19/20

1. a)
“ You are commissioned by an enterprise, whose core business is the provision of computationally
intensive processing of data for organizations in the West African sub-region, to design and implement a
data visualization system. Write a report to incorporate the following:
(i) Suggestion of an architecture for the proposed system with justifications;
(ii) Design issues envisaged;
(iii) Description of procedural and message-based interactions in the proposed system and the
mechanisms that allow these interactions.”

Answer
(i) I suggest Client-Server Architecture with a Fat Client model where data is stored on a central
server. Presentation and Application Processing is implemented on the client machine. The visualisation
would run on the organizations' computers as these are used in different ways depending on the individual
organizations.
A client-server architecture is chosen to serve a number of clients because the system can be distributed
over a wide geographical area.
A fat client model is required because data visualisation requires considerable processing and it would
place an unacceptable load on the server if several organisations started visualisation at the same time. Fat
clients would be able to take the burden off the network by processing some or all of the data locally.
(ii) Design issues envisaged:
1. Scalability: The system should be able to scale to handle increasing data volumes and concurrent
user requests. This can be done by scaling up (upgrading existing resources) or scaling out
(adding more copies of that resource).
2. Security: Security mechanisms, such as encryption and authentication, is used to enforce the
security policy.
3. Transparency: In practice, it is impossible to make a system completely transparent. I may
decide that it is best to expose the distribution to organizations. They can then be prepared for
some of the consequences of distribution such as network delays and remote node failures.
4. Failure Management: This system should include mechanisms for discovering whether a
component of the system has failed, should continue to deliver as many services as possible in
spite of that failure, and, as far as possible, should automatically recover from the failure.
5. Quality of Service(QoS): It may not be cost-effective to design and configure the system to
deliver a high quality of service under peak load. This problem has been lessened by cloud
computing where cloud servers may be rented from a cloud provider for as long as they are
required. As demand increases, extra servers can be automatically added.
6. Maintainability: When the application software has to be changed, this involves software
reinstallation on every client computer. This can be a major cost if there are hundreds of clients in
the system. Auto-update of the client software can reduce these costs but introduces its own
problems if the client functionality is changed. The new functionality may mean that businesses
have to change the ways they use the system.
(iii) Procedural and Message-Based Interactions: (This is some cap)
Procedural could be the users requesting a piece of data to be processed after uploading by calling a
processing procedure.
Messaged Based could be the components of the application processing layer passing messages
containing data
1. b)
“Using an example of a remote procedure call, explain how middleware coordinates the interaction of
computers in a distributed system.”
Answer
 rocedural interaction involves one computer calling on a known service offered by some other
P
computer and waiting for that service to be delivered. In remote procedural call (RPC) one
component calls another component as if it was a local procedure. The middleware in the
system intercepts this call and passes it to a remote component. This carries out the required
computation and, via the middleware, returns the result to the calling procedure. Let us consider
an example of RPC:
A man goes to a restaurant. He picks up the menu and selects his lunch choice. The waiter
writes-down his order along with others order and retreats to the kitchen, leaving the order with
the cook. The cook prepares the meal and the waiter delivers it to the man. This can be
comparable to components interacting in a software system where one component calls methods
from other components.

2. a)
“Explain why design conflicts might arise when designing an architecture for which both availability and
security requirements are the most important non-functional requirements.”
Answer
To provide availability, you need to have (a) replicated components in the architecture so that in the event
of one component failing, you can switch immediately to a backup component. You also need to have
several copies of the data that is being processed. Security requires minimizing the number of copies of
the data and, wherever possible, adopting an architecture where each component only knows as much as it
needs to, to do its job. This reduces the chance of intruders accessing the data. Therefore, there is a
fundamental architectural conflict between availability (replication, several copies) and security
(specialization, minimal copies).

2. b)
You have been contracted as a consultant to design a system that requires strong authentication and
authorization. The system must be designed so that communication between parts of the system cannot be
intercepted and read by an attacker. Suggest the most appropriate client-server architecture for this system
and propose how functionality should be distributed between the client and the server systems.
Answer
[My answer]
One possible client-server architecture for this system would be a two-tier client-server
architecture with thin clients integrated with multiple layers of security. This architecture is
chosen to minimise the possible attack surface area of the system as opposed to an n-tier
client-server architecture, which may have this weakness depending on implementation.

