Professional Documents
Culture Documents
You are given an exercise that requires to build an Amazon-like software system ...
(https://www.junglescout.com/how-to-sell-on-amazon-fba/)
Answer 1:
Answer 2:
a. Use-case
b. Deployment Architecture:
• Robust security measures are put in place to safeguard user data and secure payment
transactions.
• A key focus is placed on delivering a user-friendly interface for both sellers and customers.
• Stringent data validation and integrity checks are implemented to uphold the accuracy of
information stored in the database.
• Efforts are made to optimize system performance to achieve quicker response times.
• High system availability and fault tolerance mechanisms are in place to mitigate disruptions.
• Analytics may be employed to monitor user behavior and assess website performance, if
necessary.
• The system follows a Service-Oriented Architecture (SOA), where diverse functions are
implemented as independent, self-contained services.
• The database system is distributed and regularly backed up to maintain data consistency and
ensure the capability to recover data when needed.
Answer 3:
+ Redundancy: Maintaining multiple versions of critical components to ensure that if one version
encounters an issue such as Hardware, Software or Operational failures, a backup version can be
utilized. For example, having backup storage for databases or servers, with redundant copies of
the system readily available
+ Diversity: Provide the same functionality in different ways in different components so that they
will not fail in the same way. For instance, implementing payment processing functionality
through various different methods to ensure that if one method encounters an issue or becomes
unavailable, there are still alternative backup options.
+ Redundant and diverse components should be independent so that they will not suffer from
‘common-mode’ failures. For example, components implemented in different programming
languages means that a compiler fault will not affect all of them.
+ Utilize a diverse range of process activities: Process activities, such as validation, should not
depend on a single approach, such as testing, to validate the system. Redundant and diverse
process activities are important such as conduct static analysis, reliability testing especially for
verification and validation.
+ The augmentation and diversification of process activities: Multiple, different process activities
complement each other and allow for cross-checking help to avoid process errors that could
potentially lead to software defects. For instance, combining quality assurance checks with
reliability testing to ensure the accuracy and dependability of the system.
Answer 4:
Hardware failures:
1. Server Outages: When the primary servers hosting the system experience hardware failures,
it can disrupt access to the platform.
3. Storage Disk Failures: If storage disks fail; it can result in data loss and impact the system's
ability to retrieve product information and user data.
4. Power Supply Failures: Failures in power supply units can lead to server shutdowns,
causing downtime for the entire system.
5. Database Server Crashes: Hardware failures in database servers can disrupt data retrieval
and storage processes, affecting order processing and customer management.
6. Load Balancer Malfunctions: Load balancer hardware failures can disrupt the distribution
of incoming traffic, affecting system availability and performance.
7. Router Failures: Routers are critical for directing data traffic, and their failures can result in
network issues, hindering user access to the platform.
8. Firewall Hardware Issues: Failures in firewall hardware can compromise system security,
potentially exposing sensitive user data to threats.
9. Storage Area Network (SAN) Failures: SAN hardware failures can impact data storage and
retrieval, affecting the system's ability to manage orders and customer data.
10. Point of Sale (POS) Terminal Failures: Hardware failures in POS terminals can disrupt in-
store transactions, impacting the overall sales process.
Software failures:
1. Software Bugs and Glitches: Unexpected errors, crashes, or unexpected behavior due to
software bugs can disrupt the shopping experience.
2. Database Corruption: Data corruption or loss within the database can result in inaccurate
product information, order processing issues, and customer data loss.
3. Authentication Failures: Issues with user authentication can prevent users from accessing
their accounts or making purchases.
5. Inventory Management Errors: Software errors in inventory management can result in out-
of-stock or overstocked items, affecting order fulfillment.
7. Security Vulnerabilities: Software vulnerabilities can lead to data breaches, exposing user
information and payment details.
9. Content Management Issues: Problems with content management systems can lead to
incorrect product descriptions, pricing, or images.
10. Order Processing Errors: Software failures in order processing can result in incorrect order
fulfillment, shipping delays, or customer dissatisfaction.
Operational failures:
1. Server Overload: High traffic or unexpected spikes in user activity can lead to server
overloads, causing slow response times or service outages.
2. Network Outages: Network failures or disruptions from users can result in communication
breakdowns between system components and users.
3. Power Outages: Electrical power failures from users can lead to server and data center
shutdowns, causing system downtime.
4. Customer Account Management Issues: Operational issues in customer account
management, such as data loss or errors in updating personal information, can cause
difficulties for customers and impact their experience.
6. Software Updates Gone Wrong: Users applying software updates or patches without proper
testing can introduce new issues or vulnerabilities into the system.
7. Inventory Management Problems: Users failures in tracking and managing inventory can
result in incorrect stock levels and order fulfillment issues.
8. Logistics and Shipping Delays: Operational failures in the logistics and shipping processes
can lead to delayed deliveries and customer dissatisfaction.
9. Customer Support Issues: Inadequate customer support or response times can negatively
impact customer satisfaction and retention.
10. Supplier or Vendor Failures: Dependence on third-party suppliers or vendors for products
or services can result in operational disruptions if they fail to deliver as expected.
Answer 5:
Redundancy: Keep more than a single version of critical components so that if one fails then a
backup is available.
Diversity: Provide the same functionality in different ways in different components so that they
will not fail in the same way.
=> Redundant and diverse components should be independent so that they will not suffer from
‘common-mode’ failures.
Redundancy issues:
1. Duplicate Orders: Redundancy can lead to duplicate orders being placed, causing confusion
and potential overcharging for customers.
5. Inefficient Data Storage: Storing redundant data can lead to increased storage costs and
slower data retrieval times.
6. Redundant Payment Records: Duplicate payment records can cause financial discrepancies
and difficulties in reconciling transactions.
=> To address these redundancy issues, systems need effective data management strategies,
automated checks, and periodic data cleansing processes to ensure data accuracy and reduce
redundancy.
Diversity issues:
Answer 6:
1. Human mistake: The customer entered the wrong delivery address information
+ System fault: The system does not check the validity of the shipping address
+ System failure: The product was delivered to the wrong address or there was a failure
during the delivery process
+ System fault: The process of updating product information is not done properly
+ System failure: Customers do not receive the latest information about the product and may
not be able to meet their purchasing needs
3. Human mistake: The customer entered incorrect payment information, such as an incorrect
credit card number or incorrectly entered the price to pay
+ System fault: The system does not check the validity of payment information
4. Human mistake: The seller entered incorrect price information of product into the system
+ System fault: The process of entering price information does not check for validity or
correctness
5. Human mistake: The warehouse manager of sellers did not update the correct quantity of
goods
+ System fault: The process of updating product quantities is not done properly
+ System error: The quantity of products in stock is not updated correctly in the system
+ System failure: Customers order products that are out of stock or receive the wrong quantity
Answer 7:
Availability Requirements:
1. System Uptime: Aim for at least 99.99% system uptime, ensuring it is accessible to users
with minimal interruptions.
2. Redundant Servers: Ensure redundancy at the server level to handle hardware failures.
3. Load Handling: The system should be able to handle peak loads without degradation in
performance or availability.
4. Disaster Recovery Time: Have a disaster recovery plan in place to recover the system
within a specified time frame in case of major failures or disasters
5. Data Backup Frequency: Regularly back up data and ensure the ability to restore the system
to a previous state quickly.
6. Fault Tolerance: Set a threshold for the level of fault tolerance required.
Reliability Requirements:
1. Data Trustworthiness: Guarantee the integrity and precision of data to avert data corruption
or loss.
