EXERCISE 1

Your Name and ID: Trần Phạm Minh Đăng - 2052070

You are given an exercise that requires to build an Amazon-like software system ...
(https://www.junglescout.com/how-to-sell-on-amazon-fba/)

Answer 1:

Amazon-like software system is an infrastructure designed to support various e-commerce

activities, including inventory management, order processing, payments, delivery logistics and
customer management. Below is an overview of how the Amazon-like system operates.
Therefore, this is the Operation Workflow in my opinion:

• Users (Sellers or Customers) initiate their Amazon-like system shopping experience by

accessing the platform's website through a meticulously designed and user-friendly Front-
end interface, which acts as the gateway for their exploration, selection, and interaction
with the extensive range of products and services offered. For example, users can sign up
or log in to the system.
• Seller can update the information of their goods in store, then accept orders to get from the
warehouse for sell and get payment.
• Users are empowered to conduct product searches, delve into product specifics, initiate
orders, and complete secure payments within the ecosystem.
• The system processes user requests and interacts with various services to execute activities
like inventory management, order processing, and order delivery.
 • Data pertaining to products, orders, and customer profiles is meticulously stored and
efficiently managed within our robust and comprehensive database system.
• Through the user interface, the system delivers crucial information and timely updates
regarding the status of orders to keep users informed and engaged.

Answer 2:

a. Use-case

b. Deployment Architecture:

• The system is constructed based on a distributed architecture, enabling it to efficiently process

a vast number of requests and offering the flexibility to scale as needed.
• Real-time updates on product status and availability are provided by the system.

• Robust security measures are put in place to safeguard user data and secure payment
transactions.

• A key focus is placed on delivering a user-friendly interface for both sellers and customers.

• Stringent data validation and integrity checks are implemented to uphold the accuracy of
information stored in the database.

• Efforts are made to optimize system performance to achieve quicker response times.

• High system availability and fault tolerance mechanisms are in place to mitigate disruptions.

• Analytics may be employed to monitor user behavior and assess website performance, if
necessary.

• The system follows a Service-Oriented Architecture (SOA), where diverse functions are
implemented as independent, self-contained services.

• The database system is distributed and regularly backed up to maintain data consistency and
ensure the capability to recover data when needed.

Answer 3:

+ Redundancy: Maintaining multiple versions of critical components to ensure that if one version
encounters an issue such as Hardware, Software or Operational failures, a backup version can be
utilized. For example, having backup storage for databases or servers, with redundant copies of
the system readily available

+ Diversity: Provide the same functionality in different ways in different components so that they
will not fail in the same way. For instance, implementing payment processing functionality
through various different methods to ensure that if one method encounters an issue or becomes
unavailable, there are still alternative backup options.

+ Redundant and diverse components should be independent so that they will not suffer from
‘common-mode’ failures. For example, components implemented in different programming
languages means that a compiler fault will not affect all of them.

+ Utilize a diverse range of process activities: Process activities, such as validation, should not
depend on a single approach, such as testing, to validate the system. Redundant and diverse
process activities are important such as conduct static analysis, reliability testing especially for
verification and validation.

+ The augmentation and diversification of process activities: Multiple, different process activities
complement each other and allow for cross-checking help to avoid process errors that could
potentially lead to software defects. For instance, combining quality assurance checks with
reliability testing to ensure the accuracy and dependability of the system.

Answer 4:

Hardware failures:

1. Server Outages: When the primary servers hosting the system experience hardware failures,
it can disrupt access to the platform.

2. Network Switch Failures: Failures in network switches can lead to communication

breakdowns between different system components and users.

3. Storage Disk Failures: If storage disks fail; it can result in data loss and impact the system's
ability to retrieve product information and user data.

4. Power Supply Failures: Failures in power supply units can lead to server shutdowns,
causing downtime for the entire system.

5. Database Server Crashes: Hardware failures in database servers can disrupt data retrieval
and storage processes, affecting order processing and customer management.

6. Load Balancer Malfunctions: Load balancer hardware failures can disrupt the distribution
of incoming traffic, affecting system availability and performance.

7. Router Failures: Routers are critical for directing data traffic, and their failures can result in
network issues, hindering user access to the platform.

8. Firewall Hardware Issues: Failures in firewall hardware can compromise system security,
potentially exposing sensitive user data to threats.

9. Storage Area Network (SAN) Failures: SAN hardware failures can impact data storage and
retrieval, affecting the system's ability to manage orders and customer data.

10. Point of Sale (POS) Terminal Failures: Hardware failures in POS terminals can disrupt in-
store transactions, impacting the overall sales process.

Software failures:
 1. Software Bugs and Glitches: Unexpected errors, crashes, or unexpected behavior due to
software bugs can disrupt the shopping experience.

2. Database Corruption: Data corruption or loss within the database can result in inaccurate
product information, order processing issues, and customer data loss.

3. Authentication Failures: Issues with user authentication can prevent users from accessing
their accounts or making purchases.

4. Payment Processing Failures: Software glitches in payment processing can lead to

transaction failures or billing inaccuracies.

5. Inventory Management Errors: Software errors in inventory management can result in out-
of-stock or overstocked items, affecting order fulfillment.

6. Website Performance Degradation: Slow-loading pages or unresponsive website elements

can deter users and impact sales.

7. Security Vulnerabilities: Software vulnerabilities can lead to data breaches, exposing user
information and payment details.

8. Third-Party Integration Problems: Failures in integrating with third-party services, like

payment gateways or shipping providers, can disrupt essential e-commerce functions.

9. Content Management Issues: Problems with content management systems can lead to
incorrect product descriptions, pricing, or images.

10. Order Processing Errors: Software failures in order processing can result in incorrect order
fulfillment, shipping delays, or customer dissatisfaction.

Operational failures:

1. Server Overload: High traffic or unexpected spikes in user activity can lead to server
overloads, causing slow response times or service outages.

2. Network Outages: Network failures or disruptions from users can result in communication
breakdowns between system components and users.

3. Power Outages: Electrical power failures from users can lead to server and data center
shutdowns, causing system downtime.
 4. Customer Account Management Issues: Operational issues in customer account
management, such as data loss or errors in updating personal information, can cause
difficulties for customers and impact their experience.

5. Human Errors: Mistakes made by system administrators or other personnel, such as

misconfigurations or accidental data deletions, can lead to operational disruptions.

6. Software Updates Gone Wrong: Users applying software updates or patches without proper
testing can introduce new issues or vulnerabilities into the system.

7. Inventory Management Problems: Users failures in tracking and managing inventory can
result in incorrect stock levels and order fulfillment issues.

8. Logistics and Shipping Delays: Operational failures in the logistics and shipping processes
can lead to delayed deliveries and customer dissatisfaction.

9. Customer Support Issues: Inadequate customer support or response times can negatively
impact customer satisfaction and retention.

10. Supplier or Vendor Failures: Dependence on third-party suppliers or vendors for products
or services can result in operational disruptions if they fail to deliver as expected.

Answer 5:

Redundancy: Keep more than a single version of critical components so that if one fails then a
backup is available.

Diversity: Provide the same functionality in different ways in different components so that they
will not fail in the same way.

=> Redundant and diverse components should be independent so that they will not suffer from
‘common-mode’ failures.

Redundancy issues:

1. Duplicate Orders: Redundancy can lead to duplicate orders being placed, causing confusion
and potential overcharging for customers.

2. Inconsistent Product Information: Redundant product listings or information can lead to

discrepancies in product details, pricing, and availability.

3. Overstocked Inventory: Redundant inventory management may result in excessive stock of

certain items, tying up capital and storage space.
 4. Conflicting Customer Data: Redundant customer data entries can lead to inconsistencies in
customer profiles, making it challenging to provide personalized services.

5. Inefficient Data Storage: Storing redundant data can lead to increased storage costs and
slower data retrieval times.

6. Redundant Payment Records: Duplicate payment records can cause financial discrepancies
and difficulties in reconciling transactions.

7. Unnecessary Redundant Servers: Maintaining redundant servers without load-balancing

can result in inefficient resource utilization and increased operational costs.

8. Overlapping Order Fulfillment: Redundant order fulfillment processes can lead to

inefficiencies and potentially result in orders being processed multiple times.

9. Redundant Payment Gateways: Unnecessary duplication of payment gateways can

complicate transaction processing and reconciliation.

10. Duplicate Customer Notifications: Sending redundant notifications to customers can be

annoying and diminish the quality of their shopping experience.

=> To address these redundancy issues, systems need effective data management strategies,
automated checks, and periodic data cleansing processes to ensure data accuracy and reduce
redundancy.

Diversity issues:

1. Complexity: Diversity in technology leads to complexity in coding, updating and fixing.

2. Diversity Management Challenges: Handling diverse technologies and tools can be
complex and costly if not managed effectively.
3. Documentation Diversity: Maintaining diverse documentation formats and standards can
make it harder for team members to access information consistently.
4. Decision Overload: Having a multitude of solutions can lead to decision paralysis, where
it becomes challenging to choose the most suitable approach. This can result in delays
and inefficiencies in problem-solving processes.
5. Resource Fragmentation: Allocating resources, such as time, manpower, and budget,
across various solutions can be inefficient. It may result in resource fragmentation, where
efforts are spread thin, making it difficult to achieve significant progress in any one
approach.
 6. Diversity Payment Gateways: Unnecessary diversity of payment gateways can
complicate transaction processing and reconciliation.
7. System overloading: use too many languages can make the system overload and shut
down
8. Security Concerns: Employing multiple security measures to process orders can extend
customer wait times
9. Cost implications of managing multiple approaches for the same issue.
10. Complexity for new users without specific guidance on system diversity.

Answer 6:

1. Human mistake: The customer entered the wrong delivery address information

+ System fault: The system does not check the validity of the shipping address

+ System error: Incorrect shipping address is stored in the system

+ System failure: The product was delivered to the wrong address or there was a failure
during the delivery process

2. Human mistake: Sellers do not update the latest product information

+ System fault: The process of updating product information is not done properly

+ System error: Product information is not updated properly in the system

+ System failure: Customers do not receive the latest information about the product and may
not be able to meet their purchasing needs

3. Human mistake: The customer entered incorrect payment information, such as an incorrect
credit card number or incorrectly entered the price to pay

+ System fault: The system does not check the validity of payment information

+ System error: Wrong payment information is stored in the system

+ System failure: Payment failed or transaction declined

4. Human mistake: The seller entered incorrect price information of product into the system

+ System fault: The process of entering price information does not check for validity or
correctness

+ System error: Incorrect product prices are displayed to customers

 + System failure: Customers buy products at incorrect prices or do not meet the system's price
requirements

5. Human mistake: The warehouse manager of sellers did not update the correct quantity of
goods

+ System fault: The process of updating product quantities is not done properly

+ System error: The quantity of products in stock is not updated correctly in the system

+ System failure: Customers order products that are out of stock or receive the wrong quantity

Answer 7:

Availability Requirements:

1. System Uptime: Aim for at least 99.99% system uptime, ensuring it is accessible to users
with minimal interruptions.

2. Redundant Servers: Ensure redundancy at the server level to handle hardware failures.

3. Load Handling: The system should be able to handle peak loads without degradation in
performance or availability.

4. Disaster Recovery Time: Have a disaster recovery plan in place to recover the system
within a specified time frame in case of major failures or disasters

5. Data Backup Frequency: Regularly back up data and ensure the ability to restore the system
to a previous state quickly.

6. Fault Tolerance: Set a threshold for the level of fault tolerance required.

7. Scalability Targets: Define thresholds for scaling up or down based on traffic.

8. Security Patching: Establish timelines for applying security patches.

9. Response Time: Specify acceptable response times for user requests.

10. User Communication: In case of downtime or maintenance, provide clear communication

to users about expected downtime and maintenance windows.

Reliability Requirements:

1. Data Trustworthiness: Guarantee the integrity and precision of data to avert data corruption
or loss.
2. Effective Error Management: Develop a robust error-handling system capable of managing
unexpected situations and preventing system crashes.

3. User-Focused Experience: Sustain a consistent and user-friendly interface even when the
system encounters errors or issues.

4. Scalability Capabilities: Ensure the system's adaptability to growing user volumes and
expanding data requirements by supporting horizontal and vertical scaling.

5. Regular Software Maintenance: Keep software and its associated components up-to-date to
address vulnerabilities and ensure system dependability.

6. Security Measures: Implement stringent security protocols to safeguard user data and
forestall unauthorized access or breaches.

7. Resilience to Failures: Construct the system with fault tolerance in mind, allowing it to
endure specific faults without causing service interruptions.

8. Recovery Timing: Establish clear guidelines for the maximum permissible downtime and
the duration required for recovery from system failures.

9. Detailed Documentation: Maintain extensive documentation encompassing system

architecture, disaster recovery protocols, and troubleshooting resources to support system
reliability.

