you need to delve inside multiple layers (e.g. packages,
namespaces, etc) in order to make a change to a feature or user story. Also, many codebases
end up looking eerily similar given the fairly standard approach to layering within enterprise
systems. In Screaming Architecture, Uncle Bob Martin says that if youre looking at a
codebase, it should scream something about the business domain. I think the same should be
said for a software architecture diagram.
Package by feature
Packaging by layer isnt the only answer though and, instead of organising code by horizontal
slice, package by feature seeks to do the opposite by organising code by vertical slice.
Now everything related to a single feature (or feature set) resides in a single place. You can
still have a layered architecture, but the layers reside inside the feature packages. In other
words, layering is the secondary organisation mechanism. The often cited benefit to package
138
by feature is that its easier to navigate the codebase when you want to make a change to a
feature, but this is a minor thing given the power of modern IDEs.
What you can do now though is hide feature specific classes and keep them out of sight from
the rest of the codebase by marking them as package protected. The big question though
is what happens when that new feature set C needs to access data from features A and B?
Again, in Java, youll need to start making classes publicly accessible from outside of the
packages and the big ball of mud will likely again emerge.
139
For my initial implementation, Id taken a package by layer approach and broken my tweet
component down into a separate service and data access object. This is a great example
of where the code doesnt quite reflect the architecture - the tweet component is a single
box on an architecture diagram but implemented as a collection of classes across a layered
architecture when you look at the code. Imagine having a large, complex codebase where
the architecture diagrams tell a different story from the code. The easy way to fix this is to
simply redraw the component diagram to show that its really a layered architecture made
up of services collaborating with data access objects. The result is a much more complex
diagram but it also feels like that diagram is starting to show too much detail.
Packaging by component
The other option is to change the code to match the architectural vision and intent. And
thats what I did. I reorganised the code to be packaged by component rather than packaged
by layer. In essence, I merged the services and data access objects together into a single
package so that I was left with a public interface and a package protected implementation.
This is a hybrid approach with increased modularity and an architecturally-evident coding
style as the primary goals.
140
The basic premise here is that I want my codebase to be made up of a number of coarsegrained components, with some sort of presentation layer (web UI, desktop UI, API,
standalone app, etc) built on top. A component in this sense is a combination of the business
and data access logic related to a specific thing (e.g. domain concept, bounded context or
aggregate from Domain-Driven Design, etc).
If a new feature set C needs to access data related to A and B, it is forced to go through the
public interface of components A and B. No direct access to the data access layer is allowed,
and you can enforce this if you use Javas access modifiers properly. Again, architectural
layering is a secondary organisation mechanism. For this to work, you have to stop using
the public keyword by default.
Heres what the restructured TweetComponent looks like.
141
142
from the architecture to the code can help even further, particularly when you start looking
at collaborative design and collective code ownership. Furthermore, it helps bring software
architecture firmly back into the domain of the development team, which is ultimately where
it belongs. Dont forget though, the style of architecture youre using needs to be reflected
on your software architecture diagrams; whether thats layers, components, microservices or
something else entirely.
Designing a software system based around components isnt the one true way but if you
are building monolithic software systems and think of them as being made up of a number
of smaller components, ensure that your codebase reflects this. Consider organising your
code by component (rather than by layer or feature) to make the mapping between software
architecture and code explicit. If its hard to explain the structure of your software system,
change it.
144
This diagram shows all of the classes/interfaces and all of the relationships between them. The
properties and methods are hidden from view because they add too much noise to the picture.
This isnt a complex codebase by any stretch of the imagination, but the diagram is showing
too much detail. Lets remove those classes that arent relevant to having an architecture
discussion about the system. In other words, lets only try to show those classes that have
some structural significance. In concrete terms, this means excluding the model (domain)
and util classes.
145
After a little rearranging, this diagram is much better and we now have a simpler diagram
with which to reason about the software architecture. We can also see the architectural layers.
However, in order to show the true picture of the dependencies, Ive needed to show the
interface and implementation classes for the service and repositories. What I would like to be
able to do here is treat the ClinicService and each of the *Repository things as a component,
by collapsing the interface and implementation classes together on the diagram.
This isnt what most diagramming tools do though and it shouldnt really come as a surprise,
since those diagramming tools also suffer from the model-code gap. Like us, those tools see
classes and interfaces in packages/namespaces when looking at the code. Some tools can be
given rules to recognise architectural constructs (e.g. layers) in order to perform structural
validation, but this shouldnt be necessary. Ideally, everything we need to understand the
software system from an architectural perspective should be in the code.
146
1. System context
My starting point for describing a software system is to draw a system context diagram. This
shows the system in question along with the key types of user (e.g. actors, roles, personas, etc)
and system dependencies. Is it possible to get this information from the code? The answer is,
not really.
Users: I should be able to get a list of user roles from the code. For example, many
software systems will have some security configuration that describes the various
user roles, Active Directory groups, etc and the parts of the system that such users
have access too. The implementation details will differ from codebase to codebase and
technology to technology, but in theory this information is available somewhere in
the absence of an explicit list of user types.
System dependencies: The list of system dependencies is a little harder to extract from
a codebase. Again, we can scrape security configuration to identify links to systems
such as LDAP and Active Directory. We could also search the codebase for links to
known libraries, APIs and service endpoints (e.g. URLs), and make the assumption
that these are system dependencies. But what about those system interactions that
are done by copying a file to a network share? I know this sounds archaic, but it still
happens. Understanding inbound dependencies is also tricky.
2. Containers
The next level in my C4 model is a container diagram that shows the various web
applications, mobile apps, databases, file systems, standalone applications, etc and how they
interact to form the overall software system. Again, some of this information will be present,
in one form or another, in the codebase. For example, you could scrape this information from:
IDE project files: Information about executable artifacts (and therefore containers)
could in theory be extracted from IntelliJ IDEA project files, Microsoft Visual Studio
solution files, Eclipse workspaces, etc.
Build scripts: Automated build scripts (e.g. Ant, Maven, Gradle, MSBuild, etc)
typically generate executable artifacts or have module definitions that can again be
used to identify containers.
Infrastructure provisioning and deployment scripts: Infrastructure provisioning
and deployment scripts (e.g. Puppet, Chef, Vagrant, Docker, etc) will probably result
in deployable units, which can again be identified and this information used to create
the containers model.
147
Extracting information from such sources is useful if you have a microservices architecture
with hundreds of separate containers but, if you simply have a web application talking to a
database, it may be easier to explicitly define this rather than going to the effort of scraping
it from the code.
3. Components
The third level of the C4 model is a component diagram. Since even a relatively small software
system may consist of a large number of components, this is a level that we certainly want to
automate. But it turns out that even this is tricky. Usually theres a lack of an architecturallyevident coding style, which means you get a conflict between the software architecture model
and the code. This is particularly true in older systems where the codebase lacks modularity
and looks like a sea of thousands of classes interacting with one another. Assuming that there
is some structure to the code, components can be extracted using a number of different
approaches, depending on the codebase and the degree to which an architecturally-evident
coding style has been adopted:
Metadata: The simplest approach is to annotate the architecturally significant elements in the codebase and extract them automatically. Examples include finding Java
classes with specific annotations or C# classes with specific attributes. These could
be your own annotations or those provided by a framework such as Spring (e.g.
@Controller, @Service, @Repository, etc), Java EE (e.g. @EJB, @MessageDriven, etc)
and so on.
Naming conventions: If no metadata is present in the code, often a naming convention
will have been consciously or unconsciously adopted that can assist with finding those
architecturally significant code elements. For example, finding all classes where the
name matches xxxService or xxxRepository may do the trick.
Packaging conventions: Alternatively, perhaps each sub-package or sub-namespace
(e.g. com.mycompany.myapp.components.xxx) represents a component.
Module systems: If a module system is being used (e.g. OSGi), perhaps each of the
module bundles represents a component.
Build scripts: Similarly, build scripts often create separate modules/JARs/DLLs from
a single codebase and perhaps each of these represents a component.
148
information about the software architecture to be able to do this effectively. This is true both
at the big picture level (context and containers) and the lower level (components). One
solution to this problem is to enrich the information that we can get from the code, with that
which we cant get from the code.
There have been a number of attempts to create Architecture Definition Languages (ADLs)
that can be used to formally define the architecture of a software system, although my
experience suggests these are rarely used in real-world projects. There are a number of
reasons for this, ranging from typical real-world time and budget pressures through to the
lack of perceived benefit from creating an academic description of a software system that
isnt reflective of the source code. Unless youre building software in a safety critical or
regulated environment, the Agile Manifesto statement of valuing working software over
comprehensive documentation holds true.
In my own attempt to solve this problem, Ive created something that I call Structurizr. Put
simply, its a way to create a software architecture model as code, and then have that model
visualised by some simple tooling. The goal is to allow people to create simple, versionable,
up-to-date and scalable software architecture models.