2. Effective Error Management: Develop a robust error-handling system capable of managing
unexpected situations and preventing system crashes.
3. User-Focused Experience: Sustain a consistent and user-friendly interface even when the
system encounters errors or issues.
4. Scalability Capabilities: Ensure the system's adaptability to growing user volumes and
expanding data requirements by supporting horizontal and vertical scaling.
5. Regular Software Maintenance: Keep software and its associated components up-to-date to
address vulnerabilities and ensure system dependability.
6. Security Measures: Implement stringent security protocols to safeguard user data and
forestall unauthorized access or breaches.
7. Resilience to Failures: Construct the system with fault tolerance in mind, allowing it to
endure specific faults without causing service interruptions.
8. Recovery Timing: Establish clear guidelines for the maximum permissible downtime and
the duration required for recovery from system failures.
10. Comprehensive Regression Testing: Conduct thorough regression tests to confirm that
system modifications or updates do not introduce reliability challenges.
EXERCISE 2
ID: 2052070
You are given an exercise that requires to build a Grab/Uber-like software system…
Answer 1:
1. About the system:
Grab is a multi-service platform for ride-hailing, food and grocery delivery, and
online payments. Established in 2012, Grab began as a ride-hailing service that connected
passengers with drivers through a mobile app. Over time, Grab expanded its services to
include food and grocery delivery, digital payments, and financial services.
Today, Grab operates in over 400 cities across 8 countries in Southeast Asia and has
become one of the largest and most popular ride-hailing and delivery platforms in the
region. Users can download the Grab app on their mobile devices and use it to book rides,
order food or groceries, make payments for goods and services, and more.
Grab is continuously working on initiatives to enhance its services, such as investing
in electric vehicle fleets, collaborating with public transportation service providers, and
introducing new features like GrabPay, which allows users to make cashless payments for
a wide range of products and services. Additionally, Grab has expanded into financial
services, offering digital wallets, lending, and insurance to its users.
Based on the service modules Grab provides, our app will also offer features that
enable users to hail rides by connecting with drivers, order food, and send packages, as
well as facilitate online payments and communication with customer support and drivers
in the case of ride-hailing services. Furthermore, the system will provide specialized
features for different user categories, including drivers and administrators.
2. How the system work:
2.1 To the user:
To use the online ride-hailing service, users start by selecting either the "Bike" or
"Car" option, depending on whether they want to book a motorcycle or a car. Next, users
choose the pickup location by either entering an address, selecting a destination on the
map, or opting for their current location, allowing the system to connect with GPS. They
also specify their desired destination in a similar manner. Once the user has determined
the pickup and drop-off points, the system displays a relative route on the map, estimates
the travel time, distance, and calculates the fare for the journey. If the user decides to
"Book a Ride," the system leverages GPS to identify nearby drivers who are available
and have no ongoing trips. It then sends the ride request to these drivers.
When a driver accepts the ride request, the system notifies the user with information
about the driver and the vehicle being used. It also displays the driver's location for user
tracking. At this point, the driver and user can communicate with each other to ensure the
driver reaches the pickup location accurately to pick up the user. Upon completing the
trip, users have the option to rate the driver. Additionally, when booking a ride, users can
choose to make an online payment for the fare.
For the food delivery service, users have the option to rely on a list of nearby
restaurants suggested by the system or search for a specific restaurant where they want to
order food. Users can then select the food items they wish to order. They can choose
between online payment or cash payment. Once the user confirms the order, the system
will also search for suitable drivers and send the user's location and information to the
driver. If the driver accepts the delivery request, they can proceed to the restaurant to pick
up the food and then deliver it to the user.
For the parcel delivery service, users provide information about their location and
the recipient's location, along with detailed information about the parcel, such as its
weight, type, and the recipient's contact information. Users can choose whether the
sender or the recipient will be the one to pay for the service. The system calculates the
price based on the distance and parcel details, and presents this quote to the sender. Once
the sender confirms the request, the system searches for suitable drivers and sends them
the information about the delivery. If a driver accepts the request, they can pick up the
parcel and deliver it to the recipient.
2.2 To the driver:
To become a driver in the system and start receiving ride requests, users need to
complete several procedures and operations on the app. Here is the basic process for
becoming a driver within the system:
1. Check Eligibility: Ensure that you meet the requirements to become a driver.
These requirements typically include having a valid driver's license, a registered
and insured vehicle, and a clean driving record.
2. App Registration: Download the driver app on your smartphone, create an
account, and complete the registration process. You will need to provide personal
information, details about your vehicle, and submit documents such as your
driver's license, vehicle registration, and insurance.
3. Attend Scheduled Training: Attend a scheduled training session provided by the
platform. This training will cover the platform's policies, procedures, and features.
Training may be completed either online or in-person.
4. Await Approval: After completing the training, your registration will be
reviewed, and you will be notified once your application is approved.
5. Start Accepting Ride Requests: Once approved, you can start receiving ride
requests through the driver app. Drivers will receive ride requests from users and
can choose to accept or decline them.
6. Complete the Ride: After accepting a ride request, follow the app's instructions to
pick up the passenger and complete the trip. Drivers will receive payment through
the app and can also track their earnings, performance, and user ratings.
By following these steps, users can become drivers in the system and begin offering
their services to passengers.
Answer 2:
Usecase Diagrams:
System architecture:
1. Model (M): Represents the logic for processing data and storing information
within the application. Key components in the Model include:
+ User: Stores information about users, including names, phone numbers,
addresses, etc.
+ Booking: stores information about booking services including place, date, time,
driver,etc.
+ Activity Logs: keep users' history trips, storing details such as the starting point,
destination, time, etc.
+ Rating: Stores information about driver rating, including reason, customers, and
drivers’ details.
+ Payment: Manages payment information, including payment methods and
transaction history, etc.
2. View (V): Represents the user interface, the part with which users directly
interact. Key components in the View include:
+ Login/Registration: Interface for users to log in or register an account.
+ Main Interface: Displays a list of services (such as car, motorcycle, food
delivery), pick fields for starting and ending points, etc.
+ Ride Details: Shows detailed information about a trip, including driver details,
ratings, etc.
+ Ride History: Displays a list of the user's previous trips.
3. Controller (C): Represents the application's controller logic and acts as an
intermediary between the Model and the View. Key components in the Controller
include:
+ Authentication Controller: Handles user authentication and manages
login/registration information.
+ Booking Controller: Manages the process of searching for and booking rides.
+ GPS Controller: manage GPS services to locate location and simulate requested
route.
+ Payment Controller: Handles the process of user’s payment include transaction
methods.
+ Rating Controller: records the rating of customers for services.
+ Notification Controller: manages all services notification.
Answer 3:
10 Human errors:
1. Excessive Requesting: Users may unintentionally submit requests repeatedly,
potentially overwhelming the system.
2. Incorrect Delivery Details: While using the delivery service, users might enter
inaccurate recipient contact information or parcel details, resulting in driver
confusion and potential delays.
3. Forgetting passwords or login information: Users may forget their account
credentials, resulting in difficulty accessing the app and their account.
4. Neglecting to review trip details: Customers may fail to verify pickup and drop-
off locations, leading to unnecessary detours or confusion during the trip.
5. Neglecting GPS Activation: Users may omit activating GPS on their device,
causing the system to be unable to determine their precise location.
6. Missed Ride Deadlines: Users arriving late or not showing up on time can
inconvenience drivers and lead to longer wait times for the next ride.