10. Comprehensive Regression Testing: Conduct thorough regression tests to confirm that
system modifications or updates do not introduce reliability challenges.
 EXERCISE 2

Your Name: Trần Phạm Minh Đăng

ID: 2052070

You are given an exercise that requires to build a Grab/Uber-like software system…

Answer 1:
1. About the system:
Grab is a multi-service platform for ride-hailing, food and grocery delivery, and
online payments. Established in 2012, Grab began as a ride-hailing service that connected
passengers with drivers through a mobile app. Over time, Grab expanded its services to
include food and grocery delivery, digital payments, and financial services.
Today, Grab operates in over 400 cities across 8 countries in Southeast Asia and has
become one of the largest and most popular ride-hailing and delivery platforms in the
region. Users can download the Grab app on their mobile devices and use it to book rides,
order food or groceries, make payments for goods and services, and more.
Grab is continuously working on initiatives to enhance its services, such as investing
in electric vehicle fleets, collaborating with public transportation service providers, and
introducing new features like GrabPay, which allows users to make cashless payments for
a wide range of products and services. Additionally, Grab has expanded into financial
services, offering digital wallets, lending, and insurance to its users.
Based on the service modules Grab provides, our app will also offer features that
enable users to hail rides by connecting with drivers, order food, and send packages, as
well as facilitate online payments and communication with customer support and drivers
in the case of ride-hailing services. Furthermore, the system will provide specialized
features for different user categories, including drivers and administrators.
2. How the system work:
2.1 To the user:
To use the online ride-hailing service, users start by selecting either the "Bike" or
"Car" option, depending on whether they want to book a motorcycle or a car. Next, users
choose the pickup location by either entering an address, selecting a destination on the
map, or opting for their current location, allowing the system to connect with GPS. They
also specify their desired destination in a similar manner. Once the user has determined
the pickup and drop-off points, the system displays a relative route on the map, estimates
the travel time, distance, and calculates the fare for the journey. If the user decides to
"Book a Ride," the system leverages GPS to identify nearby drivers who are available
and have no ongoing trips. It then sends the ride request to these drivers.
 When a driver accepts the ride request, the system notifies the user with information
about the driver and the vehicle being used. It also displays the driver's location for user
tracking. At this point, the driver and user can communicate with each other to ensure the
driver reaches the pickup location accurately to pick up the user. Upon completing the
trip, users have the option to rate the driver. Additionally, when booking a ride, users can
choose to make an online payment for the fare.
For the food delivery service, users have the option to rely on a list of nearby
restaurants suggested by the system or search for a specific restaurant where they want to
order food. Users can then select the food items they wish to order. They can choose
between online payment or cash payment. Once the user confirms the order, the system
will also search for suitable drivers and send the user's location and information to the
driver. If the driver accepts the delivery request, they can proceed to the restaurant to pick
up the food and then deliver it to the user.
For the parcel delivery service, users provide information about their location and
the recipient's location, along with detailed information about the parcel, such as its
weight, type, and the recipient's contact information. Users can choose whether the
sender or the recipient will be the one to pay for the service. The system calculates the
price based on the distance and parcel details, and presents this quote to the sender. Once
the sender confirms the request, the system searches for suitable drivers and sends them
the information about the delivery. If a driver accepts the request, they can pick up the
parcel and deliver it to the recipient.
2.2 To the driver:
To become a driver in the system and start receiving ride requests, users need to
complete several procedures and operations on the app. Here is the basic process for
becoming a driver within the system:
1. Check Eligibility: Ensure that you meet the requirements to become a driver.
These requirements typically include having a valid driver's license, a registered
and insured vehicle, and a clean driving record.
2. App Registration: Download the driver app on your smartphone, create an
account, and complete the registration process. You will need to provide personal
information, details about your vehicle, and submit documents such as your
driver's license, vehicle registration, and insurance.
3. Attend Scheduled Training: Attend a scheduled training session provided by the
platform. This training will cover the platform's policies, procedures, and features.
Training may be completed either online or in-person.
4. Await Approval: After completing the training, your registration will be
reviewed, and you will be notified once your application is approved.
 5. Start Accepting Ride Requests: Once approved, you can start receiving ride
requests through the driver app. Drivers will receive ride requests from users and
can choose to accept or decline them.
6. Complete the Ride: After accepting a ride request, follow the app's instructions to
pick up the passenger and complete the trip. Drivers will receive payment through
the app and can also track their earnings, performance, and user ratings.
By following these steps, users can become drivers in the system and begin offering
their services to passengers.
Answer 2:
Usecase Diagrams:
System architecture:
1. Model (M): Represents the logic for processing data and storing information
within the application. Key components in the Model include:
+ User: Stores information about users, including names, phone numbers,
addresses, etc.
+ Booking: stores information about booking services including place, date, time,
driver,etc.
+ Activity Logs: keep users' history trips, storing details such as the starting point,
destination, time, etc.
+ Rating: Stores information about driver rating, including reason, customers, and
drivers’ details.
+ Payment: Manages payment information, including payment methods and
transaction history, etc.
2. View (V): Represents the user interface, the part with which users directly
interact. Key components in the View include:
+ Login/Registration: Interface for users to log in or register an account.
+ Main Interface: Displays a list of services (such as car, motorcycle, food
delivery), pick fields for starting and ending points, etc.
+ Ride Details: Shows detailed information about a trip, including driver details,
ratings, etc.
 + Ride History: Displays a list of the user's previous trips.
3. Controller (C): Represents the application's controller logic and acts as an
intermediary between the Model and the View. Key components in the Controller
include:
+ Authentication Controller: Handles user authentication and manages
login/registration information.
+ Booking Controller: Manages the process of searching for and booking rides.
+ GPS Controller: manage GPS services to locate location and simulate requested
route.
+ Payment Controller: Handles the process of user’s payment include transaction
methods.
+ Rating Controller: records the rating of customers for services.
+ Notification Controller: manages all services notification.
Answer 3:
10 Human errors:
1. Excessive Requesting: Users may unintentionally submit requests repeatedly,
potentially overwhelming the system.
2. Incorrect Delivery Details: While using the delivery service, users might enter
inaccurate recipient contact information or parcel details, resulting in driver
confusion and potential delays.
3. Forgetting passwords or login information: Users may forget their account
credentials, resulting in difficulty accessing the app and their account.
4. Neglecting to review trip details: Customers may fail to verify pickup and drop-
off locations, leading to unnecessary detours or confusion during the trip.
5. Neglecting GPS Activation: Users may omit activating GPS on their device,
causing the system to be unable to determine their precise location.
6. Missed Ride Deadlines: Users arriving late or not showing up on time can
inconvenience drivers and lead to longer wait times for the next ride.
7. Incorrect Pickup/Drop-off Locations: Users might mistakenly enter inaccurate
pickup or drop-off locations, causing driver confusion and potential delays.
8. Accidental Cancellations: Users might mistakenly cancel a ride after the driver is
on the way, leading to rebooking challenges.
9. Failing to confirm the booking: Customers forget to confirm their ride request,
resulting in drivers not receiving notifications.
10. Omitting Driver Ratings: Users might neglect to provide a rating for the driver
after the trip, which can impact the driver's overall rating.
10 System Faults:
1. Address Data Mishandling: The system mishandles complicated or incorrect
address inputs, and the data validation process is inadequate, resulting in rides
going to incorrect locations or addresses not being located.
2. Maintenance and update errors: Inadequate maintenance and update procedures
can lead to system downtime, reduced service availability, or issues related to
outdated software versions.
3. Scalability Limitations: The system is unable to adapt to a significant increase in
users or a high workload, resulting in system failures or reduced performance.
4. Algorithm Errors in Distance and Pricing: The algorithms used for distance
calculation and fare estimation may provide incorrect results, regardless of
accurate distance data.
5. Absence of Data Synchronization: User and driver data lack proper
synchronization, causing discrepancies in transactions and ride reservations.
6. User interaction errors: Errors in the user interface or user experience can lead to
user confusion, incorrect inputs, or difficulty in navigating the app.
7. Reservation Data Management Errors: Inaccurate management of reservation
data can result in booking conflicts or multiple reservations for the same ride.
8. Notification Mechanism Errors: Flaws in the notification system's logic or data
queries can cause untimely or misdirected notifications to users or drivers during
the booking process.
9. Insufficient Authentication and Security: Inadequate authentication methods
and data security measures can lead to security vulnerabilities and unauthorized
access to user accounts.
10. Performance Issues: The system may not meet performance and response time
expectations, resulting in delays or disruptions during ride booking and transaction
processing.
10 System Errors:
1. “Server Connection Error”: The system fails to establish a connection with
Grab's server, resulting in the inability to access the app or load data.
2. “Payment Processing Error”: When users attempt to make a payment within the
Grab app, the system encounters issues processing the payment, leading to
incomplete transactions or incorrect deductions.
3. “User Identity Verification Failure”: The system struggles to verify the identity
of users, leading to potential security breaches or unauthorized access to accounts.
4. “Unsuccessful Ordering Error”: When users place orders, such as food or parcel
deliveries, the system fails to process the orders successfully or encounters errors
during the ordering process.
5. “Fare Calculation Error”: During fare calculation for rides or services, the
system incorrectly calculates prices or fails to apply discounts or promotions
accurately.
6. “Nearby Vehicle Search Error”: When users request to find a vehicle near their
current location, the system fails to locate or displays the nearest vehicles
inaccurately.
7. “Inaccurate Location Error”: When the Grab app utilizes location services, the
system fails to accurately determine the user's or driver's location, causing
difficulties in locating, navigating, or delivering items.
8. “User Preferences Customization Error”: Users encounter difficulties in
customizing their app settings, leading to frustration and inconvenience due to
non-responsive or confusing customization options.
9. “Complex Address Processing Error”: The system fails to process intricate
addresses correctly, causing confusion in locating pick-up or drop-off points,
especially in crowded or densely populated areas.
10. “Non-functional Notifications” or “Multi-Channel Notification Error”: The
system either does not send notifications or sends them at incorrect times, causing
users to miss updates, ride assignments, or transaction confirmations. Or
notifications maybe sent through multiple channels, such as SMS, email, and in-
app, may not align correctly, leading to users missing important updates or offers.
10 System Failures:
1. Location Identification System Breakdown: The system's inability to accurately
identify user or driver locations, resulting in challenges with pinpointing and
delivering items.
2. Booking System Glitch: Issues in successfully reserving rides, causing users to
have trouble locating vehicles or making bookings.
3. Information Display System Bug: Information displayed on the app interface is
inaccurate or does not reflect the actual status of rides, orders, or transactions.
4. Order Processing System Weakness: The system's inability to process orders
accurately, resulting in missing information, incorrect deliveries, or delays.
5. Order Confirmation Uncertainty: Users may not receive timely confirmations
for placed orders, leaving them uncertain about the status of their request, causing
anxiety and dissatisfaction.
6. Fare Calculation System Defect: Incorrect fare calculations or improper
application of discounts, resulting in inaccurate or unfair user charges.
7. Login System Hiccup: Users encountering login difficulties, preventing them
from accessing or using the app's features.
8. Network Connection Issue: Failures in connecting to the network or Grab's
servers, preventing users from accessing the app or performing actions on it.
9. Payment Handling System Malfunction: Difficulties in processing payments
accurately, leading to incomplete transactions or incorrect deductions.
 10. Notification Delivery System Error: Failures in sending notifications to users or
drivers, leading to a lack of critical information about rides, orders, or updates.
Answer 4:
5 functional Reliability requirements for Grab-like system:
1. Payment Processing: The system needs to ensure that all payment transactions
are processed accurately and have robust security mechanisms in place.
2. Backup Database and Data Consistency Check: The system must have a
backup database and implement data consistency checks to safeguard against data
loss or unauthorized alterations resulting from potential security breaches.
3. Real-time Data Synchronization: All user and driver data should be
synchronized in real-time to ensure that changes or updates made by one party are
immediately reflected for all relevant users.
4. Efficient Routing: The system should offer the most efficient routes for drivers to
minimize travel time and reduce the chances of getting lost. It should also
integrate with various GPS and mapping services to mitigate issues in case of
provider failures.
5. User Identity Verification: Implement user identity verification methods to
enhance security and prevent unauthorized access to accounts or services.
5 non-functional Reliability requirements for Grab-like system:
1. Availability: The system must be available for use at least 99.9% of the time
throughout its operational lifespan.
2. Geolocation Accuracy: The probability of users not being able to access maps or
locate driver positions, and drivers not being able to locate passengers, should not
exceed 0.001%.
3. Response Time: The system must respond to user requests within a reasonable
time frame to ensure a smooth user experience. The response time for each task
should not exceed 3 seconds.
4. Update Latency: The delay in updating driver arrival times and new locations on
the map should not exceed 5 seconds.
5. Booking Success Rate: The probability of ride, food order, or package delivery
requests failing when transmitted from users to drivers should not exceed 0.0019,
with a latency of no more than 5 seconds.
Answer 5:
5 functional Availability requirements for Grab-like system:
1. Scalable Server Infrastructure: The system should implement multiple servers
with a load balancer to allocate and process requests efficiently, especially for
high-demand services like ride booking.
 2. Real-Time Data Processing: The system must process user requests and data in
real-time, ensuring that users receive responses within a few seconds of their
requests.
3. Scalability: The system must be capable of scaling to handle increasing user
numbers, ride bookings, and transactions without compromising availability or
performance.
4. Third-Party Service Redundancy: For services provided by third parties, such as
online payments and mapping, the system should establish connections with
multiple providers to ensure continuous service availability even if one provider
temporarily suspends its services.
5. Disaster Recovery: The system should have a disaster recovery plan, including
regular data backups, server redundancy, and a system recovery plan in case of a
disaster or system downtime.
5 non-functional Availability requirements for Grab-like system:
1. System Availability: The system must be ready for users 24/7, with a minimum
uptime percentage of at least 99.9%. Downtime should be limited within
scheduled maintenance windows.
2. Security: The system must be secure to protect user data, payment information,
and other sensitive data from unauthorized access or breaches.
3. Maintainability: The system should be easy to maintain, with low maintenance
costs, allowing developers to update the system quickly (within 3 hours of work)
and address any issues without affecting system availability.
4. Database Availability: Database availability should be 99.99% or higher during
business hours.
5. System Downtime: System downtime should be less than 1 minute per week.
Answer 6:
5 Techniques in Fault Avoidance:
1. Code Reviews: Conduct thorough code reviews by peers or automated tools to
identify and rectify coding errors and issues before they propagate into the
production environment. This helps avoid many common programming faults.
2. Static Analysis Tools: Employ static code analysis tools that automatically scan
code for known issues, vulnerabilities, and coding errors. These tools can catch
potential problems early in the development process.
3. Unit Testing: Implement comprehensive unit testing procedures where individual
components or units of code are tested in isolation. This helps identify and address
faults at the code level, ensuring that each part of the system functions correctly.
4. Requirements Analysis: Conduct a detailed analysis of system requirements to
ensure that they are clear, complete, and free from ambiguity. Well-defined
 requirements reduce the likelihood of misunderstandings and misinterpretations
that can lead to faults during development.
5. Design Reviews: Perform design reviews to examine the architecture and design
of the system. Identifying and rectifying design flaws and inconsistencies early
can prevent the introduction of critical faults at later stages of development.
5 Techniques in Fault detection and removal:
1. Testing. For example: Automated Testing: Implement automated testing
procedures, including unit testing, integration testing, system testing, and
regression testing, to systematically detect and remove faults. Automated testing
tools can help identify issues in the software under various conditions.
2. Static Analysis. For example: Static Code Analysis: Utilize static code analysis
tools to analyze the source code for potential issues without executing the
software. These tools can detect coding errors, security vulnerabilities, and coding
standards violations.
3. Dynamic Analysis. For example: Dynamic Testing: Conduct dynamic testing
methods, such as black-box testing, white-box testing, and stress testing, to
evaluate the software's behavior during runtime. This helps identify runtime errors,
performance issues, and unexpected behavior.
4. Code Reviews. For example: Peer Code Reviews: Organize regular code reviews
with team members to examine the codebase for faults, inconsistencies, and
potential issues. A fresh pair of eyes can often spot defects that automated tools
might miss.
5. Logging and Monitoring. For example: Application Monitoring: Implement
robust logging and monitoring mechanisms within the software to track its
performance and behavior in real-world scenarios. This allows the identification
and removal of faults that may occur in production environments.
5 Techniques in Fault tolerance:
1. Redundancy. For example:
+ Hardware Redundancy: Introduce redundancy in critical hardware
components, such as processors, memory modules, or storage devices.
Redundant components work in parallel, allowing the system to continue
functioning even if one component fails.
+ Software Redundancy: Implement redundancy in software components, where
backup modules or services are ready to take over in case of primary
component failure. Clustering and failover mechanisms are examples of
software redundancy techniques.
2. Checkpoint and Rollback. For example: Checkpointing: Periodically save the
system's state or a specific application's state. In the event of a failure, the system
can roll back to the last known good state, minimizing data loss and downtime.
 Checkpointing is often used in scientific computing and long-running batch
processes.
3. Replication. For example: Server Replication: Duplicate servers or services and
distribute incoming requests among them. If one server fails, client requests can be
redirected to the surviving replicas. This technique is commonly used in web
server clusters and database replication.
4. Error Detection and Correction. For example:
+ Error-Correcting Codes: Use error-detection and correction codes to detect
and repair data corruption during transmission or storage. These codes add extra
bits to data, enabling the recovery of corrupted data.
+ Parity and RAID: Employ techniques like RAID (Redundant Array of
Independent Disks) to detect and recover from disk failures. Parity information
or mirroring is used to ensure data integrity.
5. Distributed Systems . For example:
+ Replication of Data: In distributed systems, replicate data across multiple
servers or locations to ensure availability and fault tolerance. If one node
becomes inaccessible, data remains accessible from other nodes.
+ Quorum Systems: Use quorum-based decision-making to ensure that a
majority of nodes agree on a decision before it is executed. This helps prevent
issues caused by network partitions or node failures in distributed systems.
Answer 7:
Fault-tolerant architectures are designed to ensure that a system or network can continue
to operate and provide its intended functionality, even in the presence of hardware
failures, software errors, or other unexpected events. These architectures are crucial for
applications and systems where high availability and reliability are critical. Here are
some key components and principles of fault-tolerant architectures:
1. Redundancy: Redundancy is a fundamental concept in fault tolerance. It involves
duplicating critical components, such as servers, storage, or network links, and
distributing workloads across them. Redundancy can be implemented at various
levels, including hardware, software, and data.
2. Failover Mechanisms: Failover mechanisms automatically redirect traffic or tasks
from a failed component to a backup or secondary component. For example, in a
server cluster, if one server fails, the load balancer redirects requests to other
healthy servers.
3. Load Balancing: Load balancers evenly distribute incoming requests or
workloads across multiple servers or resources. This not only improves
performance but also provides fault tolerance. If one server fails, the load balancer
directs traffic to others.
 4. Data Replication: Data replication involves maintaining multiple copies of data in
different locations or systems. This ensures that data remains available even if one
copy becomes inaccessible or corrupted.
5. Checkpoints and Rollbacks: Systems that use checkpoints periodically save their
state to allow for recovery in the event of a failure. If a failure occurs, the system
can roll back to a known good state.
6. Error Detection and Correction: Error detection techniques, like checksums and
error-correcting codes, identify and, in some cases, correct data corruption or
errors. This is essential for data integrity and fault tolerance.
7. Quorum Systems: Quorum-based decision-making ensures that a majority of
nodes in a distributed system must agree on a decision before it is executed. This
prevents issues caused by network partitions or node failures.
8. Isolation and Containment: Fault-tolerant architectures often employ isolation
and containment techniques to prevent the failure of one component from affecting
the entire system. This can include using containers or virtualization.
9. Scalability: Scalable architectures can accommodate increases in load or demand.
This flexibility is valuable for maintaining performance and availability under
varying conditions.
10. Geographic Distribution: Geographic distribution of resources and services
across different physical locations can protect against site-specific disasters. In the
event of a catastrophe at one location, services can be restored from other
locations.
11. Real-Time Monitoring and Alerting: Continuous monitoring of system health
and performance, combined with real-time alerting, allows administrators to
respond quickly to issues and minimize downtime.
12. Backup and Recovery: Regularly scheduled backups and well-defined recovery
procedures are essential for fault tolerance. Data and configurations should be
backed up, and recovery processes should be tested and documented.
13. Resilient Network Design: Fault-tolerant architectures often include multiple,
diverse network paths and robust communication protocols to ensure network
availability.
Fault-tolerant architectures are designed to minimize the impact of failures and provide
high availability and reliability, making them suitable for applications and systems where
downtime is costly or unacceptable.
Redesign:
Modules Added:
+ Backup Database: This module involves creating a backup database.
+ Data Consistency Checking: This module checks the consistency between the
main database and the backup database.
+ Implementing Multiple Versions for Main Service Modules: Multiple versions are
implemented for critical service modules.
+ Fault Manager: It detects faults within modules and switches between versions as
needed.
 EXERCISE 3

