Following are some of the key architecture and governance principles that you could adopt for your project for this year 2014. The architecture principles could be seen as “guiding principles” based on which team would want to design, develop and test the applications.
Key Architecture Principles (Guiding Principles)
- Holistic approach to application security: Given that applications could be accessed from different channels including web and mobile devices, the attack vectors for hacker has increased to a great extent. Thus, traditional approach of applying perimeter level security and doing security penetration testing may not suffice. Instead, it may be a good idea to take a holistic approach towards application security as part of software engineering practices. This would mean creating awareness in application development team to perform threat modeling exercise during design phase, apply security coding practices during development, do security code review and, have the testing team perform security testing.
- API-driven development: Given the fact that enterprise applications would require to be exposed to multiple different channels including web, mobile and partner APIs, it would be good to make API-driven development as one of the key guiding principles such that the enterprise applications functionality could be easily exposed as API as and when required and used for different channels.
- Cloud-readiness for applications: Given the fact that business may end up deciding to move the applications to cloud for one or more reasons, it may be good idea to consider some of the practices in relation with creating cloud-ready applications. Some of these practices could be following:
- High performance for effective resources usage to make the most out of cloud from cost perspective
- Multi-tenancy architecture and design pattern which could prove handy to create SAAS offerings.
- Solution-oriented development with focus on alignment with business processes: Given the fact that businesses would want to innovate different solutions and remain ahead in competition, businesses are looking forward for ways to empower their product owners/business analyst to drive innovation through applications. This would require alignment of applications with businesses. That may essentially mean usage of business-process based development whose key components include workflow, APIs, SOA etc. Thus, to start with, it would be good to have team design and develop applications based on SOA and have nice-defined APIs.
Key Governance Principles
- Software quality metrics (SQM): Sooner than later, it may be good idea to create a software quality metrics to measure some of the non-functional software code quality characteristics such as following:
- Maintainability: This could be measured in terms of test-ability (code coverage)
- Usability: This is primarily related with readability and understand-ability of the code. This could be measured in terms of McCabe code complexity.
- Efficiency: This could be measured in terms of throughput.
- Security: This could be measured in terms of security rules violations. Tools such as Sonar comes very handy.
- Reliability: Reliability is more related the ability of applications to recover and also fail gracefully.
- Compatibility (Integration with other services)
- Code coverage (80% or more): Given the fact that multiple teams are working on same code base owing to distributed team across the globe, it is of great importance to enforce unit testing practices for development.
- Automated static code analysis: It may be a good idea to use tools such as Sonar to do automated static code analysis and publish the report to key stakeholders. If you would want to enforce coding best practices/standards in your team and want that everyone follows them religiously, it could be achieved in an easy manner by using tools such as Sonar in which you could use Out-of-box rules or create custom rules which would be run against the new code. In case of failures, it would raise flags such as critical, major, minor etc and appropriate action could be taken.
- Collaborative code-review using one or more tools: Tools such as Crucible, Code Collaborator could be used to have collaborative code review. If you want to create a culture of strong team bonding in your application development team, this could be one of the ways to achieve that objective. Try it. It really works. It also saves time spent in code review done using email etc.