Stepping down a level of abstraction to the containers diagram, the Spring PetClinic system is
made up of a Java web application that uses a database to store data. Again, we can represent
this in code as follows. Ive made some assumptions about the technology stack the system
is deployed on here.
1
2
3
4
5
6
7
149
At the next level of abstraction, we need to open up the web application to see the components
inside it. Although we couldnt really get the two previous levels of abstraction from the
codebase easily, we can get the components. All we need to do is understand what a
component means in the context of this codebase. We can then use this information to
help us find and extract them in order to populate the software architecture model.
Spring MVC uses Java annotations (@Controller, @Service and @Repository) to mark classes
as being web controllers, services and repositories respectively. Assuming that we consider
these to be our architecturally significant code elements, its then a simple job of extracting
these annotated classes (Spring Beans) from the codebase.
1
2
3
4
5
6
1
2
3
4
5
6
7
150
webApplication.getComponents().stream()
.filter(c -> c.getTechnology().equals("Spring Controller"))
.forEach(c -> user.uses(c, "Uses"));
webApplication.getComponents().stream()
.filter(c -> c.getTechnology().equals("Spring Repository"))
.forEach(c -> c.uses(relationalDatabase, "Reads from and writes to"));
With the software architecture model in place, we now need to create some views with which
to visualise the model. Again, we can do this using code. First the context diagram, which
includes all people and all software systems.
1
2
3
4
5
There are a few minor details omitted here for brevity, but thats essentially all the code you
need to create a software architecture model and views for this sample codebase. The full
source code for this example can be found on the Structurizr for Java repository.
151
structurizr.com is the other half of the story. Its a web application that takes a software
architecture model (via an API) and provides a way to visualise it.
1
2
3
Aside from changing the colour, size and position of the boxes, the graphical representation is
relatively fixed. This in turn frees you up from messing around with creating static diagrams
in drawing tools. The result of visualising the Spring PetClinic model, after moving the boxes
around, is something like the following. Heres the context diagram.
152
153
The live version of the diagrams can be found at structurizr.com and they allow you to
double-click a component on the component diagram in order to navigate directly to the
code that is hosted on GitHub.
Its worth pointing out that structurizr.com is my vision of what I want from a simple
software architecture diagramming tool, but youre free to take the output from the open
source library and create your own tooling to visualise the model. This could include
exporting it to DOT format (for importing into something like Graphviz), XMI format (for
154
156
157
The tools surrounding UML allow it to be used in a number of ways, including fully fledged
comprehensive models with their associated repositories through to diagrams that are reverse
engineered from existing code. UML can also be used as a simple diagramming notation,
either sketched on a whiteboard or within tools such as Microsoft Visio or OmniGraffle that
have installable UML templates. Heres a summary of what I use UML for:
Processes and workflows: If Im building software that automates a process or is very
workflow based, Ill often draw a simple UML activity diagram to represent it. UML
activity diagrams seem to be ignored by many people but I find that the simple flow
chart style of notation works well for a broad range of audiences.
Runtime behaviour: My C4 approach is really only focussed on visualising the static
structure of a software system, but often its useful to present the system from a
runtime perspective. UML sequence and collaboration diagrams are usually used to
show how a number of classes collaborate at runtime to implement a particular user
story, use case, feature, etc. These diagrams are still very useful even if youre not
doing design down to the class level. Instead of showing a collection of collaborating
classes, you can show collaborating containers or components instead.
Domain model: Ill use a UML class diagram if I want to visualise a domain model,
with the resulting diagrams typically only showing the most important attributes and
relationships. I usually hide the method compartment of all classes on such diagrams.
Patterns and principles: Ill often need to explain how patterns or principles are
implemented within the codebase (e.g. in the Code section of a software guidebook),
and a UML class diagram is the obvious way to do this. My advice here is keep the
diagram simple and dont feel pressured into showing every last tiny piece of detail.
State charts: UML state diagrams are a great way to visualise a state machine and the
notation is fairly straightforward. Again, I find that people tend to forget UML state
diagrams exist.
Deployment: A UML deployment diagram can be a useful way to show how your
containers or components are deployed. Often such a diagram is better presented as
an informal boxes and lines diagram, but the option is there.
158
youre confident that you understand how to approach software architecture and design,
only then is it time to start looking at software tools to help improve the design process.
The use of UML doesnt need to be an adopt all or nothing choice. A few well placed UML
diagrams can really help you to present the more complex and detailed elements of a software
system. If youre unfamiliar with UML, perhaps now is a good opportunity to make yourself
aware of the various diagrams that are available. You dont need UML tools to do architecture
and design, but they do have their uses. You dont need to use every type of diagram though!
Titles
The first thing that can really help people to understand a diagram is including a title. If youre
using UML, the diagram elements will provide some information as to what the context of
the diagram is, but that doesnt really help if you have a collection of diagrams that are all
just boxes and lines. Try to make the titles short and meaningful. If the diagrams should be
read in a specific order, make sure this is clear by numbering them.
Labels
Youre likely to have a number of labels on your diagrams; including names of software
systems, components, etc. Where possible, avoid using acronyms and if you do need to use
acronyms for brevity, ensure that they are documented in a project glossary or with a key
somewhere on the diagram. While the regular project team members might have an intimate
understanding of common project acronyms, people outside or new to the project probably
wont.
The exceptions here are acronyms used to describe technology choices, particularly if they are
used widely across the industry. Examples include things like JMS (Java Message Service),
POJO (plain old Java object) and WCF (Windows Communication Foundation). Let your
specific context guide whether you need to explain these acronyms and if in doubt, play it
safe and use the full name or include a key.
Effective sketches
160
Shapes
Most boxes and lines style sketches that Ive seen arent just boxes and lines, with teams using
a variety of shapes to represent elements within their software architecture. For example,
youll often see cylinders on a diagram and many people will interpret them to be a database
of some description. Make sure that you include an explanation to confirm whether this is
the case or not.
Responsibilities
If naming is one of the hardest things in software development, resist the temptation to have a
diagram full of boxes that only contain names. A really simple way to add an additional layer
of information to, and remove any ambiguity from, an architecture diagram is to annotate
things like systems and components with a very short statement of what their responsibilities
are. A bulleted list (7 2 items) or a short sentence work well. Provided its kept short (and
using a smaller font for this information can help too), adding responsibilities onto diagrams
can help provide a really useful at a glance view of what the software system does and how
its been structured. Take a look at the following diagrams - which do you prefer?
161
Effective sketches
Lines
Lines are an important part of most architecture sketches, acting as the glue that holds all
of the boxes (systems, containers, components, etc) together. The big problem with lines
is exactly this though, they tend to be thought of as the things that hold the other, more
significant elements of the diagram together and dont get much focus themselves. Whenever
youre drawing lines on sketches, ensure you use them consistently and that they have a clear
purpose. For example:
Line style (solid, dotted, dashed, etc): Is the line style relevant and, if so, what does it
mean?
Arrows: Do arrows point in the direction of dependencies (e.g. like UML uses
relationships) or do they indicate the direction in which data normally flows?
Effective sketches
162
Often annotations on the lines (e.g. uses, sends data to, downloads report from, etc) can
help to clarify the direction in which arrows are pointing, but watch out for any lines that
have arrows on both ends!
Colour
Software architecture diagrams dont have to be black and white. Colour can be used to
provide differentiation between diagram elements or to ensure that emphasis is/isnt placed
on them. If youre going to use colour, and I recommend that you should, particularly when
sketching, make sure that its obvious what your colour coding scheme is by including a
reference to those colours in a key. Colour can make a world of difference. All you need are
some different coloured whiteboard/marker pens and a little imagination.
Borders
Adding borders (e.g. double lines, coloured lines, dashed lines, etc) around diagram elements
can be a great way to add emphasis or to group related elements together. If you do this, make
sure that its obvious what the border means, either by labelling the border or by including
an explanation in the diagram key.
Layout
Using electronic drawing tools such as Microsoft Visio or OmniGraffle makes laying out
diagram elements easier since you can move them around as much as you want. Many
people prefer to design software while stood in front of a whiteboard or flip chart though,
particularly because it provides a better environment for collaboration. The trade-off here is
that you have to think more about the layout of diagram elements because it can become a
pain if youre having to constantly draw, erase and redraw elements of your diagrams when
you run out of space.
Effective sketches
163
Examples of where sticky notes and index cards have been used instead of drawing boxes
Sticky notes and index cards can help to give you some flexibility if you use them as a
substitute for drawing boxes. And if youre using a Class-Responsibility-Collaboration style
technique to identify candidate classes/components/services, you can use the resulting cards
as a way to start creating your diagrams.
Need to move some elements? No problem, just move them. Need to remove some elements?