Your Name: Trần Phạm Minh Đăng

ID: 2052070

You are given an exercise that requires to build a Tiki-like software system ...

Answer 1:

1. About the system:

About the business model:
The term "Tiki" is an acronym for the phrase "Tìm kiếm & Tiết kiệm." Tiki has
grown as one of the most popular e-commerce platforms in Vietnam. Rather than the
diverse e-commerce platform it is now, Tiki began as an online shop offering English-
language books. Tiki steadily increased its business scope with investments from many
partners, delivering a diverse range of products and linking clients with diverse suppliers.
Tiki went from a Business to Customer (BTC) strategy, which was a direct business-to-
customer sales technique, to a hybrid one that functions as a middleman, linking
merchants and consumers, similar to a "virtual marketplace."
Sellers on Tiki can be individuals, businesses, companies, or brands. Tiki itself acts
as a seller through its ownership of its storefront, selling authentic products sourced by
Tiki (Tiki Trading). Buyers encompass anyone in need of shopping for goods.
 About the items:
In its nascent stages, Tiki was merely an online platform catering to the Vietnamese
audience with a focus on English-language books. However, within just a few years of its
inception, Tiki has blossomed into a colossal hub encompassing 25 diverse categories,
showcasing millions of products to satiate the myriad needs of consumers.
The extensive array of categories on Tiki spans across:
1. Fresh Produce & Groceries
2. Home Essentials
3. Electronics
4. Digital Devices
5. Mobile Phones
6. Mother & Baby
7. Beauty & Personal Care
8. Household Items
9. Women's Fashion
10. Men's Fashion
11. Women's Shoes
12. Women's Bags
13. Men's Shoes
14. Men's Bags
15. Backpacks & Suitcases
16. Accessories
17. Watches
18. Laptops
19. International Products
20. Vouchers
21. Vehicles
22. Books
23. Sports Equipment
 24. Cameras
It's truly a testament to Tiki's evolution that it now offers an extensive catalog of
products that cater to nearly every aspect of our daily lives. From essential groceries to
cutting-edge electronics, trendy fashion to personal care, sports equipment to vehicular
needs, and a plethora of other categories, Tiki has become a one-stop destination for the
diverse shopping needs of its consumers in Vietnam.

About e-commerce website system:

"The Tiki system provides a range of services for both buyers and sellers through
the interface accessible via web browsers or the mobile app. This allows them to engage
with the e-commerce platform to perform various activities.
Buyers use the interface to:
1. Search for products: Browse and search for specific products based on their
needs.
2. View product details: Access detailed information, descriptions, and reviews
from other users.
3. Make purchases: Select products, place orders, and proceed with payments.
4. Review products: Provide ratings, reviews, and feedback for purchased items.
Sellers can use the interface to:
 1. Register and manage their stores: Create personal or business stores, upload
products subject to approval processes.
2. Track revenue: Monitor revenue generated from selling on the Tiki platform.
Administrators have a specialized admin interface to:
1. Manage product categories: Create, edit, and maintain clear and searchable
product categories.
2. Manage sellers and buyers: Confirm, review, and oversee user information.
3. Manage delivery partners: Connect with shipping partners, manage shipment
information.
4. Handle orders: Track, confirm, and manage the order process.
5. Track revenue and statistics: Access revenue details, sales trends, and
statistical data to better understand platform operations.
These various interfaces facilitate a better user experience and provide robust
management capabilities for sellers and administrators to sustain and grow the Tiki e-
commerce system."
About the technology used:
Tiki is an e-commerce website built with a number of languages and technologies.
However, the majority of the website is written in PHP and uses the Laravel framework
to organize source code and offer functions such as routing, request handling, database
administration, and error handling. Tiki also makes use of other web technologies like as
HTML, CSS, and JavaScript to build the user interface and provide interactive elements
on the website.
2. Features provided to various types of system users:
Here are specific functionalities for three types of users within the system:
administrators, sellers, and buyers.
For Sellers:
1. Register a seller account on Tiki.
2. Update their store information.
3. Manage their product catalog on the website, including creating, editing,
deleting products in the catalog, and adding product details such as name,
images, descriptions, prices, and available quantities.
4. Create and manage promotions and discounts for their products.
 5. Manage orders, including viewing order lists, handling customer requests for
returns or exchanges.
6. Chat with buyer accounts.
7. Track revenue, profits, quantity of products sold, and review statistics for their
store's products on the website.
For Buyers:
1. Register a user account on Tiki to make purchases.
2. Browse products on the website and utilize filtering options to find suitable
items.
3. View product details, including images, descriptions, prices, available
discounts, remaining quantities, and shipping information.
4. Add items to the cart and proceed to checkout online using various payment
methods.
5. Track the status of their orders, request cancellations/exchanges/returns, or
engage in chat with sellers to address order-related issues.
For Administrators:
1. Manage categories, product listings, and related information on the website.
2. Administer user accounts, including account creation, disabling accounts, and
editing user information.
3. Oversee order management, such as viewing order lists, updating order
statuses, processing return and exchange requests.
4. Handle promotions and discounts, including creating and ending promotional
campaigns, discounts, and gifts.
5. Track revenue, profits, and the quantity of products sold on the website,
generating statistical reports.
6. Manage customer reviews and feedback, including moderating reviews and
addressing customer complaints.
3. Some main business processes in the system:
The process of purchasing a book or a good:

1. Product Search: Customers visit the Tiki website and search for products by
entering keywords in the search bar or browsing product categories.
 2. Product Selection: Customers select desired products by clicking the "Add to
Cart" button on the product details page. If they wish to buy multiple items,
they can continue browsing and add items to their cart.

3. Checkout: After choosing products, customers proceed to provide delivery

information (receiver's name, phone number, address) and select a shipping
method. Then, they make payment using various methods supported by Tiki,
such as online payment via bank cards, e-wallets, or cash on delivery.

4. Delivery: Upon successful payment, Tiki arranges delivery through reputable

shipping partners to ensure fast and secure product delivery. During this time,
customers can track their order status in the "My Orders" section and receive
notifications to stay updated on their order's progress.

5. Receiving and Payment (if COD chosen): If customers opt for cash on
delivery, upon receiving the order, they pay the delivery person the total
amount for the order value.

The process of selling a product:

To start selling products on Tiki's website, a seller needs to follow these steps
after registering an account (pending approval from the system administrator):

1. Create Product Categories: The seller sets up product categories for their
store on Tiki.

2. Upload Products: They add the items they wish to sell to these categories,
updating details like name, description, images, price, promotional deals, and
available quantities. Subsequently, they upload these products onto the
platform. (Legal documentation for the products is required.)

3. Await Product Review: After uploading, the administrator reviews the

products to ensure compliance with selling regulations. If approved, the seller
can make their products available for sale.

4. Order Management: Upon receiving an order from a customer, the seller is

notified and confirms the order. They proceed to manage the order by
packaging the products and sending them to the shipping partner. The order
status is regularly updated during this process.

5. Payment and Order Settlement: Once the products are delivered to the
customer, Tiki handles payment to the seller, deducting service fees.
 The process of approving product of admin side:

When a seller submits a product to Tiki, it is reviewed by Tiki's product validation

department. This group checks the information given by the seller. It is accepted if the
product information is comprehensive and accurate. When a seller's goods are not
accepted, Tiki notifies them of any problems or shortcomings in the product information
and asks corrections (this is known as the post-validation phase). Once accepted, the
product is shown on Tiki's website, and the seller may continue to maintain it using Tiki's
product management tools.

Answer 2:

Use-case diagrams for buyers and sellers in Tiki:

System architecture:
a. Model (M): Represents the logic for processing data and storing information
within the application. Key components in the Model include:

+ Product: Stores information about products, including name, price, expire date,
quantity, etc.

+ User: Stores information about users, including names, phone numbers,

addresses, etc.

+ Order: stores information about order services made by buyers including

buyers’ name, date, time, seller, etc.

+ Sale Program: stores information about sale services made by sellers including
buyers’ name, date, time, products , etc.

+ Activity Logs: keep users' history activities, storing details such as previous
online section, searching history, recently products viewing, etc.
 + Rating: Stores information about products rating, including reason, buyers,
sellers and producs’ details.

+ Payment: Manages payment information, including payment methods and

transaction history, etc.

b. View (V): Represents the user interface, the part with which users directly
interact. Key components in the View include:

+ Login/Registration: Interface for users to log in or register an account.

+ Profile Interface: display each user’s information such as name, age, address,
order history, favorite books, etc…

+ Main Interface: Displays a list of services (such as books, goods, etc), pick
fields for choosing products and adding to cart, etc.

+ Products Details: Shows detailed information about a product, including

products’ details, ratings, price, etc.

+ Order/Sale History: Displays a list of previous ordering/sale process (including

its information in details).

+ Admin interface: an unique interface designed for admin with all

functionalities including managing users account and having all access to
other process.

c. Controller (C): Represents the application's controller logic and acts as an

intermediary between the Model and the View. Key components in the
Controller include:

+ Products Controller: Manages products infomation such as quantity, price,

type of product, etc...

+ Authentication Controller: Handles user authentication and manages

login/registration information.

