Notes on the Bangbai Scenario

BACKGROUND
The city of Bangbai has grown very rapidly over the last decade and it has become apparent
that its CAD is no longer sufficient.
● System experiencing a higher level of use than it was originally designed to handle. In a
few cases a hardware component had failed and had to be replaced, but most errors
were simply due to a lack of capacity to handle the increasing demands of a larger
population with accidents being reported more frequently
● For larger cities, Rahul (ECC Manager) learnt that these places used scalable and
extensible architecture, used common standard protocols to work with information
systems as to make them future proof
● He has multiple options: Commercial Software, SaaS, and Custom software, all needing
to be developed tailored to their purpose

EMERGENCY MANAGEMENT INFORMATION SYSTEM (EMIS)

● Not only focuses on handling accidents and emergencies (Response) , but also:
○ preventing them in the first place (contingency planning)
○ risk mitigation ( as in noticing danger earlier, pre-preparation for any sort of
disaster, and damage limitation in case of emergency)
○ Recovery (handling the fallout of any disaster/accident)
● NOTE: Rahul does not believe an immediate full scale use of an EMIS would work
for Bangbai, need replacement CAD that can be adapted later to be more like an
EMIS

EMERGENCY SERVICE APP: WHAT IS IT AND WHY USE IT?

● Faster than phone call; increased efficiency, decreased need for operators at a control
center
● Additionally, most smartphones use GPS, which can be utilized to quickly get to an area
of emergency (ethical issues here?)
● It is much faster than someone vocally giving an operator an address, crucial time saved
● Allows for continuous update in emergency situation from people at the scene through
specified input on the app, with operators at the ECC (Emergency Control Centre)
capable of calling the user for specification ( using VOIP) (again, ethical issues?)

● The app would be independent of other software on the phone, but would likely have to
encompass a number of technologies
○ Multiple TCP/IP Sockets
○ Application Programming Interface (API)

1
 ○ Achieved by Representational State Transfer (REST)
● Given that some people don’t use the app, the ECC could still much more easily handle
the remaining people, this would also be expected to decrease at time went on (more
people use the app over time)
● This solution means that the current ECC does not need to be upgraded with new
technology

EMERGENCY SERVICE APP AND RISK MITIGATION

● App would include feature to report non urgent issues currently taking place, including:
○ traffic congestion
○ suspicious activities
○ risks to public health and safety
○ Potentially suggest improvements to services (basically feedback for app devs)
● This 'inform' feature would have users upload a sound file or photo with a text of what
the problem is, along with the location of this problem (may be different from location of
user)
● This information feature may however involve collecting personal information of the
person who submits the information due to it collecting additional info from the device
used (ethical issues?)
● Users have asked for this app to use a VPN or proxy server ( problems with this?)

EMERGENCY RESPONSE VEHICLES

● CAD system currently used has numerous dedicated devices using an embedded
operating system in most vehicles
● These are legacy systems, which update the central server at regular intervals in a
stateless way
● However, these legacy systems use HTTP protocols, and thus can be upgraded in a
number of ways, including:
○ Messaging Systems
○ Queries
● These would however stateful communication as opposed to stateless, which can be
achieved using cookies or URL rewriting to maintain state between requests

Multi TIERMULTITIER ARCHITECTURE AND SCALABILITY

● To handle the gradually increasing amount of people using the app for non-urgent
reasons, and the general increase in city population, the new CAD system needs to be
built with scalable architecture

2
 ● This is to allow later improvements that would transition the system to more EMIS
features (the architecture must therefore be compatible with future upgrades, i.e. future
proof)
● Rahul and his team concluded that they should separate the system into tiers across
many servers to accommodate for the large number of users
● This allows for many main components to be reused, e.g.
○ "web interface for reporting emergencies and requesting assistance could be
added with very little additional effort, as it would simply use the same logic tier
services as the smartphone and desktop apps"
● Benefits of Three-Tier Architecture
● Scalability—Each tier can scale horizontally. For example, you can load-balance
the Presentation tier among three servers to satisfy more Web requests without
adding servers to the Application and Data tiers.
● Performance—Because the Presentation tier can cache requests, network
utilization is minimized, and the load is reduced on the Application and Data tiers.
If needed, you can load-balance any tier.
● Availability—If the Application tier server is down and caching is sufficient, the
Presentation tier can process Web requests using the cache.