7. Incorrect Pickup/Drop-off Locations: Users might mistakenly enter inaccurate
pickup or drop-off locations, causing driver confusion and potential delays.
8. Accidental Cancellations: Users might mistakenly cancel a ride after the driver is
on the way, leading to rebooking challenges.
9. Failing to confirm the booking: Customers forget to confirm their ride request,
resulting in drivers not receiving notifications.
10. Omitting Driver Ratings: Users might neglect to provide a rating for the driver
after the trip, which can impact the driver's overall rating.
10 System Faults:
1. Address Data Mishandling: The system mishandles complicated or incorrect
address inputs, and the data validation process is inadequate, resulting in rides
going to incorrect locations or addresses not being located.
2. Maintenance and update errors: Inadequate maintenance and update procedures
can lead to system downtime, reduced service availability, or issues related to
outdated software versions.
3. Scalability Limitations: The system is unable to adapt to a significant increase in
users or a high workload, resulting in system failures or reduced performance.
4. Algorithm Errors in Distance and Pricing: The algorithms used for distance
calculation and fare estimation may provide incorrect results, regardless of
accurate distance data.
5. Absence of Data Synchronization: User and driver data lack proper
synchronization, causing discrepancies in transactions and ride reservations.
6. User interaction errors: Errors in the user interface or user experience can lead to
user confusion, incorrect inputs, or difficulty in navigating the app.
7. Reservation Data Management Errors: Inaccurate management of reservation
data can result in booking conflicts or multiple reservations for the same ride.
8. Notification Mechanism Errors: Flaws in the notification system's logic or data
queries can cause untimely or misdirected notifications to users or drivers during
the booking process.
9. Insufficient Authentication and Security: Inadequate authentication methods
and data security measures can lead to security vulnerabilities and unauthorized
access to user accounts.
10. Performance Issues: The system may not meet performance and response time
expectations, resulting in delays or disruptions during ride booking and transaction
processing.
10 System Errors:
1. “Server Connection Error”: The system fails to establish a connection with
Grab's server, resulting in the inability to access the app or load data.
2. “Payment Processing Error”: When users attempt to make a payment within the
Grab app, the system encounters issues processing the payment, leading to
incomplete transactions or incorrect deductions.
3. “User Identity Verification Failure”: The system struggles to verify the identity
of users, leading to potential security breaches or unauthorized access to accounts.
4. “Unsuccessful Ordering Error”: When users place orders, such as food or parcel
deliveries, the system fails to process the orders successfully or encounters errors
during the ordering process.
5. “Fare Calculation Error”: During fare calculation for rides or services, the
system incorrectly calculates prices or fails to apply discounts or promotions
accurately.
6. “Nearby Vehicle Search Error”: When users request to find a vehicle near their
current location, the system fails to locate or displays the nearest vehicles
inaccurately.
7. “Inaccurate Location Error”: When the Grab app utilizes location services, the
system fails to accurately determine the user's or driver's location, causing
difficulties in locating, navigating, or delivering items.
8. “User Preferences Customization Error”: Users encounter difficulties in
customizing their app settings, leading to frustration and inconvenience due to
non-responsive or confusing customization options.
9. “Complex Address Processing Error”: The system fails to process intricate
addresses correctly, causing confusion in locating pick-up or drop-off points,
especially in crowded or densely populated areas.
10. “Non-functional Notifications” or “Multi-Channel Notification Error”: The
system either does not send notifications or sends them at incorrect times, causing
users to miss updates, ride assignments, or transaction confirmations. Or
notifications maybe sent through multiple channels, such as SMS, email, and in-
app, may not align correctly, leading to users missing important updates or offers.
10 System Failures:
1. Location Identification System Breakdown: The system's inability to accurately
identify user or driver locations, resulting in challenges with pinpointing and
delivering items.
2. Booking System Glitch: Issues in successfully reserving rides, causing users to
have trouble locating vehicles or making bookings.
3. Information Display System Bug: Information displayed on the app interface is
inaccurate or does not reflect the actual status of rides, orders, or transactions.
4. Order Processing System Weakness: The system's inability to process orders
accurately, resulting in missing information, incorrect deliveries, or delays.
5. Order Confirmation Uncertainty: Users may not receive timely confirmations
for placed orders, leaving them uncertain about the status of their request, causing
anxiety and dissatisfaction.
6. Fare Calculation System Defect: Incorrect fare calculations or improper
application of discounts, resulting in inaccurate or unfair user charges.
7. Login System Hiccup: Users encountering login difficulties, preventing them
from accessing or using the app's features.
8. Network Connection Issue: Failures in connecting to the network or Grab's
servers, preventing users from accessing the app or performing actions on it.
9. Payment Handling System Malfunction: Difficulties in processing payments
accurately, leading to incomplete transactions or incorrect deductions.
10. Notification Delivery System Error: Failures in sending notifications to users or
drivers, leading to a lack of critical information about rides, orders, or updates.
Answer 4:
5 functional Reliability requirements for Grab-like system:
1. Payment Processing: The system needs to ensure that all payment transactions
are processed accurately and have robust security mechanisms in place.
2. Backup Database and Data Consistency Check: The system must have a
backup database and implement data consistency checks to safeguard against data
loss or unauthorized alterations resulting from potential security breaches.
3. Real-time Data Synchronization: All user and driver data should be
synchronized in real-time to ensure that changes or updates made by one party are
immediately reflected for all relevant users.
4. Efficient Routing: The system should offer the most efficient routes for drivers to
minimize travel time and reduce the chances of getting lost. It should also
integrate with various GPS and mapping services to mitigate issues in case of
provider failures.
5. User Identity Verification: Implement user identity verification methods to
enhance security and prevent unauthorized access to accounts or services.
5 non-functional Reliability requirements for Grab-like system:
1. Availability: The system must be available for use at least 99.9% of the time
throughout its operational lifespan.
2. Geolocation Accuracy: The probability of users not being able to access maps or
locate driver positions, and drivers not being able to locate passengers, should not
exceed 0.001%.
3. Response Time: The system must respond to user requests within a reasonable
time frame to ensure a smooth user experience. The response time for each task
should not exceed 3 seconds.
4. Update Latency: The delay in updating driver arrival times and new locations on
the map should not exceed 5 seconds.
5. Booking Success Rate: The probability of ride, food order, or package delivery
requests failing when transmitted from users to drivers should not exceed 0.0019,
with a latency of no more than 5 seconds.
Answer 5:
5 functional Availability requirements for Grab-like system:
1. Scalable Server Infrastructure: The system should implement multiple servers
with a load balancer to allocate and process requests efficiently, especially for
high-demand services like ride booking.
2. Real-Time Data Processing: The system must process user requests and data in
real-time, ensuring that users receive responses within a few seconds of their
requests.
3. Scalability: The system must be capable of scaling to handle increasing user
numbers, ride bookings, and transactions without compromising availability or
performance.
4. Third-Party Service Redundancy: For services provided by third parties, such as
online payments and mapping, the system should establish connections with
multiple providers to ensure continuous service availability even if one provider
temporarily suspends its services.
5. Disaster Recovery: The system should have a disaster recovery plan, including
regular data backups, server redundancy, and a system recovery plan in case of a
disaster or system downtime.
5 non-functional Availability requirements for Grab-like system:
1. System Availability: The system must be ready for users 24/7, with a minimum
uptime percentage of at least 99.9%. Downtime should be limited within
scheduled maintenance windows.