The first tier would be the client tier, which would consist of the user's devices, such as their
computers or smartphones. The client tier would be responsible for handling the user's
interactions with the system, such as sending authentication requests and displaying
information(presentation layer). To ensure that communication between the client and server
tiers cannot be intercepted, the client tier could use a secure protocol such as HTTPS (Hypertext
Transfer Protocol Secure) to encrypt all communications.
 The second tier would be the database server tier, which would host the system's core
functionality, manage access to the data, as well as storing the system's data in a secure and
organized manner. This tier would handle authentication and authorization tasks, such as
verifying user credentials and granting access to the system's resources. To prevent unauthorized
access to the system, the database server tier could use a combination of techniques, such as
two-factor authentication, which requires users to provide two different forms of authentication
(e.g. a password and a one-time code) to access the system, encryption and other security
measures, such as access control lists, to restrict access to the data.
[ONLINE]
When a system is proposed which requires strong authentication and authorization, two-tier
client-server architecture with fat clients is effective. In this model, some of the application
processing is carried out on the client and the data management and database functions are
implemented on the servers. Data management is carried out straightforwardly as there is no need
to manage the interaction between the client and the application processing system.
Consider an example of a bank ATM system, the ATM is the client computer and the server is a
mainframe which runs the customer account database.
The communication between ATM and server (database) is not direct rather a middleware like a
teleprocessing monitor is used which organizes communication with remote clients and serializes
client transactions for processing by the database. This ensures that transactions are independent
and do not interfere with one another and hence attacker cannot intercept the transactions. The
system can recover from faults without corrupting the system data because of serial transactions.

2. c)
Explain why you normally use several architectural patterns when designing the architecture of a large
system.
Answer
One reason is that each architectural pattern has different trade-offs in terms of complexity,
performance, flexibility, etc. Thus, using multiple architectural patterns can help you balance
these trade-offs to get the most appropriate overall architecture for your system.
For example, a large system may be a distributed system and the overall architecture may reflect
that, but one component may be best implemented using a client-server pattern and another
component structured as a repository. In designing a large system it is most useful to know how
the components that make up the large system are going to communicate. Once you know how
the components are going to communicate it is easier to design the components themselves and
properly structure the entire system to maximize the benefits of each decision and minimize the
drawbacks.

3. b)
“The Mental Health Care - Patient Management System is intended for use in clinics to manage the
details of patients who are consulting specialist doctors about mental health problems. It makes use of a
centralized database of patient information but has also been designed to run on a PC, so that it may be
accessed and used from sites that do not have secure network connectivity. When the local systems have
secure network access, they use patient information in the database but they can download and use local
copies of patient records when they are disconnected. The system may interact and exchange data with
other clinical information systems.
Suggest an appropriate architectural model for this system. Give a generic architecture and provide an
instantiation with this system. Discuss the various components of the architecture and list it merits and
demerits.”
Answer
I suggest a layered architectural pattern with a 2-tier client-server model with fat clients. Application
logic and processing are shared between the client and the server tiers.
Generic Architecture:

Instantiation:

1. The top layer is a browser-based user interface. This is implemented on the client.
2. The second layer provides the user interface functionality that is delivered
through the web browser. It includes components to allow users to log in to the
system and check components that ensure that the operations they use are
allowed by their role. This layer includes form and menu management components that present
information to users, and data validation components that
check information consistency. This is implemented on the client.
3. The third layer implements the functionality of the system and provides
components that implement system security, patient information creation and
updating, import and export of patient data from other databases, and report
generators that create management reports. This is implemented on the server.
4. Finally, the lowest layer, which is built using a commercial database management system, provides
transaction management and persistent data storage. This is implemented on the server.
Offline Work & Insecure Connectivity
In the normal operation of the system, the client would interact with the server to access and manipulate
the patient records that are stored in the database. However, when the system is disconnected from the
network, the client would instead access and manipulate the local copies of the patient records that are
stored on the PC or other device.

