Systems Architecture and Design

1. Architecture Design Principles

Key Concepts

Abstraction: Abstraction: Hiding implementation details to reduce complexity

1. A database API that hides SQL complexity, allowing developers to use

simple method calls instead of writing complex queries

Here's an example of how a database API can abstract SQL complexity through
method calls:

Instead of writing this raw SQL query:

SELECT customers.customer_id, customers.name, customers.email,

COUNT(orders.order_id) AS total_orders,
SUM(orders.amount) AS total_spent
FROM customers
LEFT JOIN orders ON customers.customer_id = orders.customer_id
WHERE customers.signup_date > '2023-01-01'
GROUP BY customers.customer_id, customers.name, customers.email
HAVING COUNT(orders.order_id) > 5
ORDER BY total_spent DESC
LIMIT 10;

A developer could use an abstracted method call like:

# Using an ORM (Object-Relational Mapping) like SQLAlchemy

top_customers = (
Customer.query
.filter(Customer.signup_date > datetime(2023, 1, 1))
.join(Order, isouter=True)
.group_by(Customer.id, Customer.name, Customer.email)
.having(func.count(Order.id) > 5)
.with_entities(
Customer.id,
Customer.name,
Customer.email,
func.count(Order.id).label('total_orders'),
func.sum(Order.amount).label('total_spent')
)
.order_by(desc('total_spent'))

1
 .limit(10)
.all()
)

Or even simpler with a custom repository pattern:

# Using a custom abstraction layer

top_customers = customer_repository.find_top_spenders(
since_date=datetime(2023, 1, 1),
min_orders=5,
limit=10
)

This abstraction hides the SQL complexity while allowing developers to work
with familiar programming concepts and object-oriented interfaces.

Eg:2

Network switches abstracting physical connections, letting devices

communicate without knowing the physical network layout

Modularity: Modularity: Dividing systems into independent, interchangeable

components

1. Modern browsers with separate modules for rendering, JavaScript

execution, and network communications
2. Vehicle design with modular systems (engine, transmission, electrical)
that can be developed and tested independently

 Encapsulation: Encapsulation: Bundling data and methods that operate

on that data

1. A banking class that encapsulates account balance data and withdrawal

methods, ensuring withdrawals cannot exceed balance
2. Printer driver encapsulating complex printer commands, exposing only
simple print, scan, and copy methods

 Separation of Concerns: Separation of Concerns: Dividing a system

into distinct sections addressing separate issues

2
 1. Web application separating user authentication, business logic, and data
storage into distinct components
2. Modern OS separating user interface, application execution, and
hardware management

 Single Responsibility Principle: Abstraction: Hiding implementation

details to reduce complexity
 Modularity: Dividing systems into independent, interchangeable
components
 Encapsulation: Bundling data and methods that operate on that data
 Separation of Concerns: Dividing a system into distinct sections
addressing separate issues
 Single Responsibility Principle: Each component should have only one
reason to change

e.g:

1. Email service with separate components for composition, delivery,

storage, and spam filtering
2. E-commerce platform with distinct services for product catalog, shopping
cart, payment processing, and order fulfillment

Architecture Patterns

 Client-Server: Separates responsibilities between service providers and

consumers
 Microservices: Building applications as suites of small, independent
services
 Layered Architecture: Organizing components into horizontal layers
(presentation, business, data)
 Event-Driven: Components communicate through events rather than
direct calls
 Service-Oriented: Services communicate over a network using standard
protocols

Client-Server:

1. Web browsers (clients) requesting and rendering pages from web servers
2. Email clients connecting to mail servers to send/receive messages

Microservices:

1. Netflix's platform with separate services for user profiles,

recommendations, content delivery, and billing

3
 2. E-commerce site with independent services for inventory, search,
reviews, and checkout

Layered Architecture:

1. Enterprise application with UI layer, business logic layer, and data access
layer
2. Network protocol stack (OSI model) with seven distinct layers from
physical to application

Event-Driven:

1. Stock trading platform where price changes trigger buy/sell orders

automatically
2. IoT system where sensor readings trigger alerts and automated responses

Quality Attributes

 Scalability: Ability to handle growing workloads

 Reliability: System's ability to perform required functions under stated
conditions
 Availability: System's ability to be operational when needed
 Performance: Response time, throughput, and resource utilization
 Security: Protection against unauthorized access and attacks
 Maintainability: Ease of modifying and extending the system

Quality Attributes:

Scalability:

1. Cloud-based application that adds server instances during peak traffic

hours
2. Database system that partitions data across multiple servers as volume
grows

Reliability:

1. Aircraft navigation system with multiple redundant components and

failure detection
2. Banking transaction system with journaling and rollback capabilities

Availability:

4
 1. Cloud infrastructure with 99.99% uptime achieved through redundant
data centers
2. Healthcare system with failover capabilities to ensure continuous patient
monitoring

Performance:

1. Search engine returning results in under 200ms by using distributed

caching
2. Video streaming service that adjusts quality based on available bandwidth

Security:

1. Payment system using tokenization to prevent storing actual credit card

numbers
2. Multi-factor authentication system combining passwords, biometrics, and
security keys

Maintainability:

1. Well-documented codebase with automated testing covering 90% of

functionality
2. System with clear interfaces allowing component replacement without
affecting others

2. Hardware Specifications

Computing Resources

 CPU: Processing power, cores, clock speed, cache

 Memory (RAM): Capacity, speed, type (DDR4, DDR5)
 Storage: Type (SSD vs. HDD), capacity, access speed, RAID
configurations
 GPU: For graphics-intensive or parallel computing applications