2. Security: The system must be secure to protect user data, payment information,
and other sensitive data from unauthorized access or breaches.
3. Maintainability: The system should be easy to maintain, with low maintenance
costs, allowing developers to update the system quickly (within 3 hours of work)
and address any issues without affecting system availability.
4. Database Availability: Database availability should be 99.99% or higher during
business hours.
5. System Downtime: System downtime should be less than 1 minute per week.
Answer 6:
5 Techniques in Fault Avoidance:
1. Code Reviews: Conduct thorough code reviews by peers or automated tools to
identify and rectify coding errors and issues before they propagate into the
production environment. This helps avoid many common programming faults.
2. Static Analysis Tools: Employ static code analysis tools that automatically scan
code for known issues, vulnerabilities, and coding errors. These tools can catch
potential problems early in the development process.
3. Unit Testing: Implement comprehensive unit testing procedures where individual
components or units of code are tested in isolation. This helps identify and address
faults at the code level, ensuring that each part of the system functions correctly.
4. Requirements Analysis: Conduct a detailed analysis of system requirements to
ensure that they are clear, complete, and free from ambiguity. Well-defined
requirements reduce the likelihood of misunderstandings and misinterpretations
that can lead to faults during development.
5. Design Reviews: Perform design reviews to examine the architecture and design
of the system. Identifying and rectifying design flaws and inconsistencies early
can prevent the introduction of critical faults at later stages of development.
5 Techniques in Fault detection and removal:
1. Testing. For example: Automated Testing: Implement automated testing
procedures, including unit testing, integration testing, system testing, and
regression testing, to systematically detect and remove faults. Automated testing
tools can help identify issues in the software under various conditions.
2. Static Analysis. For example: Static Code Analysis: Utilize static code analysis
tools to analyze the source code for potential issues without executing the
software. These tools can detect coding errors, security vulnerabilities, and coding
standards violations.
3. Dynamic Analysis. For example: Dynamic Testing: Conduct dynamic testing
methods, such as black-box testing, white-box testing, and stress testing, to
evaluate the software's behavior during runtime. This helps identify runtime errors,
performance issues, and unexpected behavior.
4. Code Reviews. For example: Peer Code Reviews: Organize regular code reviews
with team members to examine the codebase for faults, inconsistencies, and
potential issues. A fresh pair of eyes can often spot defects that automated tools
might miss.
5. Logging and Monitoring. For example: Application Monitoring: Implement
robust logging and monitoring mechanisms within the software to track its
performance and behavior in real-world scenarios. This allows the identification
and removal of faults that may occur in production environments.
5 Techniques in Fault tolerance:
1. Redundancy. For example:
+ Hardware Redundancy: Introduce redundancy in critical hardware
components, such as processors, memory modules, or storage devices.
Redundant components work in parallel, allowing the system to continue
functioning even if one component fails.
+ Software Redundancy: Implement redundancy in software components, where
backup modules or services are ready to take over in case of primary
component failure. Clustering and failover mechanisms are examples of
software redundancy techniques.
2. Checkpoint and Rollback. For example: Checkpointing: Periodically save the
system's state or a specific application's state. In the event of a failure, the system
can roll back to the last known good state, minimizing data loss and downtime.
Checkpointing is often used in scientific computing and long-running batch
processes.
3. Replication. For example: Server Replication: Duplicate servers or services and
distribute incoming requests among them. If one server fails, client requests can be
redirected to the surviving replicas. This technique is commonly used in web
server clusters and database replication.
4. Error Detection and Correction. For example:
+ Error-Correcting Codes: Use error-detection and correction codes to detect
and repair data corruption during transmission or storage. These codes add extra
bits to data, enabling the recovery of corrupted data.
+ Parity and RAID: Employ techniques like RAID (Redundant Array of
Independent Disks) to detect and recover from disk failures. Parity information
or mirroring is used to ensure data integrity.
5. Distributed Systems . For example:
+ Replication of Data: In distributed systems, replicate data across multiple
servers or locations to ensure availability and fault tolerance. If one node
becomes inaccessible, data remains accessible from other nodes.
+ Quorum Systems: Use quorum-based decision-making to ensure that a
majority of nodes agree on a decision before it is executed. This helps prevent
issues caused by network partitions or node failures in distributed systems.
Answer 7:
Fault-tolerant architectures are designed to ensure that a system or network can continue
to operate and provide its intended functionality, even in the presence of hardware
failures, software errors, or other unexpected events. These architectures are crucial for
applications and systems where high availability and reliability are critical. Here are
some key components and principles of fault-tolerant architectures:
1. Redundancy: Redundancy is a fundamental concept in fault tolerance. It involves
duplicating critical components, such as servers, storage, or network links, and
distributing workloads across them. Redundancy can be implemented at various
levels, including hardware, software, and data.
2. Failover Mechanisms: Failover mechanisms automatically redirect traffic or tasks
from a failed component to a backup or secondary component. For example, in a
server cluster, if one server fails, the load balancer redirects requests to other
healthy servers.
3. Load Balancing: Load balancers evenly distribute incoming requests or
workloads across multiple servers or resources. This not only improves
performance but also provides fault tolerance. If one server fails, the load balancer
directs traffic to others.
4. Data Replication: Data replication involves maintaining multiple copies of data in
different locations or systems. This ensures that data remains available even if one
copy becomes inaccessible or corrupted.
5. Checkpoints and Rollbacks: Systems that use checkpoints periodically save their
state to allow for recovery in the event of a failure. If a failure occurs, the system
can roll back to a known good state.
6. Error Detection and Correction: Error detection techniques, like checksums and
error-correcting codes, identify and, in some cases, correct data corruption or
errors. This is essential for data integrity and fault tolerance.
7. Quorum Systems: Quorum-based decision-making ensures that a majority of
nodes in a distributed system must agree on a decision before it is executed. This
prevents issues caused by network partitions or node failures.
8. Isolation and Containment: Fault-tolerant architectures often employ isolation
and containment techniques to prevent the failure of one component from affecting
the entire system. This can include using containers or virtualization.
9. Scalability: Scalable architectures can accommodate increases in load or demand.
This flexibility is valuable for maintaining performance and availability under
varying conditions.
10. Geographic Distribution: Geographic distribution of resources and services
across different physical locations can protect against site-specific disasters. In the
event of a catastrophe at one location, services can be restored from other
locations.
11. Real-Time Monitoring and Alerting: Continuous monitoring of system health
and performance, combined with real-time alerting, allows administrators to
respond quickly to issues and minimize downtime.
12. Backup and Recovery: Regularly scheduled backups and well-defined recovery
procedures are essential for fault tolerance. Data and configurations should be
backed up, and recovery processes should be tested and documented.
13. Resilient Network Design: Fault-tolerant architectures often include multiple,
diverse network paths and robust communication protocols to ensure network
availability.
Fault-tolerant architectures are designed to minimize the impact of failures and provide
high availability and reliability, making them suitable for applications and systems where
downtime is costly or unacceptable.
Redesign:
Modules Added:
+ Backup Database: This module involves creating a backup database.
+ Data Consistency Checking: This module checks the consistency between the
main database and the backup database.
+ Implementing Multiple Versions for Main Service Modules: Multiple versions are
implemented for critical service modules.
+ Fault Manager: It detects faults within modules and switches between versions as
needed.
EXERCISE 3
ID: 2052070
You are given an exercise that requires to build a Tiki-like software system ...
Answer 1:
1. Product Search: Customers visit the Tiki website and search for products by
entering keywords in the search bar or browsing product categories.