No problem, just take them off the diagram and throw them away. Sticky notes and index
cards can be a great way to get started with software architecture sketches, but I do tend to
find that the resulting diagrams look cluttered. Oh, and sticky notes often dont stick well to
whiteboards, so have some blu-tack handy!
Orientation
Imagine youre designing a 3-tier web application that consists of a web-tier, a middle-tier
and a database. If youre drawing a container diagram, which way up do you draw it? Users
and web-tier at the top with the database at the bottom? The other way up? Or perhaps you
lay out the elements from left to right?
Most of the architecture diagrams that I see have the users and web-tier at the top, but this
isnt always the case. Sometimes those same diagrams will be presented upside-down or backto-front, perhaps illustrating the authors (potentially subconscious) view that the database
Effective sketches
164
is the centre of their universe. Although there is no correct orientation, drawing diagrams
upside-down from what we might consider the norm can either be confusing or used to
great effect. The choice is yours.
Keys
One of the advantages of using UML is that it provides a standardised set of diagram elements
for each type of diagram. In theory, if somebody is familiar with these elements, they should
be able to understand your diagram. In the real world this isnt always the case, but this
certainly isnt the case with boxes and lines sketches where the people drawing the diagrams
are inventing the notation as they go along. Again, theres nothing wrong with this but make
sure that you give everybody an equal chance of understanding your creations by including
a small key somewhere on or nearby the diagram. Here are the sort of things that you might
want to include explanations of:
Shapes
Lines
Colours
Borders
Acronyms
You can sometimes interpret the use of diagram elements without a key (e.g. the grey boxes
seem to be the existing systems and red is the new stuff) but I would recommend playing
it safe and adding a key. Even the seemingly obvious can be misinterpreted by people with
different backgrounds and experience.
Effective sketches
165
2. I understand the big picture; including who is going to use the system (e.g. roles,
personas, etc) and what the dependencies are on the existing IT environment (e.g.
existing systems).
3. I understand the logical containers and the high-level technology choices that have
been made (e.g. web servers, databases, etc).
4. I understand what the major components are and how they are used to satisfy the
important user stories/use cases/features/etc.
5. I understand what all of the components are, what their responsibilities are and can
see that all components have a home.
6. I understand the notation, conventions, colour coding, etc used on the diagrams.
7. I can see the traceability between diagrams and diagramming elements have been used
consistently.
8. I understand what the business domain is and can see a high-level view of the
functionality that the software system provides.
9. I understand the implementation strategy (frameworks, libraries, APIs, etc) and can
almost visualise how the system will be or has been implemented.
45. C4++
The C4 model focusses on describing and communicating the static structure of a software
system; from the big picture down to the components and the classes that implement them.
Although this is often sufficient to describe a software system, sometimes it can be useful to
draw some additional diagrams to highlight different aspects.
Enterprise context
The C4 model provides a static view of a single software system but, in the real-world,
software systems never live in isolation. For this reason, and particularly if you manage
a collection of software systems, its often useful to understand how all of these software
systems fit together within the bounds of an enterprise. To do this, Ill simply add another
diagram that sits on top of the C4 diagrams, to show the enterprise context from an IT
perspective. C4 therefore becomes C5, with this extra enterprise context diagram showing:
The organisational boundary.
Internal and external users.
Internal and external systems (including a high-level summary of their responsibilities
and data owned).
Essentially this becomes a high-level map of the software systems at the enterprise level,
with a C4 drill-down for each software system of interest. As a caveat, I do appreciate
that enterprise architecture isnt simply about technology but, in my experience, many
organisations dont have an enterprise architecture view of their IT landscape. In fact, it
shocks me how often I come across organisations of all sizes that lack such a holistic view,
especially considering IT is usually a key part of the way they implement business processes
and service customers. Sketching out the enterprise context from a technology perspective
at least provides a way to think outside of the typical silos that form around IT systems.
C4++
167
Domain model
Most real-world software systems represent business domains that are non-trivial and, if
this is the case, a diagram summarising the key domain concepts can be a useful addition.
The format I use for these is a UML class diagram where each UML class represents an
entity in the domain. For each entity, Ill typically include important attributes/properties
and the relationships between entities. A domain model is useful regardless of whether youre
following a Domain-driven design approach or not.
Infrastructure model
A map of your infrastructure can be a useful thing to capture because of the obvious
relationship between software and infrastructure. There are a number of ways to describe
infrastructure, ranging from infrastructure diagrams in Microsoft Visio through to automated
scripts that manage and provision infrastructure on a cloud provider.
C4++
168
Deployment model
Its often useful to describe the mapping between containers and infrastructure. For example,
a database-driven website could be deployed onto a single server or across hundreds of them,
depending on the need to support scalability, resilience, security, etc. Again, the deployment
model could be described as a bunch of automated scripts or a simple deployment diagram.
And more
The diagrams from the C4 model plus those Ive listed here are usually enough for me to
adequately describe how a software system is designed, built and works. I try to keep the
number of diagrams I use to do this to a minimum and I advise you to do the same. Some
diagrams can be automatically generated (e.g. an entity relationship diagram for a database
schema) but if you need an A0 sheet of paper to display it, you should consider whether the
diagram is actually useful. Do add more diagrams if you need to describe something that
isnt listed here and if a particular diagram doesnt add any value, simply discard it.
Philippe Kruchtens 4+1 architectural view model and Software Systems Architecture by
Eoin Woods and Nick Rozanski are my recommended starting points for information about
the views you may want to consider in addition to those provided by the C4 model.
46. C4 - FAQ
Here are some of the questions I frequently get asked by people when they are drawing
architecture diagrams based upon my C4 approach.
C4 - FAQ
170
Answer: For simple systems, yes, thats an option that you can experiment with. I tend to find
that, even on small systems, a single diagram showing containers and their components gets
too cluttered. My personal preference is to keep the container diagram as simple as possible,
and to annotate each of the containers you show on the diagram with a short list of the
responsibilities rather than show all of the components. Not only will this result in a clean
and simple diagram, but it will also provide a nice high-level technology diagram that you
can show to people like operations and support staff.
Shared components
Question: My system is made up of a web server and a standalone application, and both
use a shared database access layer. How should I show this on the diagrams?
Answer: I would draw the shared database access components on each of the appropriate
component diagrams and simply annotate them with a note that says something like this
is shared component. If in doubt, always ask yourself how you would actually code and
deploy the system. If your shared components will be deployed alongside all of the other
components inside a container, just draw the diagram to reflect this.
Utility components
Question: If I have something like a logging component that is used by all of the other
components, how should I show this on the diagrams?
Answer: You have a couple of options, although one tends to lead to much cleaner diagrams.
Option 1 is to draw the logging component somewhere central on the diagram and show
connections from every other component to it. While this is accurate, your diagram will
become cluttered very quickly. Option 2 is to draw the logging component somewhere out
of the way and simply annotate it with a note that says something like this is a utility
component that is used by all other components.
47. Questions
1. Are you able to explain how your software system works at various levels of
abstraction? What concepts and levels of abstraction would you use to do this?
2. Do you use UML to visualise the design of your software? If so, is it effective? If not,
what notation do you use?
3. Are you able to visualise the software system that youre working on? Would
everybody on the team understand the notation that you use and the diagrams that
you draw?
4. Should technology choices be included or omitted from architecture diagrams?
5. Do you understand the software architecture diagrams for your software system (e.g.
on the office wall, a wiki, etc)? If not, what could make them more effective?
6. Do the software architecture diagrams that you have for your software system reflect
the abstractions that are present in the codebase? If not, why not? How can you change
this?
V Documenting software
This part of the book is about that essential topic we love to hate - writing documentation!
If nobody has the time to walk you through the codebase, you can start to make your own
assumptions based upon the limited knowledge you have about the project, the business
174
domain, your expectations of how the team builds software and your knowledge of the
technologies in use.
For example, you might be able to determine something about the overall architecture of the
software system through how the codebase has been broken up into sub-projects, directories,
packages, namespaces, etc. Perhaps there are some naming conventions in use. Even from
the previous static screenshot of Microsoft Visual Studio, we can determine a number of
characteristics about the software, which in this case is an (anonymised) Internet banking
system.
The system has been written in C# on the Microsoft .NET platform.
The overall .NET solution has been broken down into a number of Visual Studio
projects and theres a .NET web application called ib.web, which youd expect since
this is an Internet banking system (ib = Internet Banking).
The system appears to be made up of a number of architectural tiers. Theres ib.web
and ib.middletier, but I dont know if these are physical or logical tiers.
There looks to be a naming convention for projects. For example, ib.middletier.authentication.lib,
ib.middletier.messaging.lib and ib.middletier.bankingsystem.lib are class libraries
that seem to relate to the middle-tier. Are these simply a logical grouping for classes
or something more significant such as higher level components and services?