The local copies of the patient records would be synchronized with the database in the data tier
whenever the system is connected to a secure network. This would ensure that the local copies are
up-to-date and consistent with the centralized database.
Data Sharing
Using a message queue service such as Rabbit MQ can be an elegant way of sending data asynchronously
between other information systems in the hospital.
The sender doesn’t have to wait for the response(asynchronous), it just registers the message in the queue.
The receiver picks up messages from the queue when it’s free.
This is suitable for handling bursts of data or when the receiver takes a bit of time to handle messages.
Merits
1. Data handling is straightforward as there is no need to manage the interaction between the client
and the application processing system.
2. Second, it allows for performance as having fat clients does not place a huge load on the system
as multiple requests for data are made at once
Demerits
1. Security would pose an issue as local copies of data left on clients are susceptible to being
accessed by unauthorized parties.

4. a)
“Discuss the concept of object-oriented design and its groups of activities.”
Answer
An object-oriented system is made up of interacting objects that maintain their own local state
and provide operations on that state. The representation of the state is private and cannot be accessed
directly from outside the object. Object-oriented design processes involve designing object classes and the
relationships between these classes. These classes define the objects in the system and their interactions.
When the design is realized as an executing program, the objects are created dynamically from these class
definitions. Objects include both data and operations to manipulate that data. They may therefore be
understood and modified as stand-alone entities. Changing the implementation of an object or adding
services should not affect other system objects.
Object-Oriented Design Activities:
1. Understand and define the context and the external interactions with the system.
2. Design the system architecture.
3. Identify the principal objects in the system.
4. Develop design models.
5. Specify interfaces

4. b)
“Illustrate the concepts of inheritance and polymorphism with simple programming examples.”
Answer
Inheritance allows one class to inherit the attributes and methods of another class, allowing for code reuse
and the ability to create hierarchical class structures.
Polymorphism is the ability of an object to take on different forms.
# Define the base class
class Animal:
def __init__(self, name):
self.name = name

def speak(self):
print("I am an animal and my name is", self.name)

# Define the derived class

class Dog(Animal):
def __init__(self, name, breed):
# Call the base class constructor
super().__init__(name)
# Add a new attribute to the derived class
self.breed = breed

# Override the speak method of the base class

def speak(self):
print("I am a dog and my name is", self.name)
print("I am a", self.breed)

# Create an object of the derived class

dog = Dog("Buddy", "Golden Retriever")

# Output: I am a dog and my name is Buddy

# I am a Golden retriever
dog.speak()

In the example above, the Dog class inherits the base class’ constructor and speak method. This
inheritance. The Dog class’ implementation of speak method is executed at runtime because it was called
on an object of the dog class. This is Polymorphism.

4. c)
“Identify possible objects in the system below and develop an object-oriented design for it. You may
make any reasonable assumptions about the system when developing the design.
A filling station is to be set up for fully automated operation. Customers swipe their debit cards through a
reader connected to the pump; the card is verified by communication with the customer's bank, and a fuel
limit is established. The customer may then take the fuel required. When fuel delivery is complete and the
pump hose is returned to its holster, the customer's card is debited with the cost of fuel taken. The card is
returned after debiting. If the card is invalid, the pump returns it before fuel is dispensed.”
Answer

1. The CardReader object class provides the basic interface of the card reader with its functions.
2. The Pump object class is responsible for automatically dispensing fuel.

UML State Diagram

5. c)
Write short notes on 1. Coupling 2. Abstraction 3. Overloading 4. Modularity
Answer
1. Coupling is a measure of the interdependence between two software modules. High coupling
indicates that the two modules are strongly interconnected, while low coupling indicates that the
two modules are more independent and can be changed or modified without affecting the other.
2. Abstraction is a design concept in which the essential features of an object are emphasized while
non-essential details are ignored. This allows for the creation of simpler, more efficient, and more
flexible models or systems.
3. Overloading is a feature of some programming languages that allows the same function or
operator to behave differently depending on the number or type of arguments it is given. This
allows for greater flexibility and reuse of code.
4. Modularity is a design principle that involves dividing a large, complex system into smaller,
independent modules that can be developed, tested, and maintained separately. This allows for
easier development, debugging, and maintenance of the overall system.