THE NEW CAD SYSTEM AND ITS TIERS

●
● The New CAD system focuses on the 'Response' component of an EMIS (see above)
● It is implemented through what is known as a "cluster of servers", which answer queries
and provide services for the user
● Different parts of this system divided into tiers (multitier architecture) which can be
spread out across many servers to accommodate for increasing population
● The system will encompass three main tiers
○ Presentation Tier: Code for UI, used between app, ECC, and emergency
responder devices
○ The Logic Tier: Algorithms that contain the main procedures/services of the
EMIS, for example, all of the operations needed to coordinate the response
vehicles
○ The Data Tier: Contains the code that allows access to various databases used
by the system given different physical locations and make modifications/ updates
● All changes in the database are done via a Transaction Processing System (TPS), which
means that successful changes are committed (saved) to the database, while failed
changes/ transactions are rolled back (See Paper 2: Option A, Databases)
● A tier in multi-tier architecture can only communicate with the next or previous tier in the
system; in this scenario, the order is Presentation-Logic-Data, meaning for example
that the data tier should not be accessed without first going through the logic tier (this
would check the credentials of the request for modifying the database and make sure
everything is in order beforehand)

3
LOAD BALANCING ALGORITHMS
● "Rahul is concerned that as Bangbai is growing so rapidly, the increase in usage may
generate excessive load on the servers at very busy periods"
● He concluded that this can be handled through load balancing algorithms that make use
of the available servers
● Load balancing is the process of redirecting requests to the various servers (cluster of
servers) in the system when one or more is overloaded and cannot handle more
requests
● When a system has many servers, they don't necessarily all handle the same task or
provide for the same service or function by default
● The distribution of servers and the services they are focused on is based off which ones
are used more frequently by users and their average workload when responding to their
designated service/feature (e.g. more servers may be committed to the "inform" function
as it is likely it will be used more frequently than others)
● A number of load balancing algorithms can be used; In the Bangbai Scenario, three are
identified
○ client side random
○ weighted round robin
○ source IP hash
● NOTE: Rahul believes that the report/inform function may be used for trivial information,
such as stray cats or trash on the street, which is a waste of the servers processing
power and purpose

FAILOVER
● A failover system/server is an emergency secondary server/system that can kick in and
do the job of the primary server/system should this one fail, breakdown, or be unable to
perform its intended role in any way )(e.g. if there is a power failure in the building where
the primary server is located)
● The failover may need to have information on the current state of the interactions
between server and user if this is a necessity in the system (In Bangbai' s case, yes)

CONCLUSION AND CHALLENGES TO FACE

● Rahul's plan is well received, however the new EMIS must needs to include:
○ Scalability; the system needs to be expandable, i.e. new servers can be added
when In need
○ Duplicate or redundant hardware; should part of the system go down due to
hardware problems, redundant hardware (e.g. extra servers) must be able to
replace it immediately (failover)

4
● In the development of the EMIS, a number of challengers will have to be tackled (These
are taken from the Case study)
○ begin the planning of an EMIS system which handles all the current CAD work in
a more scalable and extensible manner.
○ plan for the increasing loads on servers by investigating proven methods,
including providing redundancy, failover and load balancing.
○ develop a smartphone app that has emergency functionality and a reporting /
informing function that allows citizens to provide information on non-urgent
issues.
○ make use of the legacy devices already present in the emergency response
vehicles while still meeting the requirements of the proposed system.
○ report on the implications of the project with respect to the key stakeholders
including an overview of any obvious legal and ethical implications.

5
KEY TERMS

Application programming interface (API)

● A set of routines, protocols and tools used for building software
● Specifies how parts of software interact with each other
● Simplifies the creation of a program

Client side random

● Load balancing, that is server heavy.
● A list of server IPs are delivered to the client => the client randomly selects the IP
from the list on each connection.
● This relies on all clients generating similar loads, and the Law of Large Numbers to
achieve a reasonably flat load distribution across servers.
● It has been claimed that client-side random load balancing tends to provide better
load distribution than round-robin DNS

Cluster
● A set of tightly or loosely connected computers which effectively work as a single
system
● Each node performs the same task, increasing the processing power
● The components of a cluster are usually connected to each other through fast LAN
networks, with each node (computer used as a server) running its own instance of
an operating system

Cluster of servers
● The same as above but with servers

Commercial software
● Software made for commercial use, such as windows os
● Software you can buy

Computer aided dispatch (CAD)

● A method of dispatching a service, taxi cab, bus, which is controlled, and assisted by
computers

Cookies
● Small files saved on the user's computer

6
 ● Are used by websites to tailor to each specific user
● To store settings or login details

Custom software
● Software that is specifically designed for a specific company or client.
● A.k.a. Bespoke software
● Will be better specialized to the specific tasks it must carry out
● Will be more expensive to develop than using a pre-made software

Emergency control centre (ECC)

● A building or room that manages all emergency situations

Emergency management information system (EMIS)

