660 likes | 851 Views
Architecture. P. E. R. F. O. O. A. R. &. M. M. A. ERROR RECOVERY. N. C. E. PROBLEM. Features. Functions. Software Architecture Conceptually. SYSTEM BASELINE REQUIREMENTS ALGORITHMS. FEATURE ENGINEERING. SOFTWARE DEVELOPMENT. SOFTWARE MANUFACTURING.
E N D
Architecture CS 552 Spring 2005 Arcchitecture
P E R F O O A R & M M A ERROR RECOVERY N C E PROBLEM Features Functions Software ArchitectureConceptually CS 552 Spring 2005 Arcchitecture
SYSTEM BASELINE REQUIREMENTS ALGORITHMS FEATURE ENGINEERING SOFTWARE DEVELOPMENT SOFTWARE MANUFACTURING INTEGRATION ARCHITECTURE ENGINEERING HUMAN FACTORS DEVELOPMENT TO SITES TRAFFIC ENGINEERING TRAFFIC PROJECTIONS ENGINNERING REPORTS SUPPORT AND OPERATIONS - COMPUTER CENTER - DEVELOPMENT MACHINE - TEST MACHINE CS 552 Spring 2005 Arcchitecture
Kruchten’s “4 + 1”Model for Developing Software Architecture + 1 Business Scenario View 1 View 2 Process -- System Integrators Logical -- End Users + 1 Business Scenario View 4 View 3 Execution -- Programmers Physical -- Engineers This is an innovative and comprehensive integration of the abstractions needed for writing system requirements. + 1 Business Scenario CS 552 Spring 2005 Arcchitecture
Tailored OO Application Software Reusable Software Vendor Software User Programs Software Engineering Client Personal Computer Client Workstation Application Server Large Data Server
Antenna Shared Bus Sensors Computer CS 552 Spring 2005 Arcchitecture
Reboot Gather Data Send images Processor Task Dispatcher Priority CS 552 Spring 2005 Arcchitecture
Real-Time 7x24 Alarm Monitoring and Analysis System 7 M E G A B Y T E S M S G S / H R 6 5 4 3 2 1 10 20 30 40 D A Y S Have Laptop-Will Travel
Mars Rovers:Spirit and Opportunity CS 552 Spring 2005 Arcchitecture
Search for traces of water on Mars . • Two rovers, Spirit and Opportunity sent • Rovers are identical, each sent to opposite sides of the planet • Spirit was launched on June 10, 2003 and landed on January 3, 2004 • Opportunity launched July 7, 2003, and landed on January 24, 2004 CS 552 Spring 2005 Arcchitecture
The Problem Timeline • June 10, ’03 – Spirit launched • January 3, ‘04 – Spirit rover lands • January 21, ‘04 –Spirit acknowledges communications, but sends no data. First sign of problems • January 23, ’04 – Spirit stops responding to requests. CS 552 Spring 2005 Arcchitecture
More Timeline • January 23, ’04 – Spirit sends 73Mb of ‘debug’ information • January 29, ’04 – Engineers find way to communicate with Spirit • Febuary 1, ’04 – Spirit restored CS 552 Spring 2005 Arcchitecture
What Went Wrong? • Thousands of extra files present in the rover’s memory • Files left over from the 7-month flight • Onboard software was having trouble managing the files • Rover began to reset itself every hour CS 552 Spring 2005 Arcchitecture
The Cause • Files flooded the onboard flash memory • System was not programmed to handle the thousands of files generated during the 7-month flight • Case of ‘ thousands of files’ unspecified and untested. CS 552 Spring 2005 Arcchitecture
The Cure • Remove the thousands of extra files • Reformat the flash memory and start from a clean slate CS 552 Spring 2005 Arcchitecture
Loss • Mission lost almost 10 days of data collection • When Spirit was fixed, the same fix was applied to Opportunity before it became a problem. CS 552 Spring 2005 Arcchitecture
Software Engineering Lessons • Check past assumed boundaries • If the system is only supposed to handle a few hundred files, test it an order of magnitude larger. • Allow for remote debugging • Watchdog timers are good • Beware of Deadlocks CS 552 Spring 2005 Arcchitecture
Resource Use • Processes need access to resources in reasonable order • Suppose a process holds resource A and requests resource B • at same time another process holds B and requests A • If both are blocked → DEADLOCK CS 552 Spring 2005 Arcchitecture
Deadlocks occur when • Processes are granted exclusive access to devices • Processes may have multiple copies CS 552 Spring 2005 Arcchitecture