2. Product Selection: Customers select desired products by clicking the "Add to
Cart" button on the product details page. If they wish to buy multiple items,
they can continue browsing and add items to their cart.
5. Receiving and Payment (if COD chosen): If customers opt for cash on
delivery, upon receiving the order, they pay the delivery person the total
amount for the order value.
To start selling products on Tiki's website, a seller needs to follow these steps
after registering an account (pending approval from the system administrator):
1. Create Product Categories: The seller sets up product categories for their
store on Tiki.
2. Upload Products: They add the items they wish to sell to these categories,
updating details like name, description, images, price, promotional deals, and
available quantities. Subsequently, they upload these products onto the
platform. (Legal documentation for the products is required.)
5. Payment and Order Settlement: Once the products are delivered to the
customer, Tiki handles payment to the seller, deducting service fees.
The process of approving product of admin side:
Answer 2:
+ Product: Stores information about products, including name, price, expire date,
quantity, etc.
+ Sale Program: stores information about sale services made by sellers including
buyers’ name, date, time, products , etc.
+ Activity Logs: keep users' history activities, storing details such as previous
online section, searching history, recently products viewing, etc.
+ Rating: Stores information about products rating, including reason, buyers,
sellers and producs’ details.
b. View (V): Represents the user interface, the part with which users directly
interact. Key components in the View include:
+ Profile Interface: display each user’s information such as name, age, address,
order history, favorite books, etc…
+ Main Interface: Displays a list of services (such as books, goods, etc), pick
fields for choosing products and adding to cart, etc.
Answer 3:
Hazard: Refers to situations or events that can lead to an accident. In other words,
hazards are underlying conditions that pose a risk or contribute to the occurrence of an
accident.
For example:
In the case of an e-commerce platform like Tiki, hazards might not directly lead to
accidents as in manufacturing or transportation industries. However, they can contribute
to creating unsafe situations or causing harm to users and businesses.
In complex systems, accidents rarely have a single cause as these systems are
designed to be resilient against failures. Almost all accidents result from a combination of
failures rather than solely from a single failure.
10. Data Corruption or Loss: Technical glitches or system errors can lead to data
corruption or loss, affecting the company's ability to make informed decisions.
Answer 4:
Severity >> Probability => High + Medium => Consider high risk and intolerable
acceptability
Product Information
Medium Medium Medium ALARP
Errors
Fault trees:
Answer 6:
1. The system will ensure that all user data, including personal and financial
information, is encrypted and securely stored.
2. The system will ensure that all payment transactions are processed securely,
and sensitive payment information such as credit card numbers will not be
stored in the system.
6. The system will include a dedicated customer service team ready to assist
users with any issues or inquiries they may have.
7. The system will include fraud detection mechanisms that can identify
suspicious activities, such as multiple orders from the same IP address or
credit card.
8. The system will ensure that all third-party suppliers selling products on the
platform meet specific quality and safety standards by requiring them to
provide legal documentation for products, business licenses, and tightening the
auditing process.
10. The system should have a monitoring module to oversee the operation status
of servers, database servers, and regularly report operational status to prevent
sudden system downtime, which could inconvenience customers and impact
seller revenue.
Answer 7:
SR1: The system will ensure that all user data, including personal and financial
information, is encrypted and securely stored.
Evidences:
3. Secure Storage System: User data is stored on secure servers and safeguarded
by both physical and logical security measures. Physical security measures
include server rooms with strict access control systems, fire protection, and
intrusion prevention. Logical security measures involve access control based
on roles, database encryption, and network attack prevention measures like
firewalls and intrusion detection.
SR3: The system must have 24/7 continuous operation capabilities to avoid impacting
user experience and handle high loads to accommodate a large number of users
simultaneously on the website.
Evidences:
SR7: The system will include fraud detection mechanisms that can identify suspicious
activities, such as multiple orders from the same IP address or credit card.
Evidences:
1. Fraud Behavior Analysis System: The system employs algorithms and rules to
analyze fraudulent behavior during the ordering process. For instance, if
multiple orders are detected from the same IP address or using the same credit
card within a short period, it flags this activity as suspicious and sends an alert
to administrators for inspection.
ID: 2052070
You are given an exercise that requires to build a Tiki-like software system ...
Answer 5:
1. High Uptime: Maintain a high level of system availability (e.g., 99.9%) to ensure
the platform is accessible to users consistently.
2. Scalability: Ensure the system can handle increased user traffic during peak times
without degradation in performance, supporting the growth in user base and
products.
4. Load Balancing: Employ load balancers to distribute traffic evenly across servers,
preventing overloading of any specific server and ensuring stability.
Answer 6:
3. Product Reviews and Ratings: Maintain a reliable system for users to leave
reviews and ratings, ensuring they are accurately displayed for potential buyers.
4. User Authentication: Ensure a secure and reliable authentication process for both
buyers and sellers to access their accounts and perform transactions securely.
8. Seller Registration and Store Management: Ensure a smooth process for sellers to
register and manage their stores, upload products, and track sales.
2. Reliability and Availability: Ensure the system is highly available and reliable,
minimizing downtime to maximize user accessibility.
5. Data Integrity and Consistency: Guarantee that stored data is accurate, consistent,
and reliable across the platform.
8. Error Handling and Recovery: Establish mechanisms to identify errors and recover
the system swiftly, minimizing impact on users.
9. Backup and Recovery: Regularly back up data and have efficient recovery
processes to restore the system in case of data loss or failure.
10. Usability and Accessibility: Ensure the system is user-friendly and accessible
across different devices and browsers for a diverse user base.
Answer 7:
Hazard: Refers to situations or events that can lead to an accident. In other words,
hazards are underlying conditions that pose a risk or contribute to the occurrence of an
accident.
For example:
In the case of an e-commerce platform like Tiki, hazards might not directly lead to
accidents as in manufacturing or transportation industries. However, they can contribute
to creating unsafe situations or causing harm to users and businesses.
In complex systems, accidents rarely have a single cause as these systems are designed to
be resilient against failures. Almost all accidents result from a combination of failures
rather than solely from a single failure.
Answer 8:
Severity >> Probability => High + Medium => Consider high risk and intolerable
acceptability
Product Information
Medium Medium Medium ALARP
Errors
Answer 9:
Fault trees:
Pic 1. Product Information Errors or Lack
Pic 2. Incorrect order processing or product mix-up
Answer 10:
1. Data Encryption: Ensuring all user data, including personal and financial
information, is encrypted and securely stored protects it from unauthorized access.
2. Secure Payment Transactions: Processing payments securely and avoiding the
storage of sensitive payment information such as credit card numbers to minimizes
the risk of financial data breaches.
3. High Availability: Ensuring continuous operation capabilities and scalability to
handle high loads is crucial to maintain user experience, especially during peak
times.
4. Product Quality Assurance: Implementing a system to verify and maintain
product quality as described helps build user trust and satisfaction.
5. Efficient Delivery Management: Managing the delivery system closely ensures
timely and accurate product shipments.
6. Customer Support: A dedicated customer service team is vital to address user
concerns promptly, contributing to a positive user experience.
7. Fraud Detection Mechanisms: Implementing fraud detection systems helps
identify and prevent suspicious activities, safeguarding both users and the
platform.
8. Third-Party Supplier Compliance: Ensuring third-party suppliers meet specific
quality and safety standards is crucial for maintaining product integrity and user
trust.
9. Regular Data Backups: Conducting regular and comprehensive data backups
minimizes the risk of data loss in case of system failure or security incidents.