6. a)
“Suggest how you could use aspects to simplify the debugging of programs”
Answer
One way to use aspects to simplify the debugging of programs is to use aspect-oriented programming
(AOP) to separate out the debugging logic from the main code. This allows for easier management and
modification of the debugging code, as well as for more flexible and fine-grained control over when and
where the debugging code is applied.
For example, a programmer could use AOP to define an aspect that applies to all methods in a certain
class or package, and that logs the arguments and return values of each method call. This aspect could be
easily enabled or disabled as needed, without having to modify the main code, and could provide valuable
information for debugging purposes.
In addition, AOP could be used to implement "pointcuts" that define precise conditions under which the
debugging code should be applied, such as when a certain exception is thrown or when a certain variable
takes on a particular value. This would allow for even more precise and targeted debugging.

6. b)
“Summarize what is meant by scattering and tangling. Using simple examples, explain why tangling and
scattering can cause problems when system requirements change”
Answer
Tangling arises when one module implements (part of) several requirements; scattering arises when the
implementation of a single requirement is spread across several modules.
Say several requirements in a system have a shared component that implements the issuing of a
confirmation to a user that some action has occurred. This is a tangled system. If one of these changes so
that some change to the confirmation is required, all of the other requirements that issue confirmations are
affected by this.
If the implementation of each requirement which issues a confirmation is scattered across several
modules, then all of these have to be checked that the change will not affect their operation.

6. c)
“Highlight the difference between a join point and a pointcut. Explain how these facilitate the weaving of
code into a program to handle cross-cutting concerns.”
Answer
A join point is an event in an executing program where the advice associated with an aspect may be
executed. Examples of join points include the execution of a method, the handling of an exception, or the
initialization of a class or object
A pointcut is a statement, included in an aspect, that defines the join points where the associated aspect
advice should be executed. Pointcuts can be used to select specific join points based on a variety of
criteria, such as the name of a method, the type of an object, or the value of a variable.

Together, join points and pointcuts are used to specify when and where an aspect should be applied in a
program. This is known as "weaving" the aspect into the program, and it allows for the implementation of
cross-cutting concerns, such as logging, error handling, or security checks, in a modular and
non-invasive way.

For example, a pointcut could be defined to select all method calls in a certain class, and a join point
could be defined to apply the aspect at the beginning of each method call. This would allow the aspect to
be applied to all methods in the class without having to modify the individual methods themselves and
would facilitate the handling of crosscutting concerns in a more flexible and maintainable way.
 17/18
1. a)
“What do you understand by ‘scalability’? Discuss the differences between ‘scaling up” and ‘scaling out’
and explain when these different approaches to scalability may be used.”
Answer
The scalability of a system reflects its ability to deliver high-quality service as
demands on the system increase. The three dimensions of scalability are size, distribution, and
manageability.
1. Size: It should be possible to add more resources to a system to cope with increasing numbers
of users.
2. Distribution: It should be possible to geographically disperse the components of
a system without degrading its performance.
3. Manageability It should be possible to manage a system as it increases in size,
even if parts of the system are located in independent organizations.
Scaling up and Scaling out can be differentiated by size and cost.
Scaling up means replacing resources in the system with more powerful resources. For example, you
may increase the memory in a server from 16 Gb to 64 Gb. Scaling out means
adding more resources to the system (e.g., an extra web server to work alongside an
existing server). Scaling out is often more cost-effective than scaling up, especially
now that cloud computing makes it easy to add or remove servers from a system.
Scaling up is generally best for situations where the workload can be handled by a single server with more
resources, such as when the bottleneck is the CPU or memory of the server. Scaling out, on the other
hand, is generally better for situations where the workload cannot be handled by a single server, such as
when the bottleneck is the network or disk I/O of the server.

1. b)
“ Explain why distributed software systems are more complex than centralized software systems, where
all the system functionality is implemented on a single computer.”
Answer
This complexity arises because it is practically impossible to have a top-down model of control of these
systems.
The nodes in the system that delivers functionality are often independent systems with no single authority
in charge of the entire distributed system.
The network connecting these nodes is also a separately managed system.
There is, therefore, an inherent unpredictability in the operation of distributed systems that has to be taken
into account when you are designing a system.

1. c)
“A customer wants to develop a system for stock market information where stockbrokers can access
information about companies and evaluate various investment scenarios using a simulation system. Each
stockbroker uses the simulation in a different way, according to his or her experience and the type of stock
in question. Suggest client-server architecture for this system that shows where functionality is located.
Justify the client-server system model that you have chosen.”
Answer
In this case, I would choose a fat client model with company information located on
a central server (this is critical information and it's important that it is consistent for
all dealers).
Simulations would run on the dealer’s computer as these are used in
different ways depending on the individual dealers. A fat client architecture is
required because simulations require considerable processing and it would place an
unacceptable load on the server if several dealers started simulations at the same
time.