Resources • Get Resource requires • request the resource • use the resource • release the resource • Must wait if request is denied • requesting process may be blocked • may fail with error code CS 552 Spring 2005 Arcchitecture
Definition of Deadlock • Processes are deadlocked when every process waits for an event that only another process in the set can cause • One thread, no interrupts • None of the processes can … • run • release resources • be awakened CS 552 Spring 2005 Arcchitecture
Four Conditions for Deadlock • Mutual exclusion condition • each resource assigned to 1 process or is available • Hold and wait condition • process holding resources can request additional • No preemption condition • previously granted resources cannot forcibly taken away • Circular wait condition • must be a circular chain of 2 or more processes • each is waiting for resource held by next member of the chain CS 552 Spring 2005 Arcchitecture
Halt process to Recover from Deadlock • Crude but simple way to break a deadlock • Kill one of the processes in the deadlock cycle • The other processes get its resources CS 552 Spring 2005 Arcchitecture
Two-Phase Commit • Middleware lock records for update • Phase One • process tries to lock all records it needs, one at a time • if needed record found locked, start over • (no real work done in phase one) • If phase one succeeds, it starts second phase, • performing updates • releasing locks • Note similarity to requesting all resources at once • Algorithm works where programmer can arrange things so that the program can be stopped and restarted CS 552 Spring 2005 Arcchitecture
Total Operating Expenses $450 per line (nominally) Operations Expenses $230 per line (nominally) Generic Telco Operating Expense MOV CS 552 Spring 2005 Arcchitecture
Provisioning Paradigm Shift Legacy Environment New OS-LP Direct Order Entry Service Negotiation • Activate in Near Real Time Service Order Processing • Use Real Data, not the Model Activation • Effective Use of Logical Resources Network Mechanized • Activation of POTS/Video Inventory Assignment Installation Inventory Service Memory Data Quality Activation Administration Issues Switch Switch MDF HDT ONU CS 552 Spring 2005 Arcchitecture
Association of JiffyLOOP Companies • Customers • TIS • Application Technology Companies • Platform Supplier Companies • Investors CS 552 Spring 2005 Arcchitecture
‘Buy Not Build’ Philosophy • DB-3 provides the PRIS Loopmake-up and cable throw modules • IGS provides the DB-ABLE physical Database & Blueprint generator • IGS & DB-3 extend DB-ABLE to include spatial and logical data. New Database is DB-ABLE/heavy • NPI provides external interfaces and legacy encapsulation • AutoDesk provides Outside Plant Engineer client CS 552 Spring 2005 Arcchitecture
JIffyLOOP LogicalView CS 552 Spring 2005 Arcchitecture
JIFFY LOOP Client / Server Physical Server Platforms Client Platforms Hardware Operating System Hardware Operating System • HP • Solaris • HP - UX • HP • MS Windows • Intel - based Pentium • 166 MHz PC / 32 • megabyte minimum • Pentium 133 MHz • pen hardware 24 • megabyte minimum TIS Server Software • PRIS Application • Broad Band Engineering Tools • DB - Able / Heavy Database • MapGen • NetGen • Validation & Connectivity • DB - Able Migration Tool TIS Client Software UNIX Server • DB - Able Toolbar (GUI) • DB - Able Conversion Tool (GUI) • Data Maintenance Tool (GUI) • GeoCode • DB - Traveler (pen system) • PRIS EWO Tools • PRIS Facility Assignment Tools • PRIS SAG & Living Unit Tools Network • Microsoft • Compliant • TCP / IP • Protocol • TCP / IP • SQL*Net Third-Party CAD / GIS • AutoCAD • Autodesk World • Autodesk World Express • Autodesk Mapguide Database • Oracle 7