With some knowledge of the technology, I can see a Service References folder lurking
underneath the ib.web project. These are Windows Communication Foundation
(WCF) service references that, in the case of this example, are essentially web service
clients. The naming of them seems to correspond to the class libraries within the
middle-tier, so I think we actually have a distributed system with a middle-tier that
exposes a number of well-defined services.
How the software system fits into the existing system landscape.
Why the technologies in use were chosen.
The overall structure of the software system.
Where the various components are deployed at runtime and how they communicate.
175
Supplementary information
With any software system, theres another layer of information sitting above the code that
provides answers to these types of questions and more.
176
This type of information is complementary to the code and should be captured somewhere,
for example in lightweight supplementary documentation to describe what the code itself
doesnt. The code tells a story, but it doesnt tell the whole story.
1. Maps
Lets imagine that I teleported you away from where you are now and dropped you in a
quiet, leafy country lane somewhere in the world (picture 1). Where are you and how do
178
you figure out the answer to this question? You could shout for help, but this will only
work if there are other people in the vicinity. Or you could simply start walking until you
recognised something or encountered some civilisation, who you could then ask for help. As
geeks though, we would probably fire up the maps application on our smartphone and use
the GPS to pinpoint our location (picture 2).
The problem with picture 2 is that although it may show our location, were a little too
zoomed in to potentially make sense of it. If we zoom out further, eventually well get to
see that I teleported you to a country lane in Jersey (picture 3).
The next issue is that the satellite imagery is showing a lot of detail, which makes it hard to
see where we are relative to some of the significant features of the island, such as the major
roads and places. To counter this, we can remove the satellite imagery (picture 4). Although
not as detailed, this abstraction allows us to see some of the major structural elements of the
island along with some of the place names, which were perviously getting obscured by the
detail. With our simplified view of the island, we can zoom out further until we get to a big
picture showing exactly where Jersey is in Europe (pictures 5, 6 and 7). All of these images
show the same location from different levels of abstraction, each of which can help you to
answer different questions.
If I were to open up the codebase of a complex software system and highlight a random line
of code, exploring is fun but it would take a while for you to understand where you were
179
and how the code fitted into the software system as a whole. Most integrated development
environments have a way to navigate the code by namespace, package or folder but often
the physical structure of the codebase is different to the logical structure. For example, you
may have many classes that make up a single component, and many of those components
may make up a single deployable unit.
Diagrams can act as maps to help people navigate a complex codebase and this is one of the
most important parts of supplementary software documentation. Ideally there should be a
small number of simple diagrams, each showing a different part of the software system or
level of abstraction. My C4 approach is how I summarise the static structure of a software
system but there are others including the use of UML.
2. Sights
If you ever visit Jersey, and you should because its beautiful, youll probably want a map.
There are visitor maps available at the ports and these present a simplified view of what
Jersey looks like. Essentially the visitor maps are detailed sketches of the island and, rather
than showing every single building, they show an abstract view. Although Jersey is small,
once unfolded, these maps can look daunting if youve not visited before, so what you ideally
need is a list of the major points of interest and sights to see. This is one of the main reasons
that people take a travel guidebook on holiday with them. Regardless of whether its physical
or virtual (e.g. an e-book on your smartphone), the guidebook will undoubtedly list out the
top sights that you should make a visit to.
A codebase is no different. Although we could spend a long time diagramming and describing
every single piece of code, theres really little value in doing that. What we really need
is something that lists out the points of interest so that we can focus our energy on
understanding the major elements of the software without getting bogged down in all of
the detail. Many web applications, for example, are actually fairly boring and rather than
understanding how each of the 200+ pages work, Id rather see the points of interest. These
may include things like the patterns that are used to implement web pages and data access
strategies along with how security and scalability are handled.
180
16th century. As you walk around admiring the architecture, eventually youll reach the
top where it looks like somebody has dumped a large concrete cylinder, which is not in
keeping with the intricate granite stonework generally seen elsewhere around the castle. As
you explore further, youll see signs explaining that the castle was refortified during the
German occupation in the second world war. Here, the history helps explain why the castle
is the way that it is.
Again, a codebase is no different and some knowledge of the history, culture and rationale
can go a long way in helping you understand why a software system has been designed in
the way it was. This is particularly useful for people who are new to an existing team.
4. Practical information
The final thing that travel guidebooks tend to include is practical information. You know, all
the useful bits and pieces about currency, electricity supplies, immigration, local laws, local
customs, how to get around, etc.
If we think about a software system, the practical information might include where the source
code can be found, how to build it, how to deploy it, the principles that the team follow, etc.
Its all of the stuff that can help the development team do their job effectively.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
181
Constraints
Principles
Software Architecture
External Interfaces
Code
Data
Infrastructure Architecture
Deployment
Operation and Support
Decision Log
182
comes highly recommended in this regard. Another approach is to simply rename the sections
to remove any ambiguity.
50. Context
A context section should be one of the first sections of the software guidebook and simply
used to set the scene for the remainder of the document.
Intent
A context section should answer the following types of questions:
Structure
The context section doesnt need to be long; a page or two is sufficient and a context diagram
is a great way to tell most of the story.
Motivation
Ive seen software architecture documents that dont start by setting the scene and, 30 pages
in, youre still none the wiser as to why the software exists and where it fits into the existing
IT environment. A context section doesnt take long to create but can be immensely useful,
especially for those outside of the team.
Audience
Technical and non-technical people, inside and outside of the immediate software development team.
Required
Yes, all software guidebooks should include an initial context section to set the scene.
Intent
This section allows you to summarise what the key functions of the system are. It also allows
you to make an explicit link between the functional aspects of the system (use cases, user
stories, etc) and, if they are significant to the architecture, to explain why. A functional
overview should answer the following types of questions:
Is it clear what the system actually does?
Is it clear which features, functions, use cases, user stories, etc are significant to the
architecture and why?
Is it clear who the important users are (roles, actors, personas, etc) and how the system
caters for their needs?
It is clear that the above has been used to shape and define the architecture?
Alternatively, if your software automates a business process or workflow, a functional view
should answer questions like the following:
Is it clear what the system does from a process perspective?
What are the major processes and flows of information through the system?
Structure
By all means refer to existing documentation if its available; and by this I mean functional
specifications, use case documents or even lists of user stories. However, its often useful
to summarise the business domain and the functionality provided by the system. Again,
diagrams can help, and you could use a UML use case diagram or a collection of simple
Functional Overview
185
wireframes showing the important parts of the user interface. Either way, remember that the
purpose of this section is to provide an overview.
Alternatively, if your software automates a business process or workflow, you could use
a flow chart or UML activity diagram to show the smaller steps within the process and
how they fit together. This is particularly useful to highlight aspects such as parallelism,
concurrency, where processes fork or join, etc.
Motivation
This doesnt necessarily need to be a long section, with diagrams being used to provide
an overview. Where a context section summarises how the software fits into the existing
environment, this section describes what the system actually does. Again, this is about
providing a summary and setting the scene rather than comprehensively describing every
user/system interaction.
Audience
Technical and non-technical people, inside and outside of the immediate software development team.
Required
Yes, all software guidebooks should include a summary of the functionality provided by the
software.
Intent
This section is about summarising the key quality attributes and should answer the following
types of questions:
Is there a clear understanding of the quality attributes that the architecture must
satisfy?
Are the quality attributes SMART (specific, measurable, achievable, relevant and
timely)?
Have quality attributes that are usually taken for granted been explicitly marked as out
of scope if they are not needed? (e.g. user interface elements will only be presented
in English to indicate that multi-language support is not explicitly catered for)
Are any of the quality attributes unrealistic? (e.g. true 24x7 availability is typically
very costly to implement inside many organisations)
In addition, if any of the quality attributes are deemed as architecturally significant and
therefore influence the architecture, why not make a note of them so that you can refer back
to them later in the document.
Structure
Simply listing out each of the quality attributes is a good starting point. Examples include:
Quality Attributes
187
Extensibility
Flexibility
Auditing
Monitoring and management
Reliability
Failover/disaster recovery targets (e.g. manual vs automatic, how long will this take?)
Business continuity
Interoperability
Legal, compliance and regulatory requirements (e.g. data protection act)
Internationalisation (i18n) and localisation (L10n)
Accessibility
Usability
Each quality attribute should be precise, leaving no interpretation to the reader. Examples
where this isnt the case include:
Motivation
If youve been a good software architecture citizen and have proactively considered the
quality attributes, why not write them down too? Typically, quality attributes are not given
to you on a plate and an amount of exploration and refinement is usually needed to come up
with a list of them. Put simply, writing down the quality attributes removes any ambiguity
both now and during maintenance/enhancement work in the future.
Audience
Since quality attributes are mostly technical in nature, this section is really targeted at
technical people in the software development team.
Quality Attributes
188
Required
Yes, all software guidebooks should include a summary of the quality attributes/nonfunctional requirements as they usually shape the resulting software architecture in some
way.