+ Access Controller: Provides full access to all available functionalities

+ Order Controller: Manages the process of ordering.

+ Sale Controller: Manages the process of selling.

+ Payment Controller: Handles the process of users payment include transaction

methods.
 + Rating Controller: records the rating of buyers for sale products.

+ Notification Controller: manages all services notification.

Answer 3:

Hazard: Refers to situations or events that can lead to an accident. In other words,
hazards are underlying conditions that pose a risk or contribute to the occurrence of an
accident.

For example:

+ A valve getting stuck in the control system of a reactor.

+ Incorrect calculations by software in the navigation system for aircraft or other

modes of transportation.

+ Operational error in the pharmaceutical production line leading to incorrect

proportions between components.

+ Malfunction of a sensor resulting in inaccurate blood glucose concentration

readings in an insulin pump.

Hazard doesn't necessarily lead directly to accidents.

In the case of an e-commerce platform like Tiki, hazards might not directly lead to
accidents as in manufacturing or transportation industries. However, they can contribute
to creating unsafe situations or causing harm to users and businesses.

10 Hazard in Tiki-like system:

1. System Security Flaw: Weak security controls can lead to breaches,

exploitation of personal information, account fraud, or privacy violations of
users.

2. Transport Process Errors: Risks during the transportation of goods,

including loss, damage, or delivery to the wrong address.

3. System Validation Errors: Errors during the system's product validation

process posted by sellers, leading to counterfeit, imitation, or subpar quality
products that harm the brand and risk consumers' safety.

4. Product Information Errors: Products may be miscategorized or

inaccurately described (such as pricing errors, discounts, or shipping fees),
causing customer dissatisfaction, damaging brand reputation, and sales.
 5. Order Processing Errors: Mishandled orders resulting in loss, delays,
incomplete deliveries, wrong products sent, leading to customer complaints
and Tiki's asset loss.

6. Payment Errors: Payment process mishaps, like errors in online payment

systems, leading to financial loss or compromise of customer banking
information.

7. Feedback and Customer Support Errors: Slow response or inadequate

customer support can cause difficulties and disappointment for customers.

8. Integration Issues: Integration between systems and third-party

software/services (e.g., online payment or delivery services) may lead to
compatibility issues, causing system errors.

9. Distribution Errors: Inefficient inventory management may cause

distribution errors, including late deliveries (due to warehouse location
mistakes), incorrect product quantity information resulting in shortages, or
inaccurate deliveries.

10. System Operation Errors: Technical glitches in the system, including

downtime, crashes, software errors, or loss of connectivity.

Accident: An accident is an unforeseen event or series of events resulting in death

or injury to humans, property damage, or harm to the environment. For instance, an
overdose of insulin due to an error in glucose level measurement sensor.

In complex systems, accidents rarely have a single cause as these systems are
designed to be resilient against failures. Almost all accidents result from a combination of
failures rather than solely from a single failure.

10 Accidents in Tiki-like system:

1. Hazard: System Security Flaw. Accident: Hackers gaining access to

customer information and credit card details. Customer data stolen for
malicious purposes leading to financial loss.

2. Hazard: Transport Process Errors. Accident: Products lost, damaged, or

delivered to the wrong address, causing customer dissatisfaction, system asset
loss, and impacting sales.

3. Hazard: System Validation Errors. Accident: Invalid products such as

counterfeits, substandard goods, or hazardous items affecting customer safety
and system reputation.
 4. Hazard: Product Information Errors. Accident: Customers dissatisfied
receiving products not as expected, affecting credibility and revenue.

5. Hazard: Order Processing Errors. Accident: Customers dissatisfied

receiving incorrect or undelivered products, impacting assets, credibility, and
sales.

6. Hazard: Payment Errors. Accident: Invalid or unrecognized payment

transactions causing customer dissatisfaction and potential monetary losses.

7. Hazard: Feedback and Customer Support Errors. Accident: Customer

dissatisfaction impacting credibility and sales.

8. Hazard: Integration Issues with Third-party Services. Accident: Damage

to the reputation of the main system and third-party services, security risks,
and system errors resulting in asset loss and maintenance fees.

9. Hazard: Distribution Errors. Accident: Incorrect product quantities leading

to system asset loss, customer dissatisfaction, and sales impact.

10. Hazard: System Operation Errors. Accident: User dissatisfaction, missed

sales opportunities for the main system, and product suppliers.

10 Damage in Tiki-like system:

1. Data Breach: Customers' information such as names, addresses, phone

numbers, and credit card details are stolen.

2. Customer Asset Loss: Cybercriminals exploit stolen sensitive information for

fraudulent activities and financial losses in customers' accounts.

3. System Financial Loss: Tiki's e-commerce software system handles

transactions and inventory management. Any error or malfunction in the
system can lead to financial losses for the company.

4. Reputational Damage: Major software glitches or security breaches can harm

Tiki's reputation as a reliable e-commerce platform, resulting in customer
mistrust and reduced sales.

5. Legal Penalties: System non-compliance with legal requirements may lead to

financial penalties for the system, sellers, and buyers.

6. Business Disruption: Any system downtime or serious failure can disrupt

business operations, leading to delayed order fulfillment and revenue loss.
 7. Intellectual Property Loss: Tiki's e-commerce software contains proprietary
code and valuable data. Security breaches or hacking attempts may result in
intellectual property loss.

8. Failure to Meet Customer Demands: Inability of the Tiki e-commerce

software system to meet customer needs can lead to reduced sales and affect
the company's reputation.

9. Negative Impact on User Experience: Unfriendly or error-prone software

can negatively impact user experience, leaving customers dissatisfied and
reducing revenue.

10. Data Corruption or Loss: Technical glitches or system errors can lead to data
corruption or loss, affecting the company's ability to make informed decisions.

Answer 4:

Severity >> Probability => High + Medium => Consider high risk and intolerable
acceptability

Hazard Accident Estimated

Identified hazard Acceptability
probability severity risk

Transport Process Errors Low Low Low ALARP

Product Information
Medium Medium Medium ALARP
Errors

Payment Errors High High Medium ALARP

Feedback and Customer

Low Low Low Acceptable
Support Errors

Integration Issues with

Low High High Intolerable
Third-party Services

Distribution Errors Medium Medium Medium ALARP

System Operation Errors Low High Medium ALARP

System Security Flaw Medium High High Intolerable

System Validation Errors Low High Medium ALARP

Order Processing Errors High Medium Medium ALARP

Answer 5:

Fault trees:

Pic 1. Product Information Errors or Lack

Pic 2. Incorrect product classification
Pic 3. Incorrect order processing or product mix-up
Pic 4. Invalid products are posted on the homepage
 Pic 5. User failed to complete the online order payment

Answer 6:

10 Safety requirements for my system:

1. The system will ensure that all user data, including personal and financial
information, is encrypted and securely stored.

2. The system will ensure that all payment transactions are processed securely,
and sensitive payment information such as credit card numbers will not be
stored in the system.

3. The system must have 24/7 continuous operation capabilities to avoid

impacting user experience and handle high loads to accommodate a large
number of users simultaneously on the website.
 4. To ensure product quality, items must be genuine and meet the product
description. A product quality management system will be established to
inspect and ensure compliance with quality standards.

5. The delivery system will be closely managed to ensure accurate shipment to

the right location within the committed time frame.

6. The system will include a dedicated customer service team ready to assist
users with any issues or inquiries they may have.

7. The system will include fraud detection mechanisms that can identify
suspicious activities, such as multiple orders from the same IP address or
credit card.

8. The system will ensure that all third-party suppliers selling products on the
platform meet specific quality and safety standards by requiring them to
provide legal documentation for products, business licenses, and tightening the
auditing process.

9. Regular and comprehensive data backups will be performed to ensure no loss

of critical data.

10. The system should have a monitoring module to oversee the operation status
of servers, database servers, and regularly report operational status to prevent
sudden system downtime, which could inconvenience customers and impact
seller revenue.

Answer 7:

SR1: The system will ensure that all user data, including personal and financial
information, is encrypted and securely stored.

Evidences:

1. SSL/TLS Certification: The system employs SSL/TLS (Secure Sockets

Layer/Transport Layer Security) certificates to establish secure encrypted
connections between the client and the server. Using SSL/TLS certificates
ensures that data transmitted over the network is encrypted and protected
against information theft.

2. Encryption Standards: The system applies secure encryption standards such as

AES (Advanced Encryption Standard) or RSA (Rivest-Shamir-Adleman) to
encrypt user information. Utilizing recognized encryption standards in the
 industry ensures that user data is safely protected and not easily decipherable
by third parties.

3. Secure Storage System: User data is stored on secure servers and safeguarded
by both physical and logical security measures. Physical security measures
include server rooms with strict access control systems, fire protection, and
intrusion prevention. Logical security measures involve access control based
on roles, database encryption, and network attack prevention measures like
firewalls and intrusion detection.

SR3: The system must have 24/7 continuous operation capabilities to avoid impacting
user experience and handle high loads to accommodate a large number of users
simultaneously on the website.

Evidences:

1. Reporting System Verification for Continuous Operation Capability.

2. Regular Performance Checks of the System to Ensure Scalability.

3. Contingency Measures and Post-Incident Recovery to Ensure System

Stability, Including Continuous Monitoring Systems and Regular Operation
Reports, Database Backups for Critical Data, and Server Backups for Essential
Modules.

SR7: The system will include fraud detection mechanisms that can identify suspicious
activities, such as multiple orders from the same IP address or credit card.

Evidences:

1. Fraud Behavior Analysis System: The system employs algorithms and rules to
analyze fraudulent behavior during the ordering process. For instance, if
multiple orders are detected from the same IP address or using the same credit
card within a short period, it flags this activity as suspicious and sends an alert
to administrators for inspection.

2. Transaction Risk Management System: The system utilizes risk management

tools and techniques to detect and prevent fraudulent activities in transactions.
For example, it may employ data analysis models and gather information from
various sources to assess the risk level of transactions, identifying suspicious
activities and implementing preventive measures or requesting additional
verification from custome
3. AI and Machine Learning Technology: The system leverages artificial
intelligence (AI) and machine learning (ML) technologies to detect and predict
fraudulent activities based on historical data and learning models.
Continuously learning and updating, the system can identify new patterns and
trends in fraudulent behavior, providing alerts to management personnel for
prompt action.
 EXERCISE 3 (PART 2)

Your Name: Trần Phạm Minh Đăng

ID: 2052070

You are given an exercise that requires to build a Tiki-like software system ...

Answer 5:

10 availability requirements for the Tiki-like system:

1. High Uptime: Maintain a high level of system availability (e.g., 99.9%) to ensure
the platform is accessible to users consistently.

2. Scalability: Ensure the system can handle increased user traffic during peak times
without degradation in performance, supporting the growth in user base and
products.

3. Redundancy and Failover: Implement redundancy measures and failover

systems to ensure continuous service in case of hardware failure or system
disruptions.

4. Load Balancing: Employ load balancers to distribute traffic evenly across servers,
preventing overloading of any specific server and ensuring stability.

5. Monitoring and Alerting: Utilize robust monitoring tools to continuously track

system health and performance, promptly detecting and alerting about any
potential issues.

6. Backup and Disaster Recovery: Implement regular automated backups and a

comprehensive disaster recovery plan to swiftly restore the system in case of data
loss or system failure.

7. Geographic Distribution: Employ a distributed infrastructure across multiple

geographical locations to mitigate the impact of regional outages and improve
global accessibility.
 8. Scheduled Maintenance: Conduct planned maintenance during off-peak hours to
minimize disruption, ensuring the system remains available during critical periods.

9. Quick Response to Downtime: Have a rapid response protocol in place to address

downtime promptly, aiming for quick restoration of services.

10. Efficient Resource Management: Optimize resource utilization to prevent

resource exhaustion, ensuring consistent performance even during high load
periods.

Answer 6:

10 Functional reliability requirements for the Tiki-like system:

1. Order Processing: Ensure accurate and timely processing of orders, including

confirmation emails and status updates for buyers and sellers.

2. Search Functionality: Guarantee precise and quick search results, providing

relevant products based on user queries.

3. Product Reviews and Ratings: Maintain a reliable system for users to leave
reviews and ratings, ensuring they are accurately displayed for potential buyers.

4. User Authentication: Ensure a secure and reliable authentication process for both
buyers and sellers to access their accounts and perform transactions securely.

5. Inventory Management: Provide real-time updates on product availability,

preventing overselling or discrepancies in stock levels.

6. Transaction Security: Assure secure payment gateways and encryption methods to

safeguard sensitive user payment information during transactions.

7. Delivery Tracking: Offer reliable shipment tracking functionalities for buyers to

monitor their orders until delivery.

8. Seller Registration and Store Management: Ensure a smooth process for sellers to
register and manage their stores, upload products, and track sales.

9. Category Management: Allow administrators to efficiently create, modify, and

manage product categories for better organization and searchability.
 10. Reporting and Analytics: Provide comprehensive reporting tools and analytics for
administrators to monitor platform performance, sales trends, and user behavior.

10 non-functional reliability requirements for the Tiki-like system:

1. Performance Efficiency: Maintain consistent and acceptable response times even

during peak loads to ensure seamless user experience.

2. Reliability and Availability: Ensure the system is highly available and reliable,
minimizing downtime to maximize user accessibility.

3. Scalability: Enable the system to scale gracefully, accommodating increased users

and product catalogs without compromising performance.

4. Fault Tolerance: Implement measures to continue functioning without service

interruption in case of minor failures or issues.

5. Data Integrity and Consistency: Guarantee that stored data is accurate, consistent,
and reliable across the platform.

6. Security Measures: Uphold stringent security protocols to protect user data,

preventing unauthorized access, and ensuring user privacy.

7. Compliance and Standards: Adhere to industry standards and regulations like

GDPR, PCI-DSS, etc., ensuring reliability in data handling and privacy.

8. Error Handling and Recovery: Establish mechanisms to identify errors and recover
the system swiftly, minimizing impact on users.

9. Backup and Recovery: Regularly back up data and have efficient recovery
processes to restore the system in case of data loss or failure.

10. Usability and Accessibility: Ensure the system is user-friendly and accessible
across different devices and browsers for a diverse user base.

Answer 7:
Hazard: Refers to situations or events that can lead to an accident. In other words,
hazards are underlying conditions that pose a risk or contribute to the occurrence of an
accident.