P4 LMU D2 Geo Base Tiles P7 P1 P2 P3 P6 Update JiffyLOOP Route EWO Analyze RMA (LMV or Cable Throws) Query LFACS Cable Throw Create EWO D3 DB-Able D1 DMS P5 Manual EWO JiffyLOOP Process EE5 Instant Loop EE2 COSMOS Y/N ILRN EE1 LFACS EE4 Construction Cable Throw No Data Query LMU RMA EE1 LFACS LMU LDB EWO Packet Prepost Updates Tile MapGen and Tile LDB Yes Data Query P8 Special Circuits EWO/LMU LDB & MapGen Yes EWO LDB Pre-Post EWO LDB Archive EWO RMA No EE1 LFACS Yes EWO LDB and EWO MapGEn Cable Throw? EE3 Engineering Relief, Rehab, or New Plant No CS 552 Spring 2005 Arcchitecture
DB-Able LFACS M* PRIS Server PRIS Client MapGen LDB Database Process RMA RMA Register Place RMA in Queue Check & Request RMA RMA Data Format LFACS Request(s) LFACS Request(s) LFACS Request(s) LFACS Data LFACS Data Loop LDB Request Loop LDB Request Create Loop LDB Loop LDB Completion Notice Loop LDB Completion Notice Loop Computation & Loop Value Analysis User Determine Options and Place in Queue Check and Request Options Receive Options Select Option Relay Selected Option LFACS Update LFACS Update Affected Equipment Launch & Schedule EWO Mapgen(s) CS 552 Spring 2005 Arcchitecture
DB-Able LFACS M* PRIS Server PRIS Client MapGen LDB Database As-Built Posting Redlines Retrieve EWO Retrieve EWO Check-out EWO from DMS FTP EWO Packet Notification Add Changes Change Status Update LFACS EWO Completion and LFACS Data EWO Completion and LFACS Data LDB Update Update Completion Notice Completion Notice Affected Tile List Tile Mapgen Create DWG Tile LDB Create LDB Completion Notification FTP Tile & LDB GeoBase FTP and Archive Final Post EWO DMS CS 552 Spring 2005 Arcchitecture
Cost of Modifying Modules for Reuse Relative Cost Amount Modified
Productivity as a Function of Project Size Bell Laboratories data Capers Jones data Productivity (Function points / staff month) Function Points
S S Client/Server CS 552 Spring 2005 Arcchitecture
Remote Process Calls (RPC) Local Server Remote Server Application Router Server Stub RPC call Client Stub
Data Complexity Data structures can be complicated Data structures can be inconsistent
Data Structure is Key to Systems Integration • Any meaningful concept of integration isolates data structures or manages objects used by the systems. • Systems are coupled to the degree that they use the same objects. • Objects are not static in either meaning or structure; the problem is to manage these changes, not stop them. • Data do not die when their host system dies. In fact, they grow, coupling with data from other systems.
What Must a Software Model of Real Data Do? If real life is chaotic, and if real data are chaotic, then a model must: 1. Operate when data structure and values are inconsistent, 2. Insist on similarity, not congruence, of data structure and methods, and 3. Withstand error rates from 0.2% to 10.0%.
Middleware Message-oriented middleware and object request brokers (ORBs) map multiple transactions across multiple databases in the face of redundant data.
CORBA Mapping Translates • Different information models • Protocol conversion • Conversion of syntax and semantics
Object Repository CORBA Architecture OO Application Skeleton ORB Interface Object Repository Server ORB Interface Internet Interface ORB Protocol (IIOP) Object Request Broker (ORB) TCP/IP Stub Interface Definition Language
CORBA Gateway Customer Care GDMO Billing Order Mgmt CORBA-based Network Managers IIOP Q3 CMIP TMN Application CORBA/CMIP Gateway IIOP CMIP CMIP IP Q3
Remember! “It is possible to produce truly awful object oriented programs and systems.” Bjarne Stroustrup Inventor of C++
Problem Designing reliable software within this overall complexity requires new approaches.
Key Design Constraints • Simplify • Limit language features • Insist on structured programming • Restrict Component size • Bound execution domain • Budget Performance • Check Component Stability • Stationary state space • Perform scenario tests. Have Laptop-Will Travel
Fault Density Is a Function of Time Asymptote Faults per 1000 lines Time of testing Have Laptop-Will Travel
Software Dynamics • Dynamics focus on the performance of software under load. The key issue is when will it break. Design margin is the difference between the breakpoint and the operating point. Have Laptop-Will Travel