Hardware Selection Factors

 Workload requirements: Processing intensity, memory usage patterns

 Growth projections: Future scaling needs
 Cost constraints: CAPEX vs. OPEX considerations
 Energy efficiency: Power consumption and cooling requirements
 Form factor: Space constraints, rack units required

5
3. Software Specifications

Operating Systems

 Selection criteria: Compatibility, security, support, performance

 Configuration: Resource allocation, services, security hardening

Middleware

 Application servers: Managing business logic and application execution

 Message brokers: Facilitating communication between components
 Databases: Structured vs. unstructured, relational vs. NoSQL

Development Frameworks

 Selection based on: Development speed, performance, team expertise

 Compatibility considerations: With existing systems and architecture

2. Hardware Specifications

Computing Resources:

CPU:

1. Intel Xeon server processor with 64 cores at 3.4GHz and 108MB cache
for database servers
2. ARM-based mobile processor optimized for energy efficiency in
smartphones

Memory (RAM):

1. 128GB DDR5-4800 ECC memory configuration for virtual machine

hosts
2. 16GB low-power LPDDR5 memory for ultrabook laptops

Storage:

1. NVMe SSD RAID 10 array providing 8TB of fast, redundant storage for
transaction processing
2. Hierarchical storage with SSD cache and large-capacity HDDs for video
archiving

GPU:

1. NVIDIA A100 GPUs for machine learning model training and inference

6
 2. AMD Radeon Pro graphics cards for CAD/CAM workstations

Hardware Selection Factors:

Workload requirements:

1. High-frequency trading platform requiring ultra-low latency components

2. Data archiving system prioritizing storage capacity over processing speed

Growth projections:

1. E-commerce platform sized for 5x current peak load to accommodate

five-year growth plan
2. Modular server rack design allowing incremental addition of computing
nodes

Cost constraints:

1. Cloud-based solution chosen over on-premises to avoid upfront hardware

investment
2. Selecting enterprise-grade components with longer lifespan to reduce
total cost of ownership

Energy efficiency:

1. Data center using liquid cooling to reduce air conditioning costs

2. Server processors that dynamically adjust clock speeds based on
workload

Form factor:

1. Blade server chassis fitting 42 compute nodes in a standard rack

2. Small form factor industrial computers for space-constrained
manufacturing environments

3. Software Specifications

Operating Systems:

Selection criteria:

1. Linux chosen for web servers due to security, performance, and lower
licensing costs
2. Windows selected for desktop environments due to application
compatibility and user familiarity

7
Configuration:

1. Database server configured with large memory pages and optimized I/O
scheduling
2. Web server hardened by disabling unnecessary services and
implementing strict file permissions

Middleware:

Application servers:

1. Apache Tomcat handling Java servlet execution for enterprise

applications
2. Node.js managing real-time connections for collaborative editing
platform

Message brokers:

1. Apache Kafka handling high-volume event streaming between

microservices
2. RabbitMQ managing task queues for distributed processing systems

Databases:

1. PostgreSQL providing ACID-compliant transactional database for

financial systems
2. MongoDB storing flexible document data for content management
systems

Development Frameworks:

Selection based on:

1. React.js chosen for front-end development due to component reusability

and team expertise
2. Django selected for rapid development of data-driven applications with
built-in admin features

Compatibility considerations:

1. .NET Framework used to integrate with existing Windows-based

enterprise systems
2. Java Spring chosen to leverage existing middleware and container
infrastructure

8
4. Network Considerations

Network Architecture

 Topologies: Star, mesh, hierarchical designs

 Segmentation: VLANs, subnets, security zones
 Redundancy: Multiple paths, equipment redundancy

Connectivity

 Bandwidth requirements: Based on data transfer needs

 Latency considerations: Impact on application performance
 Protocol selection: TCP/UDP, application-specific protocols

Network Security

 Defense-in-depth: Multiple security layers

 Access control: Authentication and authorization
 Encryption: In-transit and at-rest data protection
 Monitoring: Traffic analysis, intrusion detection

Topologies:

1. Star topology in office networks with centralized switches and redundant

connections
2. Mesh topology in data centers providing multiple paths between every
server

Segmentation:

1. Hospital network with separate VLANs for administrative, clinical, and

guest systems
2. Corporate network with DMZ for public-facing services and internal
zones for sensitive data

Redundancy:

1. Dual internet connections from different providers with automatic

failover
2. Redundant core switches with link aggregation between critical network
segments

Connectivity:
9
Bandwidth requirements:

1. Video conferencing service requiring 5Mbps per HD stream

2. Medical imaging network provisioned for transferring multi-gigabyte
scan files

Latency considerations:

1. Gaming servers located near user populations to minimize ping times

2. Financial trading systems using dedicated fiber connections to reduce
latency

Protocol selection:

1. UDP for real-time voice communications where occasional packet loss is

acceptable
2. TCP for financial transactions where delivery confirmation is essential

Network Security:

Defense-in-depth:

1. Corporate network with firewall, IDS/IPS, endpoint protection, and data

loss prevention
2. Military system with physical security, air-gapped networks, and
encrypted communications

Access control:

1. Zero trust architecture requiring verification for every access request

regardless of location
2. Role-based access control system limiting resource access based on job
function

Encryption:

1. TLS 1.3 securing web traffic with forward secrecy and authenticated
encryption
2. Full-disk encryption protecting data on mobile devices in case of theft

Monitoring:

1. Security information and event management (SIEM) correlating logs

across network devices

10
2. Network traffic analysis identifying abnormal patterns indicative of data
exfiltration

11