53. Constraints
Software lives within the context of the real-world, and the real-world has constraints. This
section allows you to state these constraints so its clear that you are working within them
and obvious how they affect your architecture decisions.
Intent
Constraints are typically imposed upon you but they arent necessarily bad, as reducing
the number of available options often makes your job designing software easier. This section
allows you to explicitly summarise the constraints that youre working within and the
decisions that have already been made for you.
Structure
As with the quality attributes, simply listing the known constraints and briefly summarising
them will work. Example constraints include:
Constraints
190
If constraints do have an impact, its worth summarising them (e.g. what they are, why they
are being imposed and who is imposing them) and stating how they are significant to your
architecture.
Motivation
Constraints have the power to massively influence the architecture, particularly if they limit
the technology that can be used to build the solution. Documenting them prevents you having
to answer questions in the future about why youve seemingly made some odd decisions.
Audience
The audience for this section includes everybody involved with the software development
process, since some constraints are technical and some arent.
Required
Yes, all software guidebooks should include a summary of the constraints as they usually
shape the resulting software architecture in some way. Its worth making these constraints
explicit at all times, even in environments that have a very well known set of constraints (e.g.
all of our software is ASP.NET against a SQL Server database) because constraints have a
habit of changing over time.
54. Principles
The principles section allows you to summarise those principles that have been used (or you
are using) to design and build the software.
Intent
The purpose of this section is to simply make it explicit which principles you are following.
These could have been explicitly asked for by a stakeholder or they could be principles that
you (i.e. the software development team) want to adopt and follow.
Structure
If you have an existing set of software development principles (e.g. on a development wiki),
by all means simply reference it. Otherwise, list out the principles that you are following and
accompany each with a short explanation or link to further information. Example principles
include:
Principles
192
Motivation
The motivation for writing down the list of principles is to make them explicit so that
everybody involved with the software development understands what they are. Why? Put
simply, principles help to introduce consistency into a codebase by ensuring that common
problems are approached in the same way.
Audience
The audience for this section is predominantly the technical people in the software development team.
Required
Yes, all software guidebooks should include a summary of the principles that have been or
are being used to develop the software.
Intent
The purpose of this section is to summarise the software architecture of your software system
so that the following questions can be answered:
Structure
I use the container and component diagrams as the main focus for this section, accompanied
by a short narrative explaining what the diagram is showing plus a summary of each
container/component.
Sometimes UML sequence or collaboration diagrams showing component interactions can be
a useful way to illustrate how the software satisfies the major use cases/user stories/etc. Only
do this if it adds value though and resist the temptation to describe how every use case/user
story works!
Software Architecture
194
Motivation
The motivation for writing this section is that it provides the maps that people can use to get
an overview of the software and help developers navigate the codebase.
Audience
The audience for this section is predominantly the technical people in the software development team.
Required
Yes, all software guidebooks should include a software architecture section because its essential that the overall software structure is well understood by everybody on the development
team.
Intent
The purpose of this section is to answer the following types of questions:
What are the key external interfaces?
e.g. between your system and other systems (whether they are internal or
external to your environment)
e.g. any APIs that you are exposing for consumption
e.g. any files that your are exporting from your system
Has each interface been thought about from a technical perspective?
What is the technical definition of the interface?
If messaging is being used, which queues (point-to-point) and topics (pub-sub)
are components using to communicate?
What format are the messages (e.g. plain text or XML defined by a DTD/Schema)?
Are they synchronous or asynchronous?
Are asynchronous messaging links guaranteed?
Are subscribers durable where necessary?
Can messages be received out of order and is this a problem?
Are interfaces idempotent?
Is the interface always available or do you, for example, need to cache data
locally?
How is performance/scalability/security/etc catered for?
Has each interface been thought about from a non-technical perspective?
Who has ownership of the interface?
How often does the interface change and how is versioning handled?
Are there any service-level agreements in place?
External Interfaces
196
Structure
I tend to simply list out the interfaces (in the form From X to Y) along with a short narrative
that describes the characteristics of the interface. To put the interfaces in context, I may
include a simplified version of the container or component diagrams that emphasise the
interfaces.
Motivation
The motivation for writing this section is to ensure that the interfaces have been considered
and are understood because theyre typically risky and easy to ignore. If interface details
havent been captured, this section can then act as a checklist and be a source of work items
for the team to undertake.
Audience
The audience for this section is predominantly the technical people in the software development team.
Required
No, I only include this section if Im building something that has one or more complex
interfaces. For example, I wouldnt include it for a standard web server -> database style
of software system, but I would include this section if that web application needed to
communicate with an external system where it was consuming information via an API.
57. Code
Although other sections of the software guidebook describe the overall architecture of the
software, often youll want to present lower level details to explain how things work. This is
what the code section is for. Some software architecture documentation templates call this
the implementation view or the development view.
Intent
The purpose of the code section is to describe the implementation details for parts of the
software system that are important, complex, significant, etc. For example, Ive written about
the following for software projects that Ive been involved in:
Generating/rendering HTML: a short description of an in-house framework that was
created for generating HTML, including the major classes and concepts.
Data binding: our approach to updating business objects as the result of HTTP POST
requests.
Multi-page data collection: a short description of an in-house framework we used for
building forms that spanned multiple web pages.
Web MVC: an example usage of the web MVC framework that was being used.
Security: our approach to using Windows Identity Foundation (WIF) for authentication
and authorisation.
Domain model: an overview of the important parts of the domain model.
Component framework: a short description of the framework that we built to allow
components to be reconfigured at runtime.
Configuration: a short description of the standard component configuration mechanism in use across the codebase.
Architectural layering: an overview of the layering strategy and the patterns in use to
implement it.
Exceptions and logging: a summary of our approach to exception handling and logging
across the various architectural layers.
Patterns and principles: an explanation of how patterns and principles are implemented.
etc
Code
198
Structure
Keep it simple, with a short section for each element that you want to describe and include
diagrams if they help the reader. For example, a high-level UML class and/or sequence
diagram can be useful to help explain how a bespoke in-house framework works. Resist the
temptation to include all of the detail though, and dont feel that your diagrams need to show
everything. I prefer to spend a few minutes sketching out a high-level UML class diagram that
shows selected (important) attributes and methods rather than using the complex diagrams
that can be generated automatically from your codebase with UML tools or IDE plugins.
Keeping any diagrams at a high-level of detail means that theyre less volatile and remain up
to date for longer because they can tolerate small changes to the code and yet remain valid.
Motivation
The motivation for writing this section is to ensure that everybody understands how the
important/significant/complex parts of the software system work so that they can maintain,
enhance and extend them in a consistent and coherent manner. This section also helps new
members of the team get up to speed quickly.
Audience
The audience for this section is predominantly the technical people in the software development team.
Required
No, but I usually include this section for anything other than a trivial software system.
58. Data
The data associated with a software system is usually not the primary point of focus yet its
arguably more important than the software itself, so often its useful to document something
about it.
Intent
The purpose of the data section is to record anything that is important from a data
perspective, answering the following types of questions:
Structure
Keep it simple, with a short section for each element that you want to describe and include
domain models or entity relationship diagrams if they help the reader. As with my advice for
including class diagrams in the code section, keep any diagrams at a high level of abstraction
rather than including every field and property. If people need this type of information, they
can find it in the code or database (for example).
Data
200
Motivation
The motivation for writing this section is that the data in most software systems tends to
outlive the software. This section can help anybody that needs to maintain and support the
data on an ongoing basis, plus anybody that needs to extract reports or undertake business
intelligence activities on the data. This section can also serve as a starting point for when the
software system is inevitably rewritten in the future.
Audience
The audience for this section is predominantly the technical people in the software development team along with others that may help deploy, support and operate the software system.
Required
No, but I usually include this section for anything other than a trivial software system.
Intent
This section is used to describe the physical/virtual hardware and networks on which the
software will be deployed. Although, as a software architect, you may not be involved in
designing the infrastructure, you do need to understand that its sufficient to enable you to
satisfy your goals. The purpose of this section is to answer the following types of questions:
Structure
The main focus for this section is usually an infrastructure/network diagram showing the
various hardware/network components and how they fit together, with a short narrative to
accompany the diagram.
Infrastructure Architecture
202
If Im working in a large organisation, there are usually infrastructure architects who look
after the infrastructure architecture and create these diagrams for me. Sometimes this isnt
the case though and I will draw them myself.
Motivation
The motivation for writing this section is to force me (the software architect) to step outside
of my comfort zone and think about the infrastructure architecture. If I dont understand it,
theres a chance that the software architecture Im creating wont work or that the existing
infrastructure wont support what Im trying to do.
Audience
The audience for this section is predominantly the technical people in the software development team along with others that may help deploy, support and operate the software system.
Infrastructure Architecture
203
Required
Yes, an infrastructure architecture section should be included in all software guidebooks
because it illustrates that the infrastructure is understood and has been considered.
