Software Design and Architecture for IoT

B.Tech. CSE ( IoT & Automation )

Unit – I

Chapter 8 & 9 – Quality Attribute: Performance & Security

1
Software Architecture

Software Architecture: Architectural Structures and Views - Architectural

Patterns – Understanding Quality attributes – Availability – Interoperability
– Modifiability – Performance – Security – Testability General Scenario –
Usability General Scenario – Designing an Architecture.

Reference Book

Len Bass, Paul Clements, Rick Kazman, Software Architecture in Practice,

Addison-Wesley, Third Edition, 2013.

2
Quality Attribute: Performance

• Software system's ability to meet timing requirements

• When events occur interrupts, messages, requests from users or other systems, or clock events marking
the passage of time the system, or some element of the system, must respond to them in time.
• Performance scenario begins with an event arriving at the system
• An arrival pattern for events is characterized as periodic, stochastic, or sporadic:
• Periodic events arrive predictably at regular time intervals.
• For instance, an event may arrive every 10 milliseconds.
• Periodic event arrival is most often seen in real-time systems.
• Stochastic arrival means that events arrive according to some probabilistic distribution.
• Sporadic events arrive according to a pattern that is neither periodic nor stochastic
• Even these can be characterized, however, in certain circumstances.

3
Performance General Scenarios

4
Performance: Tactics

5
Performance: Tactics

• Goal of performance tactics is to generate a response to an event arriving at the system within
some time-based constraint
• Control resource demand
• tactic operates on the demand side to produce smaller demand on the resources that
will have to service the events
• Manage resources
• tactic operates on the response side to make the resources at hand work more
effectively in handling the demands put to them

• Control resource demand

• to increase performance is to carefully manage the demand for resources
• done by reducing the number of events processed by enforcing a sampling rate or by
limiting the rate at which the system responds to events

6
Performance: Tactics

• Manage sampling rate

• If it is possible to reduce the sampling frequency at which a stream of environmental data is
captured, then demand can be reduced, typically with some attendant loss of fidelity
• Limit event response
• When discrete events arrive at the system (or element) too rapidly to be processed, then the
events must be queued until they can be processed.
• tactic could be triggered by a queue size or processor utilization measure exceeding some
warning level
• Prioritize events
• not all events are equally important, you can impose a priority scheme that ranks events
according to how important it is to service them
• For example, a building management syste1n may raise a variety of alarms. Life-threatening
alarms such as a fire alarm should be given higher priority than informational alarms such as
a room is too cold

7
Performance: Tactics

• Reduce overhead
• use of intermediaries increases the resources consumed in processing an event stream, and so
removing them improves latency
• strategy for reducing computational overhead is to co-locate resources
• Co-location may mean hosting cooperating components on the same processor to avoid the time
delay of net
• Bound execution times
• Place a limit on how much execution time is used to respond to an event
• Ex: For iterative, data-dependent algorithms, limiting the number of iterations is a method for
bounding execution times work communication
• Increase resource efficiency
• Improving the algorithms used in critical areas will decrease latency

8
Performance: Tactics

• Manage Resources
• demand for resources is not controllable, the management of these resources can be
• Increase resources
• Faster processors, additional processors, additional memory, and faster networks all have the
potential for reducing latency
• Cost is usually a consideration in the choice of resources, but increasing the resources is
definitely a tactic to reduce latency and in many cases is the cheapest way to get immediate
improvement
• Introduce concurrency
• If requests can be processed in parallel, the blocked time can be reduced
• Concurrency can be introduced by processing different streams of events on different threads or
by creating additional threads to processs different sets of activities
• Maintain multiple copies of computations
• Multiple servers in a client-server pattern are replicas of computation
• Purpose of replicas is to reduce the contention that would occur if all computations took place
on a single server
• load balancer is a piece of software that assigns new work to one of the available duplicate
servers
9
Performance: Tactics

• Maintain multiple copies of data

• Caching is a tactic that involves keeping copies of data (possibly one a subset of the other) on
storage with different access speeds
• Data replication involves keeping separate copies of the data to reduce the contention from
multiple simultaneous accesses
• Because the data being cached or replicated is usually a copy of existing data, keeping the copies
consistent and synchronized becomes a responsibility that the system must assume
• Another responsibility is to choose the data to be cached
• Bound queue sizes
• controls the maximum number of queued arrivals and consequently the resources used to process
the arrivals
• Schedule resources
• Whenever there is contention for a resource, the resource must be scheduled
• Processors are scheduled, buffers are scheduled, and networks are scheduled
• choose the scheduling strategy that is compatible with it

