Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
103 Cards in this Set
- Front
- Back
|
What is Software Design? |
Plan or sketch for how a system software will be built |
|
|
Purpose of architecture? (5) |
- Focus on stable aspects - Provide solution that meets function/quality requirements - Allow for effective concurrent development - Fitness for future - Enable reuse |
|
|
Design process steps (7) |
1. Know and understand customer's needs 2. Generate solution ideas 3. Conceptualize alternative solutions 4. Analyze alternative solutions 5. Select one 6. Validate it 7. Iterate |
|
|
Difference between criteria and requirements? |
Criteria: qualities to minimize or maximize Requirements: either satisfied or not satisfied |
|
|
How to conceptualize? (3) |
- Create a prototype - Create a specification - Create an executable model/simulation |
|
|
Basic criteria for analysis (5) |
- Fitness for purpose - Fitness for future - Cost of engineering - Cost of production - Cost of operation |
|
|
Difference between functional and quality requirements? |
Functional: WHAT a system does Quality: HOW WELL the system does what it needs to do |
|
|
What do microkernels need to address? (3) |
- Low-level address space management - Thread management - Inter-process communcation (IPC) |
|
|
Concepts involved in the Mach microkernel? (4) |
- Tasks - Threads - Ports - Messages |
|
|
Why was the Mach performance awful? (3) |
IPC - Major bottleneck - Working set too large - Poor spacial locality, too many cache misses |
|
|
How did L4 microkernel improve on Mach? (5) |
IPC - Send and receive - Synchronous - Passing as much data as possible in registers - Direct process switch - Avoid invoking scheduler |
|
|
Which is more reliable, Monolithic or Micro? |
Micro Entire system continues operating if one daemon crashes |
|
|
Which is more secure, Monolithic or Micro? |
Micro Smaller attack surface, less potential bugs for exploitation because adheres to principle of least privilege |
|
|
Which has better performance, Monolithic or Micro? |
Monolithic Direct access/communication minimizes IPC overhead. Micro can have good performance, but more difficult to achieve |
|
|
Which is more usable, Monolithic or Micro? |
Monolithic Exposes rich APIs so user has to do less |
|
|
Which is more extensible, Monolithic or Micro? |
Both Mono: Clear API, but lower modularity so higher chance of bugs Micro: Adding new drivers simpler, but not able to share memory so have to rely on distributed algorithms |
|
|
Which is more portable, Monolithic or Micro? |
Both Addressed with hardware abstraction layer (HAL) |
|
|
What is a module? |
Unit of system decomposition with a well-defined PURPOSE and INTERFACE. |
|
|
What is an interface? |
CONTRACT between module and environment |
|
|
What is a syntactic interface? Give an example. |
Specifies how to invoke exposed services E.g. Java interfaces |
|
|
What is a semantic interface? Give an example |
Specifies what the module is doing and how it behaves E.g. Assertions, test suites, or state machines |
|
|
What is crosscutting? Why is it bad? |
Implementing a single requirement across several different modules spread across hierarchy Hard to understand requirement implementation, difficult to change if requirement changes |
|
|
What is tangling? Why is it bad? |
Implementing several requirements from across requirements hierarchy in one module Difficult-to-maintain modules |
|
|
What is cohesion?
|
Measure of coherence amongst pieces of that module |
|
|
How can you group functions? (2) |
- By topic - By interaction (same data) |
|
|
What are 4 examples of bad cohesion? |
- Coincidental cohesion (random) - God classes (too many responsibilities) - Control-flow cohesion - Temporal cohesion |
|
|
What are the types of coupling (8) |
- Data - Stamp (more data than necessary) - Control (controls execution) - Service (calls service provided) - Identity - Location - Quality of service (expectations) - Content (inheritance) |
|
|
What are the common code smells? (12) |
- Duplicated code - Long method - God class - Comments - Switch statement - Primitive obsession - Long parameter list - Feature envy - Data clumps - Shotgun surgery - Direct constructor calls - Speculative generality |
|
|
What are the positive and negative consequences of the Composite Pattern? |
Positive: Uniformity, Extensibility Negative: Overhead |
|
|
What are the positive and negative consequences of the Decorator Pattern? |
Positive: - Responsibilities can be added/removed at runtime - Avoids subclass explosion - Recursive nesting allows multiple responsibilities Negative: - Interface occlusion - Split identity |
|
|
What are the positive and negative consequences of the Iterator Pattern? |
Positive: - New subtypes without recompiling existing - Basic types could be part of a library Negative: - Adding new operations requires updating/recompiling every existing |
|
|
When would you use Iterator vs Visitor? |
Iterator: stable set of operations, but growing number of subsets
Visitor: Stable data structure, but growing number of operations |
|
|
What is the main concept of Layered Architecture? |
Layers depend on the ones below it. Basic functionality lower, more specialized higher. |
|
|
What are the positive and negative consequences of Layered Architecture? |
Positive: Abstraction, portability Negative: Performance (communicating through layers), limited functionality in lower layers |
|
|
What is an interpreter? |
Executes programs in computer language |