60. Deployment
The deployment section is simply the mapping between the software and the infrastructure.
Intent
This section is used to describe the mapping between the software (e.g. containers) and
the infrastructure. Sometimes this will be a simple one-to-one mapping (e.g. deploy a web
application to a single web server) and at other times it will be more complex (e.g. deploy
a web application across a number of servers in a server farm). This section answers the
following types of questions:
How and where is the software installed and configured?
Is it clear how the software will be deployed across the infrastructure elements
described in the infrastructure architecture section? (e.g. one-to-one mapping, multiple
containers per server, etc)
If this is still to be decided, what are the options and have they been documented?
Is it understood how memory and CPU will be partitioned between the processes
running on a single piece of infrastructure?
Are any containers and/or components running in an active-active, active-passive,
hot-standby, cold-standby, etc formation?
Has the deployment and rollback strategy been defined?
What happens in the event of a software or infrastructure failure?
Is it clear how data is replicated across sites?
Structure
There are a few ways to structure this section:
1. Tables: simple textual tables that show the mapping between software containers
and/or components with the infrastructure they will be deployed on.
Deployment
205
2. Diagrams: UML deployment diagrams or modified versions of the diagrams from the
infrastructure architecture section showing where software will be running.
In both cases, I may use colour coding the designate the runtime status of software and
infrastructure (e.g. active, passive, hot-standby, warm-standby, cold-standby, etc).
Motivation
The motivation for writing this section is to ensure that I understand how the software is
going to work once it gets out of the development environment and also to document the
often complex deployment of enterprise software systems.
This section can provide a useful overview, even for those teams that have adopted
continuous delivery and have all of their deployment scripted using tools such as Puppet
or Chef.
Audience
The audience for this section is predominantly the technical people in the software development team along with others that may help deploy, support and operate the software system.
Required
Yes, a deployment section should be included in all software guidebooks because it can help
to solve the often mysterious question of where the software will be, or has been, deployed.
Intent
Most systems will be subject to support and operational requirements, particularly around
how they are monitored, managed and administered. Including a dedicated section in the
software guidebook lets you be explicit about how your software will or does support those
requirements. This section should address the following types of questions:
Is it clear how the software provides the ability for operation/support teams to monitor
and manage the system?
How is this achieved across all tiers of the architecture?
How can operational staff diagnose problems?
Where are errors and information logged? (e.g. log files, Windows Event Log, SMNP,
JMX, WMI, custom diagnostics, etc)
Do configuration changes require a restart?
Are there any manual housekeeping tasks that need to be performed on a regular basis?
Does old data need to be periodically archived?
Structure
This section is usually fairly narrative in nature, with a heading for each related set of
information (e.g. monitoring, diagnostics, configuration, etc).
Motivation
Ive undertaken audits of existing software systems in the past and weve had to spend time
hunting for basic information such as log file locations. Times change and team members
move on, so recording this information can help prevent those situations in the future where
nobody understands how to operate the software.
207
Audience
The audience for this section is predominantly the technical people in the software development team along with others that may help deploy, support and operate the software system.
Required
Yes, an operations and support section should be included in all software guidebooks, unless
you like throwing software into a black hole and hoping for the best!
Intent
The purpose of this section is to simply record the major decisions that have been made,
including both the technology choices (e.g. products, frameworks, etc) and the overall
architecture (e.g. the structure of the software, architectural style, decomposition, patterns,
etc). For example:
Why did you choose technology or framework X over Y and Z?
How did you do this? Product evaluation or proof of concept?
Were you forced into making a decision about X based upon corporate policy or
enterprise architecture strategies?
Why did you choose the selected software architecture? What other options did you
consider?
How do you know that the solution satisfies the major non-functional requirements?
etc
Structure
Again, keep it simple, with a short paragraph describing each decision that you want to
record. Do refer to other resources such as proof of concepts, performance testing results or
product evaluations if you have them.
Motivation
The motivation for recording the significant decisions is that this section can act as a point of
reference in the future. All decisions are made given a specific context and usually have tradeoffs. There is usually never a perfect solution to a given problem. Articulating the decision
Decision Log
209
making process after the event is often complex, particularly if youre explaining the decision
to people who are joining the team or youre in an environment where the context changes
on a regular basis.
Although nobody ever gets fired for buying IBM, perhaps writing down the fact that
corporate policy forced you into using IBM WebSphere over Apache Tomcat will save you
some tricky conversations in the future.
Audience
The audience for this section is predominantly the technical people in the software development team along with others that may help deploy, support and operate the software system.
Required
No, but I usually include this section if we (the team) spend more than a few minutes thinking
about something significant such as a technology choice or an architectural style. If in
doubt, spend a couple of minutes writing it down, especially if you work for a consulting
organisation who is building a software system under an outsourcing agreement for a
customer.
63. Questions
1. We should all strive for self-documenting code, but does this tell the whole story? If
not, what is missing?
2. Do you document your software systems? If so, why? If not, why not?
3. If you have lots of project-level documentation but very little product-level documentation, how do new joiners to your team understand your software system(s)? What
could make their job easier?
4. What would you consider to be a minimum level of supplementary software documentation within your own environment?
5. Where do you store your supplementary documentation? (e.g. source control system,
network file share, SharePoint, wiki, etc). Is this the best solution given your intended
audience?
213
214
Constraints: The real-world usually has constraints; ranging from approved technology lists, prescribed integration standards, target deployment environment, size of
team, etc. Again, not considering these could cause you to deliver a software system
that doesnt complement your environment, adding unnecessary friction.
Principles: These are the things that you want to adopt in an attempt to provide
consistency and clarity to the software. From a design perspective, this includes
things like your decomposition strategy (e.g. layers vs components vs micro-services),
separation of concerns, architectural patterns, etc. Explicitly outlining a starting set of
principles is essential so that the team building the software starts out heading in the
same direction.
215
which provide some often needed vision and guidance for the team. My experience suggests
that a little direction can go a long way.
Probability vs impact
A good way to think about risk is to separate out the probability of that risk happening from
the negative impact of it happening.
Probability: How likely is it that the risk will happen? Do you think that the chance
is remote or would you be willing to bet cash on it?
Impact: What is the negative impact if the risk does occur? Is there general discomfort
for the team or is it back to the drawing board? Or will it cause your software project
to fail?
Both probability and impact can be quantified as low, medium, high or simply as a numeric
value. If you think about probability and impact separately, you can then plot the overall
score on a matrix by multiplying the scores together as illustrated in the following diagram.
217
Quantifying risk
Prioritising risk
Prioritising risks is then as simple as ranking them according to their score. A risk with a low
probability and a low impact can be treated as a low priority risk. Conversely, a risk with
a high probability and a high impact needs to be given a high priority. As indicated by the
colour coding
Green: a score of 1 or 2; the risk is low priority.
Amber: a score of 3 or 4; the risk is medium priority.
Red: a score of 6 or 9; the risk is high priority.
Its often difficult to prioritise which risks you should take care of and if you get it wrong,
youll put the risk mitigation effort in the wrong place. Quantifying risks provides you with
a way to focus on those risks that are most likely to cause your software project to fail or you
to be fired.
66. Risk-storming
Risk identification is a crucial part of doing just enough up front design but its something
that many software teams shy away from because its often seen as a boring chore. Riskstorming is a quick, fun, collaborative and visual technique for identifying risk that the whole
team can take part in. There are 4 steps.
Risk-storming
219
As with software development estimates, peoples perceptions of risk can be subjective based
upon their experience. If youre planning on using a new technology, hopefully somebody on
the team will identify that there is a risk associated with doing this. Also, somebody might
quantify the risk of using new technology relatively highly whereas others might not feel
the same if theyve used that same technology before. Identifying risks individually allows
everybody to contribute to the risk identification process and youll gain a better view of the
risks perceived by the team rather than only from those designing the software or leading
the team.
220
Risk-storming
This part of the technique is visual and, once complete, lets you see at a glance where the
highest areas of risk are. If several people have identified similar risks youll get a clustering
of sticky notes on top of the diagrams as peoples ideas converge.
Risk-storming
221
Mitigation strategies
Identifying the risks associated with your software architecture is an essential exercise
but you also need to come up with mitigation strategies, either to prevent the risks from
happening in the first place or to take corrective action if the risk does happen. Since the
risks are now prioritised, you can focus on the highest priority ones first.
There are a number of mitigation strategies the are applicable depending upon the type of
risk, including:
1. Education: Training the team, restructuring it or hiring new team members in areas
where you lack experience (e.g. with new technology).
2. Prototypes: Creating prototypes where they are needed to mitigate technical risks by
proving that something does or doesnt work. Since risk-storming is a visual technique,
it lets you easily see the stripes through your software system that you should perhaps
look at in more detail with prototypes.