2. a)
“Discuss extensively the most important design issues that have to be considered in distributed system
engineering.”
Answer
1. Transparency: To what extent should the distributed system appear to the user as a single system?
When is it useful for users to understand that the system is distributed?
To make a distributed system transparent (i.e., conceal its distributed nature), you have to hide the
underlying distribution. You create abstractions that hide the system resources so that the location and
implementation of these resources can be changed without having to change the distributed application.
In practice, it is impossible to make a system completely transparent, and users, generally, are aware that
they are dealing with a distributed system. You may therefore decide that it is best to expose the
distribution to users. They can then be prepared for some of the consequences of distribution such as
network delays and remote node failures
2. Scalability: How can the system be constructed so that it is scalable?
The scalability of a system reflects its ability to deliver high-quality service as demands on the system
increase. The three dimensions of scalability are size, distribution, and manageability.
● Size It should be possible to add more resources to a system to cope with increasing
numbers of users. Ideally, then, as the number of users increases, the system should
increase in size automatically to handle the increased number of users.
● Distribution It should be possible to geographically disperse the components of a system
without degrading its performance. As new components are added, it should not matter
where these are located. Large companies can often make use of computing resources in
their different facilities around the world.
● Manageability It should be possible to manage a system as it increases in size, even if
parts of the system are located in independent organizations. This is one of the most
difficult challenges of scale as it involves managers communicating and agreeing on
management policies. In practice, the manageability of a system is often the factor that
limits the extent to which it can be scaled.
3. Security How can usable security policies be defined and implemented that apply across a set of
independently managed systems?
A distributed system must defend itself against the following types of attack:
● Interception, where an attacker intercepts communications between parts of the system
so that there is a loss of confidentiality.
● Interruption, where system services are attacked and cannot be delivered as expected.
Denial-of-service attacks involve bombarding a node with illegitimate service requests so
that it cannot deal with valid requests.
● Modification, where an attacker gains access to the system and changes data or system
services.
● Fabrication, where an attacker generates information that should not exist and then uses
this information to gain some privileges. For example, an attacker may generate a false
password entry and use this to gain access to a system.
Security mechanisms, such as encryption and authentication, are used to enforce the security policy.
The difficulties in a distributed system arise because different organizations may own parts of the
system. These organizations may have mutually incompatible security policies and security mechanisms.
Security compromises may have to be made in order to allow the systems to work together.
4. Quality of service How should the system be implemented to deliver an acceptable quality of service
to all users?
The quality of service (QoS) offered by a distributed system reflects the system’s ability to deliver its
services dependably and with a response time and throughput that are acceptable to its users. Ideally, the
QoS requirements should be specified in advance and the system designed and configured to deliver that
QoS. Unfortunately, this is not always practicable for two reasons:
1. It may not be cost-effective to design and configure the system to deliver a high quality
of service under peak load.
2. The quality-of-service parameters may be mutually contradictory.
Quality of service is particularly important when the system is dealing with time-critical data such as
sound or video streams. In these circumstances, if the quality of service falls below a threshold value then
the sound or video may become so degraded that it is impossible to understand.
5. Failure management How can system failures be detected, contained, and repaired?
In a distributed system, it is inevitable that failures will occur, so the system has to be designed to be
resilient to these failures.
Failure management involves applying fault-tolerance techniques. Distributed systems should therefore
include mechanisms for discovering whether a component of the system has failed, should continue to
deliver as many services as possible in spite of that failure, and, as far as possible, should
automatically recover from the failure.