10. Monitoring and Reporting: Monitoring system operation and reporting on the
status of servers and databases helps prevent sudden system downtime, ensuring a
smoother user experience.
EXERCISE 4
ID: 2052070
You are given an exercise that requires to build a eBay-like software system (including
auction)
Answer 1:
Overall, eBay-like provides a robust and user-friendly platform, enabling individuals and
businesses to conduct online transactions easily and confidently.
eBay-like stands out from other e-commerce platforms due to several distinctive features:
1. Create an eBay-like Account: If you don't have an eBay-like account yet, create one
by visiting the eBay-like website and clicking on the "Register" button.
2. Search for Items: Utilize the search bar at the top of the eBay-like homepage to find
the desired items. Search using keywords, categories, or item numbers.
3. Review Item Listings: Click on the listings to examine further details about the
items, including seller feedback ratings, shipping options, and accepted payment
methods.
4. Place Bids or Buy Items: If the item is being auctioned, place bids as desired.
Alternatively, if the seller offers a "Buy it now" option, you can purchase the item
immediately at the listed price.
5. Complete the Transaction: Once you've won an auction or bought an item, follow
the prompts to finalize the transaction. Ensure to review the seller's shipping and
return policies and provide payment information if necessary.
Answer 2:
Answer 3:
1. Hackers unlawfully access the system's database and steal customers' sensitive
information like names, addresses, phone numbers, and credit card details.
2. Employees share confidential customer information without authorization, like
purchase history, with an external party.
3. The system stores sensitive data inappropriately, allowing hackers to intercept and
steal data during transmission.
Integrity: This refers to preserving the correctness and reliability of data, ensuring it
remains unaltered or changed without authorization. Methods like checksums or digital
signatures can help maintain this.
1. Hackers alter or delete data within the system's database, causing errors or
inconsistencies. For example, they might change product prices, resulting in
customer complaints and financial losses for the company.
2. Unethical sellers use deceptive advertising or pricing strategies to trick buyers and
increase sales. For example, a seller might list a product at a low price but ship an
inferior-quality item to the buyer, damaging the system's integrity.
3. Sellers manipulate search engine rankings unfairly, giving their products more
visibility compared to others, causing an imbalance in product availability and
visibility.
Availability: These concerns how well a system can offer its services to authorized users
whenever required, ensuring the system remains functional, allowing authorized users
access at any time. Techniques like redundancy and disaster recovery help maintain this.
1. Sudden traffic spikes overload the system, causing malfunctions and denying user
access. This might occur due to many users accessing the system simultaneously or
a DDoS attack.
2. Failures in hardware or power supply lead to temporary unavailability of the
system's servers. This could result from poor infrastructure maintenance, natural
disasters, or unexpected technical issues.
3. Errors in the system's software or database cause unresponsiveness, stopping users
from using its services. This could be caused by coding errors, data problems, or
issues with third-party connections.
Answer 4:
1. User account details: Login credentials, personal data, and payment specifics linked
to individual user profiles.
2. Product listings and descriptions: Information and images associated with each
product available for sale on the platform.
3. Transaction and sales records: Details regarding completed purchases made through
the platform, encompassing items sold, pricing, and shipping information.
4. Seller feedback and ratings: Insights into the performance and reputation of sellers
operating within the platform.
5. Financial records: Revenue generated by the platform and any financial data utilized
for facilitating transactions.
6. Platform infrastructure: The hardware and software essential for the functioning of
the platform itself.
7. Intellectual property assets: Including patents, trademarks, or copyrights associated
with the platform or its brand.
8. User-generated content: Reviews, comments, and other content created by platform
users.
9. Search and recommendation algorithms: Algorithms aiding users in discovering
relevant products, critical for the platform's functionality.
10. Data analytics and detailed insights: Information collected from user behavior for
platform enhancement and detailed insights for sellers. This data is also considered
a valuable asset requiring protection. protection.
1. Unsafe login methods: Vulnerabilities like weak passwords or the absence of two-
factor authentication can simplify unauthorized access for attackers trying to get
into user accounts.
2. Database vulnerabilities: Attackers might leverage weaknesses within databases to
introduce harmful code (SQL injection) via web forms, potentially impacting the
entire system.
3. Insufficient backup and recovery systems: When hackers compromise data to steal,
modify, or harm it, inadequate backup and recovery systems might fail to fully
restore it, leading to inconsistencies and compromising the integrity and accuracy
of system data.
4. Inadequate input validation: Proper validation of website input fields is necessary
to prevent the execution of malicious inputs.
5. Encryption gaps: Critical data such as passwords and credit card information should
undergo encryption both during transmission and storage to prevent unauthorized
access.
6. Misconfigured firewalls: While firewalls are essential for protecting e-commerce
systems from unauthorized access, their effectiveness requires proper configuration.
7. Absence of security updates: Neglecting software updates and security patches
increases a system's susceptibility to exploitation.
8. Insecure APIs: APIs linking various system components become targets for
attackers if not adequately secured.
9. Vulnerabilities in third-party software: Many e-commerce systems depend on third-
party software, which might have its own vulnerabilities.
10. Internal security risks: Employees with access to sensitive data pose substantial
threats if not properly trained in security protocols or if they harbor malicious intent.
1. Breaching eBay's payment system: Intruders may exploit weaknesses within eBay's
payment infrastructure to conduct deceitful transactions or siphon money from
users.
2. Partner-related security shortcomings: If an eBay partner has security weaknesses,
attackers could exploit these to breach eBay's system or access user data.
3. Intrusion via exhaustive password guessing: Attackers try to access user accounts
by attempting all possible password combinations.
4. Exploiting software vulnerabilities for intrusion: Leveraging weaknesses in eBay's
system software to gain unauthorized access.
5. Denial-of-Service (DoS) Attack: Overloading eBay's system with a flood of invalid
requests, making it unavailable to genuine users.
6. Infiltration through deceptive emails (Phishing): Deceiving users with misleading
emails to obtain personal data or login credentials.
7. Malware infiltration: Attempting to introduce harmful software (like viruses,
trojans, or ransomware) into eBay's system to cause damage.
8. Identity theft: Utilizing eBay users' personal information to impersonate them and
conduct unauthorized actions or fraudulent activities.
9. Attacks on vulnerable connections: Intercepting or stealing data when users access
eBay's system through insecure connections, such as unencrypted networks or
public Wi-Fi.
10. Theft of personal information: Unauthorized access to eBay's database containing
sensitive user information, such as names, addresses, and credit card numbers.
1. Regulate access: Enforce stringent controls over entry to sensitive systems and data,
allowing only authorized individuals to gain access.
2. Enable multi-layered authentication: Demand users authenticate through diverse
methods, like passwords and biometric data, to decrease the chances of unauthorized
entry.
3. Network partitioning: Divide the network into smaller sections, each with limited
access, to mitigate potential attack impacts.
4. Firewall implementation: Set up firewalls to sift through network traffic, preventing
unauthorized entry to sensitive information.
5. Systems for detecting and preventing intrusions: Introduce automated systems to
identify and stop unauthorized access attempts and suspicious activities.
6. Consistent software updates and patches: Keep all software updated with the latest
security patches to prevent exploitation of known weaknesses.
7. Data encryption measures: Utilize encryption techniques to protect sensitive data
during storage and transmission, reducing the risk of data breaches and unlawful
access.
8. Regular data backups: Perform frequent backups of essential data to ensure recovery
capability in case of security breaches.