3. Rework: Changing your software architecture to remove or reduce the probability/impact of identified risks (e.g. removing single points of failure, adding a cache to protect
from third-party system outages, etc). If you do decide to change your architecture,
you can re-run the risk-storming exercise to check whether the change has had the
desired effect.
Risk-storming
222
Collective ownership
As a final point related to risks, who owns the risks on most software projects anyway? From
my experience, the risk register (if there is one) is usually owned by the lone non-technical
project manager. Does this make sense? Do they understand the technical risks? Do they
really care about the technical risks?
A better approach is to assign ownership of technical risks to the software architecture role.
By all means keep a central risk register, but just ensure that somebody on the team is actively
looking after the technical risks, particularly those that will cause your project to be cancelled
or you to be fired. And, of course, sharing the software architecture role amongst the team
paves the way for collective ownership of the risks too.
224
At one end of the scale you have waterfall that, in its typical form, suggests big design up
front where everything must be decided, reviewed and signed-off before a line of code is
written. And at the other end you have the agile approaches that, on the face of it, shy away
from doing architecture.
At this point its worth saying that this isnt actually true. Agile methods dont say dont
do architecture, just as they dont say dont produce any documentation. Agile is about
sufficiency, moving fast, embracing change, feedback and delivering value. But since agile
approaches and their evangelists dont put much emphasis on the architectural aspects of
software development, many people have misinterpreted this to mean agile says dont do
any architecture. More commonly, agile teams choose to spread the design work out across
the project rather than doing it all up front. There are several names for this, including
evolutionary architecture and emergent design. Depending on the size and complexity
of the software system along with the experience and maturity of the team, this could
unfortunately end up as foolishly hoping for the best.
Sitting between the ends of the scale are methods like the Rational Unified Process (RUP),
Disciplined Agile Delivery (DAD) and DSDM Atern. These are flexible process frameworks
that can be implemented by taking all or part of them. Although many RUP implementations
have typically been heavyweight monsters that have more in common with waterfall
approaches, it can be scaled down to exhibit a combination of characteristics that lets it
take the centre ground on the scale. DAD is basically a trimmed down version of RUP, and
DSDM Atern is a similar iterative and incremental method that is also influenced by the agile
225
movement. All three are risk-driven methodologies that basically say, gather the majority
of the key requirements at a high level, get the risky stuff out of the way, then iterate and
increment. DSDM Atern even uses the term firm foundations to describe this. Done right,
these methods can lead to a nice balance of up front design and evolutionary architecture.
226
Significant change to the architecture during the project lifecycle that could have been
anticipated.
Too many design alternatives and options, often with team members disagreeing on
the solution or way forward.
Uncertainty over whether the design will work (e.g. no prototyping was performed as
a part of the design process).
A lack of technology choices (i.e. unnecessary deferral).
227
Back to RUP for a second, and it uses the term architecturally significant, advising that you
should figure out what might be significant to your architecture. What might be significant?
Well, its anything thats costly to change, is complex (e.g. tricky non-functional requirements
or constraints) or is new. In reality, these are the things with a higher than normal risk of
consequences if you dont get them right. Its worth bearing in mind that the significant
elements are often subjective too and can vary depending on the experience of the team.
Firm foundations
What you have here then is an approach to software development that lets you focus on
whats risky in order to build sufficient foundations to move forward with. The identification
of architecturally significant elements and their corresponding risks is something that should
be applied to all software projects, regardless of methodology. Some agile projects already
do this by introducing a sprint zero, although some agile evangelists will say that youre
doing it wrong if you need to introduce an architecture sprint. I say that you need to do
whatever works for you based upon your own context.
Although all of this provides some guidance, the answer to how much is just enough?
needs one of those it depends type answers because all software teams are different. Some
teams will be more experienced, some teams will need more guidance, some teams will
continually work together, some teams will rotate and change frequently, some software
systems will have a large amount of essential complexity, etc. How much architecture do
you need to do then? I say that you need to do just enough in order to do the following,
which applies whether the software architecture role is being performed by a single person
or shared amongst the team.
228
1. Structure
What: Understand the significant structural elements and how they fit together,
based upon the architectural drivers.
How: Design and decomposition down to containers and components.
2. Vision
What: Create and communicate a vision for the team to work with.
How: Context, container and component diagrams.
3. Risks
What: Identify and mitigate the highest priority risks.
How: Risk-storming and concrete experiments.
This minimal set of software architecture practices will provide you with firm foundations
that underpin the rest of the software delivery, both in terms of the product being built and
the team that is building it. Some architecture usually does need to be done up front, but
some doesnt and can naturally evolve. Deciding where the line sits between mandatory and
evolutionary design is the key.
229
medium size software project scenario and draft a very short set of high-level requirements
(functional and non-functional) to describe it. This could be an existing system that youve
worked on or something new and unrelated to your domain such as the financial risk system
that I use on my training course. With this in place, ask two or more groups of 2-3 people
to come up with a solution by choosing some technology, doing some design and drawing
some diagrams to communicate the vision. Timebox the activity (e.g. 90 minutes) and then
hold an open review session where the following types of questions are asked about each of
the solutions:
Think of this exercise as an architectural kata except that you perform a review that focusses
additionally on the process you went through and the outputs rather than just the architecture
itself. Capture your findings and try to distill them into a set of guidelines for how to approach
the software design process in the future. Agree upon and include examples of how much
detail to go down into, agree on diagram notation and include examples of good diagrams,
determine the common constraints within your own environment, etc. If possible, run the
exercise again with the guidelines in mind to see how it changes things. One day is typically
enough time to run through this exercise with a couple of design/communicate/review cycles.
No two software teams are the same. Setting aside a day to practice the software design
process within your own environment will provide you with a consistent starting point for
tackling the process in the future and help you contextualise exactly what just enough up
front design means to you and your team. An additional benefit of practicing the software
design process is that its a great way to coach and mentor others. Are you striving for a
self-organising team where everybody is able to perform the software architecture role?
68. Agility
In my experience, people tend to use the word agile to refer to a couple of things. The first
is when talking about agile approaches to software development; moving fast, embracing
change, releasing often, getting feedback and so on. The second use of the word relates to
the agile mindset and how people work together in agile environments. This is usually about
team dynamics, systems thinking, psychology and other things you might associate with
creating high performing teams.
Leaving the latter fluffy stuff aside, for me, labelling a software architecture as being
agile means that it can react to change within its environment, adapting to the ever
changing requirements that people throw at it. This isnt necessarily the same as the software
architecture that an agile team will create. Delivering software in an agile way doesnt
guarantee that the resulting software architecture will be agile. In fact, in my experience,
the opposite typically happens because teams are more focussed on delivering functionality
rather than looking after their architecture.
Understanding agility
To understand how much agility you need from your software architecture, its worth looking
at what agility means. John Boyd, a fighter pilot in the US Air Force, came up with a concept
that he called the OODA loop - Observe, Orient, Decide and Act. In essence, this loop forms
the basis for the decision making process. Imagine that you are a fighter pilot in a dogfight
with an adversary. In order to outwit your opponent in this situation, you need to observe
whats happening, orient yourself (e.g. do some analysis), decide what to do and then act. In
the heat of the battle, this loop needs to be executed as fast as possible to avoid being shot
down by your opponent. Boyd then says that you can confuse and disorient your opponent
if you can get inside their OODA loop, by which he means execute it faster than they can. If
youre more agile than your opponent, youre the one that will come out on top.
In a paper titled What Lessons Can the Agile Community Learn from A Maverick Fighter
Pilot?, Steve Adolph, from the University of British Columbia, takes Boyds concept and
applies it to software development. The conclusion drawn is that agility is relative and
time-based. If your software team cant deliver software and keep pace with changes in the
environment, your team is not agile. If youre working in a large, slow moving organisation
Agility
231
that rarely changes, you can probably take months to deliver software and still be considered
agile by the organisation. In a lean startup, thats likely to not be the case.
232
Agility
In my view, both architectural styles have their advantages and disadvantages, with the
decision to build a monolithic system vs one composed of microservices coming back to
the trade-offs that you are willing to make. As with all things in the IT industry, theres a
middle ground between these extremes. With pragmatism in mind, you can always opt to
build a software system that consists of a number of small well-defined components, yet is
still deployed as a single unit. The Wikipedia page for Component-based development has a
good summary and a component might be something like a risk calculator, audit logger,
report generator, data importer, etc. The simplest way to think about a component is that
its a set of related behaviours behind an interface, which may be implemented using one or
more collaborating classes (assuming an OO language). Good components share a number
of characteristics with good classes and, of course, good microservices: high cohesion, low
coupling, a well-defined public interface, good encapsulation, etc. Well-defined components
provide a stepping stone to migrate to a microservice architecture more easily at a later date,
if you need the benefits given the additional cost and complexity that such an architecturalstyle provides.