2. b)
“Using the example of a remote procedure call, explain how middleware coordinates the interactions of
computers in a distributed system.”
Answer
SEE QUESTION 1B, YEAR 19/20

2. c)
“Explain why deploying software as a service can reduce the IT support costs for a company. What
additional costs might arise if this deployment model is used?”
Answer
Deploying software as a service can reduce IT support costs as there is no need to install and support
separate software on each client. Rather, all software is hosted on a server and when e.g. upgrades are
required, only the server (or servers) need be upgraded.
General help support is provided by the service provider rather than the local IT staff.
The additional costs that can arise from this model are
1. Network costs, as obviously there is a considerable increase in network traffic. Service
providers (such as Amazon) may charge for data uploads and downloads. This is only applicable
if the service is provided by a 3rd party rather than in-house.
2. Server costs, as the servers are responsible for all computation and so must either be more
powerful or more numerous. This is most significant if the service is provided in-house.
3. There may in fact be additional support costs from this model in the short term if it requires
users to change the software that they normally use. This is likely to lead to additional demands
for help.
3. a)
“Software architecture can be designed at two levels of abstraction. Describe these levels in detail?”
Answer
You can design software architectures at two levels of abstraction; architecture in the small and
architecture in the large:
1. Architecture in the small is concerned with the architecture of individual programs. At this level, we
are concerned with the way that an individual program is decomposed into components and specific
technical details of how the system will be built and how it will operate. The “nitty gritty” of the system if
you may/
2. Architecture in the large is concerned with the architecture of complex enterprise systems that include
other systems, programs, and program components.This level is concerned with defining the system's
overall purpose and its functional requirements, as well as identifying the key abstractions and
components that will be used to build the system.

3. b)
“Suggest an architecture for a system that is used for selling and distributing video on the Internet. What
architectural patterns are the basis for this architecture?”
Answer
One possible architecture for a system that is used for selling and distributing video on the Internet could
be based on the microservices architectural pattern. This pattern involves decomposing a monolithic
application into a set of smaller, independently deployable services that can be managed and scaled
independently.
In this architecture, the system would be composed of several different microservices, each of which
would be responsible for a specific aspect of the overall system's functionality. For example, there could
be a service for managing user accounts and authentication, a service for managing the catalog of
available videos, a service for managing payments and billing, and a service for streaming the video
content to users.
Each of these microservices would be designed to be independently deployable, scalable, and
maintainable, allowing the overall system to be more flexible and resilient. The microservices would
communicate with each other using well-defined APIs, allowing them to be swapped out or updated
without affecting the overall system.
Other architectural patterns that could be used as the basis for this architecture include the event-driven
architecture pattern, which would allow the different microservices to communicate and coordinate with
each other using asynchronous events, and the serverless architecture pattern, which would allow the
system to scale and operate efficiently by only running the microservices when they are needed.

3. c)
“Give a detailed description of layered architecture with an example”
Answer
The layered architecture organizes the system into layers, with related functionality associated with each
layer. A layer provides services to the layer above it, so the lowest level layers represent core services
that
are likely to be used throughout the system.
This layered approach supports the incremental development of systems. As a
layer is developed, some of the services provided by that layer may be made available to users. The
architecture is also changeable and portable. If its interface is
unchanged, a new layer with extended functionality can replace an existing layer without changing other
parts of the system. Furthermore, when layer interfaces change or new facilities are added to a layer,
only the adjacent layer is affected.
As layered systems localize machine dependencies, only the machine-dependent layers need to be
reimplemented to take into account the facilities of a different operating system or database.
EXAMPLE
A good example of a system that implements a layered architecture is the TCP/IP model of the Internte

4. E GO BE

5. a)
“What are the different types of stakeholder concerns that may arise in a large system? How can aspects
support the implementation of each of these types of concern?”
Answer
1. Functional concerns which reflect specific functionality required. The base
system should implement core functionality and extensions, implemented as
aspects, can implement secondary functionality.
2. Quality of service concerns related to the non-functional behaviour of the
system. Aspects may be used to implement cross-cutting functionality, such
as a cache, which helps these requirements to be met.
3. Policy concerns relating to the overall policies of the use of the system. These
are inevitably cross-cutting. Aspects may be used to implement these
concerns.
4. System concerns which relate to the attributes of the system as a whole.
Aspects may be used to implement monitoring that checks the system
attributes.
5. Organisational concerns that are related to organisational goals and
priorities such as maintaining reputation. Aspects have limited usefulness in
implementing this type of concern.