For example:

+ A valve getting stuck in the control system of a reactor.

+ Incorrect calculations by software in the navigation system for aircraft or other

modes of transportation.

+ Operational error in the pharmaceutical production line leading to incorrect

proportions between components.

+ Malfunction of a sensor resulting in inaccurate blood glucose concentration

readings in an insulin pump.

Hazard doesn't necessarily lead directly to accidents.

In the case of an e-commerce platform like Tiki, hazards might not directly lead to
accidents as in manufacturing or transportation industries. However, they can contribute
to creating unsafe situations or causing harm to users and businesses.

10 Hazards in Tiki-like system:

1. System Security Flaw: Weak security controls can lead to breaches,

exploitation of personal information, account fraud, or privacy violations of
users.

2. Transport Process Errors: Risks during the transportation of goods,

including loss, damage, or delivery to the wrong address.

3. System Validation Errors: Errors during the system's product validation

process posted by sellers, leading to counterfeit, imitation, or subpar quality
products that harm the brand and risk consumers' safety.

4. Product Information Errors: Products may be miscategorized or

inaccurately described (such as pricing errors, discounts, or shipping fees),
causing customer dissatisfaction, damaging brand reputation, and sales.
 5. Order Processing Errors: Mishandled orders resulting in loss, delays,
incomplete deliveries, wrong products sent, leading to customer complaints
and Tiki's asset loss.

6. Payment Errors: Payment process mishaps, like errors in online payment

systems, leading to financial loss or compromise of customer banking
information.

7. Feedback and Customer Support Errors: Slow response or inadequate

customer support can cause difficulties and disappointment for customers.

8. Integration Issues: Integration between systems and third-party

software/services (e.g., online payment or delivery services) may lead to
compatibility issues, causing system errors.

9. Distribution Errors: Inefficient inventory management may cause

distribution errors, including late deliveries (due to warehouse location
mistakes), incorrect product quantity information resulting in shortages, or
inaccurate deliveries.

10. System Operation Errors: Technical glitches in the system, including

downtime, crashes, software errors, or loss of connectivity.

Accident: An accident is an unforeseen event or series of events resulting in death or

injury to humans, property damage, or harm to the environment. For instance, an
overdose of insulin due to an error in glucose level measurement sensor.

In complex systems, accidents rarely have a single cause as these systems are designed to
be resilient against failures. Almost all accidents result from a combination of failures
rather than solely from a single failure.

10 Accidents in Tiki-like system:

1. Hazard: System Security Flaw. Accident: Hackers gaining access to

customer information and credit card details. Customer data stolen for
malicious purposes leading to financial loss.
 2. Hazard: Transport Process Errors. Accident: Products lost, damaged, or
delivered to the wrong address, causing customer dissatisfaction, system asset
loss, and impacting sales.

3. Hazard: System Validation Errors. Accident: Invalid products such as

counterfeits, substandard goods, or hazardous items affecting customer safety
and system reputation.

4. Hazard: Product Information Errors. Accident: Customers dissatisfied

receiving products not as expected, affecting credibility and revenue.

5. Hazard: Order Processing Errors. Accident: Customers dissatisfied

receiving incorrect or undelivered products, impacting assets, credibility, and
sales.

6. Hazard: Payment Errors. Accident: Invalid or unrecognized payment

transactions causing customer dissatisfaction and potential monetary losses.

7. Hazard: Feedback and Customer Support Errors. Accident: Customer

dissatisfaction impacting credibility and sales.

8. Hazard: Integration Issues with Third-party Services. Accident: Damage

to the reputation of the main system and third-party services, security risks,
and system errors resulting in asset loss and maintenance fees.

9. Hazard: Distribution Errors. Accident: Incorrect product quantities leading

to system asset loss, customer dissatisfaction, and sales impact.

10. Hazard: System Operation Errors. Accident: User dissatisfaction, missed

sales opportunities for the main system, and product suppliers.

Answer 8:

Severity >> Probability => High + Medium => Consider high risk and intolerable
acceptability

Hazard Accident Estimated

Identified hazard Acceptability
probability severity risk
Transport Process Errors Low Low Low ALARP

Product Information
Medium Medium Medium ALARP
Errors

Payment Errors High High Medium ALARP

Feedback and Customer

Low Low Low Acceptable
Support Errors

Integration Issues with

Low High High Intolerable
Third-party Services

Distribution Errors Medium Medium Medium ALARP

System Operation Errors Low High Medium ALARP

System Security Flaw Medium High High Intolerable

System Validation Errors Low High Medium ALARP

Order Processing Errors High Medium Medium ALARP

Answer 9:

Fault trees:
Pic 1. Product Information Errors or Lack
 Pic 2. Incorrect order processing or product mix-up

Answer 10:

10 Safety requirements for the Tiki-like system:

1. Data Encryption: Ensuring all user data, including personal and financial
information, is encrypted and securely stored protects it from unauthorized access.
2. Secure Payment Transactions: Processing payments securely and avoiding the
storage of sensitive payment information such as credit card numbers to minimizes
the risk of financial data breaches.
3. High Availability: Ensuring continuous operation capabilities and scalability to
handle high loads is crucial to maintain user experience, especially during peak
times.
4. Product Quality Assurance: Implementing a system to verify and maintain
product quality as described helps build user trust and satisfaction.
5. Efficient Delivery Management: Managing the delivery system closely ensures
timely and accurate product shipments.
6. Customer Support: A dedicated customer service team is vital to address user
concerns promptly, contributing to a positive user experience.
7. Fraud Detection Mechanisms: Implementing fraud detection systems helps
identify and prevent suspicious activities, safeguarding both users and the
platform.
8. Third-Party Supplier Compliance: Ensuring third-party suppliers meet specific
quality and safety standards is crucial for maintaining product integrity and user
trust.
9. Regular Data Backups: Conducting regular and comprehensive data backups
minimizes the risk of data loss in case of system failure or security incidents.
10. Monitoring and Reporting: Monitoring system operation and reporting on the
status of servers and databases helps prevent sudden system downtime, ensuring a
smoother user experience.
 EXERCISE 4

Your Name: Trần Phạm Minh Đăng

ID: 2052070

You are given an exercise that requires to build a eBay-like software system (including
auction)

Answer 1:

1. Introduction and core features:

Similar to eBay, an eBay-like system would be an online marketplace where individuals
and businesses can buy and sell products and services through their website. It connects
buyers and sellers from all around the world, enabling them to conduct transactions
securely.
Essentially, eBay-like is a platform where sellers can create listings for the items they want
to sell, and buyers can browse through these listings to find products they want to purchase.
This system offers various features to facilitate the buying and selling process, including:
• Creating Listings: Sellers have the ability to create listings for their products,
including detailed descriptions, images, and pricing information.
• Product and Service Search: Buyers can search for products using keywords,
categories, and various filters.
• Bidding and Purchasing: Buyers can bid on items they're interested in or use eBay-
like's "Buy it now" feature for immediate purchases.
• Payment Processing: eBay-like offers secure payment processing through its own
payment system, PayPal, or other payment methods preferred by the seller.
• Feedback System: Both buyers and sellers can leave feedback for each other,
fostering trust and transparency in the marketplace.
• Shipping and Tracking: eBay-like provides tools for sellers to manage shipping and
track their products, allowing buyers to easily know when they'll receive their
purchased items.
 • Customer Service: eBay-like has a dedicated customer service team that assists in
resolving disputes between buyers and sellers, as well as supporting any issues that
may arise during the buying and selling process.

Overall, eBay-like provides a robust and user-friendly platform, enabling individuals and
businesses to conduct online transactions easily and confidently.

2. eBay-like special features:

eBay-like stands out from other e-commerce platforms due to several distinctive features:

• Auction Capability: eBay-like’s auction function empowers sellers to initiate

auctions for their items, allowing potential buyers to bid on these products until the
auction concludes. This distinguishing attribute separates eBay-like from other
online marketplaces that typically feature fixed pricing structures.
• Global Market Reach: eBay-like strives to unite buyers and sellers across the globe,
streamlining international payment methods and shipping procedures. This
 broadens sellers’ access to diverse audiences and enables buyers to explore a wider
array of products.
• Feedback Mechanism for Buyers and Sellers: eBay-like’s feedback system enables
mutual rating and appraisal between buyers and sellers’ post-transaction
completion. These fosters trust between both parties and incentivizes positive
engagement.
• Seller Utility Tools: eBay-like furnishes sellers with diverse tools, such as product
listing options and inventory management systems, simplifying the management of
listings and fostering business growth.
• Community Engagement: eBay-like houses an expansive and engaged community
of buyers and sellers, featuring discussion boards, forums, and additional resources
that cater to the needs of both buyers and sellers.
3. Product buying and selling process and auction:

To purchase items on eBay-like:

1. Create an eBay-like Account: If you don't have an eBay-like account yet, create one
by visiting the eBay-like website and clicking on the "Register" button.
2. Search for Items: Utilize the search bar at the top of the eBay-like homepage to find
the desired items. Search using keywords, categories, or item numbers.
3. Review Item Listings: Click on the listings to examine further details about the
items, including seller feedback ratings, shipping options, and accepted payment
methods.
4. Place Bids or Buy Items: If the item is being auctioned, place bids as desired.
Alternatively, if the seller offers a "Buy it now" option, you can purchase the item
immediately at the listed price.
5. Complete the Transaction: Once you've won an auction or bought an item, follow
the prompts to finalize the transaction. Ensure to review the seller's shipping and
return policies and provide payment information if necessary.

For selling items on eBay-like:

 1. Create a Seller Account on eBay-like: Start by creating a seller account by visiting
the eBay-like website and clicking the "Register" button.
2. List the Items You Want to Sell: Click on the "Sell" button at the top of the eBay-
like homepage and follow the prompts to create a new listing for the items you want
to sell. Make sure to include detailed descriptions, clear photos, and any relevant
information about the items.
3. Set the Pricing: Choose between setting a fixed price for the items or auctioning
them. If you opt for an auction, set the starting price and the duration of the auction.
4. Wait for Bids: Once your listing has been successfully approved, potential buyers
can place bids on your items. You can monitor the auction regularly to see if there
are any new bids on the items you're selling.
5. Complete the Transaction: When the auction ends, the highest bidder will secure the
item. Afterward, you can contact the winning bidder to arrange for payment and
shipping.

For selling items through auctions on eBay-like:

1. Create a Seller Account on eBay-like: Begin by setting up a seller account by

visiting the eBay-like website and clicking on the "Register" button.
2. List the Items You Want to Auction: Click on the "Sell" button on the eBay-like
homepage and follow the prompts to create a new listing for the items you wish to
auction. Ensure the listing includes a detailed description, clear images, and any
other pertinent information about the item. Select the auction selling format when
prompted.
3. Set the Starting Price of the Item: Establish the initial bidding price for the auctioned
item. This is the minimum amount you, as the seller, are willing to accept for the
item.
4. Select the Auction Duration: Choose the duration of time you want the auction to
run. The default period is typically seven days but can range from one to ten days.
 5. Apply Additional Options if Necessary: eBay-like offers supplementary options to
customize your auction, such as setting a reserve price (minimum amount you're
willing to sell for) and providing a "Buy it now" option, allowing buyers to purchase
items at a fixed price.
6. Await Bids: Once the auction for your item begins, potential buyers can place bids.
Monitor the auction regularly to track any new bids on your item.
7. Conclude the Auction: When the auction ends, the highest bidder wins the item.
Subsequently, you can communicate with the winning bidder to arrange payment
and shipping.

Answer 2:

Product buying and selling process:

eBay-like auction process:
The system is deployed according to the MVC model as follows:
1. Model (M): Represents the logic for processing data and storing information
within the application. Key components in the Model include:
• Product: Stores information about products, including name, price, expire date,
quantity, etc.
• User: Stores information about users, including names, phone numbers,
addresses, etc.
• Order: stores information about order services made by buyers including
buyers’ name, date, time, seller, etc.
 • Sale Program: stores information about sale services made by sellers including
buyers’ name, date, time, products , etc.
• Activity Logs: keep users' history activities, storing details such as previous
online section, searching history, recently products viewing, etc.
• Rating: Stores information about products rating, including reason, buyers,
sellers and producs’ details.
• Payment: Manages payment information, including payment methods and
transaction history, etc.
• Auction Program: stores information about sale services made by sellers
including buyers’ name, product price, bid price, etc.
2. View (V): Represents the user interface, the part with which users directly
interact. Key components in the View include:
• Login/Registration: Interface for users to log in or register an account.
• Profile Interface: display each user’s information such as name, age, address,
order history, favorite books, etc…
• Main Interface: Displays a list of services (such as ordering, selling, auctioning)
and products (such as books, goods, etc), pick fields for choosing products and
adding to cart, etc.
• Products Details: Shows detailed information about a product, including
products’ details, ratings, price, etc.
• Order/Sale/Auction History: Displays a list of previous ordering/sale/auction
process (including its information in details).
• Admin interface: an unique interface designed for admin with all functionalities
including managing users account and having all access to other process.
3. Controller (C): Represents the application's controller logic and acts as an
intermediary between the Model and the View. Key components in the
Controller include:
• Products Controller: Manages products infomation such as quantity, price, type
of product, etc...
 • Authentication Controller: Handles user authentication and manages
login/registration information.
• Access Controller: Provides full access to all available functionalities
• Order Controller: Manages the process of ordering.
• Sale Controller: Manages the process of selling.
• Payment Controller: Handles the process of user’s payment include transaction
methods.
• Rating Controller: records the rating of buyers for sale products.
• Notification Controller: manages all services notification.
• Auction Controller: Manages the process of auctioning.

Answer 3:

Confidentiality, Integrity, and Availability (CIA) are three fundamental aspects of

information security in software technology.

Confidentiality: This involves protecting sensitive information from unauthorized access,

ensuring only authorized users or processes can access it, and maintaining its secrecy.
Achieving this can be done through encryption, access controls, and secure communication
methods.

1. Hackers unlawfully access the system's database and steal customers' sensitive
information like names, addresses, phone numbers, and credit card details.
2. Employees share confidential customer information without authorization, like
purchase history, with an external party.
3. The system stores sensitive data inappropriately, allowing hackers to intercept and
steal data during transmission.