Agility
233
Agility
234
Sketches: Simple software architecture sketches, based upon the C4 model, can help
you visualise and communicate those early ideas quickly.
Ubiquitous language: The C4 model provides a simple ubiquitous language that the
whole team can use to communicate effectively and efficiently.
Aligning software architecture and code: Aligning the software architecture model
with the code, by adopting an architecturally-evident coding style, allows you to
ensure architectural integrity and enforce modularity. This, in turn, makes your
software easier to explain, understand and adapt.
Software architecture as code: Representing the C4 model as code provides a way
to keep those software architecture models continously up to date, especially when
architeturally-evident coding constructs are extracted from the code in an automated
way.
Risk-storming: Risk-storming provides a simple visual and collaborative way to
identify the high-priority risks. The information from this exercise can then go into
determining whether the architecture is fit for purpose and which, if any, concrete
experiments need to be undertaken.
236
view is? When we refer to the physical view, is this about the code or the physical
infrastructure? Everybody on the development team needs to understand the essence of
software architecture and the consequences of not thinking about it before we start talking
about things like architecture description languages and evaluation methods. Information
about software architecture needs to be accessible and grounded in reality.
This may seem an odd thing to say, but the people who manage software teams also need to
understand the essence of software architecture and why its a necessary discipline. Some of
the teams Ive worked with over the years have been told by their management to stop doing
software architecture and get on with the coding. In many cases, the reason behind this is a
misunderstanding that all up front design activities need to be dropped when adopting agile
approaches. Such software development teams are usually put under immense pressure to
deliver and some up front thinking usually helps rather than hinders.
1. Educate people
Simply run some workshops where people can learn about and understand what software
architecture is all about. This can be aimed at developers or non-developers, and it will help
to make sure that everybody is talking the same language. At a minimum, you should look
to cover:
What software architecture is.
Why software architecture is important.
The practices you want to adopt.
237
3. Definition of done
If you have a definition of done for work items, add software architecture to the list.
This will help ensure that you consider architectural implications of the work item and
conformance of the implementation with any desired architectural patterns/rules or nonfunctional goals.
5. Architecture katas
Words alone are not enough and the skeptics need to see that architecture is not about big
design up front. This is why I run short architecture katas where small teams collaboratively
architect a software solution for a simple set of requirements, producing one or more
diagrams to visualise and communicate their solutions to others. This allows people to
experience that up front design doesnt necessarily mean designing everything to a very low
level of abstraction and it provides a way to practice communicating software architecture.
238
Its worth asking a few questions to understand the need for actively thinking about software
architecture:
1. What problems is the lack of software architecture causing now?
2. What problems is the lack of software architecture likely to cause in the future?
3. Is there a risk that these problems will lead to more serious consequences (e.g. loss of
reputation, business, customers, money, etc)?
4. Has something already gone wrong?
One of the things that I tell people new to the architecture role is that they do need to dedicate
some time to doing architecture work (the big picture stuff) but a balance needs to be struck
between this and the regular day-to-day development activities. If youre coding all of the
time then that big picture stuff doesnt get done. On the flip-side, spending too much time
on software architecture means that you dont ever get any coding done, and we all know
that pretty diagrams are no use to end-users!
How do we introduce software architecture? is one of those questions that doesnt have a
straightforward answer because it requires changes to the way that a software team works,
and these can only really be made when you understand the full context of the team. On a
more general note though, there are two ways that teams tend to change the way that they
work.
1. Reactively: The majority of teams will only change the way that they work based
upon bad things happening. In other words, theyll change if and only if theres a
catalyst. This could be anything from a continuous string of failed system deployments
or maybe something like a serious system failure. In these cases, the team knows
something is wrong, probably because their management is giving them a hard time,
and they know that something needs to be done to fix the situation. This approach
unfortunately appears to be in the majority across the software industry.
2. Proactively: Some teams proactively seek to improve the way that they work. Nothing
bad might have happened yet, but they can see that theres room for improvement
to prevent the sort of situations mentioned previously. These teams are, ironically,
usually the better ones that dont need to change, but they do understand the benefits
associated with striving for continouous improvement.
Back to the original question and in essence the team was asking permission to spend some
time doing the architecture stuff but they werent getting buy-in from their management.
239
Perhaps their management didnt clearly understand the benefits of doing it or the consequences of not doing it. Either way, the team didnt achieve the desired result. Whenever
Ive been in this situation myself, Ive either taken one of two approaches.
1. Present in a very clear and concise way what the current situation is and what the
issues, risks and consequences are if behaviours arent changed. Typically this is
something that you present to key decision makers, project sponsors or management.
Once they understand the risks, they can decide whether mitigating those risks is
worth the effort required to change behaviours. This requires influencing skills and
it can be a hard sell sometimes, particularly if youre new to a team that you think is
dysfunctional!
2. Lead by example by finding a problem and addressing it. This could include, for example, a lack of technical documentation, inconsistent approaches to solving problems,
too many architectural layers, inconsistent component configuration, etc. Sometimes
the initial seeds of change need to be put in place before everybody understands the
benefits in return for the effort. A little like the reaction that occurs when most people
see automated unit testing for the first time.
Each approach tends to favour different situations, and again it depends on a number of
factors. Coming back to the original question, its possible that the first approach was used
but either the message was weak or the management didnt think that mitigating the risks
of not having any dedicated architecture time was worth the financial outlay. In this
particular case, I would introduce software architecture through being proactive and leading
by example. Simply find a problem (e.g. multiple approaches to dealing with configuration,
no high-level documentation, a confusing component structure, etc) and just start to fix it.
Im not talking about downing tools and taking a few weeks out because we all know that
trying to sell a three month refactoring effort to your management is a tough proposition.
Im talking about baby steps where you evolve the situation by breaking the problem down
and addressing it a piece at a time. Take a few minutes out from your day to focus on these
sort of tasks and before you know it youve probably started to make a world of difference.
Its easier to ask forgiveness than it is to get permission.
240
software architecture is just enough and only you can decide how best to lead the change
that you want to see in your team. Good luck with your journey!
70. Questions
1. Despite how agile approaches have been evangelised, are agile and architecture
really in conflict with one another?
2. If youre currently working on an agile software team, have the architectural concerns
been thought about?
3. Do you feel that you have the right amount of technical leadership in your current
software development team? If so, why? If not, why not?
4. How much up front design is enough? How do you know when you stop? Is this view
understood and shared by the whole team?
5. Many software developers undertake coding katas to hone their skills. How can you
do the same for your software architecture skills? (e.g. take some requirements plus a
blank sheet of paper and come up with the design for a software solution)
6. What is a risk? Are all risks equal?
7. Who identifies the technical risks in your team?
8. Who looks after the technical risks in your team? If its the (typically non-technical)
project manager or ScrumMaster, is this a good idea?
9. What happens if you ignore technical risks?
10. How can you proactively deal with technical risks?
11. Do you need to introduce software architecture into the way that your team works? If
so, how might you do this?
Trade ID
Date
Current trade value in US dollars
Counterparty ID
244
Functional Requirements
The high-level functional requirements for the new Risk System are as follows.
1. Import trade data from the Trade Data System.
2. Import counterparty data from the Reference Data System.
3. Join the two sets of data together, enriching the trade data with information about the
counterparty.
4. For each counterparty, calculate the risk that the bank is exposed to.
5. Generate a report that can be imported into Microsoft Excel containing the risk figures
for all counterparties known by the bank.
6. Distribute the report to the business users before the start of the next trading day (9am)
in Singapore.
7. Provide a way for a subset of the business users to configure and maintain the external
parameters used by the risk calculations.
Non-functional Requirements
The non-functional requirements for the new Risk System are as follows.
Performance
Risk reports must be generated before 9am the following business day in Singapore.
Scalability
The system must be able to cope with trade volumes for the next 5 years.
The Trade Data System export includes approximately 5000 trades now and it is
anticipated that there will be an additional 10 trades per day.
The Reference Data System counterparty export includes approximately 20,000 counterparties and growth will be negligible.
There are 40-50 business users around the world that need access to the report.
Availability
Risk reports should be available to users 24x7, but a small amount of downtime (less
than 30 minutes per day) can be tolerated.
245
Failover
Manual failover is sufficient for all system components, provided that the availability
targets can be met.
Security
This system must follow bank policy that states system access is restricted to authenticated and authorised users only.
Reports must only be distributed to authorised users.
Only a subset of the authorised users are permitted to modify the parameters used in
the risk calculations.
Although desirable, there are no single sign-on requirements (e.g. integration with
Active Directory, LDAP, etc).
All access to the system and reports will be within the confines of the banks global
network.
Audit
The following events must be recorded in the system audit logs:
Report generation.
Modification of risk calculation parameters.
It must be possible to understand the input data that was used in calculating risk.
246
Interoperability
Interfaces with existing data systems should conform to and use existing data formats.