10
Performance: Tactics

• Scheduling Policies
• Scheduling policy conceptually has two parts: a priority assignment and dispatching
• All scheduling policies assign priorities. In some cases the assignment is as simple as first-in/first-out
(or FIFO). In other cases, it can be tied to the deadline of the request or its semantic importance
• Common scheduling policies
• First-in/first-out
• FIFO queues treat all requests for resources as equals and satisfy them in tum
• One possibility with a FIFO queue is that one request will be stuck behind another one that takes
a long time to generate a response
• Fixed-priority scheduling
• Fixed-priority scheduling assigns each source of resource requests a particular priority and
assigns the resources in that priority order

11
Performance: Tactics

• Fixed-priority scheduling: Common prioritization strategies

• Semantic importance
• Each stream is assigned a priority statically according to some domain characteristic of the task
that generates it.
• Deadline monotonic.
• static priority assignment that assigns higher priority to streams with shorter deadlines
• scheduling policy is used when streams of different priorities with real-time
deadlines are to be scheduled.
• Rate monotonic
• static priority assignment for periodic streams that assigns higher priority to streams with shorter
periods.
• Dynamic priority scheduling. Strategies include these:
• Round-robin: scheduling strategy that orders the requests and then, at every assignment possibility,
assigns the resource to the next request in that order
• Earliest-deadline-first : assigns priorities based on the pending requests with the earliest deadline.
• Least-slack-first strategy assigns the highest priority to the job having the least "slack time," which is
the difference between the execution time remaining and the time to the job's deadline
12
13
Quality Attribute: Security

• Measure of the system's ability to protect data and information from unauthorized
access while still providing access to people and systems that are authorized
• Action taken against a computer system with the intention of doing harm is called
an attack and can take a number of forms
• may be an unauthorized attempt to access data or services or to modify data,
or it may be intended to deny services to legitimate users
• Simplest approach to characterizing security has three characteristics
• Confidentiality, Integrity, Availability (CIA)
• Supporting CIA … Authentication, Nonrepudiation , Authorization

14
Security General Scenario

15
Security General Scenario

16
Security Tactics

17
Security Tactics

Detect Attacks
• Category consists of four tactics: detect intrusion, detect service denial, verify message integrity, and
detect message delay
• Detect intrusion
• comparison of network traffic or service request patterns within a system to a set of signatures or
known patterns of malicious behavior stored in a database
• Detect service denial
• comparison of the pattern or signature of network traffic coming into a system to historic profiles of
known denial-of-service attacks
• Verify message integrity
• employs techniques such as checksums or hash values to verify the integrity of messages, resource
files, deployment files, and configuration files
• Detect message delay
• intended to detect potential man-in-the-middle attacks, where a malicious party is intercepting (and
possibly modifying) messages
• By checking the time that it takes to deliver a message, it is possible to detect suspicious timing
behavior, where the time it takes to deliver a message is highly variable
18
Security Tactics: Resist Attacks

• Resist Attacks
• Identify actors
• Identifying "actors" is really about identifying the source of any external input to the system.
• Users are typically identified through: user IDs, access codes, IP addresses, protocols, ports
• Authenticate actors
• ensuring that an actor (a user or a remote computer) is actually who or what it purports to be
• Passwords, one-time passwords, digital certificates, and biometric identification provide a
means for authentication
• Authorize actors
• ensuring that an authenticated actor has the rights to access and modify either data or
services
• mechanism is usually enabled by providing some access control mechanisms within a system.
• Limit access
• Limiting access to computing resources involves limiting access to resources such as memory,
network connections, or access points
• may be achieved by using memory protection, blocking a host, closing a port, or rejecting a
protocol
19
Security Tactics: Resist Attacks

• Limit exposure
• minimizes the attack surface of a system
• focuses on reducing the probability of and minimizing the effects of damage caused by a hostile
action
• typically realized by having the least possible number of access points for resources, data, or
services and by reducing the number of connectors that may provide unanticipated exposure
• Encrypt data
• Data should be protected from unauthorized access. Confidentiality is usually achieved by applying
some form of encryption to data
• Separate entities
• Entities within the system can be done through physical separation on different servers that are
attached to different networks; the use of virtual machines and to communication
• Change default settings
• Many systems have default settings assigned when the system is delivered
• Forcing the user to change those settings will prevent attackers from gaining access to the system
through settings that are, generally, publicly available

20
Security Tactics : React to Attacks , Recover

• Revoke access
• If the system or a system administrator believes that an attack is underway, then access can be
severely limited to sensitive resources, even for normally legitimate users and uses
• Lock computer
• Repeated failed login attempts may indicate a potential attack
• Many systems limit access from a particular computer if there are repeated failed attempts to
access an account from that computer
• Legitimate users may make mistakes in attempting to log in
• Inform actors
• Ongoing attacks may require action by operators, other personnel, or cooperating systems
• Such personnel or systems the set of relevant actors must be notified when the system has
detected an attack
• Recover from Attacks
• Once a system has detected and attempted to resist an attack, it needs to recover
• Part of recovery is restoration of services
• maintain an audit trail - Keep a record of user and system actions and their effects to help trace
the actions of, and to identify, an attacker
21