Integrity: This refers to preserving the correctness and reliability of data, ensuring it
remains unaltered or changed without authorization. Methods like checksums or digital
signatures can help maintain this.
 1. Hackers alter or delete data within the system's database, causing errors or
inconsistencies. For example, they might change product prices, resulting in
customer complaints and financial losses for the company.
2. Unethical sellers use deceptive advertising or pricing strategies to trick buyers and
increase sales. For example, a seller might list a product at a low price but ship an
inferior-quality item to the buyer, damaging the system's integrity.
3. Sellers manipulate search engine rankings unfairly, giving their products more
visibility compared to others, causing an imbalance in product availability and
visibility.

Availability: These concerns how well a system can offer its services to authorized users
whenever required, ensuring the system remains functional, allowing authorized users
access at any time. Techniques like redundancy and disaster recovery help maintain this.

1. Sudden traffic spikes overload the system, causing malfunctions and denying user
access. This might occur due to many users accessing the system simultaneously or
a DDoS attack.
2. Failures in hardware or power supply lead to temporary unavailability of the
system's servers. This could result from poor infrastructure maintenance, natural
disasters, or unexpected technical issues.
3. Errors in the system's software or database cause unresponsiveness, stopping users
from using its services. This could be caused by coding errors, data problems, or
issues with third-party connections.

Answer 4:

The 10 assets that need protection in my eBay-like system:

1. User account details: Login credentials, personal data, and payment specifics linked
to individual user profiles.
2. Product listings and descriptions: Information and images associated with each
product available for sale on the platform.
 3. Transaction and sales records: Details regarding completed purchases made through
the platform, encompassing items sold, pricing, and shipping information.
4. Seller feedback and ratings: Insights into the performance and reputation of sellers
operating within the platform.
5. Financial records: Revenue generated by the platform and any financial data utilized
for facilitating transactions.
6. Platform infrastructure: The hardware and software essential for the functioning of
the platform itself.
7. Intellectual property assets: Including patents, trademarks, or copyrights associated
with the platform or its brand.
8. User-generated content: Reviews, comments, and other content created by platform
users.
9. Search and recommendation algorithms: Algorithms aiding users in discovering
relevant products, critical for the platform's functionality.
10. Data analytics and detailed insights: Information collected from user behavior for
platform enhancement and detailed insights for sellers. This data is also considered
a valuable asset requiring protection. protection.

The 10 vulnerabilities in my eBay-like system:

1. Unsafe login methods: Vulnerabilities like weak passwords or the absence of two-
factor authentication can simplify unauthorized access for attackers trying to get
into user accounts.
2. Database vulnerabilities: Attackers might leverage weaknesses within databases to
introduce harmful code (SQL injection) via web forms, potentially impacting the
entire system.
3. Insufficient backup and recovery systems: When hackers compromise data to steal,
modify, or harm it, inadequate backup and recovery systems might fail to fully
restore it, leading to inconsistencies and compromising the integrity and accuracy
of system data.
 4. Inadequate input validation: Proper validation of website input fields is necessary
to prevent the execution of malicious inputs.
5. Encryption gaps: Critical data such as passwords and credit card information should
undergo encryption both during transmission and storage to prevent unauthorized
access.
6. Misconfigured firewalls: While firewalls are essential for protecting e-commerce
systems from unauthorized access, their effectiveness requires proper configuration.
7. Absence of security updates: Neglecting software updates and security patches
increases a system's susceptibility to exploitation.
8. Insecure APIs: APIs linking various system components become targets for
attackers if not adequately secured.
9. Vulnerabilities in third-party software: Many e-commerce systems depend on third-
party software, which might have its own vulnerabilities.
10. Internal security risks: Employees with access to sensitive data pose substantial
threats if not properly trained in security protocols or if they harbor malicious intent.

The 10 attacks in my eBay-like system:

1. Phishing attacks: Misleading emails or messages mimicking credible sources,

aiming to deceive individuals into sharing confidential details such as passwords or
credit card numbers.
2. Distributed Denial of Service (DDoS) attacks: Flooding a website with traffic from
various origins, making it unreachable for regular users.
3. SQL injection attacks: Exploiting vulnerabilities within a website's database to add
or retrieve data, potentially permitting unauthorized entry to sensitive information
like user account specifics or payment data.
4. Cross-site scripting (XSS) attacks: Injecting harmful code into a website, running
within a user's web browser, possibly enabling hackers to filch user data or gain
control over user accounts.
 5. Man-in-the-middle (MITM) attacks: Intercepting communication between a user
and a website to steal sensitive data or modify messages.
6. Magecart attacks: Compromising a website's payment mechanism to pilfer credit
card details entered by users.
7. Clickjacking attacks: Tricking users into clicking on a concealed or camouflaged
element on a website, potentially permitting attackers to execute actions on behalf
of users clandestinely.
8. Ransomware attacks: Infecting a website's server or a user's device with malicious
software that encrypts files and demands payment for decryption.
9. Supply chain attacks: Infiltrating a third-party service or product integral to the
website, potentially granting hackers access to user data or the website's structure.
10. Account takeover attacks: Pilfering user login information or employing stolen
credentials to access user accounts on the website, potentially facilitating
unauthorized transactions or access to sensitive data.

The 10 threats in my eBay-like system:

1. Breaching eBay's payment system: Intruders may exploit weaknesses within eBay's
payment infrastructure to conduct deceitful transactions or siphon money from
users.
2. Partner-related security shortcomings: If an eBay partner has security weaknesses,
attackers could exploit these to breach eBay's system or access user data.
3. Intrusion via exhaustive password guessing: Attackers try to access user accounts
by attempting all possible password combinations.
4. Exploiting software vulnerabilities for intrusion: Leveraging weaknesses in eBay's
system software to gain unauthorized access.
5. Denial-of-Service (DoS) Attack: Overloading eBay's system with a flood of invalid
requests, making it unavailable to genuine users.
6. Infiltration through deceptive emails (Phishing): Deceiving users with misleading
emails to obtain personal data or login credentials.
 7. Malware infiltration: Attempting to introduce harmful software (like viruses,
trojans, or ransomware) into eBay's system to cause damage.
8. Identity theft: Utilizing eBay users' personal information to impersonate them and
conduct unauthorized actions or fraudulent activities.
9. Attacks on vulnerable connections: Intercepting or stealing data when users access
eBay's system through insecure connections, such as unencrypted networks or
public Wi-Fi.
10. Theft of personal information: Unauthorized access to eBay's database containing
sensitive user information, such as names, addresses, and credit card numbers.

The 10 controls in my eBay-like system:

1. Regulate access: Enforce stringent controls over entry to sensitive systems and data,
allowing only authorized individuals to gain access.
2. Enable multi-layered authentication: Demand users authenticate through diverse
methods, like passwords and biometric data, to decrease the chances of unauthorized
entry.
3. Network partitioning: Divide the network into smaller sections, each with limited
access, to mitigate potential attack impacts.
4. Firewall implementation: Set up firewalls to sift through network traffic, preventing
unauthorized entry to sensitive information.
5. Systems for detecting and preventing intrusions: Introduce automated systems to
identify and stop unauthorized access attempts and suspicious activities.
6. Consistent software updates and patches: Keep all software updated with the latest
security patches to prevent exploitation of known weaknesses.
7. Data encryption measures: Utilize encryption techniques to protect sensitive data
during storage and transmission, reducing the risk of data breaches and unlawful
access.
8. Regular data backups: Perform frequent backups of essential data to ensure recovery
capability in case of security breaches.
 9. Comprehensive security training: Educate staff and users on optimal security
protocols to minimize vulnerabilities to social engineering attacks and other human-
related mistakes.
10. Contingency planning for incidents: Develop and evaluate plans for responding to
potential security breaches to ensure prompt and efficient reactions when necessary.

Answer 5:

Asset Value Exposure

High. Account information loss

prevents users from accessing the
High. Because it has an
User account system to buy and sell goods, as well
impact on all system
information as having sensitive information stolen
operations
and making transactions against the
wishes of the account holder.

High. Because sellers

High. Product loss or incorrect
Product description and buyers exchange
information reduces revenue and
list benefits through
reputation.
products.

High. Because it
System High. Users are unable to access or
determines the system's
infrastructure use system features.
ability to function.

Medium. It has an
User-generated Medium. It has an impact on the
impact on the reputation
content reputation of some sellers.
of some sellers.
 High. Because it has an High. Users cannot make transactions
Economic
impact on system and administrators cannot keep
information
revenue statistics on system revenue

High. Wrong data causes the product

to be delivered to the wrong buyer,
Transaction and High. Because it has an
and loss of transaction information
sales data impact on sales revenue
causes the buyer to lose re-payment
money, resulting in system discredit.

High. Risk of reputational damage if

Intellectual High. it affects eBay's
intellectual property information is
property reputation and credibility
lost or stolen

High. It provides
High. Loss of ability to manage
Data analysis and revenue and activity
business status and detect abnormal
insights status to sellers and
situations is severe.
system administrators.

Medium. When a buyer

Search and finds the right product, it Low. reduces buyers' ability to find
recommendation increases the likelihood the right product, but they can still
algorithms of them making a buy
purchase.

Medium. It has an Medium. If the review rating

Seller ratings and
impact on a seller's information is incorrect, the seller's
feedback
reputation. reputation suffers.
 Threat Probability Control Feasibility

Anti-virus software,
Infected with Technically feasible.
High firewall, file scanning
malware or viruses Need extra cost
and detection

Social engineering
Cryptographic
attacks exploit
techniques must be
human behavior Firewall, encryption of
Medium understood and applied
and trick users into sensitive data
correctly if they are
revealing sensitive
technically feasible.
information

Internal employees The tracking policy of

with authorized the company is in effect,
Feasible in business
access misuse or Medium and only key
processes
steal sensitive administrators have
information access to these records.

The software has Enhanced maintenance

Requires costs, human
not been updated or Low and error detection
resources and time
patched updates

Logging changes is
Phishing attacks
simpler and easier but
aim to steal login Changes in the database
requires storage
credentials or High are logged by biometric
resources, which is
financial security.
technically feasible but
information
expensive.

Distributed denial
of service (DDoS)
High
attacks can disrupt
website availability
Firewall, Increased
network bandwidth:
increasing network
Technically feasible.
bandwidth can help
Need extra cost
absorb a DDoS attack
and keep the website
operational.

Advanced persistent Standardize and Feasible in the

threats can regularize software development process.
Medium
penetrate and go development and Needs costs, resources,
undetected maintenance processes people and time

In business processes,
When linking, this
this is possible.
Errors or violations property specifies the
Logging changes is
by third party Medium control policy. All
simpler and easier, but
service providers activities are being
it necessitates storage
tracked and logged.
space.

Natural disasters or Costs, human

other unexpected Improve security and resources, and backup
events may disrupt Low implement a backup and recovery
operations and recovery mechanism necessitate storage
cause data loss resources

Enhance security,
Physical security Costs, human
regularly check, and
threats such as theft Low resources, and backup
implement backup
or damage to and recovery
recovery mechanisms
critical hardware necessitate storage
components resources

Answer 6:

1. Ensuring authorized access is critical for system security. Strong passwords, multi-
factor authentication, and role-based access control bolster this.
2. Utilizing secure communication protocols like SSL/TLS is crucial for protecting
sensitive data from interception.
3. Encrypting sensitive information such as passwords, payment details, and personal
data is vital to thwart unauthorized access.
4. Implementing robust encryption practices during system development prevents
vulnerabilities and embeds security into the software from the start.
5. Routine security checks are essential to identify and rectify vulnerabilities.
6. Systems require constant monitoring for detecting and responding to security
incidents, with detailed logs retained for investigating breaches.
7. Creating an incident response plan is crucial for managing security issues effectively
and minimizing potential damage.
8. Deploying physical security measures is necessary to prevent unauthorized access
to servers and hardware.
9. Regular data backups are pivotal in averting data loss during security incidents, with
a disaster recovery plan in place for severe scenarios.
10. Adhering to regulations like GDPR, PCI-DSS, and other data protection laws is
imperative for system compliance.
11. Educating users about best security practices and potential risks associated with
system use is crucial.
12. Ensuring secure payment processing systems compliant with relevant regulations is
vital to safeguard user payment information.
 13. Evaluating third-party software or services for security risks and compliance with
standards is essential for system integrity.
14. Thoroughly testing and securely deploying software updates prevent security
vulnerabilities.
15. Securing remote access through authenticated mechanisms and secure
communication protocols is essential to prevent unauthorized entry.

Answer 7:

Use-case: Log in

Misuse-case: Impersonate the user

Actor User (seller or buyer), Attacker

Description The attacker obtains a user's account details

and logs in to undertake illicit acts.

Data Account data information

Attacks To obtain account information, attackers

utilize phishing, keylogging, brute force
attacks, or social engineering.

Use-case: Post products

Misuse-case: Impersonate the seller

Actor Seller, Attacker

Description Attackers pose as vendors in order to

publish invalid or unsafe, low-quality items
for profit.
 Data Product data information

Attacks To obtain seller account information then

post illegal products, attackers utilize
phishing, keylogging, brute force attacks,
or social engineering.

Use-case: Pay

Misuse-case: Falsifying or stealing credit card information

Actor Buyer, Attacker

Description Attackers counterfeit or steal credit card

information from buyers and use it to
conduct illicit online purchases.

Data Transaction information data

Attacks Phishing is used by attackers to steal credit

card information. Or 'man-in-the-middle'
(MITM), in which a hacker intercepts
communication between the user and the
payment site in order to obtain the user's
credit card information

Use-case: Product feedback

Misuse-case: Spam with fake reviews

 Actor Seller, Buyer, Attacker

Description Attackers create fake reviews in order to

increase or decrease the product's trust and
reputation.

Data Product information and reviews data

Attacks Attackers employ techniques to create bots

that automatically spam products with a
large number of false reviews.

Use-case: See detailed product information

Misuse-case: Modify the product price incorrectly

Actor Buyer, Attacker

Description The attacker compromises the data storage

system and modifies the product's
displayed price.

Data Product data

Attacks SQL injection is carried out by the attacker.

Use-case: Filter products

Misuse-case: Overloading Filters

Actor Buyer, Attacker

 Description A user (either a regular user or a hacker)
selects an extensive array of criteria within
the product filter. This action might lead to
a high load on the system, decreasing its
operational efficiency. It can degrade the
user experience or even cause system
failures.

Data The selected criteria within the product

filter, including information such as price,
brand, color, size, and other product
attributes.

