Decomposing distributed software architectures for the determination and incorporation of security and other non-functional requirements

Abstract

Non-functional requirements (NFRs) such as security, reliability and performance play a crucial role in the development of modern distributed systems. The burden of incorporating NFRs into a system's architecture, as well the determination of new design-level NFRs, can be greatly eased by the use of a structured approach providing guidance to developers. Such structured approaches, however, require equally structured system characterisations. This is especially important for distributed systems, which are inherently complex and multi-faceted. In this paper we propose a form of characterisation which we term architectural decomposition, and present a multi-level conceptual framework for decomposing distributed software architectures. Using the framework for decomposing architectures can help guide the incorporation and, via complementary analysis processes, the determination of NFRs at the architectural level. We describe each of the levels of the framework in turn, propose a complementary analysis process for security based on threat modelling, as well as a process for using the framework itself, and demonstrate the utility of our approach via an example derived from a real-life distributed architecture.