● A database for disaster response that provides graphical and real-time information
● Supports responders during emergencies
● http://www.giswebsite.com/lkc/refs/er/sld001.htm

Emergency number
● A designated number (112) that is used to call all emergency services

Failover
● A backup for a system, which is started and utilized once the original system fails,
done in order to keep operations running

Future-proof
● The process of anticipating the future and developing methods of minimizing the
effects of shocks and stresses of future events (perhaps easily upgradable)
● A buzzword that describes a product, service or technological system that will not
need to be significantly updated as technology advances

Global positioning system (GPS)

● A worldwide system which can tell a devices exact position (15 meters radius)
through the use of trilateration with four different satellites.
http://www.physics.org/article-questions.asp?id=55
● Trilateration:

○ GPS uses trilateration to locate the position of the receiver located in the
mobile device. Trilateration requires the use of 4 satellites that transmit

7
 signals along with the time the signal was sent. The distance of the satellite
can be calculated from the length of time it took for the signal to arrive. All
4 satellites send signals and from where the distances intersect the
location of the GPS receiver can be determined.

HTTP or HTTP/2:
● The communications protocol used to connect to Web servers on the Internet or on
a local network (intranet).
● A major revision of the HTTP network protocol used by the World Wide Web.
○ No changes to existing web apps
■ Methods and URL stay
○ Increases speed
■ Method of transport of data
● Request methods
○ GET
■ Request for a specified resource
● Only retrieves data
○ POST
■ Requests that the server accepts the entity and adds it to the page
● Webform
○ PUT
■ Requests that the enclosed entity in stored under the supplied URI
(uniform resource identifier)
● Refers to an existing resource
○ DELETE
■ Deletes the specified resource

◦HEAD
● Response identical to the GET but without actual data
○ Metadata
○ Trace
■ The trace method echoes the received request so that a client can see
what
○ OPTIONS

8
Load balancing algorithm
● An algorithm which tries to reduce the processing power the system needs
● Prioritized critical requests
● Shares the instructions based on priority
○ To not put too much stress on one system
● https://kemptechnologies.com/load-balancer/load-balancing-algorithms-
techniques/

Multitier architecture
● A client-server which application management, data management, and
presentation are all separated → architecture
● https://stackify.com/n-tier-architecture/
Proxy server
● A server which is able to act as a “middle man” between a client and a certain
destination on the internet. This is done in order to hide a users IP or other
credentials.

Real-time
● Computing that is done as instructions are sent, like a live TV feed or twitch. This is
also done in emergency systems so that emergency services can act accordingly

Redundancy
● More than one version of the data in case of data loss or data being stolen.
● More than what is necessary
● Having a backup of data, in case one fails

Representational state transfer (REST)

Rest based applications have an architectural style and can be written in any program
● Representational State Transfer (REST) is a software architectural style that
defines a set of constraints to be used for creating web services.
● This makes it easier for systems to communicate with each other.
● Web services that conform to the REST architectural style, termed RESTful web
services, provide interoperability between computer systems on the Internet.
● RESTful web services allow the requesting systems to access and manipulate textual
representations of web resources by using a uniform and predefined set of
stateless operations.
● More of a style rather than an actual protocol stateless →

9
 ● Can operate without server knowing about client and vice versa, they can operate
independently
● Any server in any of the 3 tiers can access data, it is all about design, geographical
location also does not matter
● https://www.codecademy.com/articles/what-is-rest

Scalability / scalable architecture

● A system, network or process which has been built with the idea that the workload
may change in scope
● Increase the size or number of the hardware
● Add new features easily
○ Vertical:
■ Adding processing power, and hardware, to make a particular device
faster, adding better CPUs, more RAM.
○ Linear:
■ Adding more devices to a system, such as more physical servers.

Safety-critical
● A safety-critical system, also known as a life-critical system, is a system whose failure
or malfunction can result in negative outcomes such as death or serious injury to
people, loss or severe damage to equipment/property or environmental harm.

Session
● A temporary connection between two or more devices
○ The session is created at a certain point in time and torn down after
● A session is usually stateful
● They usually expire, for account security (managebac logs you out every 30 days)
unless you’re facebook then no.

SourceSession IP hash
● Source IP Hash load balancing uses an algorithm that takes the source and
destination IP address of the client and server to generate a unique hash key
● This key is used to allocate the client to a particular server

10
 ● As the key can be regenerated if the session is broken, this method of load
balancing can ensure that the client is directed to the same server that it was using
previously
● This is useful if it’s important that a client should connect to a session that is still
active after disconnection and reconnection

Session management
● Session management is a process of providing keys to authenticated users (such as
a session-id) and having them pass it back to you. As a result, encrypted secure
network communications are required to implement secure session management
● Verify the passwords and keys that have been interchanged by the user and server.
● Secure cookies are used in storing all credentials and important information. Can be
tricked into revealing the information if an attacker uses DNS spoofing.