Attacks Users select an extensive number of

criteria, sending a large volume of requests
to the system. This could overload the
system and cause operational issues,
reducing responsiveness or causing the
system to crash.

Use-case: Search products

Misuse-case: Manipulating Search Parameters

Actor Users, Attacker

Description A user or hacker modifies search

parameters (such as sorting by price,
filtering by brand) inappropriately to
 obtain inaccurate results or cause system
malfunctions.

Data The search parameters used for filtering or

sorting products, including information
like price, brand, ratings, and other search
conditions.

Attacks Hackers use special strings to alter or

execute unauthorized SQL queries from
the search field, potentially leading to
improper database access or sensitive data
exposure.

Use-case: Choose price

Misuse-case: Manipulating Price Selection

Actor Attacker

Description Users or hackers could utilize the price

selection feature to alter or access pricing
information in an inappropriate or
unauthorized manner.

Data The price range or specific price values

users select to filter products.

Attacks Interfering with Prices: Users modify

prices during selection to view or access
 products at inaccurate or unauthorized
prices.

Use-case: Choose sell method

Misuse-case: Manipulating Sell Method Selection

Actor Attacker

Description Users or potential attackers could exploit

the sell method selection feature to alter or
access selling methods in an inappropriate
or unauthorized manner.

Data The selected selling methods or criteria

users choose to sell their products.

Attacks Altering Selling Methods: Users modify or

tamper with the selected selling methods to
execute sales in unauthorized ways or
access different selling processes.

Use-case: Contact buyer

Misuse-case: Exploiting Contact Buyer Feature

Actor Attacker

Description Users or potential attackers might exploit

the "Contact Buyer" feature to manipulate
or misuse communication with buyers for
inappropriate purposes.
Data Information exchanged or utilized within
the "Contact Buyer" feature, such as
messages, buyer details, or communication
logs.

Attacks Contacting Unauthorized Parties: Users

attempt to use the "Contact Buyer"
function to communicate with individuals
or entities not related to the intended
transaction.
 EXERCISE 5

(ADVANCED TOPICS REVIEW)

Your Name and ID: Trần Phạm Minh Đăng - 2052070

You are required to address the following questions:

Section I: Software reuse

Question 1: What major technical and nontechnical factors hinder software reuse? Do
you personally reuse much software and, if not, why not?

Question 2: List the benefits of software reuse and explain why the expected lifetime of
the software should be considered when planning reuse.

Question 3: What are the significant benefits offered by the application system reuse
approach when compared with the custom software development approach?

Question 4: Why have many large companies chosen ERP systems as the basis for their
organizational information system? What problems may arise when deploying a large-
scale ERP system in an organization?

Section II: Component-based software engineering

Question 5: What are the design principles underlying the CBSE that support the
construction of understandable and maintainable software?

Question 6: The principle of component independence means that it ought to be possible

to replace one component with another that is implemented in a completely different way.
Using an example, explain how such component replacement could have undesired
consequences and may lead to system failure.

Question 7: What are the essential differences between CBSE with reuse and software
processes for original software development?

Question 8: It has been suggested that an independent certification authority should be

established. Vendors would submit their components to this authority, which would
validate that the component was trustworthy. What would be the advantages and
disadvantages of such a certification authority?

Section III: Distributed systems engineering

Question 9: What do you understand by “scalability”? Discuss the differences between

scaling up and scaling out and explain when these different approaches to scalability may
be used

Question 10: Explain why distributed software systems are more complex than
centralized software systems, where all of the system functionality is implemented on a
single computer.

Question 11: You have been asked to design a secure system that requires strong
authentication and authorization. The system must be designed so that communications
between parts of the system cannot be intercepted and read by an attacker. Suggest the
most appropriate client–server architecture for this system and, giving the reasons for
your answer, propose how functionality should be distributed between the client and the
server systems

Question 12: Using a distributed component approach, propose an architecture for a

national theater booking system. Users can check seat availability and book seats at a
group of theaters. The system should support ticket returns so that people may return
their tickets for last-minute resale to other customers

Section IV: Service-oriented software engineering

Question 13: Why is it important to define exceptions in service engineering?

Question 14: Standards are fundamental to service-oriented architectures, and it was

believed that standards conformance was essential for successful adoption of a service-
based approach. However, RESTful services, which are increasingly widely used, are not
standards-based. Discuss why you think this change has occurred and whether or not you
think that the lack of standards will inhibit the development and takeup of RESTful
services.
Question 15: What is a workflow? List out the key stages in the process of system
construction by composition.

Question 16: Giving reasons for your answer, suggest two important types of application
where you would not recommend the use of service-oriented architecture

Section V: Systems engineering

Question 17: Give two examples of government functions that are supported by complex
sociotechnical systems and explain why, in the foreseeable future, these functions cannot
be completely automated

Question 18: What is a “wicked problem”? Explain why the development of a national
medical records system should be considered a “wicked problem.”

Question 19: A multimedia virtual museum system offering virtual experiences of

ancient Greece is to be developed for a consortium of European museums. The system
should provide users with the facility to view 3-D models of ancient Greece through a
standard web browser and
should also support an immersive virtual reality experience. Develop a conceptual design
for such a system, highlighting its key characteristics and essential high-level
requirements.

Question 20: You are an engineer involved in the development of a financial system.
During installation, you discover that this system will make a significant number of
people redundant. The people in the environment deny you access to essential
information to complete the system
installation. To what extent should you, as a systems engineer, become involved in this
situation? Is it your professional responsibility to complete the installation as contracted?
Should you simply abandon the work until the procuring organization has sorted out the
problem?
Answer 1:

Major technical and nontechnical factors hinder software reuse:

• The development schedule for the software

• The expected software lifetime

• The background, skills and experience of the development team

• The criticality of the software and its non-functional requirements

• The application domain

• The platform on which the system will run

In recent projects, I've extensively used established libraries for common

functionalities such as authentication, database interactions, and UI components. This not
only accelerates development but also reduces the likelihood of introducing errors, as
these libraries have been thoroughly tested and proven in various contexts.

Answer 2:

Benefit of software reuse:

• Accelerated development

• Effective use of specialists

• Increased dependability

• Lower development costs

• Reduced process risk

• Standards compliance

Expected lifetime of the software should be considered when planning reuse because
if you are developing a long-lifetime system, you should focus on the maintainability of
the system. You should not just think about the immediate benefits of reuse but also of
the long-term implications. Over its lifetime, you will have to adapt the system to new
requirements, which will mean making changes to parts of the system. If you do not have
access to the source code of the reusable components, you may prefer to avoid off-the
shelf components and systems from external suppliers. These suppliers may not be able
to continue support for the reused software. You may decide that it is safer to reuse open-
source systems and components

Answer 3:

Benefit:

• As with other types of reuses, more rapid deployment of a reliable system may be
possible.

• It is possible to see what functionality is provided by the applications, and so it is

easier to judge whether or not they are likely to be suitable. Other companies may
already use the applications, so experience of the systems is available.

• Some development risks are avoided by using existing software. However, this
approach has its own risks, as I discuss below.

• Businesses can focus on their core activity without having to devote a lot of
resources to IT systems development.

• As operating platforms evolve, technology updates may be simplified as these are

the responsibility of the application system vendor rather than the customer.

Answer 4:

At a larger scale, an Enterprise Resource Planning (ERP) system may support the
manufacturing, ordering, and customer relationship management processes in a large
company.

Problem:

• The obvious limitation of this approach to reuse is that the functionality of the
customer’s application is restricted to the functionality of the ERP system’s built-
in modules. If a company needs additional functionality, it may have to develop a
separate add-on system to provide this functionality
 • the buyer company’s processes and operations have to be defined in the ERP
system’s configuration language. This language embeds the understanding of
business processes as seen by the system vendor, and there may be a mismatch
between these assumptions and the concepts and processes used in the customer’s
business. A serious mismatch between the customer’s business model and the
system model used by the ERP system makes it highly probable that the ERP
system will not meet the customer’s real needs (Scott 1999).

• ERP systems usually require extensive configuration to adapt them to the

requirements of each organization where they are installed.

• Once the configuration settings are completed, the new system is then ready for
testing. Testing is a major problem when systems are configured rather than
programmed using a conventional language

Answer 5:

Underlying CBSE are sound design principles that support the construction of
understandable and maintainable software:

1. Components are independent, so they do not interfere with each other’s operation.
Implementation details are hidden. The component’s implementation can be
changed without affecting the rest of the system.

2. Components communicate through well-defined interfaces. If these interfaces are

maintained, one component can be replaced by another component providing
additional or enhanced functionality.

3. Component infrastructures offer a range of standard services that can be used in

application systems. This reduces the amount of new code that has to be
developed.

Answer 6:

In a standard car, the braking system includes components like brake pads, rotors,
and a hydraulic system to transmit force from the brake pedal to the brakes themselves.
Now, let's say there's a manufacturer who designs a new, innovative braking system. This
new system replaces the traditional hydraulic system with an electronic braking system
that uses sensors and computer-controlled actuators to apply the brakes.

According to the principle of component independence, one should be able to replace the
braking system with this new electronic system, which operates differently but performs
the same function—slowing down or stopping the car.

However, despite the similar intended function, simply swapping the traditional
braking system with this new electronic system might lead to undesired consequences or
system failure for several reasons:

• Compatibility Issues: The new electronic system might not integrate seamlessly
with other components in the car, causing compatibility issues. For instance, the
electronic system might require different power requirements or communication
protocols that the existing car's infrastructure cannot support.

• Performance Variability: The electronic system might not perform consistently

under all conditions. It could have vulnerabilities to external interference or
malfunction due to environmental factors like extreme temperatures,
electromagnetic interference, or moisture, impacting its performance and
reliability.

• Safety Concerns: The new system might have unanticipated failure modes or
behaviors that compromise safety. For instance, if the electronic system
experiences a glitch or software malfunction, it could potentially fail to apply the
brakes or apply them unexpectedly, leading to accidents.

• Training and Adaptation: Mechanics and users might need specialized training to
understand and maintain the new system. If there isn't adequate knowledge
transfer or resources for this, it could lead to improper maintenance or usage,
resulting in failures.

Answer 7:

1. The user requirements are initially developed in outline rather than in detail, and
stakeholders are encouraged to be as flexible as possible in defining their
 requirements. Requirements that are too specific limit the number of components
that could meet these requirements. However, unlike incremental development,
you need a complete description of the requirements so that you can identify as
many components as possible for reuse.

2. Requirements are refined and modified early in the process depending on the
components available. If the user requirements cannot be satisfied from available
components, you should discuss the related requirements that can be supported by
the reusable components. Users may be willing to change their minds if this means
cheaper or quicker system delivery.

3. There is a further component search and design refinement activity after the
system architecture has been designed. Apparently, usable components may turn
out to be unsuitable or may not work properly with other chosen components. You
may have to find alternatives to these components. Further requirements changes
may therefore be necessary, depending on the functionality of these components.

4. Development is a composition process where the discovered components are

integrated. This involves integrating the components with the component model
infrastructure and, often, developing adaptors that reconcile the interfaces of
incompatible components. Of course, additional functionality may also be required
over and above that provided by reused components.

Answer 8:

- Advantages:

• Standardization: It promotes a standardized set of criteria or benchmarks for

assessing component trustworthiness. This standardization helps users or
integrators in comparing and selecting components more easily.

• Trust and Confidence: Users gain confidence in the reliability and security of
certified components. This trust encourages wider adoption of certified
components, enhancing overall system integrity.
 • Risk Mitigation: Certification helps mitigate risks associated with using
unverified or potentially flawed components, reducing the chances of system
failures, vulnerabilities, or malfunctions.

• Regulatory Compliance: It could assist in meeting regulatory standards by

ensuring that components meet certain quality, safety, and security
requirements, especially in critical systems like healthcare, transportation, and
infrastructure.

- Disadvantages:

• Cost and Time: Obtaining certification can be a lengthy and expensive process
for vendors. Smaller manufacturers or startups might face barriers to entry due
to the costs involved, potentially limiting innovation and market diversity.

• Potential Bias or Corruption: There could be concerns regarding the

independence and impartiality of the certification authority. Any bias,
corruption, or lack of transparency within the authority could compromise the
credibility of certifications.

• Dynamic Technology Challenges: Technology evolves rapidly, and

certification processes might struggle to keep up with these changes.
Certifications might become outdated quickly, leading to components being
certified based on outdated standards.

Answer 9:

• Scalability: In principle at least, distributed systems are scalable in that the

capabilities of the system can be increased by adding new resources to cope with
new demands on the system. In practice, the network linking the individual
computers in the system may limit the system scalability.

• Scaling up means replacing resources in the system with more powerful resources.
Scaling out means adding more resources to the system (e.g., an extra web server
to work alongside an existing server). Scaling out is often more cost-effective than
scaling up, especially now that cloud computing makes it easy to add or remove
 servers from a system. However, this only provides performance improvements
when concurrent processing is possible. when considering scalability in the
context of SaaS, you are considering “scaling out” rather than “scaling up.”

Answer 10:

It is harder to understand the emergent properties of distributed systems because of

the complexity of the interactions between system components and system infrastructure.
For example, rather than being dependent on the execution speed of one processor,
system performance depends on network bandwidth, network load, and the speed of other
computers that are part of the system. Moving resources from one part of the system to
another can significantly affect the system’s performance.

Client–server architectures are usually thought of as distributed systems

architectures, but the logical model of independent services running on separate servers
can be implemented on a single computer

Answer 11:

For a system requiring robust authentication, authorization, and secure

communication, the Multi-Tier Architecture suits best. This architecture divides the
application into three interconnected yet distinct components, each assigned specific
functionalities:

1. Presentation Tier (Client):

- Handles the user interface and interactions.

- Presents information and gathers input.

- Manages initial user authentication securely by verifying credentials.

- Can incorporate secure communication methods like data encryption before

transmission.

2. Application Tier (Server):

- Processes the application's business logic.

- Conducts authentication and authorization checks based on user requests.

 - Ensures secure execution of sensitive operations and proper user permissions.

- Manages session information and user states securely.

3. Data Tier (Server):

- Manages data storage and retrieval.

- Stores user profiles, access permissions, and pertinent data securely.

- Encrypts data at rest to prevent unauthorized access even if storage is

compromised.