9. Comprehensive security training: Educate staff and users on optimal security
protocols to minimize vulnerabilities to social engineering attacks and other human-
related mistakes.
10. Contingency planning for incidents: Develop and evaluate plans for responding to
potential security breaches to ensure prompt and efficient reactions when necessary.
Answer 5:
High. Because it
System High. Users are unable to access or
determines the system's
infrastructure use system features.
ability to function.
Medium. It has an
User-generated Medium. It has an impact on the
impact on the reputation
content reputation of some sellers.
of some sellers.
High. Because it has an High. Users cannot make transactions
Economic
impact on system and administrators cannot keep
information
revenue statistics on system revenue
High. It provides
High. Loss of ability to manage
Data analysis and revenue and activity
business status and detect abnormal
insights status to sellers and
situations is severe.
system administrators.
Anti-virus software,
Infected with Technically feasible.
High firewall, file scanning
malware or viruses Need extra cost
and detection
Social engineering
Cryptographic
attacks exploit
techniques must be
human behavior Firewall, encryption of
Medium understood and applied
and trick users into sensitive data
correctly if they are
revealing sensitive
technically feasible.
information
Logging changes is
Phishing attacks
simpler and easier but
aim to steal login Changes in the database
requires storage
credentials or High are logged by biometric
resources, which is
financial security.
technically feasible but
information
expensive.
Firewall, Increased
network bandwidth:
Distributed denial
increasing network
of service (DDoS) Technically feasible.
High bandwidth can help
attacks can disrupt Need extra cost
absorb a DDoS attack
website availability
and keep the website
operational.
In business processes,
When linking, this
this is possible.
Errors or violations property specifies the
Logging changes is
by third party Medium control policy. All
simpler and easier, but
service providers activities are being
it necessitates storage
tracked and logged.
space.
Enhance security,
Physical security Costs, human
regularly check, and
threats such as theft Low resources, and backup
implement backup
or damage to and recovery
recovery mechanisms
critical hardware necessitate storage
components resources
Answer 6:
1. Ensuring authorized access is critical for system security. Strong passwords, multi-
factor authentication, and role-based access control bolster this.
2. Utilizing secure communication protocols like SSL/TLS is crucial for protecting
sensitive data from interception.
3. Encrypting sensitive information such as passwords, payment details, and personal
data is vital to thwart unauthorized access.
4. Implementing robust encryption practices during system development prevents
vulnerabilities and embeds security into the software from the start.
5. Routine security checks are essential to identify and rectify vulnerabilities.
6. Systems require constant monitoring for detecting and responding to security
incidents, with detailed logs retained for investigating breaches.
7. Creating an incident response plan is crucial for managing security issues effectively
and minimizing potential damage.
8. Deploying physical security measures is necessary to prevent unauthorized access
to servers and hardware.
9. Regular data backups are pivotal in averting data loss during security incidents, with
a disaster recovery plan in place for severe scenarios.
10. Adhering to regulations like GDPR, PCI-DSS, and other data protection laws is
imperative for system compliance.
11. Educating users about best security practices and potential risks associated with
system use is crucial.
12. Ensuring secure payment processing systems compliant with relevant regulations is
vital to safeguard user payment information.
13. Evaluating third-party software or services for security risks and compliance with
standards is essential for system integrity.
14. Thoroughly testing and securely deploying software updates prevent security
vulnerabilities.
15. Securing remote access through authenticated mechanisms and secure
communication protocols is essential to prevent unauthorized entry.
Answer 7:
Use-case: Log in
Use-case: Pay
Actor Attacker
Actor Attacker
Actor Attacker
Question 1: What major technical and nontechnical factors hinder software reuse? Do
you personally reuse much software and, if not, why not?
Question 2: List the benefits of software reuse and explain why the expected lifetime of
the software should be considered when planning reuse.
Question 3: What are the significant benefits offered by the application system reuse
approach when compared with the custom software development approach?
Question 4: Why have many large companies chosen ERP systems as the basis for their
organizational information system? What problems may arise when deploying a large-
scale ERP system in an organization?
Question 5: What are the design principles underlying the CBSE that support the
construction of understandable and maintainable software?
Question 7: What are the essential differences between CBSE with reuse and software
processes for original software development?
Question 10: Explain why distributed software systems are more complex than
centralized software systems, where all of the system functionality is implemented on a
single computer.
Question 11: You have been asked to design a secure system that requires strong
authentication and authorization. The system must be designed so that communications
between parts of the system cannot be intercepted and read by an attacker. Suggest the
most appropriate client–server architecture for this system and, giving the reasons for
your answer, propose how functionality should be distributed between the client and the
server systems
Question 16: Giving reasons for your answer, suggest two important types of application
where you would not recommend the use of service-oriented architecture
Question 17: Give two examples of government functions that are supported by complex
sociotechnical systems and explain why, in the foreseeable future, these functions cannot
be completely automated
Question 18: What is a “wicked problem”? Explain why the development of a national
medical records system should be considered a “wicked problem.”
Question 20: You are an engineer involved in the development of a financial system.
During installation, you discover that this system will make a significant number of
people redundant. The people in the environment deny you access to essential
information to complete the system
installation. To what extent should you, as a systems engineer, become involved in this
situation? Is it your professional responsibility to complete the installation as contracted?
Should you simply abandon the work until the procuring organization has sorted out the
problem?
Answer 1:
Answer 2:
• Accelerated development
• Increased dependability
• Standards compliance
Expected lifetime of the software should be considered when planning reuse because
if you are developing a long-lifetime system, you should focus on the maintainability of
the system. You should not just think about the immediate benefits of reuse but also of
the long-term implications. Over its lifetime, you will have to adapt the system to new
requirements, which will mean making changes to parts of the system. If you do not have
access to the source code of the reusable components, you may prefer to avoid off-the
shelf components and systems from external suppliers. These suppliers may not be able
to continue support for the reused software. You may decide that it is safer to reuse open-
source systems and components
Answer 3:
Benefit:
• As with other types of reuses, more rapid deployment of a reliable system may be
possible.
• Some development risks are avoided by using existing software. However, this
approach has its own risks, as I discuss below.
• Businesses can focus on their core activity without having to devote a lot of
resources to IT systems development.
Answer 4:
At a larger scale, an Enterprise Resource Planning (ERP) system may support the
manufacturing, ordering, and customer relationship management processes in a large
company.
Problem:
• The obvious limitation of this approach to reuse is that the functionality of the
customer’s application is restricted to the functionality of the ERP system’s built-
in modules. If a company needs additional functionality, it may have to develop a
separate add-on system to provide this functionality
• the buyer company’s processes and operations have to be defined in the ERP
system’s configuration language. This language embeds the understanding of
business processes as seen by the system vendor, and there may be a mismatch
between these assumptions and the concepts and processes used in the customer’s
business. A serious mismatch between the customer’s business model and the
system model used by the ERP system makes it highly probable that the ERP
system will not meet the customer’s real needs (Scott 1999).
• Once the configuration settings are completed, the new system is then ready for
testing. Testing is a major problem when systems are configured rather than
programmed using a conventional language
Answer 5:
Underlying CBSE are sound design principles that support the construction of
understandable and maintainable software:
1. Components are independent, so they do not interfere with each other’s operation.
Implementation details are hidden. The component’s implementation can be
changed without affecting the rest of the system.
Answer 6:
In a standard car, the braking system includes components like brake pads, rotors,
and a hydraulic system to transmit force from the brake pedal to the brakes themselves.