Socket
● A network socket is one endpoint in a communication flow between two programs
running over a network.
● Port numbers usually represent a socket. Http has the port number 80 (44388 for
HTTPS/HTTP2if secure), ssh has port number 22.
● Created and used with a set of program protocols and instructions.
SessionSource IP hash (load balancing)
● Uses an algorithm which takes the source and destination IPs and creates a hash
key from them
○ Used to allocate the client to a particular server
○ As the key can be regenerated if the session is broken, this method of load
balancing can ensure that the client is directed to the same server that it was
using previously.
○ This is useful if it’s important that a client should connect to a session that is
still active after disconnection and reconnection.
● Used for gaming to keep the game session that you were in if you are to suddenly
leave the match for some reason.

Stateful / stateless / maintaining state

● Stateful
○ Info is retained after sending and receiving
○ At least one of the parties needs to hold the current state of info and save it

11
 ○ Holds info about the session history in order to communicate
○ PHP with MYSQL
● Stateless
○ No info is retained after sending and receiving
○ Communication consists of independent requests and responses
○ ACTP
● Maintaining state
○ Use cookies, server protocols
○ To keep the same state as before
TCP/IP sockets
● IP (internet protocol)
○ Identifies the computer
○ Address of the computer so to know where to send the data
● TCP (transmission control protocol)
○ Is for connection-oriented applications. It has built-in error checking and will
retransmit missing packets.
○ Manages messages being assembled into smaller packets, and then
reassembles those same packages at the other side.
● States how data is sent over the internet
○ Has a receiver and a sender
● Has 4 different layers:
○ The application layer provides applications with standardized data exchange
○ The transport layer is for maintaining
○ The network layer is the internet layer that delivers packages from end to
end across the internet.

Transaction processing system (TPS)

● Transaction processing is a way of computing that divides work into individual,
indivisible operations, called transactions.
● A transaction processing system (TPS) is a software system, or software/hardware
combination, that supports transaction processing.
● If there is an error which prevents the operation from being completed
○ The data will be rolled back to the original state before the operation began
○ It has no delay
■ The result of each transaction are available immediately
● Errors are frequent and common and are tolerable
○ Backups to revert back after an error

12
 ● Together with batch processing
○ This has a delay, errors can occur, however, they are infrequent and usually
tolerated.

URL rewriting
● URL rewriting is the technique used to "translate" a URL into something the server
can understand.
● You can tell from the new URL, even when it's taken out of context, what you're
likely to find on that page.
● It's an easy URL to remember and to pass to another person.
● Search engines can split that URL into words and they can use that information to
better determine the content of the page.
● Unfortunately, the last URL cannot be easily understood by a server without some
work on our part. When a request is made for that URL, the server needs to work
out how to process that URL so that it knows what to send back to the user.
● http://www.pets.com/show_a_product.php?product_id=7
remove
● http://www.pets.com/parrots/norwegian-blue/

Virtual private network (VPN)

A virtual private network (VPN) extends a private network across a public network, and
enables users to send and receive data across shared or public networks as if their
computing devices were directly connected to the private network. Applications running
across a VPN may, therefore, benefit from:
● Functionality
● Security
● Management of the private network.
● It may be faster → It can cache pages for you, meaning that it has a copy of
the webpage you are trying to access if someone has recently accessed it.
(Faster)
● Client ⇒ VPN Server ⇒ Actual Server ⇒ VPN Server ⇒ Client (could be used in
the example of a worker accessing work servers from abroad on a mission)
● Makes it seem like the request is coming from the VPN server rather than the client

Voice over internet protocol (VoIP)

13
 ● Voice over Internet Protocol is a group of technologies for the delivery of voice
communications and multimedia sessions over Internet Protocol (IP) networks, such
as the Internet.

Weighted round robin

● Round-robin (RR) is one of the algorithms employed by the process and network
schedulers in computing
● Each client is assigned a random server based on weights
○ Higher values assigned to more powerful or less loaded machines
○ Lower values are assigned to less powerful or more loaded machines
● A weight is assigned to each server based on its function and processing power.
Depending on this, each server will process more or less requests in relation to the
others. Traffic is distributed equally.

Zero downtime
● Zero Downtime describes a site without service interruption.
● To achieve this it is necessary to have: geographically distributed load balancing,
multiple clustered databases on the backend, and multiple load balanced web
servers. (Multiple distributed servers on a global scale)
● A robust system is needed
○ This is to ensure the safety and constant response of emergency services

14