|
|
What are the three logics considered in Tiered Architecture? |
- Data management - Business logic - Presentation |
|
|
What are the advantages of >= 3-tiered architecture? |
The 3 logics can be split and evolved at different speeds |
|
|
What are the components and connectors of Call-and-Return Architecture? |
Components: Procedures Connectors: Procedure calls |
|
|
What are the strengths and weaknesses of using OO in Call-And-Return architecture? |
Strengths: - Domain modeling - Abstract problems as interacting agents - Interfaces and subtype hierarchies Weaknesses: - Potentially high coupling (imp. inheritance, direct constructor calls) - Side-effect problems - Complex dynamic interaction |
|
|
What are the components and connectors of Interacting Processors? |
Components: State machines Connectors: Message queues and shared variables |
|
|
What architecture pattern does MVC fall under? |
Implicit Invocation |
|
|
What are the strengths and weaknesses of Implicit Invocation? |
Strengths: - Extensibility - Loose coupling Weaknesses: - Loss of control (whom, what order, completion) - Difficult to debug |
|
|
What is the difference between business and system transactions? |
Business: - Groups requests from user to applications - Very long System: - Groups requests from application to database - Corresponds to database transactions |
|
|
What is pessimistic offline lock? When is it preferable? |
Locks for exclusive access. Preferred if conflicts are frequent |
|
|
What is optimistic offline lock? When is it preferable? |
Conflict detection on write, roll back using version markers if conflict unresolvable. Preferred if conflicts are infrequent |
|
|
What are the required properties of transactions? (4) |
- Atomicity: complete successfully or roll back - Consistency: resources must be in consistent, non-corrupt state at start/completion - Isolation: result of transaction must not be visible to any others until successfully committed - Durability: results must be made permanent (survive crashes) |
|
|
How do you increase throughput for a transactional architecture? |
Keep system transactions as short as possible, and use offline concurrency to handle business transactions spanning multiple requests |
|
|
What is a Unit of Work? |
Maintains list of objects affected by business transaction, and coordinates writing out changes/resolutions to problems |
|
|
How many Units of Work for each session? |
One |
|
|
What are some transactional implementation alternatives? (7) |
- Caller registration (caller registers object) - Object registration (object registers itself) - Unit of work controller (copy at read time) - UoW as disconnected data set (change set through version/state attributes) - Single system transaction and save on each update - Defer updates to end by keeping track of changed objects in variables - Dirty flag in each domain object |
|
|
What are the positive and negative consequences of Blackboard Architecture? |
Positive: - Cooperative problem solving - Dynamic reconfigurability - Extensibility Negative: - Unpredictable, complex interactions - Hard to debug - High complexity of blackboard |
|
|
What are the strengths and weaknesses of Data Flow architectures? |
Strengths:- Easy to understand/analyze- Loose coupling- Reuse- Extensible- Amenable to automated analysis- Amenable to parallelization
Weaknesses:- Can be restrictive- Potential performance- Lowest common denominator on data type- Error handling |
|
|
What are the main steps of design synthesis? (2) |
- Idea generation - Conceptualization |
|
|
What do you use to differentiate among potential design alternatives? |
- Design criteria - Design constraints - Requirements |
|
|
What are the roles of modules? (5) |
- Provide understanding of system - Dividing work among developers - Unit of reuse - Unit of evolution - Unit of compilation |
|
|
Which design pattern suffers from fragile base class problem? |
Template, since it relies on a base class |
|
|
What does the Adapter design pattern do? |
Change the interface of the wrapped component |
|
|
What does dependency inversion do? |
Reverse dependency between layers
Moves depended class into lower layer, and implement/inherit from that class in the layer above |
|
|
What are the three topologies of layered architecture? |
Stack, tree, DAG |
|
|
What is the name for the special type of layered architecture that allows more than one layer to touch one below? |
Cross-layer optimization
|
|
|
What are the strengths and weaknesses of cross-layer optimization? |
Strengths: - Improve performance - Provide access to special features Weaknesses: - Reduces modifiability and portability |
|
|
What is the main weakness of the basic Three-Tier Architecture? |
Does not support application integration well. Can be remedied with service layers, implicit invocation, messaging, or REST |
|
|
What should an architectural view be able to do? (2) |
1. Focus on a perspective relevant to certain stakeholders |
|
|
What information does a software architecture need to include? (4) |
- Software requirements - Logical software architecture - Physical software architecture - V & V views |
|
|
What should software requirements include? (5) |
- Context model (external agents, interfaces) - Domain model (data dictionary) - Textual requirements (quality, functional) - Feature models (O) (hierarchy of functions) |
|
|
What should logical software architecture include? (2) |
- Logical sub-system decomposition - Quality analysis views |