5. b/c)
“Summarize what is meant by tangling and scattering. Using examples, explain why tangling and
scattering can cause problems when system requirements change.
What is the difference between a join point and a pointcut? Explain how these facilitate the weaving of
codes into programs to handle cross-cutting concerns.”
Answer
SEE QUESTION 6B/C, YEAR 19/20
 16/17

1. a)
“Highlight the fundamental difference between a fat-client and a thin-client approach to client-server
systems architectures.”
Answer
In a thin-client model, the presentation layer is implemented on the client and all other layers (data
handling, application processing, and database) are implemented on a server. The client presentation
software is usually a web browser, but apps for mobile devices may also be available.
While in a fat-client model, some or all of the application processing is carried out on the client. Data
management and database functions are implemented on the server. In this case, the client software may
be a specially written program that is tightly integrated with the server application.
Thin clients are typically used for data-intensive applications (browsing and querying) with non-intensive
application processing.
Fat clients are typically used for applications where computationally intensive processing of data (e.g.,
data visualization) is required.
However, modern web browsers are all javascript enabled which means that code can be downloaded
from the web page on the server and executed within the client browser. This means that
some of the functionality of fat clients can be replicated without the need to install software on the client
system

1. b)
“You have been asked to design a secure system that requires strong authentication and authorization. The
system must be designed so that communications between parts of the system cannot be intercepted and
read by an attacker. Suggest the most appropriate client-server architecture for the system, and giving
reasons for your answers, propose how functionality should be distributed between the client and the
server systems.”
Answer
SEE QUESTION 2B, YEAR 19/20

1. c)
“Suggest five applications in which a fat server would seem to be an appropriate design strategy.”
Answer
Legacy system applications that are used when separating application processing and data handling are
impractical. Clients may access these as services.
Computationally intensive applications such as compilers with little or no requirements for data
handling.
Data-intensive applications (browsing and querying) with non-intensive application processing. Simple
web browsing is the most common example of this application
High-bandwidth applications: In applications that require a large amount of data to be transferred
quickly, such as video streaming or online gaming.
Critical systems: In applications where the availability of the server is critical, such as a financial
transaction system or an emergency response system.
2. a)
“Discuss some of the most important design issues that have to be considered in distributed system
engineering.”
Answer
SEE QUESTION 2A, 17/18

2. b)
“Explain why design conflicts might arise when designing an architecture for which both availability and
security requirements are the most important non-functional requirements”
Answer
SEE QUESTION 2A, 19/20

2. c)
“Draw diagrams showing a conceptual view and a process view of the architecture of the following
systems:
i) An automated ticket-issuing system used by passengers at a bus station.
ii) A robot floor cleaner that is intended to clean corridors. The robot must be able to sense walls and
other obstructions.”
Answer
I am only drawing the conceptual views dkm.
3. a)
“Discuss the views or perspectives that are useful when designing and documenting a system's
architecture.”
Answer
1. A logical view, which shows the key abstractions in the system as objects or
object classes. It should be possible to relate the system requirements to entities
in this logical view.
2. A process view, which shows how, at runtime, the system is composed of interacting processes. This
view is useful for making judgments about non-functional system characteristics such as performance and
availability.
3. A development view, which shows how the software is decomposed for development; that is, it shows
the breakdown of the software into components. This view is useful for software managers and
programmers.
4. A physical view, which shows the system hardware and how software components are distributed
across the processors in the system. This view is useful for systems engineers planning a system
deployment

3. b)
“Write short notes on the following architectural patterns detailing their description, example, when used,
merits and demerits:
(i)Layered architecture, (ii) Repository architecture, (iii) Pipe-and-filter architecture.”
Answer
(i)

(ii)
(iii)

4. a/b) I no do 👍🏿
5. a/b)
“Summarize what is meant by tangling and scattering. Using examples, explain why tangling and
scattering can cause problems when system requirements change.
What is the difference between a join point and a pointcut? Explain how these facilitate the weaving of
codes into programs to handle cross-cutting concerns.”
Answer
SEE QUESTION 6B/C, YEAR 19/20
Summarize what is meant by tangling and scattering. Using examples, explain why tangling and
scattering can cause problems when system requirements change.
Highlight the difference between a join-point and a point-cut. Explain how these facilitate the weaving of
code into a program to handle cross-cutting concerns.
5. c)
“What assumptions underpin the idea that a system should be organized as a core system that implements
the essential requirements, plus extensions that implement additional functionality? Can you think of
systems where this model would not be appropriate?.”
Answer
It is definitely somewhere in chapter 21 of the 9th edition, but I am not reading all that.
If you need a clue, search this quote from the book:
“If you have followed an aspect-oriented approach to designing your system, you
will already have identified the core functionality and the extensions to that function-
ality to be implemented as cross-cutting aspects. The focus of the programming
process should then be to write code implementing the core and extension function-
ality and, critically, to specify the pointcuts in the aspects so that the aspect advice is
woven into the base code at the correct places.”
Goodluck.