Reasons for Opting Three-Tier Architecture:

1. Scalability: Easily scales each tier as per specific application needs.

2. Maintainability: Dividing concerns into three tiers enhances application

maintainability, isolating updates in one tier from affecting others.

3. Security: Distributes responsibilities, facilitating security implementation at each

level, e.g., enforcing secure communication channels between tiers.

4. Flexibility: Allows diverse technology choices for each tier based on their
specific requirements.

Secure Functionality Distribution:

1. Client (Presentation Tier): Executes initial user authentication and implements

encryption for secure communication.

2. Application Server (Application Tier): Handles critical authorization, business

logic, and manages secure user sessions.

3. Database Server (Data Tier): Encrypts data at rest and enforces robust access
controls to prevent unauthorized database access.

Answer 12:

A suitable architecture for a national theater booking system that requires

functionalities such as seat availability checks, bookings, and ticket returns would be the
Multi-tier client–server architecture.
Presentation Tier:

- Often referred to as the client tier, it manages the user interface and interactions.

- It presents information to users and collects user inputs.

Application Tier (Middle Tier):

- Manages the business logic and application processing.

- Includes microservices or components handling seat availability, bookings,

payment processing, and ticket returns.

Data Tier:

- Manages the database housing seat information, user details, bookings, and
transactions.

Key Features and Considerations:

- Scalability: Enables horizontal scaling by adding servers to the application tier,

distributing the workload.

- Security: Supports security implementation at both presentation and application

tiers, including authentication and authorization.

- Data Integrity: Ensures secure and consistent data storage in the data tier.

- Separation of Concerns: Divides responsibilities, with the presentation tier

managing the user interface, the application tier handling business logic, and the
data tier managing data storage.

- Flexibility: Changes in one tier don't necessarily impact others, allowing

flexibility in development and maintenance.

- Client–Server Communication: Uses well-defined APIs for communication

between presentation and application tiers, ensuring clear responsibilities.

- Reliability: Offers fault tolerance; if one server fails in the application tier, others
can continue functioning.
Answer 13:

Defining exceptions in service-oriented software engineering is crucial for several

reasons:

1. Error Handling: Exceptions define how errors or exceptional situations are

handled within services. They allow developers to manage unexpected scenarios,
ensuring that the system doesn't crash or produce incorrect results when something
goes wrong.

2. Communication and Documentation: Exception definitions serve as a form of

communication between different components or services within a system. They
document the potential issues or problems that can arise, aiding developers in
understanding how to interact with services and how services might behave under
various circumstances.

3. Service Reliability and Robustness: Properly defining exceptions helps in

building more robust and reliable services. By anticipating potential issues and
explicitly defining how to handle them, services become more resilient and can
recover from errors gracefully, maintaining system stability.

4. Debugging and Troubleshooting: Well-defined exceptions provide crucial

information for debugging and troubleshooting. They offer insights into what went
wrong and why, facilitating the process of identifying and fixing issues in the
system.

5. Maintainability and Scalability: Exception definitions contribute to the

maintainability and scalability of the service-oriented architecture. They enable
developers to write more maintainable code by enforcing error-handling practices
and allow for easier expansion or modification of services without compromising
stability.

Overall, defining exceptions in service engineering is a proactive approach that

enhances system reliability, promotes better communication between components, and
ensures smoother operations by effectively managing unexpected situations.
Answer 14:

The shift towards RESTful services, despite not being standards-based in the
traditional sense, has been driven by several factors that reflect the evolving
landscape of software development and the changing needs of modern applications:

1. Simplicity and Ease of Use: RESTful services are based on straightforward

principles utilizing HTTP methods like GET, POST, PUT, and DELETE. This
simplicity makes them easier to understand, implement, and consume compared to
more complex, standards-heavy protocols. This simplicity has played a significant
role in their widespread adoption.

2. Flexibility and Scalability: RESTful services offer flexibility in terms of data

formats (typically using JSON or XML), making them adaptable across various
platforms and devices. This flexibility aligns well with the demands of modern
applications that require scalability and the ability to work across diverse
environments.

3. Alignment with Web Standards: RESTful services leverage existing web

standards and practices, making them a natural fit for web-based architectures.
They build on HTTP, which is itself a well-established and widely adopted
protocol, reducing the need for additional standards.

4. Practical Implementation over Rigidity: Rather than adhering strictly to

standardized protocols, REST focuses on practicality and real-world usage. This
approach prioritizes the practical implementation of services that fulfill specific
requirements over rigidly conforming to predetermined standards.

Regarding whether the lack of standards inhibits the development and uptake of
RESTful services:

1. Interoperability and Consistency: The absence of strict standards might lead to

inconsistencies in how RESTful APIs are implemented by different providers.
This could affect interoperability between services and might pose challenges
when integrating various systems.
 2. Documentation and Governance: Without standardized specifications,
documenting RESTful services and ensuring governance across different
implementations can become challenging. This lack of standardization might
hinder the creation of robust documentation and governance practices.

3. Potential for Variability: The lack of standards might result in variability in how
different RESTful services handle common functionalities. This variability could
affect compatibility and ease of integration between services.

However, despite these potential drawbacks, the flexibility, simplicity, and alignment
with existing web standards have fueled the widespread adoption of RESTful services.
While lacking strict standards, RESTful services offer a pragmatic and adaptable
approach that has proven effective for many modern applications. Efforts to standardize
certain aspects, like OpenAPI for documenting RESTful APIs, aim to mitigate some of
these challenges while maintaining the inherent advantages of REST.

Answer 15:

Workflow is a set of activities ordered in time, with each activity carrying out some
part of the work. A workflow is a model of a business process; that is, it sets out the steps
involved in reaching a particular goal that is important for a business.

1. Formulate outline workflow: In this initial stage of service design, you use the
requirements for the composite service as a basis for creating an “ideal” service
design. You should create a fairly abstract design at this stage, with the intention
of adding details once you know more about available services.

2. Discover services: During this stage of the process, you look for existing services
to include in the composition. Most service reuse is within enterprises, so this may
 involve searching local service catalogs. Alternatively, you may search the
services offered by trusted service providers, such as Oracle and Microsoft.

3. Select possible services: From the set of possible service candidates that you have
discovered, you then select possible services that can implement workflow
activities. Your selection criteria will obviously include the functionality of the
services offered. They may also include the cost of the services and the quality of
service (responsiveness, availability, etc.) offered.

4. Refine workflow: On the basis of information about the services that you have
selected, you then refine the workflow. This involves adding detail to the abstract
description and perhaps adding or removing workflow activities. You may then
repeat the service discovery and selection stages. Once a stable set of services has
been chosen and the final workflow design established, you move on to the next
stage in the process.

5. Create workflow program: During this stage, the abstract workflow design is
transformed to an executable program and the service interface is defined. You
can implement workflow programs using a programming language, such as Java
or C#, or by using a workflow language, such as BPMN (explained below). This
stage may also involve the creation of web-based user interfaces to allow the new
service to be accessed from a web browser.

6. Test completed service or application: The process of testing the completed,

composite service is more complex than component testing in situations where
external services are used.

Answer 16:

Service-Oriented Architecture (SOA) might not be the most suitable approach for
certain types of applications due to various reasons, including complexity, overhead, or
specific requirements. Here are two important types of applications where using SOA
might not be recommended:

1. Real-time or Latency-Sensitive Applications:

 • Reasoning: SOA involves communication between distributed services over a
network. This communication introduces latency, which might not be suitable for
real-time applications.

• Examples: Applications like high-frequency trading systems in finance, real-time

control systems in manufacturing, or certain types of gaming applications require
extremely low latency and immediate response times. The overhead introduced by
service communication in SOA may not align with these stringent latency
requirements.

2. Small-scale or Simple Applications:

• Reasoning: Implementing an SOA introduces complexity in terms of service

design, communication protocols, and governance. For small-scale applications
with straightforward functionalities, this additional complexity might outweigh the
benefits.

• Examples: Basic websites or simple applications with minimal data exchange

needs might not benefit significantly from the architectural overhead introduced
by SOA. These applications may be better served by simpler, monolithic
architectures.

In these cases, alternatives like monolithic architectures or lightweight microservices

might be more suitable. Monolithic architectures, despite having limitations in terms of
scalability and flexibility, could be sufficient for small-scale applications with
straightforward requirements. Additionally, for latency-sensitive applications,
architectures specifically designed to minimize communication overhead, such as event-
driven architectures or direct data exchange systems, might be more appropriate than the
service-based approach of SOA.

Answer 17:

- Two examples of government functions reliant on complex sociotechnical

systems include:
 • Taxation and Revenue Management: Governments manage tax collection
and revenue through intricate systems involving databases, software,
regulations, and human oversight. Automation has streamlined some processes,
but certain aspects like complex audits, interpreting intricate tax laws, handling
exceptions, and making judgment calls based on nuanced situations often
require human intervention. The interpretation of laws and dealing with unique
circumstances often necessitate human judgment that machines, with their
current capabilities, find challenging to replicate accurately.

• Legal and Judicial Systems: Courts and legal systems heavily depend on
sociotechnical systems. While automation has aided in case management,
document processing, and legal research, the legal domain involves complex
decision-making, interpretation of laws, and understanding the nuances of
human behavior and context. Judges often require a deep understanding of
societal norms, ethics, and the ability to exercise discretion in unique cases.
The emotional and subjective elements of human behavior, coupled with the
ethical and moral dimensions, make complete automation of these systems
challenging.

- In the foreseeable future, complete automation faces several challenges:

• Complexity and Variability: Sociotechnical systems handling government

functions often encounter a wide array of scenarios, each with its unique
challenges. While automation can handle routine tasks, dealing with
unforeseen, novel, or highly complex situations where context, ethics, and
human judgment play a pivotal role remains a significant challenge.

• Ethical and Moral Dilemmas: Certain decisions within government functions

involve ethical or moral considerations that may not be programmatically
resolved. For instance, sentencing in legal systems or making decisions based
on societal impact often requires a deep understanding of human values and
emotions, something AI struggles to emulate comprehensively.
 • Human Judgment and Interpretation: Government functions frequently
necessitate interpretation, discretion, and judgment calls that are highly
context-dependent. While AI can process vast amounts of data, understanding
context, subtleties in human interactions, and applying nuanced reasoning
remain tasks where human judgment holds a significant advantage.

Answer 18:

- A wicked problem is a problem that is so complex and that involves so many

related entities that there is no definitive problem specification. Different
stakeholders see the problem in different ways, and no one has a full
understanding of the problem as a whole. The true nature of the problem may only
emerge as a solution is developed.

- The development of a national medical records system embodies characteristics of

a wicked problem due to:

• Complexity and Interconnectedness: Creating a national medical records

system involves integrating data from diverse sources, such as hospitals,
clinics, pharmacies, and laboratories. These systems need to be interoperable,
ensuring seamless communication and data exchange between different entities
while maintaining security and privacy standards. The complexity arises from
the varied formats, standards, and technologies used across different healthcare
institutions.

• Diverse Stakeholders and Interests: Healthcare involves numerous

stakeholders—patients, healthcare providers, insurers, policymakers, and
technology vendors—each with their own priorities, needs, and concerns.
Balancing these interests while designing a system that serves all stakeholders
and meets regulatory requirements is a significant challenge.

• Constantly Evolving Technological Landscape: Technology in healthcare is

continually evolving. Implementing a system that remains adaptable and up-to-
 date with technological advancements while ensuring backward compatibility
is a substantial challenge.

• Financial and Resource Constraints: Developing a national medical records

system requires considerable investment in terms of finances, technology,
infrastructure, and human resources. Allocating resources efficiently and
sustainably is a significant hurdle.

Answer 19:

Key Features:

- Multimedia Integration: Include a diverse array of multimedia elements like 3-D

models, images, videos, audio narratives, and textual data relating to ancient
Greek culture, architecture, history, and artifacts.

- Interactivity and Engagement: Enable user interaction within the virtual space,
facilitating exploration, artifact manipulation, and detailed information access via
clicks, gestures, or voice commands.

- Scalability and Compatibility: Ensure compatibility across multiple devices,

spanning standard web browsers on computers to immersive VR headsets,
guaranteeing a consistent user experience regardless of hardware.

- Immersive VR Experience: Provide a deeply immersive VR setting enabling

users to navigate ancient Greek settings, landmarks, and historical sites via VR
headsets, fostering a sense of realism and presence.

- Accessibility and Ease of Use: Design an intuitive interface catering to users with
diverse technological proficiency, integrating accessibility features and user-
friendly navigation and controls.

- Data Protection and Privacy: Implement robust security protocols to safeguard

sensitive data, adhering to privacy regulations concerning user information and
system transactions.
High-Level Requirements:

- 3-D Modeling and Display: Create high-quality 3-D models showcasing ancient
Greek architecture, landscapes, artifacts, and historical sites for presentation on
both web browsers and VR platforms.

- Cross-Platform Compatibility: Develop a platform-neutral system compatible

with major web browsers (Chrome, Firefox, Safari, etc.) and capable of seamless
transition to immersive VR experiences on supported devices.

- User Interaction and Navigation: Establish user-friendly controls for virtual

environment exploration, artifact interaction, access to detailed information (text,
audio, video), and navigation across different locations within ancient Greece.

- Immersive VR Integration: Incorporate VR technology utilizing tools like

VRML (Virtual Reality Modeling Language) or WebXR to deliver a lifelike
experience compatible with VR headsets.

- Content Management System (CMS): Design a robust CMS enabling content

creation, curation, and management, facilitating easy updates, additions, and
maintenance of multimedia content.

- Performance Optimization: Ensure optimized system performance to enable

smooth rendering, quick loading times, and minimal latency, particularly within
VR environments, to prevent user discomfort.

- Museum Collaboration: Collaborate closely with consortium museums to acquire

accurate historical data, artifacts, and expert insights, ensuring authenticity and
educational value.

- Testing and User Feedback: Conduct comprehensive testing across various

devices and user demographics to gather feedback for iterative enhancements,
refining user experience and system performance.

Answer 20:
 Your foremost focus should be on ethical values, transparency, and the responsible
implementation of technology. While meeting contractual duties is essential, it's equally
critical to ensure that the technology adheres to ethical norms and doesn't lead to
unnecessary harm. Abandoning the project should be a final option, to be considered only
if proceeding poses substantial ethical or societal risks. Instead, prioritize engaging
stakeholders, promoting responsible deployment, and finding remedies that minimize
adverse effects while meeting the project's goals.