Now, let's say there's a manufacturer who designs a new, innovative braking system. This
new system replaces the traditional hydraulic system with an electronic braking system
that uses sensors and computer-controlled actuators to apply the brakes.
According to the principle of component independence, one should be able to replace the
braking system with this new electronic system, which operates differently but performs
the same function—slowing down or stopping the car.
However, despite the similar intended function, simply swapping the traditional
braking system with this new electronic system might lead to undesired consequences or
system failure for several reasons:
• Compatibility Issues: The new electronic system might not integrate seamlessly
with other components in the car, causing compatibility issues. For instance, the
electronic system might require different power requirements or communication
protocols that the existing car's infrastructure cannot support.
• Safety Concerns: The new system might have unanticipated failure modes or
behaviors that compromise safety. For instance, if the electronic system
experiences a glitch or software malfunction, it could potentially fail to apply the
brakes or apply them unexpectedly, leading to accidents.
• Training and Adaptation: Mechanics and users might need specialized training to
understand and maintain the new system. If there isn't adequate knowledge
transfer or resources for this, it could lead to improper maintenance or usage,
resulting in failures.
Answer 7:
1. The user requirements are initially developed in outline rather than in detail, and
stakeholders are encouraged to be as flexible as possible in defining their
requirements. Requirements that are too specific limit the number of components
that could meet these requirements. However, unlike incremental development,
you need a complete description of the requirements so that you can identify as
many components as possible for reuse.
2. Requirements are refined and modified early in the process depending on the
components available. If the user requirements cannot be satisfied from available
components, you should discuss the related requirements that can be supported by
the reusable components. Users may be willing to change their minds if this means
cheaper or quicker system delivery.
3. There is a further component search and design refinement activity after the
system architecture has been designed. Apparently, usable components may turn
out to be unsuitable or may not work properly with other chosen components. You
may have to find alternatives to these components. Further requirements changes
may therefore be necessary, depending on the functionality of these components.
Answer 8:
- Advantages:
• Trust and Confidence: Users gain confidence in the reliability and security of
certified components. This trust encourages wider adoption of certified
components, enhancing overall system integrity.
• Risk Mitigation: Certification helps mitigate risks associated with using
unverified or potentially flawed components, reducing the chances of system
failures, vulnerabilities, or malfunctions.
- Disadvantages:
• Cost and Time: Obtaining certification can be a lengthy and expensive process
for vendors. Smaller manufacturers or startups might face barriers to entry due
to the costs involved, potentially limiting innovation and market diversity.
Answer 9:
• Scaling up means replacing resources in the system with more powerful resources.
Scaling out means adding more resources to the system (e.g., an extra web server
to work alongside an existing server). Scaling out is often more cost-effective than
scaling up, especially now that cloud computing makes it easy to add or remove
servers from a system. However, this only provides performance improvements
when concurrent processing is possible. when considering scalability in the
context of SaaS, you are considering “scaling out” rather than “scaling up.”
Answer 10:
Answer 11:
4. Flexibility: Allows diverse technology choices for each tier based on their
specific requirements.
3. Database Server (Data Tier): Encrypts data at rest and enforces robust access
controls to prevent unauthorized database access.
Answer 12:
- Often referred to as the client tier, it manages the user interface and interactions.
Data Tier:
- Manages the database housing seat information, user details, bookings, and
transactions.
- Data Integrity: Ensures secure and consistent data storage in the data tier.
- Reliability: Offers fault tolerance; if one server fails in the application tier, others
can continue functioning.
Answer 13:
The shift towards RESTful services, despite not being standards-based in the
traditional sense, has been driven by several factors that reflect the evolving
landscape of software development and the changing needs of modern applications:
Regarding whether the lack of standards inhibits the development and uptake of
RESTful services:
3. Potential for Variability: The lack of standards might result in variability in how
different RESTful services handle common functionalities. This variability could
affect compatibility and ease of integration between services.
However, despite these potential drawbacks, the flexibility, simplicity, and alignment
with existing web standards have fueled the widespread adoption of RESTful services.
While lacking strict standards, RESTful services offer a pragmatic and adaptable
approach that has proven effective for many modern applications. Efforts to standardize
certain aspects, like OpenAPI for documenting RESTful APIs, aim to mitigate some of
these challenges while maintaining the inherent advantages of REST.
Answer 15:
Workflow is a set of activities ordered in time, with each activity carrying out some
part of the work. A workflow is a model of a business process; that is, it sets out the steps
involved in reaching a particular goal that is important for a business.
1. Formulate outline workflow: In this initial stage of service design, you use the
requirements for the composite service as a basis for creating an “ideal” service
design. You should create a fairly abstract design at this stage, with the intention
of adding details once you know more about available services.
2. Discover services: During this stage of the process, you look for existing services
to include in the composition. Most service reuse is within enterprises, so this may
involve searching local service catalogs. Alternatively, you may search the
services offered by trusted service providers, such as Oracle and Microsoft.
3. Select possible services: From the set of possible service candidates that you have
discovered, you then select possible services that can implement workflow
activities. Your selection criteria will obviously include the functionality of the
services offered. They may also include the cost of the services and the quality of
service (responsiveness, availability, etc.) offered.
4. Refine workflow: On the basis of information about the services that you have
selected, you then refine the workflow. This involves adding detail to the abstract
description and perhaps adding or removing workflow activities. You may then
repeat the service discovery and selection stages. Once a stable set of services has
been chosen and the final workflow design established, you move on to the next
stage in the process.
5. Create workflow program: During this stage, the abstract workflow design is
transformed to an executable program and the service interface is defined. You
can implement workflow programs using a programming language, such as Java
or C#, or by using a workflow language, such as BPMN (explained below). This
stage may also involve the creation of web-based user interfaces to allow the new
service to be accessed from a web browser.
Answer 16:
Service-Oriented Architecture (SOA) might not be the most suitable approach for
certain types of applications due to various reasons, including complexity, overhead, or
specific requirements. Here are two important types of applications where using SOA
might not be recommended:
Answer 17:
• Legal and Judicial Systems: Courts and legal systems heavily depend on
sociotechnical systems. While automation has aided in case management,
document processing, and legal research, the legal domain involves complex
decision-making, interpretation of laws, and understanding the nuances of
human behavior and context. Judges often require a deep understanding of
societal norms, ethics, and the ability to exercise discretion in unique cases.
The emotional and subjective elements of human behavior, coupled with the
ethical and moral dimensions, make complete automation of these systems
challenging.
Answer 18:
Answer 19:
Key Features:
- Interactivity and Engagement: Enable user interaction within the virtual space,
facilitating exploration, artifact manipulation, and detailed information access via
clicks, gestures, or voice commands.
- Accessibility and Ease of Use: Design an intuitive interface catering to users with
diverse technological proficiency, integrating accessibility features and user-
friendly navigation and controls.
- 3-D Modeling and Display: Create high-quality 3-D models showcasing ancient
Greek architecture, landscapes, artifacts, and historical sites for presentation on
both web browsers and VR platforms.
Answer 20:
Your foremost focus should be on ethical values, transparency, and the responsible
implementation of technology. While meeting contractual duties is essential, it's equally
critical to ensure that the technology adheres to ethical norms and doesn't lead to
unnecessary harm. Abandoning the project should be a final option, to be considered only
if proceeding poses substantial ethical or societal risks. Instead, prioritize engaging
stakeholders, promoting responsible deployment, and finding remedies that minimize
adverse effects while meeting the project's goals.