6. We didn’t do any project dkm.

 13/14 [Bonus]
(I am going to ignore formatting. View all questions answered below)

1. Describe a mini-project that you were involved in and apply the Object-Oriented Design
(OOD) approach to represent its design.
2.
a. Explain why you normally use several architectural patterns when designing the architecture of a
large system. Suggest the architecture for a University-wide system that is used in managing
students and staff processes. What architectural patterns are the bases for this architecture?
b. With appropriate examples, describe the following architectural patterns:
(i) Repository architecture;
(ii)Client-server architecture;
(iii) Pipe and filter architecture.
c. Using a layered architecture, show the components of a resource management system that could
be used to handle hostel accommodation for students
3.
a. What do you understand by scalability? Discuss the difference between scaling up and scaling out
and explain when these different approaches to scalability may be used
b. Explain why distributed systems are inherently more scalable than centralized systems. What are
the likely limits on the scalability of the system?
c. What is the fundamental difference between a fat-client and a thin-client approach to client-server
architecture?

ANSWERS

1.
One mini-project that I was involved in was a small game called "Alien Invasion." This game involved a
spaceship that could move left and right at the bottom of the screen, and aliens that would move across
the top of the screen and drop bombs. The player had to shoot the aliens with their spaceship's laser to
earn points, and had to avoid the bombs that the aliens dropped.
To represent this design using an object-oriented approach, we could create a few classes:
Spaceship: This class would represent the player's spaceship, and would keep track of its position
and movement. It would have methods for moving left and right, as well as for shooting the laser.
Alien: This class would represent the aliens in the game, and would keep track of their position
and movement. It would have a method for moving across the screen and dropping bombs.
Bomb: This class would represent the bombs that the aliens drop, and would keep track of their
position and movement. It would have a method for moving downwards towards the spaceship.
Game: This class would represent the overall game, and would keep track of the score, the
spaceship, the aliens, and the bombs. It would have methods for starting and ending the game,
and for updating the positions of all the objects on the screen.

2. a)
(i) Using multiple architectural patterns when designing the architecture of a large system allows for
flexibility and the ability to adapt to different requirements and constraints. By combining different
patterns, it is possible to create a system that is scalable, maintainable, and able to support a wide range of
functions and features.
(ii)One possible architecture for a University-wide system that manages students and staff processes could
be based on a microservices architecture. In this architecture, the system would be divided into a
number of small, independent services that each implement a specific function or feature. For example,
there could be a service for managing student records, a service for managing staff profiles, and a service
for managing course schedules. These services would communicate with each other through well-defined
interfaces and could be developed and maintained independently of one another.
The main architectural patterns that would be used in this architecture include the microservices pattern,
the interface-based design pattern, and the service-oriented architecture pattern. These patterns
would enable the system to be modular, scalable, and maintainable. Other patterns, such as the
event-driven pattern, could also be used to support asynchronous communication between services
and to improve the overall performance of the system.

2. b)
(i)

(ii)
(iii)

3. a)
SEE QUESTION 1A, YEAR 17/18.

3. b)
(i) Distributed systems are inherently more scalable than centralized systems because they distribute the
workload and processing power among multiple machines, rather than relying on a single, central
machine to handle all the processing. New objects or replicated objects can be added as the load on the
system increases, without disrupting other parts of the system.
(ii)
● Manageability: This is one of the most difficult challenges of scale as it involves managers
communicating and agreeing on management policies. In practice, the manageability of a system
is often the factor that limits the extent to which it can be scaled.
● Recoverability: How quickly can the app get back up and running after a failure?
● Performance: At what point does performance begin to degrade?
● Cost: Scaling vertically or horizontally costs money both at the onset and during the lifetime of
the system to maintain the infrastructure, and capital is not inexhaustible.
3. c)
SEE QUESTION 1A, YEAR 16/17