|
|
What should physical software architecture include? (5) |
- target platform specs - domain model - physical sub-system decomposition - allocation of physical soft elements to hardware - QA views |
|
|
What should hardware architecture include? (4) |
- computer HW requirements - Logical computer HW requirements - Physical computer HW architecture - QA views |
|
|
What do Block Definition Diagrams (BDD) represent? |
Structural elements (blocks), their composition, and classification |
|
|
What do Internal Block Diagrams (IBD) represent? |
Connections and interfaces among parts of a block |
|
|
What do Parametric diagrams represent? |
Constraints on property values Used to support engineering analysis |
|
|
What do Package diagrams represent? |
Model organization and name spaces
|
|
|
What do Activity diagrams represent? |
Control and data flow |
|
|
What do Sequence diagrams represent? |
Interactions between parts |
|
|
What do State Machine diagrams represent? |
States and transitions between triggered events |
|
|
What do Timing diagrams represent? |
Timing of signals and events
|
|
|
What do MARTEs represent? |
Timing and performance interaction within other diagrams |
|
|
What are some performance metrics? (9) |
- Response time - Responsiveness - Latency - Throughput - Load - Load sensitivity (how response time varies with load) - Efficiency - Capacity - Scalability |
|
|
What is the performance metric EFFICIENCY's formula? |
Performance / # of resources |
|
|
What are some parameters for performance analysis scenarios? (5) |
- Stimulus - Source - Environment - Artifact - Metric/measure target |
|
|
What is Little's law? |
Ni = Xi * Ri Xi --> througput at node i Ri --> response time at node i (wait time plus service time) |
|
|
What is performance impacted by? (2) |
- Resource consumption - Blocked time |
|
|
What are some performance design tactics? (4) |
- Control demand to reduce latency - Mange resources to reduce response time - Manage resources to increase throughput - Resource arbitration (scheduling) |
|
|
What must be met for quality to be assured? (3) |
- Explicit software requirements - Implicit software requirements - Design criteria |
|
|
What desired mathematical properties must a QA measurement have? (3) |
- Meaningful scale - Follow increase/decrease of attribute - Empirical validation (independence, scalable, portable) |
|
|
What types of QA metrics exist? (3) |
- Product metrics - Process metrics - Project metrics |
|
|
What is the Goal-Question-Metric? |
1987 with SE lab, NASA Metric: Specifies supporting data to quantitatively answer questions at hand |
|
|
What is reliability?
|
Not failing within a specified period and environment |
|
|
What are the parameters of reliability? (3) |
- Mean time to failure - FAilure rate - Probability of mission success |
|
|
What is the availability (reliability) formula? |
Availability = mean time to failure / (mean time to failure + mean time to repair) |
|
|
What is the relationship between reliability and safety? |
Reliability: technical quality of system/component |
|
|
How does failure mode and effects analysis (FMEA) work wrt. hardware analysis? |
Identify failure modes per function or component, their effects on system, and probabilities. Bottom-up starting with components. - Software components highly coupled |
|
|
How does fault tree analysis (FTA) work wrt. hardware analysis? |
Top-down decomposition of system-level failure into events that trigger using boolean logic. Probabilities assigned to leaf events. - cannot assign failure rates to softwrae |
|
|
How do you verify software reliability? (4) |
- Testing (presence, but not absence, of faults) - Static code analysis (false positives) - Model checking (limited by state explosion) - Deductive Program Verification (more expensive, requires human generating proofs) |
|
|
How do you design for reliability? (4) |
- Error detection - Error handling - Error recovery - Fault prevention/removal - Redundancy |
|
|
How can you implement error detection? (4) |
- Ping/echo - Heartbeat - Exceptions - Plausibility checks |
|
|
How can you implement error handling? (2) |
- Catch exceptions and handle - Error containment (prevent propagation) |
|
|
How can you implement error recovery? (7) |
- Redundancy and voting - Active redundancy - Passive redundancy - Checkpoint/rollback - Removal from service - Degraded modes - Fail-safe modes |
|
|
What is a problem with N-version programming redundancy? |
Very costly, and developers tend to make same mistakes |
|
|
What are some quality attributes related to security? (6) |
- Confidentiality - Integrity (prevent undetectable data mod) - Availability (prevent denial-of-service attacks) - Authenticity - Privacy - Nonrepudiation (cannot be falsely denied) |
|
|
What are Saltzer and Schroeder's Design Principles? (8) |
- Economy of mechanism - Fail-safe defaults - Complete mediation - Open design - Separation of privilege - Least privilege - Least common mechanism - Psychological acceptability |
|
|
What are some design tactics for resisting attacks? (7) |
- Authentication - Authorization - Confidentiality - Integrity - Limit exposure - Limit access |
|
|
What are some usability engineering methods? (5) |
- Testing (eye tracking, think-aloud) - Inspection (cognitive walkthroughs, guidelines) - Prototyping (paper, pictive, video, sketching) - Inquiry (field studies, observations, interviews, questionnaires) - Cognitive modelling (archetypes, personae, affinity diagrams) |
